diff options
671 files changed, 79450 insertions, 1550 deletions
diff --git a/node_modules/.gitignore b/node_modules/.gitignore index 29f9a5a58..fa76105d9 100644 --- a/node_modules/.gitignore +++ b/node_modules/.gitignore @@ -1,6 +1,4 @@ ## Automatically generated dev dependency ignores -CODE_OF_CONDUCT.md -CONTRIBUTING.md /@babel/code-frame /@babel/generator /@babel/helper-function-name @@ -141,7 +139,6 @@ CONTRIBUTING.md /marked-man /merge-source-map /mimic-fn -/minimist /minipass /nano /natural-compare diff --git a/node_modules/@npmcli/ci-detect/LICENSE b/node_modules/@npmcli/ci-detect/LICENSE new file mode 100644 index 000000000..19cec97b1 --- /dev/null +++ b/node_modules/@npmcli/ci-detect/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/@npmcli/ci-detect/README.md b/node_modules/@npmcli/ci-detect/README.md new file mode 100644 index 000000000..29db4660e --- /dev/null +++ b/node_modules/@npmcli/ci-detect/README.md @@ -0,0 +1,55 @@ +# @npmcli/ci-detect + +Detect what kind of CI environment the program is in + +[](https://travis-ci.com/npm/ci-detect) +[](https://coveralls.io/github/npm/ci-detect?branch=master) + +## USAGE + +```js +const ciDetect = require('@npmcli/ci-detect') +// false if not in CI +// otherwise, a string indicating the CI environment type +const inCI = ciDetect() +``` + +## CIs Detected + +Returns one of the following strings, or `false` if none match, by looking +at the appropriate environment variables. + +* `'gerrit'` Gerrit +* `'gitlab'` GitLab +* `'circleci'` Circle-CI +* `'semaphore'` Semaphore +* `'drone'` Drone +* `'github-actions'` GitHub Actions +* `'tddium'` TDDium +* `'jenkins'` Jenkins +* `'bamboo'` Bamboo +* `'gocd'` GoCD +* `'codeship'` CodeShip (or any that set `CI_NAME` environment variable) +* `'travis-ci'` Travis-CI - A few other CI systems set `TRAVIS=1` in the + environment, because devs use that to indicate "test mode", so this one + can get some false positives. +* `'aws-codebuild'` AWS CodeBuild +* `'builder'` Google Cloud Builder - This one is a bit weird. It doesn't + really set anything that can be reliably detected except + `BUILDER_OUTPUT`, so it can get false positives pretty easily. +* `'custom'` anything else that sets `CI` environment variable + +## Caveats + +Note that since any program can set or unset whatever environment variables +they want, this is not 100% reliable. + +Also, note that if your program does different behavior in +CI/test/deployment than other places, then there's a good chance that +you're doing something wrong! + +But, for little niceties like setting colors or other output parameters, or +logging and that sort of non-essential thing, this module provides a way to +tweak without checking a bunch of things in a bunch of places. Mostly, +it's a single place to keep a note of what CI system sets which environment +variable. diff --git a/node_modules/@npmcli/ci-detect/index.js b/node_modules/@npmcli/ci-detect/index.js new file mode 100644 index 000000000..8bd3bd07d --- /dev/null +++ b/node_modules/@npmcli/ci-detect/index.js @@ -0,0 +1,22 @@ +module.exports = () => + process.env.GERRIT_PROJECT ? 'gerrit' + : process.env.GITLAB_CI ? 'gitlab' + : process.env.APPVEYOR ? 'appveyor' + : process.env.CIRCLECI ? 'circle-ci' + : process.env.SEMAPHORE ? 'semaphore' + : process.env.DRONE ? 'drone' + : process.env.GITHUB_ACTION ? 'github-actions' + : process.env.TDDIUM ? 'tddium' + : process.env.JENKINS_URL ? 'jenkins' + : process.env['bamboo.buildKey'] ? 'bamboo' + : process.env.GO_PIPELINE_NAME ? 'gocd' + // codeship and a few others + : process.env.CI_NAME ? process.env.CI_NAME + // test travis after the others, since several CI systems mimic it + : process.env.TRAVIS ? 'travis-ci' + // aws CodeBuild/CodePipeline + : process.env.CODEBUILD_SRC_DIR ? 'aws-codebuild' + : process.env.CI === 'true' || process.env.CI === '1' ? 'custom' + // Google Cloud Build - it sets almost nothing + : process.env.BUILDER_OUTPUT ? 'builder' + : false diff --git a/node_modules/@npmcli/ci-detect/package.json b/node_modules/@npmcli/ci-detect/package.json new file mode 100644 index 000000000..64d5ac232 --- /dev/null +++ b/node_modules/@npmcli/ci-detect/package.json @@ -0,0 +1,60 @@ +{ + "_from": "@npmcli/ci-detect@^1.0.0", + "_id": "@npmcli/ci-detect@1.1.1", + "_inBundle": false, + "_integrity": "sha512-h5eW3DljLypyhvfK94FkSSm4qtSUFddth/xW+7vnkVCEUJR38MYvctCSZkxqrzmXZSzpfImuAwwKvRqkEuDvCQ==", + "_location": "/@npmcli/ci-detect", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "@npmcli/ci-detect@^1.0.0", + "name": "@npmcli/ci-detect", + "escapedName": "@npmcli%2fci-detect", + "scope": "@npmcli", + "rawSpec": "^1.0.0", + "saveSpec": null, + "fetchSpec": "^1.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/@npmcli/ci-detect/-/ci-detect-1.1.1.tgz", + "_shasum": "9a158cf4e3e88f0067cbc1ca5d0de2f453de6afe", + "_spec": "@npmcli/ci-detect@^1.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "https://izs.me" + }, + "bugs": { + "url": "https://github.com/npm/ci-detect/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Detect what kind of CI environment the program is in", + "devDependencies": { + "tap": "^14.10.2" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/npm/ci-detect#readme", + "license": "ISC", + "name": "@npmcli/ci-detect", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/ci-detect.git" + }, + "scripts": { + "postversion": "npm publish", + "prepublishOnly": "git push origin --follow-tags", + "preversion": "npm test", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "1.1.1" +} diff --git a/node_modules/aggregate-error/index.d.ts b/node_modules/aggregate-error/index.d.ts new file mode 100644 index 000000000..2cec44a00 --- /dev/null +++ b/node_modules/aggregate-error/index.d.ts @@ -0,0 +1,51 @@ +/** +Create an error from multiple errors. +*/ +declare class AggregateError extends Error implements Iterable<Error> { + readonly name: 'AggregateError'; + + /** + @param errors - If a string, a new `Error` is created with the string as the error message. If a non-Error object, a new `Error` is created with all properties from the object copied over. + @returns An Error that is also an [`Iterable`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Iterators_and_Generators#Iterables) for the individual errors. + + @example + ``` + import AggregateError = require('aggregate-error'); + + const error = new AggregateError([new Error('foo'), 'bar', {message: 'baz'}]); + + throw error; + + // AggregateError: + // Error: foo + // at Object.<anonymous> (/Users/sindresorhus/dev/aggregate-error/example.js:3:33) + // Error: bar + // at Object.<anonymous> (/Users/sindresorhus/dev/aggregate-error/example.js:3:13) + // Error: baz + // at Object.<anonymous> (/Users/sindresorhus/dev/aggregate-error/example.js:3:13) + // at AggregateError (/Users/sindresorhus/dev/aggregate-error/index.js:19:3) + // at Object.<anonymous> (/Users/sindresorhus/dev/aggregate-error/example.js:3:13) + // at Module._compile (module.js:556:32) + // at Object.Module._extensions..js (module.js:565:10) + // at Module.load (module.js:473:32) + // at tryModuleLoad (module.js:432:12) + // at Function.Module._load (module.js:424:3) + // at Module.runMain (module.js:590:10) + // at run (bootstrap_node.js:394:7) + // at startup (bootstrap_node.js:149:9) + + + for (const individualError of error) { + console.log(individualError); + } + //=> [Error: foo] + //=> [Error: bar] + //=> [Error: baz] + ``` + */ + constructor(errors: ReadonlyArray<Error | {[key: string]: any} | string>); + + [Symbol.iterator](): IterableIterator<Error>; +} + +export = AggregateError; diff --git a/node_modules/aggregate-error/index.js b/node_modules/aggregate-error/index.js new file mode 100644 index 000000000..ba5bf0221 --- /dev/null +++ b/node_modules/aggregate-error/index.js @@ -0,0 +1,47 @@ +'use strict'; +const indentString = require('indent-string'); +const cleanStack = require('clean-stack'); + +const cleanInternalStack = stack => stack.replace(/\s+at .*aggregate-error\/index.js:\d+:\d+\)?/g, ''); + +class AggregateError extends Error { + constructor(errors) { + if (!Array.isArray(errors)) { + throw new TypeError(`Expected input to be an Array, got ${typeof errors}`); + } + + errors = [...errors].map(error => { + if (error instanceof Error) { + return error; + } + + if (error !== null && typeof error === 'object') { + // Handle plain error objects with message property and/or possibly other metadata + return Object.assign(new Error(error.message), error); + } + + return new Error(error); + }); + + let message = errors + .map(error => { + // The `stack` property is not standardized, so we can't assume it exists + return typeof error.stack === 'string' ? cleanInternalStack(cleanStack(error.stack)) : String(error); + }) + .join('\n'); + message = '\n' + indentString(message, 4); + super(message); + + this.name = 'AggregateError'; + + Object.defineProperty(this, '_errors', {value: errors}); + } + + * [Symbol.iterator]() { + for (const error of this._errors) { + yield error; + } + } +} + +module.exports = AggregateError; diff --git a/node_modules/aggregate-error/license b/node_modules/aggregate-error/license new file mode 100644 index 000000000..e7af2f771 --- /dev/null +++ b/node_modules/aggregate-error/license @@ -0,0 +1,9 @@ +MIT License + +Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/aggregate-error/package.json b/node_modules/aggregate-error/package.json new file mode 100644 index 000000000..f808df24b --- /dev/null +++ b/node_modules/aggregate-error/package.json @@ -0,0 +1,73 @@ +{ + "_from": "aggregate-error@^3.0.0", + "_id": "aggregate-error@3.0.1", + "_inBundle": false, + "_integrity": "sha512-quoaXsZ9/BLNae5yiNoUz+Nhkwz83GhWwtYFglcjEQB2NDHCIpApbqXxIFnm4Pq/Nvhrsq5sYJFyohrrxnTGAA==", + "_location": "/aggregate-error", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "aggregate-error@^3.0.0", + "name": "aggregate-error", + "escapedName": "aggregate-error", + "rawSpec": "^3.0.0", + "saveSpec": null, + "fetchSpec": "^3.0.0" + }, + "_requiredBy": [ + "/p-map" + ], + "_resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.0.1.tgz", + "_shasum": "db2fe7246e536f40d9b5442a39e117d7dd6a24e0", + "_spec": "aggregate-error@^3.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/p-map", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/aggregate-error/issues" + }, + "bundleDependencies": false, + "dependencies": { + "clean-stack": "^2.0.0", + "indent-string": "^4.0.0" + }, + "deprecated": false, + "description": "Create an error from multiple errors", + "devDependencies": { + "ava": "^2.4.0", + "tsd": "^0.7.1", + "xo": "^0.25.3" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js", + "index.d.ts" + ], + "homepage": "https://github.com/sindresorhus/aggregate-error#readme", + "keywords": [ + "aggregate", + "error", + "combine", + "multiple", + "many", + "collection", + "iterable", + "iterator" + ], + "license": "MIT", + "name": "aggregate-error", + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/aggregate-error.git" + }, + "scripts": { + "test": "xo && ava && tsd" + }, + "version": "3.0.1" +} diff --git a/node_modules/aggregate-error/readme.md b/node_modules/aggregate-error/readme.md new file mode 100644 index 000000000..850de98a8 --- /dev/null +++ b/node_modules/aggregate-error/readme.md @@ -0,0 +1,61 @@ +# aggregate-error [](https://travis-ci.org/sindresorhus/aggregate-error) + +> Create an error from multiple errors + + +## Install + +``` +$ npm install aggregate-error +``` + + +## Usage + +```js +const AggregateError = require('aggregate-error'); + +const error = new AggregateError([new Error('foo'), 'bar', {message: 'baz'}]); + +throw error; +/* +AggregateError: + Error: foo + at Object.<anonymous> (/Users/sindresorhus/dev/aggregate-error/example.js:3:33) + Error: bar + at Object.<anonymous> (/Users/sindresorhus/dev/aggregate-error/example.js:3:13) + Error: baz + at Object.<anonymous> (/Users/sindresorhus/dev/aggregate-error/example.js:3:13) + at AggregateError (/Users/sindresorhus/dev/aggregate-error/index.js:19:3) + at Object.<anonymous> (/Users/sindresorhus/dev/aggregate-error/example.js:3:13) + at Module._compile (module.js:556:32) + at Object.Module._extensions..js (module.js:565:10) + at Module.load (module.js:473:32) + at tryModuleLoad (module.js:432:12) + at Function.Module._load (module.js:424:3) + at Module.runMain (module.js:590:10) + at run (bootstrap_node.js:394:7) + at startup (bootstrap_node.js:149:9) +*/ + +for (const individualError of error) { + console.log(individualError); +} +//=> [Error: foo] +//=> [Error: bar] +//=> [Error: baz] +``` + + +## API + +### AggregateError(errors) + +Returns an `Error` that is also an [`Iterable`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Iterators_and_Generators#Iterables) for the individual errors. + +#### errors + +Type: `Array<Error|Object|string>` + +If a string, a new `Error` is created with the string as the error message.<br> +If a non-Error object, a new `Error` is created with all properties from the object copied over. diff --git a/node_modules/are-we-there-yet/node_modules/readable-stream/CONTRIBUTING.md b/node_modules/are-we-there-yet/node_modules/readable-stream/CONTRIBUTING.md new file mode 100644 index 000000000..f478d58dc --- /dev/null +++ b/node_modules/are-we-there-yet/node_modules/readable-stream/CONTRIBUTING.md @@ -0,0 +1,38 @@ +# Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. + +## Moderation Policy + +The [Node.js Moderation Policy] applies to this WG. + +## Code of Conduct + +The [Node.js Code of Conduct][] applies to this WG. + +[Node.js Code of Conduct]: +https://github.com/nodejs/node/blob/master/CODE_OF_CONDUCT.md +[Node.js Moderation Policy]: +https://github.com/nodejs/TSC/blob/master/Moderation-Policy.md diff --git a/node_modules/bcrypt-pbkdf/CONTRIBUTING.md b/node_modules/bcrypt-pbkdf/CONTRIBUTING.md new file mode 100644 index 000000000..401d34ed5 --- /dev/null +++ b/node_modules/bcrypt-pbkdf/CONTRIBUTING.md @@ -0,0 +1,13 @@ +# Contributing + +This repository uses [cr.joyent.us](https://cr.joyent.us) (Gerrit) for new +changes. Anyone can submit changes. To get started, see the [cr.joyent.us user +guide](https://github.com/joyent/joyent-gerrit/blob/master/docs/user/README.md). +This repo does not use GitHub pull requests. + +See the [Joyent Engineering +Guidelines](https://github.com/joyent/eng/blob/master/docs/index.md) for general +best practices expected in this repository. + +If you're changing something non-trivial or user-facing, you may want to submit +an issue first. diff --git a/node_modules/chownr/chownr.js b/node_modules/chownr/chownr.js index 0d4093216..9f04393b7 100644 --- a/node_modules/chownr/chownr.js +++ b/node_modules/chownr/chownr.js @@ -7,30 +7,10 @@ const LCHOWN = fs.lchown ? 'lchown' : 'chown' /* istanbul ignore next */ const LCHOWNSYNC = fs.lchownSync ? 'lchownSync' : 'chownSync' -/* istanbul ignore next */ const needEISDIRHandled = fs.lchown && !process.version.match(/v1[1-9]+\./) && !process.version.match(/v10\.[6-9]/) -const lchownSync = (path, uid, gid) => { - try { - return fs[LCHOWNSYNC](path, uid, gid) - } catch (er) { - if (er.code !== 'ENOENT') - throw er - } -} - -/* istanbul ignore next */ -const chownSync = (path, uid, gid) => { - try { - return fs.chownSync(path, uid, gid) - } catch (er) { - if (er.code !== 'ENOENT') - throw er - } -} - /* istanbul ignore next */ const handleEISDIR = needEISDIRHandled ? (path, uid, gid, cb) => er => { @@ -48,14 +28,14 @@ const handleEISDIR = const handleEISDirSync = needEISDIRHandled ? (path, uid, gid) => { try { - return lchownSync(path, uid, gid) + return fs[LCHOWNSYNC](path, uid, gid) } catch (er) { if (er.code !== 'EISDIR') throw er - chownSync(path, uid, gid) + fs.chownSync(path, uid, gid) } } - : (path, uid, gid) => lchownSync(path, uid, gid) + : (path, uid, gid) => fs[LCHOWNSYNC](path, uid, gid) // fs.readdir could only accept an options object as of node v6 const nodeVersion = process.version @@ -65,19 +45,11 @@ let readdirSync = (path, options) => fs.readdirSync(path, options) if (/^v4\./.test(nodeVersion)) readdir = (path, options, cb) => fs.readdir(path, cb) -const chown = (cpath, uid, gid, cb) => { - fs[LCHOWN](cpath, uid, gid, handleEISDIR(cpath, uid, gid, er => { - // Skip ENOENT error - cb(er && er.code !== 'ENOENT' ? er : null) - })) -} - const chownrKid = (p, child, uid, gid, cb) => { if (typeof child === 'string') return fs.lstat(path.resolve(p, child), (er, stats) => { - // Skip ENOENT error if (er) - return cb(er.code !== 'ENOENT' ? er : null) + return cb(er) stats.name = child chownrKid(p, stats, uid, gid, cb) }) @@ -87,11 +59,11 @@ const chownrKid = (p, child, uid, gid, cb) => { if (er) return cb(er) const cpath = path.resolve(p, child.name) - chown(cpath, uid, gid, cb) + fs[LCHOWN](cpath, uid, gid, handleEISDIR(cpath, uid, gid, cb)) }) } else { const cpath = path.resolve(p, child.name) - chown(cpath, uid, gid, cb) + fs[LCHOWN](cpath, uid, gid, handleEISDIR(cpath, uid, gid, cb)) } } @@ -100,14 +72,10 @@ const chownr = (p, uid, gid, cb) => { readdir(p, { withFileTypes: true }, (er, children) => { // any error other than ENOTDIR or ENOTSUP means it's not readable, // or doesn't exist. give up. - if (er) { - if (er.code === 'ENOENT') - return cb() - else if (er.code !== 'ENOTDIR' && er.code !== 'ENOTSUP') - return cb(er) - } + if (er && er.code !== 'ENOTDIR' && er.code !== 'ENOTSUP') + return cb(er) if (er || !children.length) - return chown(p, uid, gid, cb) + return fs[LCHOWN](p, uid, gid, handleEISDIR(p, uid, gid, cb)) let len = children.length let errState = null @@ -117,7 +85,7 @@ const chownr = (p, uid, gid, cb) => { if (er) return cb(errState = er) if (-- len === 0) - return chown(p, uid, gid, cb) + return fs[LCHOWN](p, uid, gid, handleEISDIR(p, uid, gid, cb)) } children.forEach(child => chownrKid(p, child, uid, gid, then)) @@ -126,16 +94,9 @@ const chownr = (p, uid, gid, cb) => { const chownrKidSync = (p, child, uid, gid) => { if (typeof child === 'string') { - try { - const stats = fs.lstatSync(path.resolve(p, child)) - stats.name = child - child = stats - } catch (er) { - if (er.code === 'ENOENT') - return - else - throw er - } + const stats = fs.lstatSync(path.resolve(p, child)) + stats.name = child + child = stats } if (child.isDirectory()) @@ -149,15 +110,12 @@ const chownrSync = (p, uid, gid) => { try { children = readdirSync(p, { withFileTypes: true }) } catch (er) { - if (er.code === 'ENOENT') - return - else if (er.code === 'ENOTDIR' || er.code === 'ENOTSUP') + if (er && er.code === 'ENOTDIR' && er.code !== 'ENOTSUP') return handleEISDirSync(p, uid, gid) - else - throw er + throw er } - if (children && children.length) + if (children.length) children.forEach(child => chownrKidSync(p, child, uid, gid)) return handleEISDirSync(p, uid, gid) diff --git a/node_modules/chownr/package.json b/node_modules/chownr/package.json index 5c125f844..cc48dc912 100644 --- a/node_modules/chownr/package.json +++ b/node_modules/chownr/package.json @@ -1,19 +1,19 @@ { - "_from": "chownr@1.1.4", - "_id": "chownr@1.1.4", + "_from": "chownr@1.1.3", + "_id": "chownr@1.1.3", "_inBundle": false, - "_integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==", + "_integrity": "sha512-i70fVHhmV3DtTl6nqvZOnIjbY0Pe4kAUjwHj8z0zAdgBtYrJyYwLKCCuRBQ5ppkyL0AkN7HKRnETdmdp1zqNXw==", "_location": "/chownr", "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "chownr@1.1.4", + "raw": "chownr@1.1.3", "name": "chownr", "escapedName": "chownr", - "rawSpec": "1.1.4", + "rawSpec": "1.1.3", "saveSpec": null, - "fetchSpec": "1.1.4" + "fetchSpec": "1.1.3" }, "_requiredBy": [ "#USER", @@ -23,10 +23,10 @@ "/pacote", "/tar" ], - "_resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", - "_shasum": "6fc9d7b42d32a583596337666e7d08084da2cc6b", - "_spec": "chownr@1.1.4", - "_where": "/Users/darcyclarke/Documents/Repos/npm/cli", + "_resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.3.tgz", + "_shasum": "42d837d5239688d55f303003a508230fa6727142", + "_spec": "chownr@1.1.3", + "_where": "/Users/mperrotte/npminc/cli", "author": { "name": "Isaac Z. Schlueter", "email": "i@izs.me", @@ -40,8 +40,8 @@ "description": "like `chown -R`", "devDependencies": { "mkdirp": "0.3", - "rimraf": "^2.7.1", - "tap": "^14.10.6" + "rimraf": "", + "tap": "^12.0.1" }, "files": [ "chownr.js" @@ -55,13 +55,10 @@ "url": "git://github.com/isaacs/chownr.git" }, "scripts": { + "postpublish": "git push origin --follow-tags", "postversion": "npm publish", - "prepublishOnly": "git push origin --follow-tags", "preversion": "npm test", - "test": "tap" + "test": "tap test/*.js --cov" }, - "tap": { - "check-coverage": true - }, - "version": "1.1.4" + "version": "1.1.3" } diff --git a/node_modules/clean-stack/index.d.ts b/node_modules/clean-stack/index.d.ts new file mode 100644 index 000000000..ed5899509 --- /dev/null +++ b/node_modules/clean-stack/index.d.ts @@ -0,0 +1,47 @@ +declare namespace cleanStack { + interface Options { + /** + Prettify the file paths in the stack: + + `/Users/sindresorhus/dev/clean-stack/unicorn.js:2:15` → `~/dev/clean-stack/unicorn.js:2:15` + + @default false + */ + readonly pretty?: boolean; + } +} + +/** +Clean up error stack traces. Removes the mostly unhelpful internal Node.js entries. + +@param stack - The `stack` property of an `Error`. + +@example +``` +import cleanStack = require('clean-stack'); + +const error = new Error('Missing unicorn'); + +console.log(error.stack); + +// Error: Missing unicorn +// at Object.<anonymous> (/Users/sindresorhus/dev/clean-stack/unicorn.js:2:15) +// at Module._compile (module.js:409:26) +// at Object.Module._extensions..js (module.js:416:10) +// at Module.load (module.js:343:32) +// at Function.Module._load (module.js:300:12) +// at Function.Module.runMain (module.js:441:10) +// at startup (node.js:139:18) + +console.log(cleanStack(error.stack)); + +// Error: Missing unicorn +// at Object.<anonymous> (/Users/sindresorhus/dev/clean-stack/unicorn.js:2:15) +``` +*/ +declare function cleanStack( + stack: string, + options?: cleanStack.Options +): string; + +export = cleanStack; diff --git a/node_modules/clean-stack/index.js b/node_modules/clean-stack/index.js new file mode 100644 index 000000000..8c1dcc4cd --- /dev/null +++ b/node_modules/clean-stack/index.js @@ -0,0 +1,40 @@ +'use strict'; +const os = require('os'); + +const extractPathRegex = /\s+at.*(?:\(|\s)(.*)\)?/; +const pathRegex = /^(?:(?:(?:node|(?:internal\/[\w/]*|.*node_modules\/(?:babel-polyfill|pirates)\/.*)?\w+)\.js:\d+:\d+)|native)/; +const homeDir = typeof os.homedir === 'undefined' ? '' : os.homedir(); + +module.exports = (stack, options) => { + options = Object.assign({pretty: false}, options); + + return stack.replace(/\\/g, '/') + .split('\n') + .filter(line => { + const pathMatches = line.match(extractPathRegex); + if (pathMatches === null || !pathMatches[1]) { + return true; + } + + const match = pathMatches[1]; + + // Electron + if ( + match.includes('.app/Contents/Resources/electron.asar') || + match.includes('.app/Contents/Resources/default_app.asar') + ) { + return false; + } + + return !pathRegex.test(match); + }) + .filter(line => line.trim() !== '') + .map(line => { + if (options.pretty) { + return line.replace(extractPathRegex, (m, p1) => m.replace(p1, p1.replace(homeDir, '~'))); + } + + return line; + }) + .join('\n'); +}; diff --git a/node_modules/clean-stack/license b/node_modules/clean-stack/license new file mode 100644 index 000000000..e7af2f771 --- /dev/null +++ b/node_modules/clean-stack/license @@ -0,0 +1,9 @@ +MIT License + +Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/clean-stack/package.json b/node_modules/clean-stack/package.json new file mode 100644 index 000000000..1398c1c77 --- /dev/null +++ b/node_modules/clean-stack/package.json @@ -0,0 +1,71 @@ +{ + "_from": "clean-stack@^2.0.0", + "_id": "clean-stack@2.2.0", + "_inBundle": false, + "_integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==", + "_location": "/clean-stack", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "clean-stack@^2.0.0", + "name": "clean-stack", + "escapedName": "clean-stack", + "rawSpec": "^2.0.0", + "saveSpec": null, + "fetchSpec": "^2.0.0" + }, + "_requiredBy": [ + "/aggregate-error" + ], + "_resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz", + "_shasum": "ee8472dbb129e727b31e8a10a427dee9dfe4008b", + "_spec": "clean-stack@^2.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/aggregate-error", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "browser": { + "os": false + }, + "bugs": { + "url": "https://github.com/sindresorhus/clean-stack/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Clean up error stack traces", + "devDependencies": { + "ava": "^1.4.1", + "tsd": "^0.7.2", + "xo": "^0.24.0" + }, + "engines": { + "node": ">=6" + }, + "files": [ + "index.js", + "index.d.ts" + ], + "homepage": "https://github.com/sindresorhus/clean-stack#readme", + "keywords": [ + "clean", + "stack", + "trace", + "traces", + "error", + "err", + "electron" + ], + "license": "MIT", + "name": "clean-stack", + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/clean-stack.git" + }, + "scripts": { + "test": "xo && ava && tsd" + }, + "version": "2.2.0" +} diff --git a/node_modules/clean-stack/readme.md b/node_modules/clean-stack/readme.md new file mode 100644 index 000000000..8d4416046 --- /dev/null +++ b/node_modules/clean-stack/readme.md @@ -0,0 +1,76 @@ +# clean-stack [](https://travis-ci.org/sindresorhus/clean-stack) + +> Clean up error stack traces + +Removes the mostly unhelpful internal Node.js entries. + +Also works in Electron. + + +## Install + +``` +$ npm install clean-stack +``` + + +## Usage + +```js +const cleanStack = require('clean-stack'); + +const error = new Error('Missing unicorn'); + +console.log(error.stack); +/* +Error: Missing unicorn + at Object.<anonymous> (/Users/sindresorhus/dev/clean-stack/unicorn.js:2:15) + at Module._compile (module.js:409:26) + at Object.Module._extensions..js (module.js:416:10) + at Module.load (module.js:343:32) + at Function.Module._load (module.js:300:12) + at Function.Module.runMain (module.js:441:10) + at startup (node.js:139:18) +*/ + +console.log(cleanStack(error.stack)); +/* +Error: Missing unicorn + at Object.<anonymous> (/Users/sindresorhus/dev/clean-stack/unicorn.js:2:15) +*/ +``` + + +## API + +### cleanStack(stack, [options]) + +#### stack + +Type: `string` + +The `stack` property of an `Error`. + +#### options + +Type: `Object` + +##### pretty + +Type: `boolean`<br> +Default: `false` + +Prettify the file paths in the stack: + +`/Users/sindresorhus/dev/clean-stack/unicorn.js:2:15` → `~/dev/clean-stack/unicorn.js:2:15` + + +## Related + +- [extrack-stack](https://github.com/sindresorhus/extract-stack) - Extract the actual stack of an error +- [stack-utils](https://github.com/tapjs/stack-utils) - Captures and cleans stack traces + + +## License + +MIT © [Sindre Sorhus](https://sindresorhus.com) diff --git a/node_modules/concat-stream/node_modules/readable-stream/CONTRIBUTING.md b/node_modules/concat-stream/node_modules/readable-stream/CONTRIBUTING.md new file mode 100644 index 000000000..f478d58dc --- /dev/null +++ b/node_modules/concat-stream/node_modules/readable-stream/CONTRIBUTING.md @@ -0,0 +1,38 @@ +# Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. + +## Moderation Policy + +The [Node.js Moderation Policy] applies to this WG. + +## Code of Conduct + +The [Node.js Code of Conduct][] applies to this WG. + +[Node.js Code of Conduct]: +https://github.com/nodejs/node/blob/master/CODE_OF_CONDUCT.md +[Node.js Moderation Policy]: +https://github.com/nodejs/TSC/blob/master/Moderation-Policy.md diff --git a/node_modules/deep-extend/CHANGELOG.md b/node_modules/deep-extend/CHANGELOG.md index dd13ec131..3932f8f02 100644 --- a/node_modules/deep-extend/CHANGELOG.md +++ b/node_modules/deep-extend/CHANGELOG.md @@ -1,14 +1,6 @@ Changelog ========= -v0.6.0 ------- - -- Updated "devDependencies" versions to fix vulnerability alerts -- Dropped support of io.js and node.js v0.12.x and lower since new versions of - "devDependencies" couldn't work with those old node.js versions - (minimal supported version of node.js now is v4.0.0) - v0.5.1 ------ diff --git a/node_modules/deep-extend/README.md b/node_modules/deep-extend/README.md index 67c7fc085..cf84f70de 100644 --- a/node_modules/deep-extend/README.md +++ b/node_modules/deep-extend/README.md @@ -7,6 +7,8 @@ Recursive object extending. [](https://nodei.co/npm/deep-extend/) +[](https://nodei.co/npm/deep-extend/) + Install ------- diff --git a/node_modules/deep-extend/package.json b/node_modules/deep-extend/package.json index 15386bcff..3aaa6742f 100644 --- a/node_modules/deep-extend/package.json +++ b/node_modules/deep-extend/package.json @@ -1,27 +1,27 @@ { - "_from": "deep-extend@^0.6.0", - "_id": "deep-extend@0.6.0", + "_from": "deep-extend@^0.5.1", + "_id": "deep-extend@0.5.1", "_inBundle": false, - "_integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==", + "_integrity": "sha512-N8vBdOa+DF7zkRrDCsaOXoCs/E2fJfx9B9MrKnnSiHNh4ws7eSys6YQE4KvT1cecKmOASYQBhbKjeuDD9lT81w==", "_location": "/deep-extend", "_phantomChildren": {}, "_requested": { "type": "range", "registry": true, - "raw": "deep-extend@^0.6.0", + "raw": "deep-extend@^0.5.1", "name": "deep-extend", "escapedName": "deep-extend", - "rawSpec": "^0.6.0", + "rawSpec": "^0.5.1", "saveSpec": null, - "fetchSpec": "^0.6.0" + "fetchSpec": "^0.5.1" }, "_requiredBy": [ "/rc" ], - "_resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz", - "_shasum": "c4fa7c95404a17a9c3e8ca7e1537312b736330ac", - "_spec": "deep-extend@^0.6.0", - "_where": "/Users/ruyadorno/Documents/workspace/cli/node_modules/rc", + "_resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.5.1.tgz", + "_shasum": "b894a9dd90d3023fbf1c55a394fb858eb2066f1f", + "_spec": "deep-extend@^0.5.1", + "_where": "/Users/rebecca/code/npm/node_modules/rc", "author": { "name": "Viacheslav Lotsmanov", "email": "lotsmanov89@gmail.com" @@ -51,11 +51,12 @@ "deprecated": false, "description": "Recursive object extending", "devDependencies": { - "mocha": "5.2.0", - "should": "13.2.1" + "mocha": "2.2.1", + "should": "5.2.0" }, "engines": { - "node": ">=4.0.0" + "iojs": ">=1.0.0", + "node": ">=0.10.0" }, "files": [ "index.js", @@ -88,5 +89,5 @@ "scripts": { "test": "mocha" }, - "version": "0.6.0" + "version": "0.5.1" } diff --git a/node_modules/depd/History.md b/node_modules/depd/History.md new file mode 100644 index 000000000..507ecb8de --- /dev/null +++ b/node_modules/depd/History.md @@ -0,0 +1,96 @@ +1.1.2 / 2018-01-11 +================== + + * perf: remove argument reassignment + * Support Node.js 0.6 to 9.x + +1.1.1 / 2017-07-27 +================== + + * Remove unnecessary `Buffer` loading + * Support Node.js 0.6 to 8.x + +1.1.0 / 2015-09-14 +================== + + * Enable strict mode in more places + * Support io.js 3.x + * Support io.js 2.x + * Support web browser loading + - Requires bundler like Browserify or webpack + +1.0.1 / 2015-04-07 +================== + + * Fix `TypeError`s when under `'use strict'` code + * Fix useless type name on auto-generated messages + * Support io.js 1.x + * Support Node.js 0.12 + +1.0.0 / 2014-09-17 +================== + + * No changes + +0.4.5 / 2014-09-09 +================== + + * Improve call speed to functions using the function wrapper + * Support Node.js 0.6 + +0.4.4 / 2014-07-27 +================== + + * Work-around v8 generating empty stack traces + +0.4.3 / 2014-07-26 +================== + + * Fix exception when global `Error.stackTraceLimit` is too low + +0.4.2 / 2014-07-19 +================== + + * Correct call site for wrapped functions and properties + +0.4.1 / 2014-07-19 +================== + + * Improve automatic message generation for function properties + +0.4.0 / 2014-07-19 +================== + + * Add `TRACE_DEPRECATION` environment variable + * Remove non-standard grey color from color output + * Support `--no-deprecation` argument + * Support `--trace-deprecation` argument + * Support `deprecate.property(fn, prop, message)` + +0.3.0 / 2014-06-16 +================== + + * Add `NO_DEPRECATION` environment variable + +0.2.0 / 2014-06-15 +================== + + * Add `deprecate.property(obj, prop, message)` + * Remove `supports-color` dependency for node.js 0.8 + +0.1.0 / 2014-06-15 +================== + + * Add `deprecate.function(fn, message)` + * Add `process.on('deprecation', fn)` emitter + * Automatically generate message when omitted from `deprecate()` + +0.0.1 / 2014-06-15 +================== + + * Fix warning for dynamic calls at singe call site + +0.0.0 / 2014-06-15 +================== + + * Initial implementation diff --git a/node_modules/depd/LICENSE b/node_modules/depd/LICENSE new file mode 100644 index 000000000..84441fbb5 --- /dev/null +++ b/node_modules/depd/LICENSE @@ -0,0 +1,22 @@ +(The MIT License) + +Copyright (c) 2014-2017 Douglas Christopher Wilson + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +'Software'), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/depd/Readme.md b/node_modules/depd/Readme.md new file mode 100644 index 000000000..779067020 --- /dev/null +++ b/node_modules/depd/Readme.md @@ -0,0 +1,280 @@ +# depd + +[![NPM Version][npm-version-image]][npm-url] +[![NPM Downloads][npm-downloads-image]][npm-url] +[![Node.js Version][node-image]][node-url] +[![Linux Build][travis-image]][travis-url] +[![Windows Build][appveyor-image]][appveyor-url] +[![Coverage Status][coveralls-image]][coveralls-url] + +Deprecate all the things + +> With great modules comes great responsibility; mark things deprecated! + +## Install + +This module is installed directly using `npm`: + +```sh +$ npm install depd +``` + +This module can also be bundled with systems like +[Browserify](http://browserify.org/) or [webpack](https://webpack.github.io/), +though by default this module will alter it's API to no longer display or +track deprecations. + +## API + +<!-- eslint-disable no-unused-vars --> + +```js +var deprecate = require('depd')('my-module') +``` + +This library allows you to display deprecation messages to your users. +This library goes above and beyond with deprecation warnings by +introspection of the call stack (but only the bits that it is interested +in). + +Instead of just warning on the first invocation of a deprecated +function and never again, this module will warn on the first invocation +of a deprecated function per unique call site, making it ideal to alert +users of all deprecated uses across the code base, rather than just +whatever happens to execute first. + +The deprecation warnings from this module also include the file and line +information for the call into the module that the deprecated function was +in. + +**NOTE** this library has a similar interface to the `debug` module, and +this module uses the calling file to get the boundary for the call stacks, +so you should always create a new `deprecate` object in each file and not +within some central file. + +### depd(namespace) + +Create a new deprecate function that uses the given namespace name in the +messages and will display the call site prior to the stack entering the +file this function was called from. It is highly suggested you use the +name of your module as the namespace. + +### deprecate(message) + +Call this function from deprecated code to display a deprecation message. +This message will appear once per unique caller site. Caller site is the +first call site in the stack in a different file from the caller of this +function. + +If the message is omitted, a message is generated for you based on the site +of the `deprecate()` call and will display the name of the function called, +similar to the name displayed in a stack trace. + +### deprecate.function(fn, message) + +Call this function to wrap a given function in a deprecation message on any +call to the function. An optional message can be supplied to provide a custom +message. + +### deprecate.property(obj, prop, message) + +Call this function to wrap a given property on object in a deprecation message +on any accessing or setting of the property. An optional message can be supplied +to provide a custom message. + +The method must be called on the object where the property belongs (not +inherited from the prototype). + +If the property is a data descriptor, it will be converted to an accessor +descriptor in order to display the deprecation message. + +### process.on('deprecation', fn) + +This module will allow easy capturing of deprecation errors by emitting the +errors as the type "deprecation" on the global `process`. If there are no +listeners for this type, the errors are written to STDERR as normal, but if +there are any listeners, nothing will be written to STDERR and instead only +emitted. From there, you can write the errors in a different format or to a +logging source. + +The error represents the deprecation and is emitted only once with the same +rules as writing to STDERR. The error has the following properties: + + - `message` - This is the message given by the library + - `name` - This is always `'DeprecationError'` + - `namespace` - This is the namespace the deprecation came from + - `stack` - This is the stack of the call to the deprecated thing + +Example `error.stack` output: + +``` +DeprecationError: my-cool-module deprecated oldfunction + at Object.<anonymous> ([eval]-wrapper:6:22) + at Module._compile (module.js:456:26) + at evalScript (node.js:532:25) + at startup (node.js:80:7) + at node.js:902:3 +``` + +### process.env.NO_DEPRECATION + +As a user of modules that are deprecated, the environment variable `NO_DEPRECATION` +is provided as a quick solution to silencing deprecation warnings from being +output. The format of this is similar to that of `DEBUG`: + +```sh +$ NO_DEPRECATION=my-module,othermod node app.js +``` + +This will suppress deprecations from being output for "my-module" and "othermod". +The value is a list of comma-separated namespaces. To suppress every warning +across all namespaces, use the value `*` for a namespace. + +Providing the argument `--no-deprecation` to the `node` executable will suppress +all deprecations (only available in Node.js 0.8 or higher). + +**NOTE** This will not suppress the deperecations given to any "deprecation" +event listeners, just the output to STDERR. + +### process.env.TRACE_DEPRECATION + +As a user of modules that are deprecated, the environment variable `TRACE_DEPRECATION` +is provided as a solution to getting more detailed location information in deprecation +warnings by including the entire stack trace. The format of this is the same as +`NO_DEPRECATION`: + +```sh +$ TRACE_DEPRECATION=my-module,othermod node app.js +``` + +This will include stack traces for deprecations being output for "my-module" and +"othermod". The value is a list of comma-separated namespaces. To trace every +warning across all namespaces, use the value `*` for a namespace. + +Providing the argument `--trace-deprecation` to the `node` executable will trace +all deprecations (only available in Node.js 0.8 or higher). + +**NOTE** This will not trace the deperecations silenced by `NO_DEPRECATION`. + +## Display + + + +When a user calls a function in your library that you mark deprecated, they +will see the following written to STDERR (in the given colors, similar colors +and layout to the `debug` module): + +``` +bright cyan bright yellow +| | reset cyan +| | | | +▼ ▼ ▼ ▼ +my-cool-module deprecated oldfunction [eval]-wrapper:6:22 +▲ ▲ ▲ ▲ +| | | | +namespace | | location of mycoolmod.oldfunction() call + | deprecation message + the word "deprecated" +``` + +If the user redirects their STDERR to a file or somewhere that does not support +colors, they see (similar layout to the `debug` module): + +``` +Sun, 15 Jun 2014 05:21:37 GMT my-cool-module deprecated oldfunction at [eval]-wrapper:6:22 +▲ ▲ ▲ ▲ ▲ +| | | | | +timestamp of message namespace | | location of mycoolmod.oldfunction() call + | deprecation message + the word "deprecated" +``` + +## Examples + +### Deprecating all calls to a function + +This will display a deprecated message about "oldfunction" being deprecated +from "my-module" on STDERR. + +```js +var deprecate = require('depd')('my-cool-module') + +// message automatically derived from function name +// Object.oldfunction +exports.oldfunction = deprecate.function(function oldfunction () { + // all calls to function are deprecated +}) + +// specific message +exports.oldfunction = deprecate.function(function () { + // all calls to function are deprecated +}, 'oldfunction') +``` + +### Conditionally deprecating a function call + +This will display a deprecated message about "weirdfunction" being deprecated +from "my-module" on STDERR when called with less than 2 arguments. + +```js +var deprecate = require('depd')('my-cool-module') + +exports.weirdfunction = function () { + if (arguments.length < 2) { + // calls with 0 or 1 args are deprecated + deprecate('weirdfunction args < 2') + } +} +``` + +When calling `deprecate` as a function, the warning is counted per call site +within your own module, so you can display different deprecations depending +on different situations and the users will still get all the warnings: + +```js +var deprecate = require('depd')('my-cool-module') + +exports.weirdfunction = function () { + if (arguments.length < 2) { + // calls with 0 or 1 args are deprecated + deprecate('weirdfunction args < 2') + } else if (typeof arguments[0] !== 'string') { + // calls with non-string first argument are deprecated + deprecate('weirdfunction non-string first arg') + } +} +``` + +### Deprecating property access + +This will display a deprecated message about "oldprop" being deprecated +from "my-module" on STDERR when accessed. A deprecation will be displayed +when setting the value and when getting the value. + +```js +var deprecate = require('depd')('my-cool-module') + +exports.oldprop = 'something' + +// message automatically derives from property name +deprecate.property(exports, 'oldprop') + +// explicit message +deprecate.property(exports, 'oldprop', 'oldprop >= 0.10') +``` + +## License + +[MIT](LICENSE) + +[npm-version-image]: https://img.shields.io/npm/v/depd.svg +[npm-downloads-image]: https://img.shields.io/npm/dm/depd.svg +[npm-url]: https://npmjs.org/package/depd +[travis-image]: https://img.shields.io/travis/dougwilson/nodejs-depd/master.svg?label=linux +[travis-url]: https://travis-ci.org/dougwilson/nodejs-depd +[appveyor-image]: https://img.shields.io/appveyor/ci/dougwilson/nodejs-depd/master.svg?label=windows +[appveyor-url]: https://ci.appveyor.com/project/dougwilson/nodejs-depd +[coveralls-image]: https://img.shields.io/coveralls/dougwilson/nodejs-depd/master.svg +[coveralls-url]: https://coveralls.io/r/dougwilson/nodejs-depd?branch=master +[node-image]: https://img.shields.io/node/v/depd.svg +[node-url]: https://nodejs.org/en/download/ diff --git a/node_modules/depd/index.js b/node_modules/depd/index.js new file mode 100644 index 000000000..d758d3c8f --- /dev/null +++ b/node_modules/depd/index.js @@ -0,0 +1,522 @@ +/*! + * depd + * Copyright(c) 2014-2017 Douglas Christopher Wilson + * MIT Licensed + */ + +/** + * Module dependencies. + */ + +var callSiteToString = require('./lib/compat').callSiteToString +var eventListenerCount = require('./lib/compat').eventListenerCount +var relative = require('path').relative + +/** + * Module exports. + */ + +module.exports = depd + +/** + * Get the path to base files on. + */ + +var basePath = process.cwd() + +/** + * Determine if namespace is contained in the string. + */ + +function containsNamespace (str, namespace) { + var vals = str.split(/[ ,]+/) + var ns = String(namespace).toLowerCase() + + for (var i = 0; i < vals.length; i++) { + var val = vals[i] + + // namespace contained + if (val && (val === '*' || val.toLowerCase() === ns)) { + return true + } + } + + return false +} + +/** + * Convert a data descriptor to accessor descriptor. + */ + +function convertDataDescriptorToAccessor (obj, prop, message) { + var descriptor = Object.getOwnPropertyDescriptor(obj, prop) + var value = descriptor.value + + descriptor.get = function getter () { return value } + + if (descriptor.writable) { + descriptor.set = function setter (val) { return (value = val) } + } + + delete descriptor.value + delete descriptor.writable + + Object.defineProperty(obj, prop, descriptor) + + return descriptor +} + +/** + * Create arguments string to keep arity. + */ + +function createArgumentsString (arity) { + var str = '' + + for (var i = 0; i < arity; i++) { + str += ', arg' + i + } + + return str.substr(2) +} + +/** + * Create stack string from stack. + */ + +function createStackString (stack) { + var str = this.name + ': ' + this.namespace + + if (this.message) { + str += ' deprecated ' + this.message + } + + for (var i = 0; i < stack.length; i++) { + str += '\n at ' + callSiteToString(stack[i]) + } + + return str +} + +/** + * Create deprecate for namespace in caller. + */ + +function depd (namespace) { + if (!namespace) { + throw new TypeError('argument namespace is required') + } + + var stack = getStack() + var site = callSiteLocation(stack[1]) + var file = site[0] + + function deprecate (message) { + // call to self as log + log.call(deprecate, message) + } + + deprecate._file = file + deprecate._ignored = isignored(namespace) + deprecate._namespace = namespace + deprecate._traced = istraced(namespace) + deprecate._warned = Object.create(null) + + deprecate.function = wrapfunction + deprecate.property = wrapproperty + + return deprecate +} + +/** + * Determine if namespace is ignored. + */ + +function isignored (namespace) { + /* istanbul ignore next: tested in a child processs */ + if (process.noDeprecation) { + // --no-deprecation support + return true + } + + var str = process.env.NO_DEPRECATION || '' + + // namespace ignored + return containsNamespace(str, namespace) +} + +/** + * Determine if namespace is traced. + */ + +function istraced (namespace) { + /* istanbul ignore next: tested in a child processs */ + if (process.traceDeprecation) { + // --trace-deprecation support + return true + } + + var str = process.env.TRACE_DEPRECATION || '' + + // namespace traced + return containsNamespace(str, namespace) +} + +/** + * Display deprecation message. + */ + +function log (message, site) { + var haslisteners = eventListenerCount(process, 'deprecation') !== 0 + + // abort early if no destination + if (!haslisteners && this._ignored) { + return + } + + var caller + var callFile + var callSite + var depSite + var i = 0 + var seen = false + var stack = getStack() + var file = this._file + + if (site) { + // provided site + depSite = site + callSite = callSiteLocation(stack[1]) + callSite.name = depSite.name + file = callSite[0] + } else { + // get call site + i = 2 + depSite = callSiteLocation(stack[i]) + callSite = depSite + } + + // get caller of deprecated thing in relation to file + for (; i < stack.length; i++) { + caller = callSiteLocation(stack[i]) + callFile = caller[0] + + if (callFile === file) { + seen = true + } else if (callFile === this._file) { + file = this._file + } else if (seen) { + break + } + } + + var key = caller + ? depSite.join(':') + '__' + caller.join(':') + : undefined + + if (key !== undefined && key in this._warned) { + // already warned + return + } + + this._warned[key] = true + + // generate automatic message from call site + var msg = message + if (!msg) { + msg = callSite === depSite || !callSite.name + ? defaultMessage(depSite) + : defaultMessage(callSite) + } + + // emit deprecation if listeners exist + if (haslisteners) { + var err = DeprecationError(this._namespace, msg, stack.slice(i)) + process.emit('deprecation', err) + return + } + + // format and write message + var format = process.stderr.isTTY + ? formatColor + : formatPlain + var output = format.call(this, msg, caller, stack.slice(i)) + process.stderr.write(output + '\n', 'utf8') +} + +/** + * Get call site location as array. + */ + +function callSiteLocation (callSite) { + var file = callSite.getFileName() || '<anonymous>' + var line = callSite.getLineNumber() + var colm = callSite.getColumnNumber() + + if (callSite.isEval()) { + file = callSite.getEvalOrigin() + ', ' + file + } + + var site = [file, line, colm] + + site.callSite = callSite + site.name = callSite.getFunctionName() + + return site +} + +/** + * Generate a default message from the site. + */ + +function defaultMessage (site) { + var callSite = site.callSite + var funcName = site.name + + // make useful anonymous name + if (!funcName) { + funcName = '<anonymous@' + formatLocation(site) + '>' + } + + var context = callSite.getThis() + var typeName = context && callSite.getTypeName() + + // ignore useless type name + if (typeName === 'Object') { + typeName = undefined + } + + // make useful type name + if (typeName === 'Function') { + typeName = context.name || typeName + } + + return typeName && callSite.getMethodName() + ? typeName + '.' + funcName + : funcName +} + +/** + * Format deprecation message without color. + */ + +function formatPlain (msg, caller, stack) { + var timestamp = new Date().toUTCString() + + var formatted = timestamp + + ' ' + this._namespace + + ' deprecated ' + msg + + // add stack trace + if (this._traced) { + for (var i = 0; i < stack.length; i++) { + formatted += '\n at ' + callSiteToString(stack[i]) + } + + return formatted + } + + if (caller) { + formatted += ' at ' + formatLocation(caller) + } + + return formatted +} + +/** + * Format deprecation message with color. + */ + +function formatColor (msg, caller, stack) { + var formatted = '\x1b[36;1m' + this._namespace + '\x1b[22;39m' + // bold cyan + ' \x1b[33;1mdeprecated\x1b[22;39m' + // bold yellow + ' \x1b[0m' + msg + '\x1b[39m' // reset + + // add stack trace + if (this._traced) { + for (var i = 0; i < stack.length; i++) { + formatted += '\n \x1b[36mat ' + callSiteToString(stack[i]) + '\x1b[39m' // cyan + } + + return formatted + } + + if (caller) { + formatted += ' \x1b[36m' + formatLocation(caller) + '\x1b[39m' // cyan + } + + return formatted +} + +/** + * Format call site location. + */ + +function formatLocation (callSite) { + return relative(basePath, callSite[0]) + + ':' + callSite[1] + + ':' + callSite[2] +} + +/** + * Get the stack as array of call sites. + */ + +function getStack () { + var limit = Error.stackTraceLimit + var obj = {} + var prep = Error.prepareStackTrace + + Error.prepareStackTrace = prepareObjectStackTrace + Error.stackTraceLimit = Math.max(10, limit) + + // capture the stack + Error.captureStackTrace(obj) + + // slice this function off the top + var stack = obj.stack.slice(1) + + Error.prepareStackTrace = prep + Error.stackTraceLimit = limit + + return stack +} + +/** + * Capture call site stack from v8. + */ + +function prepareObjectStackTrace (obj, stack) { + return stack +} + +/** + * Return a wrapped function in a deprecation message. + */ + +function wrapfunction (fn, message) { + if (typeof fn !== 'function') { + throw new TypeError('argument fn must be a function') + } + + var args = createArgumentsString(fn.length) + var deprecate = this // eslint-disable-line no-unused-vars + var stack = getStack() + var site = callSiteLocation(stack[1]) + + site.name = fn.name + + // eslint-disable-next-line no-eval + var deprecatedfn = eval('(function (' + args + ') {\n' + + '"use strict"\n' + + 'log.call(deprecate, message, site)\n' + + 'return fn.apply(this, arguments)\n' + + '})') + + return deprecatedfn +} + +/** + * Wrap property in a deprecation message. + */ + +function wrapproperty (obj, prop, message) { + if (!obj || (typeof obj !== 'object' && typeof obj !== 'function')) { + throw new TypeError('argument obj must be object') + } + + var descriptor = Object.getOwnPropertyDescriptor(obj, prop) + + if (!descriptor) { + throw new TypeError('must call property on owner object') + } + + if (!descriptor.configurable) { + throw new TypeError('property must be configurable') + } + + var deprecate = this + var stack = getStack() + var site = callSiteLocation(stack[1]) + + // set site name + site.name = prop + + // convert data descriptor + if ('value' in descriptor) { + descriptor = convertDataDescriptorToAccessor(obj, prop, message) + } + + var get = descriptor.get + var set = descriptor.set + + // wrap getter + if (typeof get === 'function') { + descriptor.get = function getter () { + log.call(deprecate, message, site) + return get.apply(this, arguments) + } + } + + // wrap setter + if (typeof set === 'function') { + descriptor.set = function setter () { + log.call(deprecate, message, site) + return set.apply(this, arguments) + } + } + + Object.defineProperty(obj, prop, descriptor) +} + +/** + * Create DeprecationError for deprecation + */ + +function DeprecationError (namespace, message, stack) { + var error = new Error() + var stackString + + Object.defineProperty(error, 'constructor', { + value: DeprecationError + }) + + Object.defineProperty(error, 'message', { + configurable: true, + enumerable: false, + value: message, + writable: true + }) + + Object.defineProperty(error, 'name', { + enumerable: false, + configurable: true, + value: 'DeprecationError', + writable: true + }) + + Object.defineProperty(error, 'namespace', { + configurable: true, + enumerable: false, + value: namespace, + writable: true + }) + + Object.defineProperty(error, 'stack', { + configurable: true, + enumerable: false, + get: function () { + if (stackString !== undefined) { + return stackString + } + + // prepare stack trace + return (stackString = createStackString.call(this, stack)) + }, + set: function setter (val) { + stackString = val + } + }) + + return error +} diff --git a/node_modules/depd/lib/browser/index.js b/node_modules/depd/lib/browser/index.js new file mode 100644 index 000000000..6be45cc20 --- /dev/null +++ b/node_modules/depd/lib/browser/index.js @@ -0,0 +1,77 @@ +/*! + * depd + * Copyright(c) 2015 Douglas Christopher Wilson + * MIT Licensed + */ + +'use strict' + +/** + * Module exports. + * @public + */ + +module.exports = depd + +/** + * Create deprecate for namespace in caller. + */ + +function depd (namespace) { + if (!namespace) { + throw new TypeError('argument namespace is required') + } + + function deprecate (message) { + // no-op in browser + } + + deprecate._file = undefined + deprecate._ignored = true + deprecate._namespace = namespace + deprecate._traced = false + deprecate._warned = Object.create(null) + + deprecate.function = wrapfunction + deprecate.property = wrapproperty + + return deprecate +} + +/** + * Return a wrapped function in a deprecation message. + * + * This is a no-op version of the wrapper, which does nothing but call + * validation. + */ + +function wrapfunction (fn, message) { + if (typeof fn !== 'function') { + throw new TypeError('argument fn must be a function') + } + + return fn +} + +/** + * Wrap property in a deprecation message. + * + * This is a no-op version of the wrapper, which does nothing but call + * validation. + */ + +function wrapproperty (obj, prop, message) { + if (!obj || (typeof obj !== 'object' && typeof obj !== 'function')) { + throw new TypeError('argument obj must be object') + } + + var descriptor = Object.getOwnPropertyDescriptor(obj, prop) + + if (!descriptor) { + throw new TypeError('must call property on owner object') + } + + if (!descriptor.configurable) { + throw new TypeError('property must be configurable') + } +} diff --git a/node_modules/depd/lib/compat/callsite-tostring.js b/node_modules/depd/lib/compat/callsite-tostring.js new file mode 100644 index 000000000..73186dc64 --- /dev/null +++ b/node_modules/depd/lib/compat/callsite-tostring.js @@ -0,0 +1,103 @@ +/*! + * depd + * Copyright(c) 2014 Douglas Christopher Wilson + * MIT Licensed + */ + +'use strict' + +/** + * Module exports. + */ + +module.exports = callSiteToString + +/** + * Format a CallSite file location to a string. + */ + +function callSiteFileLocation (callSite) { + var fileName + var fileLocation = '' + + if (callSite.isNative()) { + fileLocation = 'native' + } else if (callSite.isEval()) { + fileName = callSite.getScriptNameOrSourceURL() + if (!fileName) { + fileLocation = callSite.getEvalOrigin() + } + } else { + fileName = callSite.getFileName() + } + + if (fileName) { + fileLocation += fileName + + var lineNumber = callSite.getLineNumber() + if (lineNumber != null) { + fileLocation += ':' + lineNumber + + var columnNumber = callSite.getColumnNumber() + if (columnNumber) { + fileLocation += ':' + columnNumber + } + } + } + + return fileLocation || 'unknown source' +} + +/** + * Format a CallSite to a string. + */ + +function callSiteToString (callSite) { + var addSuffix = true + var fileLocation = callSiteFileLocation(callSite) + var functionName = callSite.getFunctionName() + var isConstructor = callSite.isConstructor() + var isMethodCall = !(callSite.isToplevel() || isConstructor) + var line = '' + + if (isMethodCall) { + var methodName = callSite.getMethodName() + var typeName = getConstructorName(callSite) + + if (functionName) { + if (typeName && functionName.indexOf(typeName) !== 0) { + line += typeName + '.' + } + + line += functionName + + if (methodName && functionName.lastIndexOf('.' + methodName) !== functionName.length - methodName.length - 1) { + line += ' [as ' + methodName + ']' + } + } else { + line += typeName + '.' + (methodName || '<anonymous>') + } + } else if (isConstructor) { + line += 'new ' + (functionName || '<anonymous>') + } else if (functionName) { + line += functionName + } else { + addSuffix = false + line += fileLocation + } + + if (addSuffix) { + line += ' (' + fileLocation + ')' + } + + return line +} + +/** + * Get constructor name of reviver. + */ + +function getConstructorName (obj) { + var receiver = obj.receiver + return (receiver.constructor && receiver.constructor.name) || null +} diff --git a/node_modules/depd/lib/compat/event-listener-count.js b/node_modules/depd/lib/compat/event-listener-count.js new file mode 100644 index 000000000..3a8925d13 --- /dev/null +++ b/node_modules/depd/lib/compat/event-listener-count.js @@ -0,0 +1,22 @@ +/*! + * depd + * Copyright(c) 2015 Douglas Christopher Wilson + * MIT Licensed + */ + +'use strict' + +/** + * Module exports. + * @public + */ + +module.exports = eventListenerCount + +/** + * Get the count of listeners on an event emitter of a specific type. + */ + +function eventListenerCount (emitter, type) { + return emitter.listeners(type).length +} diff --git a/node_modules/depd/lib/compat/index.js b/node_modules/depd/lib/compat/index.js new file mode 100644 index 000000000..955b3336b --- /dev/null +++ b/node_modules/depd/lib/compat/index.js @@ -0,0 +1,79 @@ +/*! + * depd + * Copyright(c) 2014-2015 Douglas Christopher Wilson + * MIT Licensed + */ + +'use strict' + +/** + * Module dependencies. + * @private + */ + +var EventEmitter = require('events').EventEmitter + +/** + * Module exports. + * @public + */ + +lazyProperty(module.exports, 'callSiteToString', function callSiteToString () { + var limit = Error.stackTraceLimit + var obj = {} + var prep = Error.prepareStackTrace + + function prepareObjectStackTrace (obj, stack) { + return stack + } + + Error.prepareStackTrace = prepareObjectStackTrace + Error.stackTraceLimit = 2 + + // capture the stack + Error.captureStackTrace(obj) + + // slice the stack + var stack = obj.stack.slice() + + Error.prepareStackTrace = prep + Error.stackTraceLimit = limit + + return stack[0].toString ? toString : require('./callsite-tostring') +}) + +lazyProperty(module.exports, 'eventListenerCount', function eventListenerCount () { + return EventEmitter.listenerCount || require('./event-listener-count') +}) + +/** + * Define a lazy property. + */ + +function lazyProperty (obj, prop, getter) { + function get () { + var val = getter() + + Object.defineProperty(obj, prop, { + configurable: true, + enumerable: true, + value: val + }) + + return val + } + + Object.defineProperty(obj, prop, { + configurable: true, + enumerable: true, + get: get + }) +} + +/** + * Call toString() on the obj + */ + +function toString (obj) { + return obj.toString() +} diff --git a/node_modules/depd/package.json b/node_modules/depd/package.json new file mode 100644 index 000000000..bab1afa62 --- /dev/null +++ b/node_modules/depd/package.json @@ -0,0 +1,76 @@ +{ + "_from": "depd@^1.1.2", + "_id": "depd@1.1.2", + "_inBundle": false, + "_integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=", + "_location": "/depd", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "depd@^1.1.2", + "name": "depd", + "escapedName": "depd", + "rawSpec": "^1.1.2", + "saveSpec": null, + "fetchSpec": "^1.1.2" + }, + "_requiredBy": [ + "/npm-registry-fetch/agentkeepalive" + ], + "_resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", + "_shasum": "9bcd52e14c097763e749b274c4346ed2e560b5a9", + "_spec": "depd@^1.1.2", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/agentkeepalive", + "author": { + "name": "Douglas Christopher Wilson", + "email": "doug@somethingdoug.com" + }, + "browser": "lib/browser/index.js", + "bugs": { + "url": "https://github.com/dougwilson/nodejs-depd/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Deprecate all the things", + "devDependencies": { + "beautify-benchmark": "0.2.4", + "benchmark": "2.1.4", + "eslint": "3.19.0", + "eslint-config-standard": "7.1.0", + "eslint-plugin-markdown": "1.0.0-beta.7", + "eslint-plugin-promise": "3.6.0", + "eslint-plugin-standard": "3.0.1", + "istanbul": "0.4.5", + "mocha": "~1.21.5" + }, + "engines": { + "node": ">= 0.6" + }, + "files": [ + "lib/", + "History.md", + "LICENSE", + "index.js", + "Readme.md" + ], + "homepage": "https://github.com/dougwilson/nodejs-depd#readme", + "keywords": [ + "deprecate", + "deprecated" + ], + "license": "MIT", + "name": "depd", + "repository": { + "type": "git", + "url": "git+https://github.com/dougwilson/nodejs-depd.git" + }, + "scripts": { + "bench": "node benchmark/index.js", + "lint": "eslint --plugin markdown --ext js,md .", + "test": "mocha --reporter spec --bail test/", + "test-ci": "istanbul cover node_modules/mocha/bin/_mocha --report lcovonly -- --reporter spec --no-exit test/", + "test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --reporter dot test/" + }, + "version": "1.1.2" +} diff --git a/node_modules/duplexify/node_modules/readable-stream/CONTRIBUTING.md b/node_modules/duplexify/node_modules/readable-stream/CONTRIBUTING.md new file mode 100644 index 000000000..f478d58dc --- /dev/null +++ b/node_modules/duplexify/node_modules/readable-stream/CONTRIBUTING.md @@ -0,0 +1,38 @@ +# Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. + +## Moderation Policy + +The [Node.js Moderation Policy] applies to this WG. + +## Code of Conduct + +The [Node.js Code of Conduct][] applies to this WG. + +[Node.js Code of Conduct]: +https://github.com/nodejs/node/blob/master/CODE_OF_CONDUCT.md +[Node.js Moderation Policy]: +https://github.com/nodejs/TSC/blob/master/Moderation-Policy.md diff --git a/node_modules/flush-write-stream/node_modules/readable-stream/CONTRIBUTING.md b/node_modules/flush-write-stream/node_modules/readable-stream/CONTRIBUTING.md new file mode 100644 index 000000000..f478d58dc --- /dev/null +++ b/node_modules/flush-write-stream/node_modules/readable-stream/CONTRIBUTING.md @@ -0,0 +1,38 @@ +# Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. + +## Moderation Policy + +The [Node.js Moderation Policy] applies to this WG. + +## Code of Conduct + +The [Node.js Code of Conduct][] applies to this WG. + +[Node.js Code of Conduct]: +https://github.com/nodejs/node/blob/master/CODE_OF_CONDUCT.md +[Node.js Moderation Policy]: +https://github.com/nodejs/TSC/blob/master/Moderation-Policy.md diff --git a/node_modules/from2/node_modules/readable-stream/CONTRIBUTING.md b/node_modules/from2/node_modules/readable-stream/CONTRIBUTING.md new file mode 100644 index 000000000..f478d58dc --- /dev/null +++ b/node_modules/from2/node_modules/readable-stream/CONTRIBUTING.md @@ -0,0 +1,38 @@ +# Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. + +## Moderation Policy + +The [Node.js Moderation Policy] applies to this WG. + +## Code of Conduct + +The [Node.js Code of Conduct][] applies to this WG. + +[Node.js Code of Conduct]: +https://github.com/nodejs/node/blob/master/CODE_OF_CONDUCT.md +[Node.js Moderation Policy]: +https://github.com/nodejs/TSC/blob/master/Moderation-Policy.md diff --git a/node_modules/fs-write-stream-atomic/node_modules/readable-stream/CONTRIBUTING.md b/node_modules/fs-write-stream-atomic/node_modules/readable-stream/CONTRIBUTING.md new file mode 100644 index 000000000..f478d58dc --- /dev/null +++ b/node_modules/fs-write-stream-atomic/node_modules/readable-stream/CONTRIBUTING.md @@ -0,0 +1,38 @@ +# Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. + +## Moderation Policy + +The [Node.js Moderation Policy] applies to this WG. + +## Code of Conduct + +The [Node.js Code of Conduct][] applies to this WG. + +[Node.js Code of Conduct]: +https://github.com/nodejs/node/blob/master/CODE_OF_CONDUCT.md +[Node.js Moderation Policy]: +https://github.com/nodejs/TSC/blob/master/Moderation-Policy.md diff --git a/node_modules/glob/README.md b/node_modules/glob/README.md index 0916a4825..e71b967ea 100644 --- a/node_modules/glob/README.md +++ b/node_modules/glob/README.md @@ -371,5 +371,3 @@ npm run bench # to profile javascript npm run prof ``` - - diff --git a/node_modules/glob/package.json b/node_modules/glob/package.json index 0e1fa5805..788801e29 100644 --- a/node_modules/glob/package.json +++ b/node_modules/glob/package.json @@ -1,24 +1,23 @@ { - "_from": "glob@7.1.6", - "_id": "glob@7.1.6", + "_from": "glob@7.1.4", + "_id": "glob@7.1.4", "_inBundle": false, - "_integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==", + "_integrity": "sha512-hkLPepehmnKk41pUGm3sYxoFs/umurYfYJCerbXEyFIWcAzvpipAgVkBqqT9RBKMGjnq6kMuyYwha6csxbiM1A==", "_location": "/glob", "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "glob@7.1.6", + "raw": "glob@7.1.4", "name": "glob", "escapedName": "glob", - "rawSpec": "7.1.6", + "rawSpec": "7.1.4", "saveSpec": null, - "fetchSpec": "7.1.6" + "fetchSpec": "7.1.4" }, "_requiredBy": [ "#USER", "/", - "/cacache", "/deglob", "/eslint", "/init-package-json", @@ -31,10 +30,10 @@ "/tap-mocha-reporter", "/test-exclude" ], - "_resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz", - "_shasum": "141f33b81a7c2492e125594307480c46679278a6", - "_spec": "glob@7.1.6", - "_where": "/Users/darcyclarke/Documents/Repos/npm/cli", + "_resolved": "https://registry.npmjs.org/glob/-/glob-7.1.4.tgz", + "_shasum": "aa608a2f6c577ad357e1ae5a5c26d9a8d1969255", + "_spec": "glob@7.1.4", + "_where": "/Users/isaacs/dev/npm/cli", "author": { "name": "Isaac Z. Schlueter", "email": "i@izs.me", @@ -68,9 +67,6 @@ "sync.js", "common.js" ], - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, "homepage": "https://github.com/isaacs/node-glob#readme", "license": "ISC", "main": "glob.js", @@ -88,5 +84,5 @@ "test": "tap test/*.js --cov", "test-regen": "npm run profclean && TEST_REGEN=1 node test/00-setup.js" }, - "version": "7.1.6" + "version": "7.1.4" } diff --git a/node_modules/graceful-fs/graceful-fs.js b/node_modules/graceful-fs/graceful-fs.js index de3df47fd..8c75ee259 100644 --- a/node_modules/graceful-fs/graceful-fs.js +++ b/node_modules/graceful-fs/graceful-fs.js @@ -21,14 +21,6 @@ if (typeof Symbol === 'function' && typeof Symbol.for === 'function') { function noop () {} -function publishQueue(context, queue) { - Object.defineProperty(context, gracefulQueue, { - get: function() { - return queue - } - }) -} - var debug = noop if (util.debuglog) debug = util.debuglog('gfs4') @@ -40,10 +32,14 @@ else if (/\bgfs4\b/i.test(process.env.NODE_DEBUG || '')) } // Once time initialization -if (!fs[gracefulQueue]) { +if (!global[gracefulQueue]) { // This queue can be shared by multiple loaded instances - var queue = global[gracefulQueue] || [] - publishQueue(fs, queue) + var queue = [] + Object.defineProperty(global, gracefulQueue, { + get: function() { + return queue + } + }) // Patch fs.close/closeSync to shared queue version, because we need // to retry() whenever a close happens *anywhere* in the program. @@ -83,16 +79,12 @@ if (!fs[gracefulQueue]) { if (/\bgfs4\b/i.test(process.env.NODE_DEBUG || '')) { process.on('exit', function() { - debug(fs[gracefulQueue]) - require('assert').equal(fs[gracefulQueue].length, 0) + debug(global[gracefulQueue]) + require('assert').equal(global[gracefulQueue].length, 0) }) } } -if (!global[gracefulQueue]) { - publishQueue(global, fs[gracefulQueue]); -} - module.exports = patch(clone(fs)) if (process.env.TEST_GRACEFUL_FS_GLOBAL_PATCH && !fs.__patched) { module.exports = patch(fs) @@ -342,11 +334,11 @@ function patch (fs) { function enqueue (elem) { debug('ENQUEUE', elem[0].name, elem[1]) - fs[gracefulQueue].push(elem) + global[gracefulQueue].push(elem) } function retry () { - var elem = fs[gracefulQueue].shift() + var elem = global[gracefulQueue].shift() if (elem) { debug('RETRY', elem[0].name, elem[1]) elem[0].apply(null, elem[1]) diff --git a/node_modules/graceful-fs/package.json b/node_modules/graceful-fs/package.json index 32518904d..788876e32 100644 --- a/node_modules/graceful-fs/package.json +++ b/node_modules/graceful-fs/package.json @@ -1,19 +1,19 @@ { - "_from": "graceful-fs@4.2.4", - "_id": "graceful-fs@4.2.4", + "_from": "graceful-fs@4.2.3", + "_id": "graceful-fs@4.2.3", "_inBundle": false, - "_integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==", + "_integrity": "sha512-a30VEBm4PEdx1dRB7MFK7BejejvCvBronbLjht+sHuGYj8PHs7M/5Z+rt5lw551vZ7yfTCj4Vuyy3mSJytDWRQ==", "_location": "/graceful-fs", "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "graceful-fs@4.2.4", + "raw": "graceful-fs@4.2.3", "name": "graceful-fs", "escapedName": "graceful-fs", - "rawSpec": "4.2.4", + "rawSpec": "4.2.3", "saveSpec": null, - "fetchSpec": "4.2.4" + "fetchSpec": "4.2.3" }, "_requiredBy": [ "#USER", @@ -41,10 +41,10 @@ "/test-exclude/load-json-file", "/write-file-atomic" ], - "_resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.4.tgz", - "_shasum": "2256bde14d3632958c465ebc96dc467ca07a29fb", - "_spec": "graceful-fs@4.2.4", - "_where": "/Users/ruyadorno/Documents/workspace/cli", + "_resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.3.tgz", + "_shasum": "4a12ff1b60376ef09862c2093edd908328be8423", + "_spec": "graceful-fs@4.2.3", + "_where": "/Users/mperrotte/npminc/cli", "bugs": { "url": "https://github.com/isaacs/node-graceful-fs/issues" }, @@ -98,5 +98,5 @@ "preversion": "npm test", "test": "node test.js | tap -" }, - "version": "4.2.4" + "version": "4.2.3" } diff --git a/node_modules/hosted-git-info/CHANGELOG.md b/node_modules/hosted-git-info/CHANGELOG.md index 4f86601e0..479f24b64 100644 --- a/node_modules/hosted-git-info/CHANGELOG.md +++ b/node_modules/hosted-git-info/CHANGELOG.md @@ -2,32 +2,6 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. -<a name="2.8.8"></a> -## [2.8.8](https://github.com/npm/hosted-git-info/compare/v2.8.7...v2.8.8) (2020-02-29) - - -### Bug Fixes - -* [#61](https://github.com/npm/hosted-git-info/issues/61) & [#65](https://github.com/npm/hosted-git-info/issues/65) addressing issues w/ url.URL implmentation which regressed node 6 support ([5038b18](https://github.com/npm/hosted-git-info/commit/5038b18)), closes [#66](https://github.com/npm/hosted-git-info/issues/66) - - - -<a name="2.8.7"></a> -## [2.8.7](https://github.com/npm/hosted-git-info/compare/v2.8.6...v2.8.7) (2020-02-26) - - -### Bug Fixes - -* Do not attempt to use url.URL when unavailable ([2d0bb66](https://github.com/npm/hosted-git-info/commit/2d0bb66)), closes [#61](https://github.com/npm/hosted-git-info/issues/61) [#62](https://github.com/npm/hosted-git-info/issues/62) -* Do not pass scp-style URLs to the WhatWG url.URL ([f2cdfcf](https://github.com/npm/hosted-git-info/commit/f2cdfcf)), closes [#60](https://github.com/npm/hosted-git-info/issues/60) - - - -<a name="2.8.6"></a> -## [2.8.6](https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.6) (2020-02-25) - - - <a name="2.8.5"></a> ## [2.8.5](https://github.com/npm/hosted-git-info/compare/v2.8.4...v2.8.5) (2019-10-07) diff --git a/node_modules/hosted-git-info/index.js b/node_modules/hosted-git-info/index.js index 21e53fe37..fc959cb04 100644 --- a/node_modules/hosted-git-info/index.js +++ b/node_modules/hosted-git-info/index.js @@ -47,7 +47,7 @@ function fromUrl (giturl, opts) { var gitHostInfo = gitHosts[gitHostName] var auth = null if (parsed.auth && authProtocols[parsed.protocol]) { - auth = parsed.auth + auth = decodeURIComponent(parsed.auth) } var committish = parsed.hash ? decodeURIComponent(parsed.hash.substr(1)) : null var user = null @@ -106,30 +106,7 @@ function fixupUnqualifiedGist (giturl) { function parseGitUrl (giturl) { var matched = giturl.match(/^([^@]+)@([^:/]+):[/]?((?:[^/]+[/])?[^/]+?)(?:[.]git)?(#.*)?$/) - if (!matched) { - var legacy = url.parse(giturl) - // If we don't have url.URL, then sorry, this is just not fixable. - // This affects Node <= 6.12. - if (legacy.auth && typeof url.URL === 'function') { - // git urls can be in the form of scp-style/ssh-connect strings, like - // git+ssh://user@host.com:some/path, which the legacy url parser - // supports, but WhatWG url.URL class does not. However, the legacy - // parser de-urlencodes the username and password, so something like - // https://user%3An%40me:p%40ss%3Aword@x.com/ becomes - // https://user:n@me:p@ss:word@x.com/ which is all kinds of wrong. - // Pull off just the auth and host, so we dont' get the confusing - // scp-style URL, then pass that to the WhatWG parser to get the - // auth properly escaped. - var authmatch = giturl.match(/[^@]+@[^:/]+/) - /* istanbul ignore else - this should be impossible */ - if (authmatch) { - var whatwg = new url.URL(authmatch[0]) - legacy.auth = whatwg.username || '' - if (whatwg.password) legacy.auth += ':' + whatwg.password - } - } - return legacy - } + if (!matched) return url.parse(giturl) return { protocol: 'git+ssh:', slashes: true, diff --git a/node_modules/hosted-git-info/package.json b/node_modules/hosted-git-info/package.json index 8d9c2b204..458b323a4 100644 --- a/node_modules/hosted-git-info/package.json +++ b/node_modules/hosted-git-info/package.json @@ -1,19 +1,19 @@ { - "_from": "hosted-git-info@2.8.8", - "_id": "hosted-git-info@2.8.8", + "_from": "hosted-git-info@2.8.5", + "_id": "hosted-git-info@2.8.5", "_inBundle": false, - "_integrity": "sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==", + "_integrity": "sha512-kssjab8CvdXfcXMXVcvsXum4Hwdq9XGtRD3TteMEvEbq0LXyiNQr6AprqKqfeaDXze7SxWvRxdpwE6ku7ikLkg==", "_location": "/hosted-git-info", "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "hosted-git-info@2.8.8", + "raw": "hosted-git-info@2.8.5", "name": "hosted-git-info", "escapedName": "hosted-git-info", - "rawSpec": "2.8.8", + "rawSpec": "2.8.5", "saveSpec": null, - "fetchSpec": "2.8.8" + "fetchSpec": "2.8.5" }, "_requiredBy": [ "#USER", @@ -21,10 +21,10 @@ "/normalize-package-data", "/npm-package-arg" ], - "_resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.8.tgz", - "_shasum": "7539bd4bc1e0e0a895815a2e0262420b12858488", - "_spec": "hosted-git-info@2.8.8", - "_where": "/Users/darcyclarke/Documents/Repos/npm/cli", + "_resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.5.tgz", + "_shasum": "759cfcf2c4d156ade59b0b2dfabddc42a6b9c70c", + "_spec": "hosted-git-info@2.8.5", + "_where": "/Users/isaacs/dev/npm/cli", "author": { "name": "Rebecca Turner", "email": "me@re-becca.org", @@ -62,11 +62,11 @@ }, "scripts": { "postrelease": "npm publish --tag=ancient-legacy-fixes && git push --follow-tags", - "posttest": "standard", "prerelease": "npm t", + "pretest": "standard", "release": "standard-version -s", - "test": "tap -J --coverage=90 --no-esm test/*.js", - "test:coverage": "tap --coverage-report=html -J --coverage=90 --no-esm test/*.js" + "test": "tap -J --100 --no-esm test/*.js", + "test:coverage": "tap --coverage-report=html -J --100 --no-esm test/*.js" }, - "version": "2.8.8" + "version": "2.8.5" } diff --git a/node_modules/indent-string/index.d.ts b/node_modules/indent-string/index.d.ts new file mode 100644 index 000000000..118523115 --- /dev/null +++ b/node_modules/indent-string/index.d.ts @@ -0,0 +1,42 @@ +declare namespace indentString { + interface Options { + /** + The string to use for the indent. + + @default ' ' + */ + readonly indent?: string; + + /** + Also indent empty lines. + + @default false + */ + readonly includeEmptyLines?: boolean; + } +} + +/** +Indent each line in a string. + +@param string - The string to indent. +@param count - How many times you want `options.indent` repeated. Default: `1`. + +@example +``` +import indentString = require('indent-string'); + +indentString('Unicorns\nRainbows', 4); +//=> ' Unicorns\n Rainbows' + +indentString('Unicorns\nRainbows', 4, {indent: '♥'}); +//=> '♥♥♥♥Unicorns\n♥♥♥♥Rainbows' +``` +*/ +declare function indentString( + string: string, + count?: number, + options?: indentString.Options +): string; + +export = indentString; diff --git a/node_modules/indent-string/index.js b/node_modules/indent-string/index.js new file mode 100644 index 000000000..e1ab804f2 --- /dev/null +++ b/node_modules/indent-string/index.js @@ -0,0 +1,35 @@ +'use strict'; + +module.exports = (string, count = 1, options) => { + options = { + indent: ' ', + includeEmptyLines: false, + ...options + }; + + if (typeof string !== 'string') { + throw new TypeError( + `Expected \`input\` to be a \`string\`, got \`${typeof string}\`` + ); + } + + if (typeof count !== 'number') { + throw new TypeError( + `Expected \`count\` to be a \`number\`, got \`${typeof count}\`` + ); + } + + if (typeof options.indent !== 'string') { + throw new TypeError( + `Expected \`options.indent\` to be a \`string\`, got \`${typeof options.indent}\`` + ); + } + + if (count === 0) { + return string; + } + + const regex = options.includeEmptyLines ? /^/gm : /^(?!\s*$)/gm; + + return string.replace(regex, options.indent.repeat(count)); +}; diff --git a/node_modules/indent-string/license b/node_modules/indent-string/license new file mode 100644 index 000000000..e7af2f771 --- /dev/null +++ b/node_modules/indent-string/license @@ -0,0 +1,9 @@ +MIT License + +Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/indent-string/package.json b/node_modules/indent-string/package.json new file mode 100644 index 000000000..c681a4ac1 --- /dev/null +++ b/node_modules/indent-string/package.json @@ -0,0 +1,69 @@ +{ + "_from": "indent-string@^4.0.0", + "_id": "indent-string@4.0.0", + "_inBundle": false, + "_integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==", + "_location": "/indent-string", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "indent-string@^4.0.0", + "name": "indent-string", + "escapedName": "indent-string", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/aggregate-error" + ], + "_resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "_shasum": "624f8f4497d619b2d9768531d58f4122854d7251", + "_spec": "indent-string@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/aggregate-error", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/indent-string/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Indent each line in a string", + "devDependencies": { + "ava": "^1.4.1", + "tsd": "^0.7.2", + "xo": "^0.24.0" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js", + "index.d.ts" + ], + "homepage": "https://github.com/sindresorhus/indent-string#readme", + "keywords": [ + "indent", + "string", + "pad", + "align", + "line", + "text", + "each", + "every" + ], + "license": "MIT", + "name": "indent-string", + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/indent-string.git" + }, + "scripts": { + "test": "xo && ava && tsd" + }, + "version": "4.0.0" +} diff --git a/node_modules/indent-string/readme.md b/node_modules/indent-string/readme.md new file mode 100644 index 000000000..49967de07 --- /dev/null +++ b/node_modules/indent-string/readme.md @@ -0,0 +1,70 @@ +# indent-string [](https://travis-ci.org/sindresorhus/indent-string) + +> Indent each line in a string + + +## Install + +``` +$ npm install indent-string +``` + + +## Usage + +```js +const indentString = require('indent-string'); + +indentString('Unicorns\nRainbows', 4); +//=> ' Unicorns\n Rainbows' + +indentString('Unicorns\nRainbows', 4, {indent: '♥'}); +//=> '♥♥♥♥Unicorns\n♥♥♥♥Rainbows' +``` + + +## API + +### indentString(string, [count], [options]) + +#### string + +Type: `string` + +The string to indent. + +#### count + +Type: `number`<br> +Default: `1` + +How many times you want `options.indent` repeated. + +#### options + +Type: `object` + +##### indent + +Type: `string`<br> +Default: `' '` + +The string to use for the indent. + +##### includeEmptyLines + +Type: `boolean`<br> +Default: `false` + +Also indent empty lines. + + +## Related + +- [indent-string-cli](https://github.com/sindresorhus/indent-string-cli) - CLI for this module +- [strip-indent](https://github.com/sindresorhus/strip-indent) - Strip leading whitespace from every line in a string + + +## License + +MIT © [Sindre Sorhus](https://sindresorhus.com) diff --git a/node_modules/is-ci/.travis.yml b/node_modules/is-ci/.travis.yml new file mode 100644 index 000000000..21f721050 --- /dev/null +++ b/node_modules/is-ci/.travis.yml @@ -0,0 +1,7 @@ +language: node_js +node_js: +- '6' +- '5' +- '4' +- '0.12' +- '0.10' diff --git a/node_modules/is-ci/README.md b/node_modules/is-ci/README.md index bc3840a22..0e49db91b 100644 --- a/node_modules/is-ci/README.md +++ b/node_modules/is-ci/README.md @@ -6,13 +6,12 @@ server. Please [open an issue](https://github.com/watson/is-ci/issues) if your CI server isn't properly detected :) -[](https://www.npmjs.com/package/is-ci) [](https://travis-ci.org/watson/is-ci) [](https://github.com/feross/standard) ## Installation -```bash +``` npm install is-ci --save ``` @@ -37,14 +36,34 @@ There's a few ways to do that: - Or provide the full path to the executable, e.g. `./node_modules/.bin/is-ci` -```bash +``` is-ci && echo "This is a CI server" ``` ## Supported CI tools -Refer to [ci-info](https://github.com/watson/ci-info#supported-ci-tools) docs for all supported CI's +Officially supported CI servers: + +- [Travis CI](http://travis-ci.org) +- [CircleCI](http://circleci.com) +- [Jenkins CI](https://jenkins-ci.org) +- [Hudson](http://hudson-ci.org) +- [Bamboo](https://www.atlassian.com/software/bamboo) +- [TeamCity](https://www.jetbrains.com/teamcity/) +- [Team Foundation Server](https://www.visualstudio.com/en-us/products/tfs-overview-vs.aspx) +- [GitLab CI](https://about.gitlab.com/gitlab-ci/) +- [Codeship](https://codeship.com) +- [Drone.io](https://drone.io) +- [Magnum CI](https://magnum-ci.com) +- [Semaphore](https://semaphoreci.com) +- [AppVeyor](http://www.appveyor.com) +- [Buildkite](https://buildkite.com) +- [TaskCluster](http://docs.taskcluster.net) +- [GoCD](https://www.go.cd/) +- [Bitbucket Pipelines](https://bitbucket.org/product/features/pipelines) + +Other CI tools using environment variables like `BUILD_ID` or `CI` would be detected as well. ## License -[MIT](LICENSE) +MIT diff --git a/node_modules/is-ci/package.json b/node_modules/is-ci/package.json index 344aa2a1f..e87ba5d7f 100644 --- a/node_modules/is-ci/package.json +++ b/node_modules/is-ci/package.json @@ -1,8 +1,8 @@ { "_from": "is-ci@^1.0.10", - "_id": "is-ci@1.2.1", + "_id": "is-ci@1.1.0", "_inBundle": false, - "_integrity": "sha512-s6tfsaQaQi3JNciBH6shVqEDvhGut0SUXr31ag8Pd8BBbVVlcGfWhpPmEOoM6RJ5TFhbypvf5yyRw/VXW1IiWg==", + "_integrity": "sha512-c7TnwxLePuqIlxHgr7xtxzycJPegNHFuIrBkwbf8hc58//+Op1CqFkyS+xnIMkwn9UsJIwc174BIjkyBmSpjKg==", "_location": "/is-ci", "_phantomChildren": {}, "_requested": { @@ -18,10 +18,10 @@ "_requiredBy": [ "/update-notifier" ], - "_resolved": "https://registry.npmjs.org/is-ci/-/is-ci-1.2.1.tgz", - "_shasum": "e3779c8ee17fccf428488f6e281187f2e632841c", + "_resolved": "https://registry.npmjs.org/is-ci/-/is-ci-1.1.0.tgz", + "_shasum": "247e4162e7860cebbdaf30b774d6b0ac7dcfe7a5", "_spec": "is-ci@^1.0.10", - "_where": "/Users/ruyadorno/Documents/workspace/cli/node_modules/update-notifier", + "_where": "/Users/rebecca/code/npm/node_modules/update-notifier", "author": { "name": "Thomas Watson Steen", "email": "w@tson.dk", @@ -35,17 +35,17 @@ }, "bundleDependencies": false, "coordinates": [ - 55.778255, - 12.593033 + 56.0093252, + 11.9592058 ], "dependencies": { - "ci-info": "^1.5.0" + "ci-info": "^1.0.0" }, "deprecated": false, - "description": "Detect if the current environment is a CI server", + "description": "Detect if your code is running on a CI server", "devDependencies": { "clear-require": "^1.0.1", - "standard": "^11.0.1" + "standard": "^10.0.3" }, "homepage": "https://github.com/watson/is-ci", "keywords": [ @@ -65,5 +65,5 @@ "scripts": { "test": "standard && node test.js" }, - "version": "1.2.1" + "version": "1.1.0" } diff --git a/node_modules/is-ci/test.js b/node_modules/is-ci/test.js new file mode 100644 index 000000000..a9938bbdb --- /dev/null +++ b/node_modules/is-ci/test.js @@ -0,0 +1,19 @@ +'use strict' + +var assert = require('assert') +var clearRequire = require('clear-require') + +process.env.CI = 'true' + +var isCI = require('./') +assert(isCI) + +delete process.env.CI +delete process.env.CONTINUOUS_INTEGRATION +delete process.env.BUILD_NUMBER +delete process.env.TRAVIS + +clearRequire('./') +clearRequire('ci-info') +isCI = require('./') +assert(!isCI) diff --git a/node_modules/is-lambda/.npmignore b/node_modules/is-lambda/.npmignore new file mode 100644 index 000000000..3c3629e64 --- /dev/null +++ b/node_modules/is-lambda/.npmignore @@ -0,0 +1 @@ +node_modules diff --git a/node_modules/is-lambda/.travis.yml b/node_modules/is-lambda/.travis.yml new file mode 100644 index 000000000..03dcca57b --- /dev/null +++ b/node_modules/is-lambda/.travis.yml @@ -0,0 +1,8 @@ +language: node_js +node_js: +- '7' +- '6' +- '5' +- '4' +- '0.12' +- '0.10' diff --git a/node_modules/is-lambda/LICENSE b/node_modules/is-lambda/LICENSE new file mode 100644 index 000000000..4a59c9417 --- /dev/null +++ b/node_modules/is-lambda/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2016-2017 Thomas Watson Steen + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/node_modules/is-lambda/README.md b/node_modules/is-lambda/README.md new file mode 100644 index 000000000..31a8f566c --- /dev/null +++ b/node_modules/is-lambda/README.md @@ -0,0 +1,27 @@ +# is-lambda + +Returns `true` if the current environment is an [AWS +Lambda](https://aws.amazon.com/lambda/) server. + +[](https://travis-ci.org/watson/is-lambda) +[](https://github.com/feross/standard) + +## Installation + +``` +npm install is-lambda +``` + +## Usage + +```js +var isLambda = require('is-lambda') + +if (isLambda) { + console.log('The code is running on a AWS Lambda') +} +``` + +## License + +MIT diff --git a/node_modules/is-lambda/index.js b/node_modules/is-lambda/index.js new file mode 100644 index 000000000..b245ab1c6 --- /dev/null +++ b/node_modules/is-lambda/index.js @@ -0,0 +1,6 @@ +'use strict' + +module.exports = !!( + (process.env.LAMBDA_TASK_ROOT && process.env.AWS_EXECUTION_ENV) || + false +) diff --git a/node_modules/is-lambda/package.json b/node_modules/is-lambda/package.json new file mode 100644 index 000000000..a59bb226a --- /dev/null +++ b/node_modules/is-lambda/package.json @@ -0,0 +1,64 @@ +{ + "_from": "is-lambda@^1.0.1", + "_id": "is-lambda@1.0.1", + "_inBundle": false, + "_integrity": "sha1-PZh3iZ5qU+/AFgUEzeFfgubwYdU=", + "_location": "/is-lambda", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "is-lambda@^1.0.1", + "name": "is-lambda", + "escapedName": "is-lambda", + "rawSpec": "^1.0.1", + "saveSpec": null, + "fetchSpec": "^1.0.1" + }, + "_requiredBy": [ + "/npm-registry-fetch/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/is-lambda/-/is-lambda-1.0.1.tgz", + "_shasum": "3d9877899e6a53efc0160504cde15f82e6f061d5", + "_spec": "is-lambda@^1.0.1", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/make-fetch-happen", + "author": { + "name": "Thomas Watson Steen", + "email": "w@tson.dk", + "url": "https://twitter.com/wa7son" + }, + "bugs": { + "url": "https://github.com/watson/is-lambda/issues" + }, + "bundleDependencies": false, + "coordinates": [ + 37.3859955, + -122.0838831 + ], + "dependencies": {}, + "deprecated": false, + "description": "Detect if your code is running on an AWS Lambda server", + "devDependencies": { + "clear-require": "^1.0.1", + "standard": "^10.0.2" + }, + "homepage": "https://github.com/watson/is-lambda", + "keywords": [ + "aws", + "hosting", + "hosted", + "lambda", + "detect" + ], + "license": "MIT", + "main": "index.js", + "name": "is-lambda", + "repository": { + "type": "git", + "url": "git+https://github.com/watson/is-lambda.git" + }, + "scripts": { + "test": "standard && node test.js" + }, + "version": "1.0.1" +} diff --git a/node_modules/is-lambda/test.js b/node_modules/is-lambda/test.js new file mode 100644 index 000000000..e8e73257a --- /dev/null +++ b/node_modules/is-lambda/test.js @@ -0,0 +1,16 @@ +'use strict' + +var assert = require('assert') +var clearRequire = require('clear-require') + +process.env.AWS_EXECUTION_ENV = 'AWS_Lambda_nodejs6.10' +process.env.LAMBDA_TASK_ROOT = '/var/task' + +var isCI = require('./') +assert(isCI) + +delete process.env.AWS_EXECUTION_ENV + +clearRequire('./') +isCI = require('./') +assert(!isCI) diff --git a/node_modules/is-retry-allowed/index.js b/node_modules/is-retry-allowed/index.js index 3bab6c16b..663ee338f 100644 --- a/node_modules/is-retry-allowed/index.js +++ b/node_modules/is-retry-allowed/index.js @@ -6,9 +6,7 @@ var WHITELIST = [ 'EADDRINUSE', 'ESOCKETTIMEDOUT', 'ECONNREFUSED', - 'EPIPE', - 'EHOSTUNREACH', - 'EAI_AGAIN' + 'EPIPE' ]; var BLACKLIST = [ diff --git a/node_modules/is-retry-allowed/package.json b/node_modules/is-retry-allowed/package.json index 7bae1606a..e494bb3f7 100644 --- a/node_modules/is-retry-allowed/package.json +++ b/node_modules/is-retry-allowed/package.json @@ -1,8 +1,8 @@ { "_from": "is-retry-allowed@^1.0.0", - "_id": "is-retry-allowed@1.2.0", + "_id": "is-retry-allowed@1.1.0", "_inBundle": false, - "_integrity": "sha512-RUbUeKwvm3XG2VYamhJL1xFktgjvPzL0Hq8C+6yrWIswDy3BIXGqCxhxkc30N9jqK311gVU137K8Ei55/zVJRg==", + "_integrity": "sha1-EaBgVotnM5REAz0BJaYaINVk+zQ=", "_location": "/is-retry-allowed", "_phantomChildren": {}, "_requested": { @@ -18,10 +18,10 @@ "_requiredBy": [ "/got" ], - "_resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.2.0.tgz", - "_shasum": "d778488bd0a4666a3be8a1482b9f2baafedea8b4", + "_resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz", + "_shasum": "11a060568b67339444033d0125a61a20d564fb34", "_spec": "is-retry-allowed@^1.0.0", - "_where": "/Users/ruyadorno/Documents/workspace/cli/node_modules/got", + "_where": "/Users/rebecca/code/npm/node_modules/got", "author": { "name": "Vsevolod Strukchinsky", "email": "floatdrop@gmail.com", @@ -33,7 +33,7 @@ "bundleDependencies": false, "dependencies": {}, "deprecated": false, - "description": "Is retry allowed for Error?", + "description": "My prime module", "devDependencies": { "ava": "^0.8.0", "xo": "^0.12.1" @@ -55,5 +55,5 @@ "scripts": { "test": "xo && ava" }, - "version": "1.2.0" + "version": "1.1.0" } diff --git a/node_modules/jsprim/CONTRIBUTING.md b/node_modules/jsprim/CONTRIBUTING.md new file mode 100644 index 000000000..750cef8df --- /dev/null +++ b/node_modules/jsprim/CONTRIBUTING.md @@ -0,0 +1,19 @@ +# Contributing + +This repository uses [cr.joyent.us](https://cr.joyent.us) (Gerrit) for new +changes. Anyone can submit changes. To get started, see the [cr.joyent.us user +guide](https://github.com/joyent/joyent-gerrit/blob/master/docs/user/README.md). +This repo does not use GitHub pull requests. + +See the [Joyent Engineering +Guidelines](https://github.com/joyent/eng/blob/master/docs/index.md) for general +best practices expected in this repository. + +Contributions should be "make prepush" clean. The "prepush" target runs the +"check" target, which requires these separate tools: + +* https://github.com/davepacheco/jsstyle +* https://github.com/davepacheco/javascriptlint + +If you're changing something non-trivial or user-facing, you may want to submit +an issue first. diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpm/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 000000000..8eee50a47 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,239 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="4.0.2"></a> +## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04) + + +### Bug Fixes + +* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9) +* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) + + +* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) + + +### BREAKING CHANGES + +* uid and gid are inferred from cache folder, rather than +being passed in as options. + + + +<a name="3.9.1"></a> +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + +<a name="3.9.0"></a> +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + +<a name="3.8.0"></a> +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + +<a name="3.7.0"></a> +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + +<a name="3.6.0"></a> +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + +<a name="3.5.0"></a> +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + +<a name="3.4.0"></a> +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + +<a name="3.3.0"></a> +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + +<a name="3.2.1"></a> +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + +<a name="3.2.0"></a> +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + +<a name="3.1.1"></a> +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + +<a name="3.1.0"></a> +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="1.1.1"></a> +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + +<a name="1.1.0"></a> +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + +<a name="1.0.1"></a> +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + +<a name="1.0.0"></a> +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpm/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/README.md b/node_modules/libnpm/node_modules/npm-registry-fetch/README.md new file mode 100644 index 000000000..0c3f4f946 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### <a name="fetch"></a> `> fetch(url, [opts]) -> Promise<Response>` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### <a name="fetch-json"></a> `> fetch.json(url, [opts]) -> Promise<ResponseJSON>` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### <a name="fetch-json-stream"></a> `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### <a name="fetch-opts"></a> `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### <a name="opts-agent"></a> `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### <a name="opts-body"></a> `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### <a name="opts-ca"></a> `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### <a name="opts-cache"></a> `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### <a name="opts-cert"></a> `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### <a name="opts-fetch-retries"></a> `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-factor"></a> `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-mintimeout"></a> `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-maxtimeout"></a> `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-force-auth"></a> `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### <a name="opts-gzip"></a> `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### <a name="opts-headers"></a> `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### <a name="opts-ignore-body"></a> `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### <a name="opts-integrity"></a> `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### <a name='opts-is-from-ci'></a> `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### <a name="opts-key"></a> `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### <a name="opts-local-address"></a> `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### <a name="opts-log"></a> `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### <a name="opts-map-json"></a> `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### <a name="opts-maxsockets"></a> `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### <a name="opts-method"></a> `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### <a name="opts-noproxy"></a> `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### <a name="opts-npm-session"></a> `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### <a name="opts-offline"></a> `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-otp"></a> `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### <a name="opts-password"></a> `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### <a name="opts-prefer-offline"></a> `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-prefer-online"></a> `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### <a name="opts-project-scope"></a> `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### <a name="opts-proxy"></a> `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### <a name="opts-query"></a> `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### <a name="opts-refer"></a> `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### <a name="opts-registry"></a> `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.<scope>:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### <a name="opts-retry"></a> `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### <a name="opts-scope"></a> `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.<scope>:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### <a name="opts-scope-registry"></a> `opts.<scope>:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### <a name="opts-spec"></a> `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### <a name="opts-strict-ssl"></a> `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### <a name="opts-timeout"></a> `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### <a name="opts-token"></a> `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### <a name="opts-user-agent"></a> `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@<version>/node@<node-version>+<arch> (<platform>)'` + +User agent string to send in the `User-Agent` header. + +##### <a name="opts-username"></a> `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### <a name="opts-auth"></a> `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpm/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 000000000..d583982d0 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpm/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 000000000..14058239b --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/config.js b/node_modules/libnpm/node_modules/npm-registry-fetch/config.js new file mode 100644 index 000000000..1c43b26ea --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,96 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpm/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 000000000..ba78735fc --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/index.js b/node_modules/libnpm/node_modules/npm-registry-fetch/index.js new file mode 100644 index 000000000..c18487388 --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,191 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/package.json b/node_modules/libnpm/node_modules/npm-registry-fetch/package.json new file mode 100644 index 000000000..e8fc9ae5f --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,93 @@ +{ + "_from": "npm-registry-fetch@^4.0.0", + "_id": "npm-registry-fetch@4.0.2", + "_inBundle": false, + "_integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "_location": "/libnpm/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^4.0.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/libnpm" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "_shasum": "2b1434f93ccbe6b6385f8e45f45db93e16921d7a", + "_spec": "npm-registry-fetch@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpm", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^12.0.0", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpm/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpm/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 000000000..886c5d55b --- /dev/null +++ b/node_modules/libnpm/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpm/node_modules/safe-buffer/LICENSE b/node_modules/libnpm/node_modules/safe-buffer/LICENSE new file mode 100644 index 000000000..0c068ceec --- /dev/null +++ b/node_modules/libnpm/node_modules/safe-buffer/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) Feross Aboukhadijeh + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/libnpm/node_modules/safe-buffer/README.md b/node_modules/libnpm/node_modules/safe-buffer/README.md new file mode 100644 index 000000000..356e35193 --- /dev/null +++ b/node_modules/libnpm/node_modules/safe-buffer/README.md @@ -0,0 +1,586 @@ +# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] + +[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg +[travis-url]: https://travis-ci.org/feross/safe-buffer +[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg +[npm-url]: https://npmjs.org/package/safe-buffer +[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg +[downloads-url]: https://npmjs.org/package/safe-buffer +[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg +[standard-url]: https://standardjs.com + +#### Safer Node.js Buffer API + +**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`, +`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.** + +**Uses the built-in implementation when available.** + +## install + +``` +npm install safe-buffer +``` + +[Get supported safe-buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-safe-buffer?utm_source=npm-safe-buffer&utm_medium=referral&utm_campaign=readme) + +## usage + +The goal of this package is to provide a safe replacement for the node.js `Buffer`. + +It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to +the top of your node.js modules: + +```js +var Buffer = require('safe-buffer').Buffer + +// Existing buffer code will continue to work without issues: + +new Buffer('hey', 'utf8') +new Buffer([1, 2, 3], 'utf8') +new Buffer(obj) +new Buffer(16) // create an uninitialized buffer (potentially unsafe) + +// But you can use these new explicit APIs to make clear what you want: + +Buffer.from('hey', 'utf8') // convert from many types to a Buffer +Buffer.alloc(16) // create a zero-filled buffer (safe) +Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe) +``` + +## api + +### Class Method: Buffer.from(array) +<!-- YAML +added: v3.0.0 +--> + +* `array` {Array} + +Allocates a new `Buffer` using an `array` of octets. + +```js +const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]); + // creates a new Buffer containing ASCII bytes + // ['b','u','f','f','e','r'] +``` + +A `TypeError` will be thrown if `array` is not an `Array`. + +### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]]) +<!-- YAML +added: v5.10.0 +--> + +* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or + a `new ArrayBuffer()` +* `byteOffset` {Number} Default: `0` +* `length` {Number} Default: `arrayBuffer.length - byteOffset` + +When passed a reference to the `.buffer` property of a `TypedArray` instance, +the newly created `Buffer` will share the same allocated memory as the +TypedArray. + +```js +const arr = new Uint16Array(2); +arr[0] = 5000; +arr[1] = 4000; + +const buf = Buffer.from(arr.buffer); // shares the memory with arr; + +console.log(buf); + // Prints: <Buffer 88 13 a0 0f> + +// changing the TypedArray changes the Buffer also +arr[1] = 6000; + +console.log(buf); + // Prints: <Buffer 88 13 70 17> +``` + +The optional `byteOffset` and `length` arguments specify a memory range within +the `arrayBuffer` that will be shared by the `Buffer`. + +```js +const ab = new ArrayBuffer(10); +const buf = Buffer.from(ab, 0, 2); +console.log(buf.length); + // Prints: 2 +``` + +A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`. + +### Class Method: Buffer.from(buffer) +<!-- YAML +added: v3.0.0 +--> + +* `buffer` {Buffer} + +Copies the passed `buffer` data onto a new `Buffer` instance. + +```js +const buf1 = Buffer.from('buffer'); +const buf2 = Buffer.from(buf1); + +buf1[0] = 0x61; +console.log(buf1.toString()); + // 'auffer' +console.log(buf2.toString()); + // 'buffer' (copy is not changed) +``` + +A `TypeError` will be thrown if `buffer` is not a `Buffer`. + +### Class Method: Buffer.from(str[, encoding]) +<!-- YAML +added: v5.10.0 +--> + +* `str` {String} String to encode. +* `encoding` {String} Encoding to use, Default: `'utf8'` + +Creates a new `Buffer` containing the given JavaScript string `str`. If +provided, the `encoding` parameter identifies the character encoding. +If not provided, `encoding` defaults to `'utf8'`. + +```js +const buf1 = Buffer.from('this is a tést'); +console.log(buf1.toString()); + // prints: this is a tést +console.log(buf1.toString('ascii')); + // prints: this is a tC)st + +const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex'); +console.log(buf2.toString()); + // prints: this is a tést +``` + +A `TypeError` will be thrown if `str` is not a string. + +### Class Method: Buffer.alloc(size[, fill[, encoding]]) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} +* `fill` {Value} Default: `undefined` +* `encoding` {String} Default: `utf8` + +Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the +`Buffer` will be *zero-filled*. + +```js +const buf = Buffer.alloc(5); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +The `size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +If `fill` is specified, the allocated `Buffer` will be initialized by calling +`buf.fill(fill)`. See [`buf.fill()`][] for more information. + +```js +const buf = Buffer.alloc(5, 'a'); +console.log(buf); + // <Buffer 61 61 61 61 61> +``` + +If both `fill` and `encoding` are specified, the allocated `Buffer` will be +initialized by calling `buf.fill(fill, encoding)`. For example: + +```js +const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64'); +console.log(buf); + // <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64> +``` + +Calling `Buffer.alloc(size)` can be significantly slower than the alternative +`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance +contents will *never contain sensitive data*. + +A `TypeError` will be thrown if `size` is not a number. + +### Class Method: Buffer.allocUnsafe(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* `Buffer` of `size` bytes. The `size` must +be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit +architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is +thrown. A zero-length Buffer will be created if a `size` less than or equal to +0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +```js +const buf = Buffer.allocUnsafe(5); +console.log(buf); + // <Buffer 78 e0 82 02 01> + // (octets will be different, every time) +buf.fill(0); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +A `TypeError` will be thrown if `size` is not a number. + +Note that the `Buffer` module pre-allocates an internal `Buffer` instance of +size `Buffer.poolSize` that is used as a pool for the fast allocation of new +`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated +`new Buffer(size)` constructor) only when `size` is less than or equal to +`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default +value of `Buffer.poolSize` is `8192` but can be modified. + +Use of this pre-allocated internal memory pool is a key difference between +calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`. +Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer +pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal +Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The +difference is subtle but can be important when an application requires the +additional performance that `Buffer.allocUnsafe(size)` provides. + +### Class Method: Buffer.allocUnsafeSlow(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes. The +`size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances, +allocations under 4KB are, by default, sliced from a single pre-allocated +`Buffer`. This allows applications to avoid the garbage collection overhead of +creating many individually allocated Buffers. This approach improves both +performance and memory usage by eliminating the need to track and cleanup as +many `Persistent` objects. + +However, in the case where a developer may need to retain a small chunk of +memory from a pool for an indeterminate amount of time, it may be appropriate +to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then +copy out the relevant bits. + +```js +// need to keep around a few small chunks of memory +const store = []; + +socket.on('readable', () => { + const data = socket.read(); + // allocate for retained data + const sb = Buffer.allocUnsafeSlow(10); + // copy the data into the new allocation + data.copy(sb, 0, 0, 10); + store.push(sb); +}); +``` + +Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after* +a developer has observed undue memory retention in their applications. + +A `TypeError` will be thrown if `size` is not a number. + +### All the Rest + +The rest of the `Buffer` API is exactly the same as in node.js. +[See the docs](https://nodejs.org/api/buffer.html). + + +## Related links + +- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660) +- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4) + +## Why is `Buffer` unsafe? + +Today, the node.js `Buffer` constructor is overloaded to handle many different argument +types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.), +`ArrayBuffer`, and also `Number`. + +The API is optimized for convenience: you can throw any type at it, and it will try to do +what you want. + +Because the Buffer constructor is so powerful, you often see code like this: + +```js +// Convert UTF-8 strings to hex +function toHex (str) { + return new Buffer(str).toString('hex') +} +``` + +***But what happens if `toHex` is called with a `Number` argument?*** + +### Remote Memory Disclosure + +If an attacker can make your program call the `Buffer` constructor with a `Number` +argument, then they can make it allocate uninitialized memory from the node.js process. +This could potentially disclose TLS private keys, user data, or database passwords. + +When the `Buffer` constructor is passed a `Number` argument, it returns an +**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like +this, you **MUST** overwrite the contents before returning it to the user. + +From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size): + +> `new Buffer(size)` +> +> - `size` Number +> +> The underlying memory for `Buffer` instances created in this way is not initialized. +> **The contents of a newly created `Buffer` are unknown and could contain sensitive +> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes. + +(Emphasis our own.) + +Whenever the programmer intended to create an uninitialized `Buffer` you often see code +like this: + +```js +var buf = new Buffer(16) + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### Would this ever be a problem in real code? + +Yes. It's surprisingly common to forget to check the type of your variables in a +dynamically-typed language like JavaScript. + +Usually the consequences of assuming the wrong type is that your program crashes with an +uncaught exception. But the failure mode for forgetting to check the type of arguments to +the `Buffer` constructor is more catastrophic. + +Here's an example of a vulnerable service that takes a JSON payload and converts it to +hex: + +```js +// Take a JSON payload {str: "some string"} and convert it to hex +var server = http.createServer(function (req, res) { + var data = '' + req.setEncoding('utf8') + req.on('data', function (chunk) { + data += chunk + }) + req.on('end', function () { + var body = JSON.parse(data) + res.end(new Buffer(body.str).toString('hex')) + }) +}) + +server.listen(8080) +``` + +In this example, an http client just has to send: + +```json +{ + "str": 1000 +} +``` + +and it will get back 1,000 bytes of uninitialized memory from the server. + +This is a very serious bug. It's similar in severity to the +[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process +memory by remote attackers. + + +### Which real-world packages were vulnerable? + +#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht) + +[Mathias Buus](https://github.com/mafintosh) and I +([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages, +[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow +anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get +them to reveal 20 bytes at a time of uninitialized memory from the node.js process. + +Here's +[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8) +that fixed it. We released a new fixed version, created a +[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all +vulnerable versions on npm so users will get a warning to upgrade to a newer version. + +#### [`ws`](https://www.npmjs.com/package/ws) + +That got us wondering if there were other vulnerable packages. Sure enough, within a short +period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the +most popular WebSocket implementation in node.js. + +If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as +expected, then uninitialized server memory would be disclosed to the remote peer. + +These were the vulnerable methods: + +```js +socket.send(number) +socket.ping(number) +socket.pong(number) +``` + +Here's a vulnerable socket server with some echo functionality: + +```js +server.on('connection', function (socket) { + socket.on('message', function (message) { + message = JSON.parse(message) + if (message.type === 'echo') { + socket.send(message.data) // send back the user's message + } + }) +}) +``` + +`socket.send(number)` called on the server, will disclose server memory. + +Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue +was fixed, with a more detailed explanation. Props to +[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the +[Node Security Project disclosure](https://nodesecurity.io/advisories/67). + + +### What's the solution? + +It's important that node.js offers a fast way to get memory otherwise performance-critical +applications would needlessly get a lot slower. + +But we need a better way to *signal our intent* as programmers. **When we want +uninitialized memory, we should request it explicitly.** + +Sensitive functionality should not be packed into a developer-friendly API that loosely +accepts many different types. This type of API encourages the lazy practice of passing +variables in without checking the type very carefully. + +#### A new API: `Buffer.allocUnsafe(number)` + +The functionality of creating buffers with uninitialized memory should be part of another +API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that +frequently gets user input of all sorts of different types passed into it. + +```js +var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory! + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### How do we fix node.js core? + +We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as +`semver-major`) which defends against one case: + +```js +var str = 16 +new Buffer(str, 'utf8') +``` + +In this situation, it's implied that the programmer intended the first argument to be a +string, since they passed an encoding as a second argument. Today, node.js will allocate +uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not +what the programmer intended. + +But this is only a partial solution, since if the programmer does `new Buffer(variable)` +(without an `encoding` parameter) there's no way to know what they intended. If `variable` +is sometimes a number, then uninitialized memory will sometimes be returned. + +### What's the real long-term fix? + +We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when +we need uninitialized memory. But that would break 1000s of packages. + +~~We believe the best solution is to:~~ + +~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~ + +~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~ + +#### Update + +We now support adding three new APIs: + +- `Buffer.from(value)` - convert from any type to a buffer +- `Buffer.alloc(size)` - create a zero-filled buffer +- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size + +This solves the core problem that affected `ws` and `bittorrent-dht` which is +`Buffer(variable)` getting tricked into taking a number argument. + +This way, existing code continues working and the impact on the npm ecosystem will be +minimal. Over time, npm maintainers can migrate performance-critical code to use +`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`. + + +### Conclusion + +We think there's a serious design issue with the `Buffer` API as it exists today. It +promotes insecure software by putting high-risk functionality into a convenient API +with friendly "developer ergonomics". + +This wasn't merely a theoretical exercise because we found the issue in some of the +most popular npm packages. + +Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of +`buffer`. + +```js +var Buffer = require('safe-buffer').Buffer +``` + +Eventually, we hope that node.js core can switch to this new, safer behavior. We believe +the impact on the ecosystem would be minimal since it's not a breaking change. +Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while +older, insecure packages would magically become safe from this attack vector. + + +## links + +- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514) +- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67) +- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68) + + +## credit + +The original issues in `bittorrent-dht` +([disclosure](https://nodesecurity.io/advisories/68)) and +`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by +[Mathias Buus](https://github.com/mafintosh) and +[Feross Aboukhadijeh](http://feross.org/). + +Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues +and for his work running the [Node Security Project](https://nodesecurity.io/). + +Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and +auditing the code. + + +## license + +MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org) diff --git a/node_modules/libnpm/node_modules/safe-buffer/index.d.ts b/node_modules/libnpm/node_modules/safe-buffer/index.d.ts new file mode 100644 index 000000000..e9fed809a --- /dev/null +++ b/node_modules/libnpm/node_modules/safe-buffer/index.d.ts @@ -0,0 +1,187 @@ +declare module "safe-buffer" { + export class Buffer { + length: number + write(string: string, offset?: number, length?: number, encoding?: string): number; + toString(encoding?: string, start?: number, end?: number): string; + toJSON(): { type: 'Buffer', data: any[] }; + equals(otherBuffer: Buffer): boolean; + compare(otherBuffer: Buffer, targetStart?: number, targetEnd?: number, sourceStart?: number, sourceEnd?: number): number; + copy(targetBuffer: Buffer, targetStart?: number, sourceStart?: number, sourceEnd?: number): number; + slice(start?: number, end?: number): Buffer; + writeUIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeUIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + readUIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readUIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readUInt8(offset: number, noAssert?: boolean): number; + readUInt16LE(offset: number, noAssert?: boolean): number; + readUInt16BE(offset: number, noAssert?: boolean): number; + readUInt32LE(offset: number, noAssert?: boolean): number; + readUInt32BE(offset: number, noAssert?: boolean): number; + readInt8(offset: number, noAssert?: boolean): number; + readInt16LE(offset: number, noAssert?: boolean): number; + readInt16BE(offset: number, noAssert?: boolean): number; + readInt32LE(offset: number, noAssert?: boolean): number; + readInt32BE(offset: number, noAssert?: boolean): number; + readFloatLE(offset: number, noAssert?: boolean): number; + readFloatBE(offset: number, noAssert?: boolean): number; + readDoubleLE(offset: number, noAssert?: boolean): number; + readDoubleBE(offset: number, noAssert?: boolean): number; + swap16(): Buffer; + swap32(): Buffer; + swap64(): Buffer; + writeUInt8(value: number, offset: number, noAssert?: boolean): number; + writeUInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeInt8(value: number, offset: number, noAssert?: boolean): number; + writeInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeFloatLE(value: number, offset: number, noAssert?: boolean): number; + writeFloatBE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleLE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleBE(value: number, offset: number, noAssert?: boolean): number; + fill(value: any, offset?: number, end?: number): this; + indexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + lastIndexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + includes(value: string | number | Buffer, byteOffset?: number, encoding?: string): boolean; + + /** + * Allocates a new buffer containing the given {str}. + * + * @param str String to store in buffer. + * @param encoding encoding to use, optional. Default is 'utf8' + */ + constructor (str: string, encoding?: string); + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + */ + constructor (size: number); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: Uint8Array); + /** + * Produces a Buffer backed by the same allocated memory as + * the given {ArrayBuffer}. + * + * + * @param arrayBuffer The ArrayBuffer with which to share memory. + */ + constructor (arrayBuffer: ArrayBuffer); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: any[]); + /** + * Copies the passed {buffer} data onto a new {Buffer} instance. + * + * @param buffer The buffer to copy. + */ + constructor (buffer: Buffer); + prototype: Buffer; + /** + * Allocates a new Buffer using an {array} of octets. + * + * @param array + */ + static from(array: any[]): Buffer; + /** + * When passed a reference to the .buffer property of a TypedArray instance, + * the newly created Buffer will share the same allocated memory as the TypedArray. + * The optional {byteOffset} and {length} arguments specify a memory range + * within the {arrayBuffer} that will be shared by the Buffer. + * + * @param arrayBuffer The .buffer property of a TypedArray or a new ArrayBuffer() + * @param byteOffset + * @param length + */ + static from(arrayBuffer: ArrayBuffer, byteOffset?: number, length?: number): Buffer; + /** + * Copies the passed {buffer} data onto a new Buffer instance. + * + * @param buffer + */ + static from(buffer: Buffer): Buffer; + /** + * Creates a new Buffer containing the given JavaScript string {str}. + * If provided, the {encoding} parameter identifies the character encoding. + * If not provided, {encoding} defaults to 'utf8'. + * + * @param str + */ + static from(str: string, encoding?: string): Buffer; + /** + * Returns true if {obj} is a Buffer + * + * @param obj object to test. + */ + static isBuffer(obj: any): obj is Buffer; + /** + * Returns true if {encoding} is a valid encoding argument. + * Valid string encodings in Node 0.12: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'binary'(deprecated)|'hex' + * + * @param encoding string to test. + */ + static isEncoding(encoding: string): boolean; + /** + * Gives the actual byte length of a string. encoding defaults to 'utf8'. + * This is not the same as String.prototype.length since that returns the number of characters in a string. + * + * @param string string to test. + * @param encoding encoding used to evaluate (defaults to 'utf8') + */ + static byteLength(string: string, encoding?: string): number; + /** + * Returns a buffer which is the result of concatenating all the buffers in the list together. + * + * If the list has no items, or if the totalLength is 0, then it returns a zero-length buffer. + * If the list has exactly one item, then the first item of the list is returned. + * If the list has more than one item, then a new Buffer is created. + * + * @param list An array of Buffer objects to concatenate + * @param totalLength Total length of the buffers when concatenated. + * If totalLength is not provided, it is read from the buffers in the list. However, this adds an additional loop to the function, so it is faster to provide the length explicitly. + */ + static concat(list: Buffer[], totalLength?: number): Buffer; + /** + * The same as buf1.compare(buf2). + */ + static compare(buf1: Buffer, buf2: Buffer): number; + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + * @param fill if specified, buffer will be initialized by calling buf.fill(fill). + * If parameter is omitted, buffer will be filled with zeros. + * @param encoding encoding used for call to buf.fill while initalizing + */ + static alloc(size: number, fill?: string | Buffer | number, encoding?: string): Buffer; + /** + * Allocates a new buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafe(size: number): Buffer; + /** + * Allocates a new non-pooled buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafeSlow(size: number): Buffer; + } +}
\ No newline at end of file diff --git a/node_modules/libnpm/node_modules/safe-buffer/index.js b/node_modules/libnpm/node_modules/safe-buffer/index.js new file mode 100644 index 000000000..054c8d30d --- /dev/null +++ b/node_modules/libnpm/node_modules/safe-buffer/index.js @@ -0,0 +1,64 @@ +/* eslint-disable node/no-deprecated-api */ +var buffer = require('buffer') +var Buffer = buffer.Buffer + +// alternative to using Object.keys for old browsers +function copyProps (src, dst) { + for (var key in src) { + dst[key] = src[key] + } +} +if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) { + module.exports = buffer +} else { + // Copy properties from require('buffer') + copyProps(buffer, exports) + exports.Buffer = SafeBuffer +} + +function SafeBuffer (arg, encodingOrOffset, length) { + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.prototype = Object.create(Buffer.prototype) + +// Copy static methods from Buffer +copyProps(Buffer, SafeBuffer) + +SafeBuffer.from = function (arg, encodingOrOffset, length) { + if (typeof arg === 'number') { + throw new TypeError('Argument must not be a number') + } + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.alloc = function (size, fill, encoding) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + var buf = Buffer(size) + if (fill !== undefined) { + if (typeof encoding === 'string') { + buf.fill(fill, encoding) + } else { + buf.fill(fill) + } + } else { + buf.fill(0) + } + return buf +} + +SafeBuffer.allocUnsafe = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return Buffer(size) +} + +SafeBuffer.allocUnsafeSlow = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return buffer.SlowBuffer(size) +} diff --git a/node_modules/libnpm/node_modules/safe-buffer/package.json b/node_modules/libnpm/node_modules/safe-buffer/package.json new file mode 100644 index 000000000..b9fbfa332 --- /dev/null +++ b/node_modules/libnpm/node_modules/safe-buffer/package.json @@ -0,0 +1,62 @@ +{ + "_from": "safe-buffer@^5.2.0", + "_id": "safe-buffer@5.2.0", + "_inBundle": false, + "_integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==", + "_location": "/libnpm/safe-buffer", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "safe-buffer@^5.2.0", + "name": "safe-buffer", + "escapedName": "safe-buffer", + "rawSpec": "^5.2.0", + "saveSpec": null, + "fetchSpec": "^5.2.0" + }, + "_requiredBy": [ + "/libnpm/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "_shasum": "b74daec49b1148f88c64b68d49b1e815c1f2f519", + "_spec": "safe-buffer@^5.2.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpm/node_modules/npm-registry-fetch", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/safe-buffer/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Safer Node.js Buffer API", + "devDependencies": { + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/safe-buffer", + "keywords": [ + "buffer", + "buffer allocate", + "node security", + "safe", + "safe-buffer", + "security", + "uninitialized" + ], + "license": "MIT", + "main": "index.js", + "name": "safe-buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/safe-buffer.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "types": "index.d.ts", + "version": "5.2.0" +} diff --git a/node_modules/libnpmaccess/CODE_OF_CONDUCT.md b/node_modules/libnpmaccess/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..aeb72f598 --- /dev/null +++ b/node_modules/libnpmaccess/CODE_OF_CONDUCT.md @@ -0,0 +1,151 @@ +# Code of Conduct + +## When Something Happens + +If you see a Code of Conduct violation, follow these steps: + +1. Let the person know that what they did is not appropriate and ask them to stop and/or edit their message(s) or commits. +2. That person should immediately stop the behavior and correct the issue. +3. If this doesn’t happen, or if you're uncomfortable speaking up, [contact the maintainers](#contacting-maintainers). +4. As soon as available, a maintainer will look into the issue, and take [further action (see below)](#further-enforcement), starting with a warning, then temporary block, then long-term repo or organization ban. + +When reporting, please include any relevant details, links, screenshots, context, or other information that may be used to better understand and resolve the situation. + +**The maintainer team will prioritize the well-being and comfort of the recipients of the violation over the comfort of the violator.** See [some examples below](#enforcement-examples). + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as contributors and maintainers of this project pledge to making participation in our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, technical preferences, nationality, personal appearance, race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment include: + + * Using welcoming and inclusive language. + * Being respectful of differing viewpoints and experiences. + * Gracefully accepting constructive feedback. + * Focusing on what is best for the community. + * Showing empathy and kindness towards other community members. + * Encouraging and raising up your peers in the project so you can all bask in hacks and glory. + +Examples of unacceptable behavior by participants include: + + * The use of sexualized language or imagery and unwelcome sexual attention or advances, including when simulated online. The only exception to sexual topics is channels/spaces specifically for topics of sexual identity. + * Casual mention of slavery or indentured servitude and/or false comparisons of one's occupation or situation to slavery. Please consider using or asking about alternate terminology when referring to such metaphors in technology. + * Making light of/making mocking comments about trigger warnings and content warnings. + * Trolling, insulting/derogatory comments, and personal or political attacks. + * Public or private harassment, deliberate intimidation, or threats. + * Publishing others' private information, such as a physical or electronic address, without explicit permission. This includes any sort of "outing" of any aspect of someone's identity without their consent. + * Publishing private screenshots or quotes of interactions in the context of this project without all quoted users' *explicit* consent. + * Publishing of private communication that doesn't have to do with reporting harrassment. + * Any of the above even when [presented as "ironic" or "joking"](https://en.wikipedia.org/wiki/Hipster_racism). + * Any attempt to present "reverse-ism" versions of the above as violations. Examples of reverse-isms are "reverse racism", "reverse sexism", "heterophobia", and "cisphobia". + * Unsolicited explanations under the assumption that someone doesn't already know it. Ask before you teach! Don't assume what people's knowledge gaps are. + * [Feigning or exaggerating surprise](https://www.recurse.com/manual#no-feigned-surprise) when someone admits to not knowing something. + * "[Well-actuallies](https://www.recurse.com/manual#no-well-actuallys)" + * Other conduct which could reasonably be considered inappropriate in a professional or community setting. + +## Scope + +This Code of Conduct applies both within spaces involving this project and in other spaces involving community members. This includes the repository, its Pull Requests and Issue tracker, its Twitter community, private email communications in the context of the project, and any events where members of the project are participating, as well as adjacent communities and venues affecting the project's members. + +Depending on the violation, the maintainers may decide that violations of this code of conduct that have happened outside of the scope of the community may deem an individual unwelcome, and take appropriate action to maintain the comfort and safety of its members. + +### Other Community Standards + +As a project on GitHub, this project is additionally covered by the [GitHub Community Guidelines](https://help.github.com/articles/github-community-guidelines/). + +Additionally, as a project hosted on npm, is is covered by [npm, Inc's Code of Conduct](https://www.npmjs.com/policies/conduct). + +Enforcement of those guidelines after violations overlapping with the above are the responsibility of the entities, and enforcement may happen in any or all of the services/communities. + +## Maintainer Enforcement Process + +Once the maintainers get involved, they will follow a documented series of steps and do their best to preserve the well-being of project members. This section covers actual concrete steps. + +### Contacting Maintainers + +You may get in touch with the maintainer team through any of the following methods: + + * Through email: + * [kzm@zkat.tech](mailto:kzm@zkat.tech) (Kat Marchán) + + * Through Twitter: + * [@maybekatz](https://twitter.com/maybekatz) (Kat Marchán) + +### Further Enforcement + +If you've already followed the [initial enforcement steps](#enforcement), these are the steps maintainers will take for further enforcement, as needed: + + 1. Repeat the request to stop. + 2. If the person doubles down, they will have offending messages removed or edited by a maintainers given an official warning. The PR or Issue may be locked. + 3. If the behavior continues or is repeated later, the person will be blocked from participating for 24 hours. + 4. If the behavior continues or is repeated after the temporary block, a long-term (6-12mo) ban will be used. + +On top of this, maintainers may remove any offending messages, images, contributions, etc, as they deem necessary. + +Maintainers reserve full rights to skip any of these steps, at their discretion, if the violation is considered to be a serious and/or immediate threat to the health and well-being of members of the community. These include any threats, serious physical or verbal attacks, and other such behavior that would be completely unacceptable in any social setting that puts our members at risk. + +Members expelled from events or venues with any sort of paid attendance will not be refunded. + +### Who Watches the Watchers? + +Maintainers and other leaders who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. These may include anything from removal from the maintainer team to a permanent ban from the community. + +Additionally, as a project hosted on both GitHub and npm, [their own Codes of Conducts may be applied against maintainers of this project](#other-community-standards), externally of this project's procedures. + +### Enforcement Examples + +#### The Best Case + +The vast majority of situations work out like this. This interaction is common, and generally positive. + +> Alex: "Yeah I used X and it was really crazy!" + +> Patt (not a maintainer): "Hey, could you not use that word? What about 'ridiculous' instead?" + +> Alex: "oh sorry, sure." -> edits old comment to say "it was really confusing!" + +#### The Maintainer Case + +Sometimes, though, you need to get maintainers involved. Maintainers will do their best to resolve conflicts, but people who were harmed by something **will take priority**. + +> Patt: "Honestly, sometimes I just really hate using $library and anyone who uses it probably sucks at their job." + +> Alex: "Whoa there, could you dial it back a bit? There's a CoC thing about attacking folks' tech use like that." + +> Patt: "I'm not attacking anyone, what's your problem?" + +> Alex: "@maintainers hey uh. Can someone look at this issue? Patt is getting a bit aggro. I tried to nudge them about it, but nope." + +> KeeperOfCommitBits: (on issue) "Hey Patt, maintainer here. Could you tone it down? This sort of attack is really not okay in this space." + +> Patt: "Leave me alone I haven't said anything bad wtf is wrong with you." + +> KeeperOfCommitBits: (deletes user's comment), "@patt I mean it. Please refer to the CoC over at (URL to this CoC) if you have questions, but you can consider this an actual warning. I'd appreciate it if you reworded your messages in this thread, since they made folks there uncomfortable. Let's try and be kind, yeah?" + +> Patt: "@keeperofbits Okay sorry. I'm just frustrated and I'm kinda burnt out and I guess I got carried away. I'll DM Alex a note apologizing and edit my messages. Sorry for the trouble." + +> KeeperOfCommitBits: "@patt Thanks for that. I hear you on the stress. Burnout sucks :/. Have a good one!" + +#### The Nope Case + +> PepeTheFrog🐸: "Hi, I am a literal actual nazi and I think white supremacists are quite fashionable." + +> Patt: "NOOOOPE. OH NOPE NOPE." + +> Alex: "JFC NO. NOPE. @keeperofbits NOPE NOPE LOOK HERE" + +> KeeperOfCommitBits: "👀 Nope. NOPE NOPE NOPE. 🔥" + +> PepeTheFrog🐸 has been banned from all organization or user repositories belonging to KeeperOfCommitBits. + +## Attribution + +This Code of Conduct was generated using [WeAllJS Code of Conduct Generator](https://npm.im/weallbehave), which is based on the [WeAllJS Code of +Conduct](https://wealljs.org/code-of-conduct), which is itself based on +[Contributor Covenant](http://contributor-covenant.org), version 1.4, available +at +[http://contributor-covenant.org/version/1/4](http://contributor-covenant.org/version/1/4), +and the LGBTQ in Technology Slack [Code of +Conduct](http://lgbtq.technology/coc.html). diff --git a/node_modules/libnpmaccess/CONTRIBUTING.md b/node_modules/libnpmaccess/CONTRIBUTING.md new file mode 100644 index 000000000..e13356ea4 --- /dev/null +++ b/node_modules/libnpmaccess/CONTRIBUTING.md @@ -0,0 +1,256 @@ +# Contributing + +## How do I... <a name="toc"></a> + +* [Use This Guide](#introduction)? +* Ask or Say Something? 🤔🐛😱 + * [Request Support](#request-support) + * [Report an Error or Bug](#report-an-error-or-bug) + * [Request a Feature](#request-a-feature) +* Make Something? 🤓👩🏽💻📜🍳 + * [Project Setup](#project-setup) + * [Contribute Documentation](#contribute-documentation) + * [Contribute Code](#contribute-code) +* Manage Something ✅🙆🏼💃👔 + * [Provide Support on Issues](#provide-support-on-issues) + * [Label Issues](#label-issues) + * [Clean Up Issues and PRs](#clean-up-issues-and-prs) + * [Review Pull Requests](#review-pull-requests) + * [Merge Pull Requests](#merge-pull-requests) + * [Tag a Release](#tag-a-release) + * [Join the Project Team](#join-the-project-team) +* Add a Guide Like This One [To My Project](#attribution)? 🤖😻👻 + +## Introduction + +Thank you so much for your interest in contributing!. All types of contributions are encouraged and valued. See the [table of contents](#toc) for different ways to help and details about how this project handles them!📝 + +Please make sure to read the relevant section before making your contribution! It will make it a lot easier for us maintainers to make the most of it and smooth out the experience for all involved. 💚 + +The [Project Team](#join-the-project-team) looks forward to your contributions. 🙌🏾✨ + +## Request Support + +If you have a question about this project, how to use it, or just need clarification about something: + +* Open an Issue at https://github.com/npm/libnpmaccess/issues +* Provide as much context as you can about what you're running into. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* Someone will try to have a response soon. +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. + +## Report an Error or Bug + +If you run into an error or bug with the project: + +* Open an Issue at https://github.com/npm/libnpmaccess/issues +* Include *reproduction steps* that someone else can follow to recreate the bug or error on their own. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* A team member will try to reproduce the issue with your provided steps. If there are no repro steps or no obvious way to reproduce the issue, the team will ask you for those steps and mark the issue as `needs-repro`. Bugs with the `needs-repro` tag will not be addressed until they are reproduced. +* If the team is able to reproduce the issue, it will be marked `needs-fix`, as well as possibly other tags (such as `critical`), and the issue will be left to be [implemented by someone](#contribute-code). +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. +* `critical` issues may be left open, depending on perceived immediacy and severity, even past the 30 day deadline. + +## Request a Feature + +If the project doesn't do something you need or want it to do: + +* Open an Issue at https://github.com/npm/libnpmaccess/issues +* Provide as much context as you can about what you're running into. +* Please try and be clear about why existing features and alternatives would not work for you. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* The project team will evaluate the feature request, possibly asking you more questions to understand its purpose and any relevant requirements. If the issue is closed, the team will convey their reasoning and suggest an alternative path forward. +* If the feature request is accepted, it will be marked for implementation with `feature-accepted`, which can then be done by either by a core team member or by anyone in the community who wants to [contribute code](#contribute-code). + +Note: The team is unlikely to be able to accept every single feature request that is filed. Please understand if they need to say no. + +## Project Setup + +So you wanna contribute some code! That's great! This project uses GitHub Pull Requests to manage contributions, so [read up on how to fork a GitHub project and file a PR](https://guides.github.com/activities/forking) if you've never done it before. + +If this seems like a lot or you aren't able to do all this setup, you might also be able to [edit the files directly](https://help.github.com/articles/editing-files-in-another-user-s-repository/) without having to do any of this setup. Yes, [even code](#contribute-code). + +If you want to go the usual route and run the project locally, though: + +* [Install Node.js](https://nodejs.org/en/download/) +* [Fork the project](https://guides.github.com/activities/forking/#fork) + +Then in your terminal: +* `cd path/to/your/clone` +* `npm install` +* `npm test` + +And you should be ready to go! + +## Contribute Documentation + +Documentation is a super important, critical part of this project. Docs are how we keep track of what we're doing, how, and why. It's how we stay on the same page about our policies. And it's how we tell others everything they need in order to be able to use this project -- or contribute to it. So thank you in advance. + +Documentation contributions of any size are welcome! Feel free to file a PR even if you're just rewording a sentence to be more clear, or fixing a spelling mistake! + +To contribute documentation: + +* [Set up the project](#project-setup). +* Edit or add any relevant documentation. +* Make sure your changes are formatted correctly and consistently with the rest of the documentation. +* Re-read what you wrote, and run a spellchecker on it to make sure you didn't miss anything. +* In your commit message(s), begin the first line with `docs: `. For example: `docs: Adding a doc contrib section to CONTRIBUTING.md`. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). Documentation commits should use `docs(<component>): <message>`. +* Go to https://github.com/npm/libnpmaccess/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Contribute Code + +We like code commits a lot! They're super handy, and they keep the project going and doing the work it needs to do to be useful to others. + +Code contributions of just about any size are acceptable! + +The main difference between code contributions and documentation contributions is that contributing code requires inclusion of relevant tests for the code being added or changed. Contributions without accompanying tests will be held off until a test is added, unless the maintainers consider the specific tests to be either impossible, or way too much of a burden for such a contribution. + +To contribute code: + +* [Set up the project](#project-setup). +* Make any necessary changes to the source code. +* Include any [additional documentation](#contribute-documentation) the changes might need. +* Write tests that verify that your contribution works as expected. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). +* Dependency updates, additions, or removals must be in individual commits, and the message must use the format: `<prefix>(deps): PKG@VERSION`, where `<prefix>` is any of the usual `conventional-changelog` prefixes, at your discretion. +* Go to https://github.com/npm/libnpmaccess/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* Barring special circumstances, maintainers will not review PRs until all checks pass (Travis, AppVeyor, etc). +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. Additional tags (such as `needs-tests`) will be added depending on the review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Provide Support on Issues + +[Needs Collaborator](#join-the-project-team): none + +Helping out other users with their questions is a really awesome way of contributing to any community. It's not uncommon for most of the issues on an open source projects being support-related questions by users trying to understand something they ran into, or find their way around a known bug. + +Sometimes, the `support` label will be added to things that turn out to actually be other things, like bugs or feature requests. In that case, suss out the details with the person who filed the original issue, add a comment explaining what the bug is, and change the label from `support` to `bug` or `feature`. If you can't do this yourself, @mention a maintainer so they can do it. + +In order to help other folks out with their questions: + +* Go to the issue tracker and [filter open issues by the `support` label](https://github.com/npm/libnpmaccess/issues?q=is%3Aopen+is%3Aissue+label%3Asupport). +* Read through the list until you find something that you're familiar enough with to give an answer to. +* Respond to the issue with whatever details are needed to clarify the question, or get more details about what's going on. +* Once the discussion wraps up and things are clarified, either close the issue, or ask the original issue filer (or a maintainer) to close it for you. + +Some notes on picking up support issues: + +* Avoid responding to issues you don't know you can answer accurately. +* As much as possible, try to refer to past issues with accepted answers. Link to them from your replies with the `#123` format. +* Be kind and patient with users -- often, folks who have run into confusing things might be upset or impatient. This is ok. Try to understand where they're coming from, and if you're too uncomfortable with the tone, feel free to stay away or withdraw from the issue. (note: if the user is outright hostile or is violating the CoC, [refer to the Code of Conduct](CODE_OF_CONDUCT.md) to resolve the conflict). + +## Label Issues + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +One of the most important tasks in handling issues is labeling them usefully and accurately. All other tasks involving issues ultimately rely on the issue being classified in such a way that relevant parties looking to do their own tasks can find them quickly and easily. + +In order to label issues, [open up the list of unlabeled issues](https://github.com/npm/libnpmaccess/issues?q=is%3Aopen+is%3Aissue+no%3Alabel) and, **from newest to oldest**, read through each one and apply issue labels according to the table below. If you're unsure about what label to apply, skip the issue and try the next one: don't feel obligated to label each and every issue yourself! + +Label | Apply When | Notes +--- | --- | --- +`bug` | Cases where the code (or documentation) is behaving in a way it wasn't intended to. | If something is happening that surprises the *user* but does not go against the way the code is designed, it should use the `enhancement` label. +`critical` | Added to `bug` issues if the problem described makes the code completely unusable in a common situation. | +`documentation` | Added to issues or pull requests that affect any of the documentation for the project. | Can be combined with other labels, such as `bug` or `enhancement`. +`duplicate` | Added to issues or PRs that refer to the exact same issue as another one that's been previously labeled. | Duplicate issues should be marked and closed right away, with a message referencing the issue it's a duplicate of (with `#123`) +`enhancement` | Added to [feature requests](#request-a-feature), PRs, or documentation issues that are purely additive: the code or docs currently work as expected, but a change is being requested or suggested. | +`help wanted` | Applied by [Committers](#join-the-project-team) to issues and PRs that they would like to get outside help for. Generally, this means it's lower priority for the maintainer team to itself implement, but that the community is encouraged to pick up if they so desire | Never applied on first-pass labeling. +`in-progress` | Applied by [Committers](#join-the-project-team) to PRs that are pending some work before they're ready for review. | The original PR submitter should @mention the team member that applied the label once the PR is complete. +`performance` | This issue or PR is directly related to improving performance. | +`refactor` | Added to issues or PRs that deal with cleaning up or modifying the project for the betterment of it. | +`starter` | Applied by [Committers](#join-the-project-team) to issues that they consider good introductions to the project for people who have not contributed before. These are not necessarily "easy", but rather focused around how much context is necessary in order to understand what needs to be done for this project in particular. | Existing project members are expected to stay away from these unless they increase in priority. +`support` | This issue is either asking a question about how to use the project, clarifying the reason for unexpected behavior, or possibly reporting a `bug` but does not have enough detail yet to determine whether it would count as such. | The label should be switched to `bug` if reliable reproduction steps are provided. Issues primarily with unintended configurations of a user's environment are not considered bugs, even if they cause crashes. +`tests` | This issue or PR either requests or adds primarily tests to the project. | If a PR is pending tests, that will be handled through the [PR review process](#review-pull-requests) +`wontfix` | Labelers may apply this label to issues that clearly have nothing at all to do with the project or are otherwise entirely outside of its scope/sphere of influence. [Committers](#join-the-project-team) may apply this label and close an issue or PR if they decide to pass on an otherwise relevant issue. | The issue or PR should be closed as soon as the label is applied, and a clear explanation provided of why the label was used. Contributors are free to contest the labeling, but the decision ultimately falls on committers as to whether to accept something or not. + +## Clean Up Issues and PRs + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +Issues and PRs can go stale after a while. Maybe they're abandoned. Maybe the team will just plain not have time to address them any time soon. + +In these cases, they should be closed until they're brought up again or the interaction starts over. + +To clean up issues and PRs: + +* Search the issue tracker for issues or PRs, and add the term `updated:<=YYYY-MM-DD`, where the date is 30 days before today. +* Go through each issue *from oldest to newest*, and close them if **all of the following are true**: + * not opened by a maintainer + * not marked as `critical` + * not marked as `starter` or `help wanted` (these might stick around for a while, in general, as they're intended to be available) + * no explicit messages in the comments asking for it to be left open + * does not belong to a milestone +* Leave a message when closing saying "Cleaning up stale issue. Please reopen or ping us if and when you're ready to resume this. See https://github.com/npm/libnpmaccess/blob/latest/CONTRIBUTING.md#clean-up-issues-and-prs for more details." + +## Review Pull Requests + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +While anyone can comment on a PR, add feedback, etc, PRs are only *approved* by team members with Issue Tracker or higher permissions. + +PR reviews use [GitHub's own review feature](https://help.github.com/articles/about-pull-request-reviews/), which manages comments, approval, and review iteration. + +Some notes: + +* You may ask for minor changes ("nitpicks"), but consider whether they are really blockers to merging: try to err on the side of "approve, with comments". +* *ALL PULL REQUESTS* should be covered by a test: either by a previously-failing test, an existing test that covers the entire functionality of the submitted code, or new tests to verify any new/changed behavior. All tests must also pass and follow established conventions. Test coverage should not drop, unless the specific case is considered reasonable by maintainers. +* Please make sure you're familiar with the code or documentation being updated, unless it's a minor change (spellchecking, minor formatting, etc). You may @mention another project member who you think is better suited for the review, but still provide a non-approving review of your own. +* Be extra kind: people who submit code/doc contributions are putting themselves in a pretty vulnerable position, and have put time and care into what they've done (even if that's not obvious to you!) -- always respond with respect, be understanding, but don't feel like you need to sacrifice your standards for their sake, either. Just don't be a jerk about it? + +## Merge Pull Requests + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. + +## Tag A Release + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. The most important bit here is probably that all tests must pass, and tags must use [semver](https://semver.org). + +## Join the Project Team + +### Ways to Join + +There are many ways to contribute! Most of them don't require any official status unless otherwise noted. That said, there's a couple of positions that grant special repository abilities, and this section describes how they're granted and what they do. + +All of the below positions are granted based on the project team's needs, as well as their consensus opinion about whether they would like to work with the person and think that they would fit well into that position. The process is relatively informal, and it's likely that people who express interest in participating can just be granted the permissions they'd like. + +You can spot a collaborator on the repo by looking for the `[Collaborator]` or `[Owner]` tags next to their names. + +Permission | Description +--- | --- +Issue Tracker | Granted to contributors who express a strong interest in spending time on the project's issue tracker. These tasks are mainly [labeling issues](#label-issues), [cleaning up old ones](#clean-up-issues-and-prs), and [reviewing pull requests](#review-pull-requests), as well as all the usual things non-team-member contributors can do. Issue handlers should not merge pull requests, tag releases, or directly commit code themselves: that should still be done through the usual pull request process. Becoming an Issue Handler means the project team trusts you to understand enough of the team's process and context to implement it on the issue tracker. +Committer | Granted to contributors who want to handle the actual pull request merges, tagging new versions, etc. Committers should have a good level of familiarity with the codebase, and enough context to understand the implications of various changes, as well as a good sense of the will and expectations of the project team. +Admin/Owner | Granted to people ultimately responsible for the project, its community, etc. + +## Attribution + +This guide was generated using the WeAllJS `CONTRIBUTING.md` generator. [Make your own](https://npm.im/weallcontribute)! diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 000000000..8eee50a47 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,239 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="4.0.2"></a> +## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04) + + +### Bug Fixes + +* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9) +* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) + + +* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) + + +### BREAKING CHANGES + +* uid and gid are inferred from cache folder, rather than +being passed in as options. + + + +<a name="3.9.1"></a> +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + +<a name="3.9.0"></a> +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + +<a name="3.8.0"></a> +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + +<a name="3.7.0"></a> +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + +<a name="3.6.0"></a> +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + +<a name="3.5.0"></a> +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + +<a name="3.4.0"></a> +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + +<a name="3.3.0"></a> +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + +<a name="3.2.1"></a> +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + +<a name="3.2.0"></a> +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + +<a name="3.1.1"></a> +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + +<a name="3.1.0"></a> +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="1.1.1"></a> +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + +<a name="1.1.0"></a> +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + +<a name="1.0.1"></a> +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + +<a name="1.0.0"></a> +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/README.md new file mode 100644 index 000000000..0c3f4f946 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### <a name="fetch"></a> `> fetch(url, [opts]) -> Promise<Response>` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### <a name="fetch-json"></a> `> fetch.json(url, [opts]) -> Promise<ResponseJSON>` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### <a name="fetch-json-stream"></a> `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### <a name="fetch-opts"></a> `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### <a name="opts-agent"></a> `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### <a name="opts-body"></a> `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### <a name="opts-ca"></a> `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### <a name="opts-cache"></a> `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### <a name="opts-cert"></a> `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### <a name="opts-fetch-retries"></a> `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-factor"></a> `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-mintimeout"></a> `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-maxtimeout"></a> `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-force-auth"></a> `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### <a name="opts-gzip"></a> `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### <a name="opts-headers"></a> `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### <a name="opts-ignore-body"></a> `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### <a name="opts-integrity"></a> `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### <a name='opts-is-from-ci'></a> `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### <a name="opts-key"></a> `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### <a name="opts-local-address"></a> `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### <a name="opts-log"></a> `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### <a name="opts-map-json"></a> `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### <a name="opts-maxsockets"></a> `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### <a name="opts-method"></a> `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### <a name="opts-noproxy"></a> `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### <a name="opts-npm-session"></a> `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### <a name="opts-offline"></a> `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-otp"></a> `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### <a name="opts-password"></a> `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### <a name="opts-prefer-offline"></a> `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-prefer-online"></a> `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### <a name="opts-project-scope"></a> `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### <a name="opts-proxy"></a> `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### <a name="opts-query"></a> `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### <a name="opts-refer"></a> `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### <a name="opts-registry"></a> `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.<scope>:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### <a name="opts-retry"></a> `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### <a name="opts-scope"></a> `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.<scope>:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### <a name="opts-scope-registry"></a> `opts.<scope>:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### <a name="opts-spec"></a> `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### <a name="opts-strict-ssl"></a> `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### <a name="opts-timeout"></a> `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### <a name="opts-token"></a> `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### <a name="opts-user-agent"></a> `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@<version>/node@<node-version>+<arch> (<platform>)'` + +User agent string to send in the `User-Agent` header. + +##### <a name="opts-username"></a> `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### <a name="opts-auth"></a> `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 000000000..d583982d0 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 000000000..14058239b --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/config.js new file mode 100644 index 000000000..1c43b26ea --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,96 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 000000000..ba78735fc --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/index.js new file mode 100644 index 000000000..c18487388 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,191 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/package.json new file mode 100644 index 000000000..e7578c6d9 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,93 @@ +{ + "_from": "npm-registry-fetch@^4.0.0", + "_id": "npm-registry-fetch@4.0.2", + "_inBundle": false, + "_integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "_location": "/libnpmaccess/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^4.0.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/libnpmaccess" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "_shasum": "2b1434f93ccbe6b6385f8e45f45db93e16921d7a", + "_spec": "npm-registry-fetch@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmaccess", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^12.0.0", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmaccess/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 000000000..886c5d55b --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmaccess/node_modules/safe-buffer/LICENSE b/node_modules/libnpmaccess/node_modules/safe-buffer/LICENSE new file mode 100644 index 000000000..0c068ceec --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/safe-buffer/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) Feross Aboukhadijeh + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/libnpmaccess/node_modules/safe-buffer/README.md b/node_modules/libnpmaccess/node_modules/safe-buffer/README.md new file mode 100644 index 000000000..356e35193 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/safe-buffer/README.md @@ -0,0 +1,586 @@ +# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] + +[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg +[travis-url]: https://travis-ci.org/feross/safe-buffer +[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg +[npm-url]: https://npmjs.org/package/safe-buffer +[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg +[downloads-url]: https://npmjs.org/package/safe-buffer +[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg +[standard-url]: https://standardjs.com + +#### Safer Node.js Buffer API + +**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`, +`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.** + +**Uses the built-in implementation when available.** + +## install + +``` +npm install safe-buffer +``` + +[Get supported safe-buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-safe-buffer?utm_source=npm-safe-buffer&utm_medium=referral&utm_campaign=readme) + +## usage + +The goal of this package is to provide a safe replacement for the node.js `Buffer`. + +It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to +the top of your node.js modules: + +```js +var Buffer = require('safe-buffer').Buffer + +// Existing buffer code will continue to work without issues: + +new Buffer('hey', 'utf8') +new Buffer([1, 2, 3], 'utf8') +new Buffer(obj) +new Buffer(16) // create an uninitialized buffer (potentially unsafe) + +// But you can use these new explicit APIs to make clear what you want: + +Buffer.from('hey', 'utf8') // convert from many types to a Buffer +Buffer.alloc(16) // create a zero-filled buffer (safe) +Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe) +``` + +## api + +### Class Method: Buffer.from(array) +<!-- YAML +added: v3.0.0 +--> + +* `array` {Array} + +Allocates a new `Buffer` using an `array` of octets. + +```js +const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]); + // creates a new Buffer containing ASCII bytes + // ['b','u','f','f','e','r'] +``` + +A `TypeError` will be thrown if `array` is not an `Array`. + +### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]]) +<!-- YAML +added: v5.10.0 +--> + +* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or + a `new ArrayBuffer()` +* `byteOffset` {Number} Default: `0` +* `length` {Number} Default: `arrayBuffer.length - byteOffset` + +When passed a reference to the `.buffer` property of a `TypedArray` instance, +the newly created `Buffer` will share the same allocated memory as the +TypedArray. + +```js +const arr = new Uint16Array(2); +arr[0] = 5000; +arr[1] = 4000; + +const buf = Buffer.from(arr.buffer); // shares the memory with arr; + +console.log(buf); + // Prints: <Buffer 88 13 a0 0f> + +// changing the TypedArray changes the Buffer also +arr[1] = 6000; + +console.log(buf); + // Prints: <Buffer 88 13 70 17> +``` + +The optional `byteOffset` and `length` arguments specify a memory range within +the `arrayBuffer` that will be shared by the `Buffer`. + +```js +const ab = new ArrayBuffer(10); +const buf = Buffer.from(ab, 0, 2); +console.log(buf.length); + // Prints: 2 +``` + +A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`. + +### Class Method: Buffer.from(buffer) +<!-- YAML +added: v3.0.0 +--> + +* `buffer` {Buffer} + +Copies the passed `buffer` data onto a new `Buffer` instance. + +```js +const buf1 = Buffer.from('buffer'); +const buf2 = Buffer.from(buf1); + +buf1[0] = 0x61; +console.log(buf1.toString()); + // 'auffer' +console.log(buf2.toString()); + // 'buffer' (copy is not changed) +``` + +A `TypeError` will be thrown if `buffer` is not a `Buffer`. + +### Class Method: Buffer.from(str[, encoding]) +<!-- YAML +added: v5.10.0 +--> + +* `str` {String} String to encode. +* `encoding` {String} Encoding to use, Default: `'utf8'` + +Creates a new `Buffer` containing the given JavaScript string `str`. If +provided, the `encoding` parameter identifies the character encoding. +If not provided, `encoding` defaults to `'utf8'`. + +```js +const buf1 = Buffer.from('this is a tést'); +console.log(buf1.toString()); + // prints: this is a tést +console.log(buf1.toString('ascii')); + // prints: this is a tC)st + +const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex'); +console.log(buf2.toString()); + // prints: this is a tést +``` + +A `TypeError` will be thrown if `str` is not a string. + +### Class Method: Buffer.alloc(size[, fill[, encoding]]) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} +* `fill` {Value} Default: `undefined` +* `encoding` {String} Default: `utf8` + +Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the +`Buffer` will be *zero-filled*. + +```js +const buf = Buffer.alloc(5); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +The `size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +If `fill` is specified, the allocated `Buffer` will be initialized by calling +`buf.fill(fill)`. See [`buf.fill()`][] for more information. + +```js +const buf = Buffer.alloc(5, 'a'); +console.log(buf); + // <Buffer 61 61 61 61 61> +``` + +If both `fill` and `encoding` are specified, the allocated `Buffer` will be +initialized by calling `buf.fill(fill, encoding)`. For example: + +```js +const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64'); +console.log(buf); + // <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64> +``` + +Calling `Buffer.alloc(size)` can be significantly slower than the alternative +`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance +contents will *never contain sensitive data*. + +A `TypeError` will be thrown if `size` is not a number. + +### Class Method: Buffer.allocUnsafe(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* `Buffer` of `size` bytes. The `size` must +be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit +architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is +thrown. A zero-length Buffer will be created if a `size` less than or equal to +0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +```js +const buf = Buffer.allocUnsafe(5); +console.log(buf); + // <Buffer 78 e0 82 02 01> + // (octets will be different, every time) +buf.fill(0); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +A `TypeError` will be thrown if `size` is not a number. + +Note that the `Buffer` module pre-allocates an internal `Buffer` instance of +size `Buffer.poolSize` that is used as a pool for the fast allocation of new +`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated +`new Buffer(size)` constructor) only when `size` is less than or equal to +`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default +value of `Buffer.poolSize` is `8192` but can be modified. + +Use of this pre-allocated internal memory pool is a key difference between +calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`. +Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer +pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal +Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The +difference is subtle but can be important when an application requires the +additional performance that `Buffer.allocUnsafe(size)` provides. + +### Class Method: Buffer.allocUnsafeSlow(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes. The +`size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances, +allocations under 4KB are, by default, sliced from a single pre-allocated +`Buffer`. This allows applications to avoid the garbage collection overhead of +creating many individually allocated Buffers. This approach improves both +performance and memory usage by eliminating the need to track and cleanup as +many `Persistent` objects. + +However, in the case where a developer may need to retain a small chunk of +memory from a pool for an indeterminate amount of time, it may be appropriate +to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then +copy out the relevant bits. + +```js +// need to keep around a few small chunks of memory +const store = []; + +socket.on('readable', () => { + const data = socket.read(); + // allocate for retained data + const sb = Buffer.allocUnsafeSlow(10); + // copy the data into the new allocation + data.copy(sb, 0, 0, 10); + store.push(sb); +}); +``` + +Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after* +a developer has observed undue memory retention in their applications. + +A `TypeError` will be thrown if `size` is not a number. + +### All the Rest + +The rest of the `Buffer` API is exactly the same as in node.js. +[See the docs](https://nodejs.org/api/buffer.html). + + +## Related links + +- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660) +- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4) + +## Why is `Buffer` unsafe? + +Today, the node.js `Buffer` constructor is overloaded to handle many different argument +types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.), +`ArrayBuffer`, and also `Number`. + +The API is optimized for convenience: you can throw any type at it, and it will try to do +what you want. + +Because the Buffer constructor is so powerful, you often see code like this: + +```js +// Convert UTF-8 strings to hex +function toHex (str) { + return new Buffer(str).toString('hex') +} +``` + +***But what happens if `toHex` is called with a `Number` argument?*** + +### Remote Memory Disclosure + +If an attacker can make your program call the `Buffer` constructor with a `Number` +argument, then they can make it allocate uninitialized memory from the node.js process. +This could potentially disclose TLS private keys, user data, or database passwords. + +When the `Buffer` constructor is passed a `Number` argument, it returns an +**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like +this, you **MUST** overwrite the contents before returning it to the user. + +From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size): + +> `new Buffer(size)` +> +> - `size` Number +> +> The underlying memory for `Buffer` instances created in this way is not initialized. +> **The contents of a newly created `Buffer` are unknown and could contain sensitive +> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes. + +(Emphasis our own.) + +Whenever the programmer intended to create an uninitialized `Buffer` you often see code +like this: + +```js +var buf = new Buffer(16) + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### Would this ever be a problem in real code? + +Yes. It's surprisingly common to forget to check the type of your variables in a +dynamically-typed language like JavaScript. + +Usually the consequences of assuming the wrong type is that your program crashes with an +uncaught exception. But the failure mode for forgetting to check the type of arguments to +the `Buffer` constructor is more catastrophic. + +Here's an example of a vulnerable service that takes a JSON payload and converts it to +hex: + +```js +// Take a JSON payload {str: "some string"} and convert it to hex +var server = http.createServer(function (req, res) { + var data = '' + req.setEncoding('utf8') + req.on('data', function (chunk) { + data += chunk + }) + req.on('end', function () { + var body = JSON.parse(data) + res.end(new Buffer(body.str).toString('hex')) + }) +}) + +server.listen(8080) +``` + +In this example, an http client just has to send: + +```json +{ + "str": 1000 +} +``` + +and it will get back 1,000 bytes of uninitialized memory from the server. + +This is a very serious bug. It's similar in severity to the +[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process +memory by remote attackers. + + +### Which real-world packages were vulnerable? + +#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht) + +[Mathias Buus](https://github.com/mafintosh) and I +([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages, +[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow +anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get +them to reveal 20 bytes at a time of uninitialized memory from the node.js process. + +Here's +[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8) +that fixed it. We released a new fixed version, created a +[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all +vulnerable versions on npm so users will get a warning to upgrade to a newer version. + +#### [`ws`](https://www.npmjs.com/package/ws) + +That got us wondering if there were other vulnerable packages. Sure enough, within a short +period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the +most popular WebSocket implementation in node.js. + +If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as +expected, then uninitialized server memory would be disclosed to the remote peer. + +These were the vulnerable methods: + +```js +socket.send(number) +socket.ping(number) +socket.pong(number) +``` + +Here's a vulnerable socket server with some echo functionality: + +```js +server.on('connection', function (socket) { + socket.on('message', function (message) { + message = JSON.parse(message) + if (message.type === 'echo') { + socket.send(message.data) // send back the user's message + } + }) +}) +``` + +`socket.send(number)` called on the server, will disclose server memory. + +Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue +was fixed, with a more detailed explanation. Props to +[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the +[Node Security Project disclosure](https://nodesecurity.io/advisories/67). + + +### What's the solution? + +It's important that node.js offers a fast way to get memory otherwise performance-critical +applications would needlessly get a lot slower. + +But we need a better way to *signal our intent* as programmers. **When we want +uninitialized memory, we should request it explicitly.** + +Sensitive functionality should not be packed into a developer-friendly API that loosely +accepts many different types. This type of API encourages the lazy practice of passing +variables in without checking the type very carefully. + +#### A new API: `Buffer.allocUnsafe(number)` + +The functionality of creating buffers with uninitialized memory should be part of another +API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that +frequently gets user input of all sorts of different types passed into it. + +```js +var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory! + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### How do we fix node.js core? + +We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as +`semver-major`) which defends against one case: + +```js +var str = 16 +new Buffer(str, 'utf8') +``` + +In this situation, it's implied that the programmer intended the first argument to be a +string, since they passed an encoding as a second argument. Today, node.js will allocate +uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not +what the programmer intended. + +But this is only a partial solution, since if the programmer does `new Buffer(variable)` +(without an `encoding` parameter) there's no way to know what they intended. If `variable` +is sometimes a number, then uninitialized memory will sometimes be returned. + +### What's the real long-term fix? + +We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when +we need uninitialized memory. But that would break 1000s of packages. + +~~We believe the best solution is to:~~ + +~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~ + +~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~ + +#### Update + +We now support adding three new APIs: + +- `Buffer.from(value)` - convert from any type to a buffer +- `Buffer.alloc(size)` - create a zero-filled buffer +- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size + +This solves the core problem that affected `ws` and `bittorrent-dht` which is +`Buffer(variable)` getting tricked into taking a number argument. + +This way, existing code continues working and the impact on the npm ecosystem will be +minimal. Over time, npm maintainers can migrate performance-critical code to use +`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`. + + +### Conclusion + +We think there's a serious design issue with the `Buffer` API as it exists today. It +promotes insecure software by putting high-risk functionality into a convenient API +with friendly "developer ergonomics". + +This wasn't merely a theoretical exercise because we found the issue in some of the +most popular npm packages. + +Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of +`buffer`. + +```js +var Buffer = require('safe-buffer').Buffer +``` + +Eventually, we hope that node.js core can switch to this new, safer behavior. We believe +the impact on the ecosystem would be minimal since it's not a breaking change. +Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while +older, insecure packages would magically become safe from this attack vector. + + +## links + +- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514) +- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67) +- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68) + + +## credit + +The original issues in `bittorrent-dht` +([disclosure](https://nodesecurity.io/advisories/68)) and +`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by +[Mathias Buus](https://github.com/mafintosh) and +[Feross Aboukhadijeh](http://feross.org/). + +Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues +and for his work running the [Node Security Project](https://nodesecurity.io/). + +Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and +auditing the code. + + +## license + +MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org) diff --git a/node_modules/libnpmaccess/node_modules/safe-buffer/index.d.ts b/node_modules/libnpmaccess/node_modules/safe-buffer/index.d.ts new file mode 100644 index 000000000..e9fed809a --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/safe-buffer/index.d.ts @@ -0,0 +1,187 @@ +declare module "safe-buffer" { + export class Buffer { + length: number + write(string: string, offset?: number, length?: number, encoding?: string): number; + toString(encoding?: string, start?: number, end?: number): string; + toJSON(): { type: 'Buffer', data: any[] }; + equals(otherBuffer: Buffer): boolean; + compare(otherBuffer: Buffer, targetStart?: number, targetEnd?: number, sourceStart?: number, sourceEnd?: number): number; + copy(targetBuffer: Buffer, targetStart?: number, sourceStart?: number, sourceEnd?: number): number; + slice(start?: number, end?: number): Buffer; + writeUIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeUIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + readUIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readUIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readUInt8(offset: number, noAssert?: boolean): number; + readUInt16LE(offset: number, noAssert?: boolean): number; + readUInt16BE(offset: number, noAssert?: boolean): number; + readUInt32LE(offset: number, noAssert?: boolean): number; + readUInt32BE(offset: number, noAssert?: boolean): number; + readInt8(offset: number, noAssert?: boolean): number; + readInt16LE(offset: number, noAssert?: boolean): number; + readInt16BE(offset: number, noAssert?: boolean): number; + readInt32LE(offset: number, noAssert?: boolean): number; + readInt32BE(offset: number, noAssert?: boolean): number; + readFloatLE(offset: number, noAssert?: boolean): number; + readFloatBE(offset: number, noAssert?: boolean): number; + readDoubleLE(offset: number, noAssert?: boolean): number; + readDoubleBE(offset: number, noAssert?: boolean): number; + swap16(): Buffer; + swap32(): Buffer; + swap64(): Buffer; + writeUInt8(value: number, offset: number, noAssert?: boolean): number; + writeUInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeInt8(value: number, offset: number, noAssert?: boolean): number; + writeInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeFloatLE(value: number, offset: number, noAssert?: boolean): number; + writeFloatBE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleLE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleBE(value: number, offset: number, noAssert?: boolean): number; + fill(value: any, offset?: number, end?: number): this; + indexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + lastIndexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + includes(value: string | number | Buffer, byteOffset?: number, encoding?: string): boolean; + + /** + * Allocates a new buffer containing the given {str}. + * + * @param str String to store in buffer. + * @param encoding encoding to use, optional. Default is 'utf8' + */ + constructor (str: string, encoding?: string); + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + */ + constructor (size: number); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: Uint8Array); + /** + * Produces a Buffer backed by the same allocated memory as + * the given {ArrayBuffer}. + * + * + * @param arrayBuffer The ArrayBuffer with which to share memory. + */ + constructor (arrayBuffer: ArrayBuffer); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: any[]); + /** + * Copies the passed {buffer} data onto a new {Buffer} instance. + * + * @param buffer The buffer to copy. + */ + constructor (buffer: Buffer); + prototype: Buffer; + /** + * Allocates a new Buffer using an {array} of octets. + * + * @param array + */ + static from(array: any[]): Buffer; + /** + * When passed a reference to the .buffer property of a TypedArray instance, + * the newly created Buffer will share the same allocated memory as the TypedArray. + * The optional {byteOffset} and {length} arguments specify a memory range + * within the {arrayBuffer} that will be shared by the Buffer. + * + * @param arrayBuffer The .buffer property of a TypedArray or a new ArrayBuffer() + * @param byteOffset + * @param length + */ + static from(arrayBuffer: ArrayBuffer, byteOffset?: number, length?: number): Buffer; + /** + * Copies the passed {buffer} data onto a new Buffer instance. + * + * @param buffer + */ + static from(buffer: Buffer): Buffer; + /** + * Creates a new Buffer containing the given JavaScript string {str}. + * If provided, the {encoding} parameter identifies the character encoding. + * If not provided, {encoding} defaults to 'utf8'. + * + * @param str + */ + static from(str: string, encoding?: string): Buffer; + /** + * Returns true if {obj} is a Buffer + * + * @param obj object to test. + */ + static isBuffer(obj: any): obj is Buffer; + /** + * Returns true if {encoding} is a valid encoding argument. + * Valid string encodings in Node 0.12: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'binary'(deprecated)|'hex' + * + * @param encoding string to test. + */ + static isEncoding(encoding: string): boolean; + /** + * Gives the actual byte length of a string. encoding defaults to 'utf8'. + * This is not the same as String.prototype.length since that returns the number of characters in a string. + * + * @param string string to test. + * @param encoding encoding used to evaluate (defaults to 'utf8') + */ + static byteLength(string: string, encoding?: string): number; + /** + * Returns a buffer which is the result of concatenating all the buffers in the list together. + * + * If the list has no items, or if the totalLength is 0, then it returns a zero-length buffer. + * If the list has exactly one item, then the first item of the list is returned. + * If the list has more than one item, then a new Buffer is created. + * + * @param list An array of Buffer objects to concatenate + * @param totalLength Total length of the buffers when concatenated. + * If totalLength is not provided, it is read from the buffers in the list. However, this adds an additional loop to the function, so it is faster to provide the length explicitly. + */ + static concat(list: Buffer[], totalLength?: number): Buffer; + /** + * The same as buf1.compare(buf2). + */ + static compare(buf1: Buffer, buf2: Buffer): number; + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + * @param fill if specified, buffer will be initialized by calling buf.fill(fill). + * If parameter is omitted, buffer will be filled with zeros. + * @param encoding encoding used for call to buf.fill while initalizing + */ + static alloc(size: number, fill?: string | Buffer | number, encoding?: string): Buffer; + /** + * Allocates a new buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafe(size: number): Buffer; + /** + * Allocates a new non-pooled buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafeSlow(size: number): Buffer; + } +}
\ No newline at end of file diff --git a/node_modules/libnpmaccess/node_modules/safe-buffer/index.js b/node_modules/libnpmaccess/node_modules/safe-buffer/index.js new file mode 100644 index 000000000..054c8d30d --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/safe-buffer/index.js @@ -0,0 +1,64 @@ +/* eslint-disable node/no-deprecated-api */ +var buffer = require('buffer') +var Buffer = buffer.Buffer + +// alternative to using Object.keys for old browsers +function copyProps (src, dst) { + for (var key in src) { + dst[key] = src[key] + } +} +if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) { + module.exports = buffer +} else { + // Copy properties from require('buffer') + copyProps(buffer, exports) + exports.Buffer = SafeBuffer +} + +function SafeBuffer (arg, encodingOrOffset, length) { + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.prototype = Object.create(Buffer.prototype) + +// Copy static methods from Buffer +copyProps(Buffer, SafeBuffer) + +SafeBuffer.from = function (arg, encodingOrOffset, length) { + if (typeof arg === 'number') { + throw new TypeError('Argument must not be a number') + } + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.alloc = function (size, fill, encoding) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + var buf = Buffer(size) + if (fill !== undefined) { + if (typeof encoding === 'string') { + buf.fill(fill, encoding) + } else { + buf.fill(fill) + } + } else { + buf.fill(0) + } + return buf +} + +SafeBuffer.allocUnsafe = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return Buffer(size) +} + +SafeBuffer.allocUnsafeSlow = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return buffer.SlowBuffer(size) +} diff --git a/node_modules/libnpmaccess/node_modules/safe-buffer/package.json b/node_modules/libnpmaccess/node_modules/safe-buffer/package.json new file mode 100644 index 000000000..090a7c7f4 --- /dev/null +++ b/node_modules/libnpmaccess/node_modules/safe-buffer/package.json @@ -0,0 +1,62 @@ +{ + "_from": "safe-buffer@^5.2.0", + "_id": "safe-buffer@5.2.0", + "_inBundle": false, + "_integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==", + "_location": "/libnpmaccess/safe-buffer", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "safe-buffer@^5.2.0", + "name": "safe-buffer", + "escapedName": "safe-buffer", + "rawSpec": "^5.2.0", + "saveSpec": null, + "fetchSpec": "^5.2.0" + }, + "_requiredBy": [ + "/libnpmaccess/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "_shasum": "b74daec49b1148f88c64b68d49b1e815c1f2f519", + "_spec": "safe-buffer@^5.2.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmaccess/node_modules/npm-registry-fetch", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/safe-buffer/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Safer Node.js Buffer API", + "devDependencies": { + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/safe-buffer", + "keywords": [ + "buffer", + "buffer allocate", + "node security", + "safe", + "safe-buffer", + "security", + "uninitialized" + ], + "license": "MIT", + "main": "index.js", + "name": "safe-buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/safe-buffer.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "types": "index.d.ts", + "version": "5.2.0" +} diff --git a/node_modules/libnpmconfig/CODE_OF_CONDUCT.md b/node_modules/libnpmconfig/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..aeb72f598 --- /dev/null +++ b/node_modules/libnpmconfig/CODE_OF_CONDUCT.md @@ -0,0 +1,151 @@ +# Code of Conduct + +## When Something Happens + +If you see a Code of Conduct violation, follow these steps: + +1. Let the person know that what they did is not appropriate and ask them to stop and/or edit their message(s) or commits. +2. That person should immediately stop the behavior and correct the issue. +3. If this doesn’t happen, or if you're uncomfortable speaking up, [contact the maintainers](#contacting-maintainers). +4. As soon as available, a maintainer will look into the issue, and take [further action (see below)](#further-enforcement), starting with a warning, then temporary block, then long-term repo or organization ban. + +When reporting, please include any relevant details, links, screenshots, context, or other information that may be used to better understand and resolve the situation. + +**The maintainer team will prioritize the well-being and comfort of the recipients of the violation over the comfort of the violator.** See [some examples below](#enforcement-examples). + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as contributors and maintainers of this project pledge to making participation in our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, technical preferences, nationality, personal appearance, race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment include: + + * Using welcoming and inclusive language. + * Being respectful of differing viewpoints and experiences. + * Gracefully accepting constructive feedback. + * Focusing on what is best for the community. + * Showing empathy and kindness towards other community members. + * Encouraging and raising up your peers in the project so you can all bask in hacks and glory. + +Examples of unacceptable behavior by participants include: + + * The use of sexualized language or imagery and unwelcome sexual attention or advances, including when simulated online. The only exception to sexual topics is channels/spaces specifically for topics of sexual identity. + * Casual mention of slavery or indentured servitude and/or false comparisons of one's occupation or situation to slavery. Please consider using or asking about alternate terminology when referring to such metaphors in technology. + * Making light of/making mocking comments about trigger warnings and content warnings. + * Trolling, insulting/derogatory comments, and personal or political attacks. + * Public or private harassment, deliberate intimidation, or threats. + * Publishing others' private information, such as a physical or electronic address, without explicit permission. This includes any sort of "outing" of any aspect of someone's identity without their consent. + * Publishing private screenshots or quotes of interactions in the context of this project without all quoted users' *explicit* consent. + * Publishing of private communication that doesn't have to do with reporting harrassment. + * Any of the above even when [presented as "ironic" or "joking"](https://en.wikipedia.org/wiki/Hipster_racism). + * Any attempt to present "reverse-ism" versions of the above as violations. Examples of reverse-isms are "reverse racism", "reverse sexism", "heterophobia", and "cisphobia". + * Unsolicited explanations under the assumption that someone doesn't already know it. Ask before you teach! Don't assume what people's knowledge gaps are. + * [Feigning or exaggerating surprise](https://www.recurse.com/manual#no-feigned-surprise) when someone admits to not knowing something. + * "[Well-actuallies](https://www.recurse.com/manual#no-well-actuallys)" + * Other conduct which could reasonably be considered inappropriate in a professional or community setting. + +## Scope + +This Code of Conduct applies both within spaces involving this project and in other spaces involving community members. This includes the repository, its Pull Requests and Issue tracker, its Twitter community, private email communications in the context of the project, and any events where members of the project are participating, as well as adjacent communities and venues affecting the project's members. + +Depending on the violation, the maintainers may decide that violations of this code of conduct that have happened outside of the scope of the community may deem an individual unwelcome, and take appropriate action to maintain the comfort and safety of its members. + +### Other Community Standards + +As a project on GitHub, this project is additionally covered by the [GitHub Community Guidelines](https://help.github.com/articles/github-community-guidelines/). + +Additionally, as a project hosted on npm, is is covered by [npm, Inc's Code of Conduct](https://www.npmjs.com/policies/conduct). + +Enforcement of those guidelines after violations overlapping with the above are the responsibility of the entities, and enforcement may happen in any or all of the services/communities. + +## Maintainer Enforcement Process + +Once the maintainers get involved, they will follow a documented series of steps and do their best to preserve the well-being of project members. This section covers actual concrete steps. + +### Contacting Maintainers + +You may get in touch with the maintainer team through any of the following methods: + + * Through email: + * [kzm@zkat.tech](mailto:kzm@zkat.tech) (Kat Marchán) + + * Through Twitter: + * [@maybekatz](https://twitter.com/maybekatz) (Kat Marchán) + +### Further Enforcement + +If you've already followed the [initial enforcement steps](#enforcement), these are the steps maintainers will take for further enforcement, as needed: + + 1. Repeat the request to stop. + 2. If the person doubles down, they will have offending messages removed or edited by a maintainers given an official warning. The PR or Issue may be locked. + 3. If the behavior continues or is repeated later, the person will be blocked from participating for 24 hours. + 4. If the behavior continues or is repeated after the temporary block, a long-term (6-12mo) ban will be used. + +On top of this, maintainers may remove any offending messages, images, contributions, etc, as they deem necessary. + +Maintainers reserve full rights to skip any of these steps, at their discretion, if the violation is considered to be a serious and/or immediate threat to the health and well-being of members of the community. These include any threats, serious physical or verbal attacks, and other such behavior that would be completely unacceptable in any social setting that puts our members at risk. + +Members expelled from events or venues with any sort of paid attendance will not be refunded. + +### Who Watches the Watchers? + +Maintainers and other leaders who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. These may include anything from removal from the maintainer team to a permanent ban from the community. + +Additionally, as a project hosted on both GitHub and npm, [their own Codes of Conducts may be applied against maintainers of this project](#other-community-standards), externally of this project's procedures. + +### Enforcement Examples + +#### The Best Case + +The vast majority of situations work out like this. This interaction is common, and generally positive. + +> Alex: "Yeah I used X and it was really crazy!" + +> Patt (not a maintainer): "Hey, could you not use that word? What about 'ridiculous' instead?" + +> Alex: "oh sorry, sure." -> edits old comment to say "it was really confusing!" + +#### The Maintainer Case + +Sometimes, though, you need to get maintainers involved. Maintainers will do their best to resolve conflicts, but people who were harmed by something **will take priority**. + +> Patt: "Honestly, sometimes I just really hate using $library and anyone who uses it probably sucks at their job." + +> Alex: "Whoa there, could you dial it back a bit? There's a CoC thing about attacking folks' tech use like that." + +> Patt: "I'm not attacking anyone, what's your problem?" + +> Alex: "@maintainers hey uh. Can someone look at this issue? Patt is getting a bit aggro. I tried to nudge them about it, but nope." + +> KeeperOfCommitBits: (on issue) "Hey Patt, maintainer here. Could you tone it down? This sort of attack is really not okay in this space." + +> Patt: "Leave me alone I haven't said anything bad wtf is wrong with you." + +> KeeperOfCommitBits: (deletes user's comment), "@patt I mean it. Please refer to the CoC over at (URL to this CoC) if you have questions, but you can consider this an actual warning. I'd appreciate it if you reworded your messages in this thread, since they made folks there uncomfortable. Let's try and be kind, yeah?" + +> Patt: "@keeperofbits Okay sorry. I'm just frustrated and I'm kinda burnt out and I guess I got carried away. I'll DM Alex a note apologizing and edit my messages. Sorry for the trouble." + +> KeeperOfCommitBits: "@patt Thanks for that. I hear you on the stress. Burnout sucks :/. Have a good one!" + +#### The Nope Case + +> PepeTheFrog🐸: "Hi, I am a literal actual nazi and I think white supremacists are quite fashionable." + +> Patt: "NOOOOPE. OH NOPE NOPE." + +> Alex: "JFC NO. NOPE. @keeperofbits NOPE NOPE LOOK HERE" + +> KeeperOfCommitBits: "👀 Nope. NOPE NOPE NOPE. 🔥" + +> PepeTheFrog🐸 has been banned from all organization or user repositories belonging to KeeperOfCommitBits. + +## Attribution + +This Code of Conduct was generated using [WeAllJS Code of Conduct Generator](https://npm.im/weallbehave), which is based on the [WeAllJS Code of +Conduct](https://wealljs.org/code-of-conduct), which is itself based on +[Contributor Covenant](http://contributor-covenant.org), version 1.4, available +at +[http://contributor-covenant.org/version/1/4](http://contributor-covenant.org/version/1/4), +and the LGBTQ in Technology Slack [Code of +Conduct](http://lgbtq.technology/coc.html). diff --git a/node_modules/libnpmconfig/CONTRIBUTING.md b/node_modules/libnpmconfig/CONTRIBUTING.md new file mode 100644 index 000000000..970c1cf43 --- /dev/null +++ b/node_modules/libnpmconfig/CONTRIBUTING.md @@ -0,0 +1,256 @@ +# Contributing + +## How do I... <a name="toc"></a> + +* [Use This Guide](#introduction)? +* Ask or Say Something? 🤔🐛😱 + * [Request Support](#request-support) + * [Report an Error or Bug](#report-an-error-or-bug) + * [Request a Feature](#request-a-feature) +* Make Something? 🤓👩🏽💻📜🍳 + * [Project Setup](#project-setup) + * [Contribute Documentation](#contribute-documentation) + * [Contribute Code](#contribute-code) +* Manage Something ✅🙆🏼💃👔 + * [Provide Support on Issues](#provide-support-on-issues) + * [Label Issues](#label-issues) + * [Clean Up Issues and PRs](#clean-up-issues-and-prs) + * [Review Pull Requests](#review-pull-requests) + * [Merge Pull Requests](#merge-pull-requests) + * [Tag a Release](#tag-a-release) + * [Join the Project Team](#join-the-project-team) +* Add a Guide Like This One [To My Project](#attribution)? 🤖😻👻 + +## Introduction + +Thank you so much for your interest in contributing!. All types of contributions are encouraged and valued. See the [table of contents](#toc) for different ways to help and details about how this project handles them!📝 + +Please make sure to read the relevant section before making your contribution! It will make it a lot easier for us maintainers to make the most of it and smooth out the experience for all involved. 💚 + +The [Project Team](#join-the-project-team) looks forward to your contributions. 🙌🏾✨ + +## Request Support + +If you have a question about this project, how to use it, or just need clarification about something: + +* Open an Issue at https://github.com/npm/libnpmconfig/issues +* Provide as much context as you can about what you're running into. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* Someone will try to have a response soon. +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. + +## Report an Error or Bug + +If you run into an error or bug with the project: + +* Open an Issue at https://github.com/npm/libnpmconfig/issues +* Include *reproduction steps* that someone else can follow to recreate the bug or error on their own. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* A team member will try to reproduce the issue with your provided steps. If there are no repro steps or no obvious way to reproduce the issue, the team will ask you for those steps and mark the issue as `needs-repro`. Bugs with the `needs-repro` tag will not be addressed until they are reproduced. +* If the team is able to reproduce the issue, it will be marked `needs-fix`, as well as possibly other tags (such as `critical`), and the issue will be left to be [implemented by someone](#contribute-code). +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. +* `critical` issues may be left open, depending on perceived immediacy and severity, even past the 30 day deadline. + +## Request a Feature + +If the project doesn't do something you need or want it to do: + +* Open an Issue at https://github.com/npm/libnpmconfig/issues +* Provide as much context as you can about what you're running into. +* Please try and be clear about why existing features and alternatives would not work for you. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* The project team will evaluate the feature request, possibly asking you more questions to understand its purpose and any relevant requirements. If the issue is closed, the team will convey their reasoning and suggest an alternative path forward. +* If the feature request is accepted, it will be marked for implementation with `feature-accepted`, which can then be done by either by a core team member or by anyone in the community who wants to [contribute code](#contribute-code). + +Note: The team is unlikely to be able to accept every single feature request that is filed. Please understand if they need to say no. + +## Project Setup + +So you wanna contribute some code! That's great! This project uses GitHub Pull Requests to manage contributions, so [read up on how to fork a GitHub project and file a PR](https://guides.github.com/activities/forking) if you've never done it before. + +If this seems like a lot or you aren't able to do all this setup, you might also be able to [edit the files directly](https://help.github.com/articles/editing-files-in-another-user-s-repository/) without having to do any of this setup. Yes, [even code](#contribute-code). + +If you want to go the usual route and run the project locally, though: + +* [Install Node.js](https://nodejs.org/en/download/) +* [Fork the project](https://guides.github.com/activities/forking/#fork) + +Then in your terminal: +* `cd path/to/your/clone` +* `npm install` +* `npm test` + +And you should be ready to go! + +## Contribute Documentation + +Documentation is a super important, critical part of this project. Docs are how we keep track of what we're doing, how, and why. It's how we stay on the same page about our policies. And it's how we tell others everything they need in order to be able to use this project -- or contribute to it. So thank you in advance. + +Documentation contributions of any size are welcome! Feel free to file a PR even if you're just rewording a sentence to be more clear, or fixing a spelling mistake! + +To contribute documentation: + +* [Set up the project](#project-setup). +* Edit or add any relevant documentation. +* Make sure your changes are formatted correctly and consistently with the rest of the documentation. +* Re-read what you wrote, and run a spellchecker on it to make sure you didn't miss anything. +* In your commit message(s), begin the first line with `docs: `. For example: `docs: Adding a doc contrib section to CONTRIBUTING.md`. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). Documentation commits should use `docs(<component>): <message>`. +* Go to https://github.com/npm/libnpmconfig/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Contribute Code + +We like code commits a lot! They're super handy, and they keep the project going and doing the work it needs to do to be useful to others. + +Code contributions of just about any size are acceptable! + +The main difference between code contributions and documentation contributions is that contributing code requires inclusion of relevant tests for the code being added or changed. Contributions without accompanying tests will be held off until a test is added, unless the maintainers consider the specific tests to be either impossible, or way too much of a burden for such a contribution. + +To contribute code: + +* [Set up the project](#project-setup). +* Make any necessary changes to the source code. +* Include any [additional documentation](#contribute-documentation) the changes might need. +* Write tests that verify that your contribution works as expected. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). +* Dependency updates, additions, or removals must be in individual commits, and the message must use the format: `<prefix>(deps): PKG@VERSION`, where `<prefix>` is any of the usual `conventional-changelog` prefixes, at your discretion. +* Go to https://github.com/npm/libnpmconfig/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* Barring special circumstances, maintainers will not review PRs until all checks pass (Travis, AppVeyor, etc). +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. Additional tags (such as `needs-tests`) will be added depending on the review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Provide Support on Issues + +[Needs Collaborator](#join-the-project-team): none + +Helping out other users with their questions is a really awesome way of contributing to any community. It's not uncommon for most of the issues on an open source projects being support-related questions by users trying to understand something they ran into, or find their way around a known bug. + +Sometimes, the `support` label will be added to things that turn out to actually be other things, like bugs or feature requests. In that case, suss out the details with the person who filed the original issue, add a comment explaining what the bug is, and change the label from `support` to `bug` or `feature`. If you can't do this yourself, @mention a maintainer so they can do it. + +In order to help other folks out with their questions: + +* Go to the issue tracker and [filter open issues by the `support` label](https://github.com/npm/libnpmconfig/issues?q=is%3Aopen+is%3Aissue+label%3Asupport). +* Read through the list until you find something that you're familiar enough with to give an answer to. +* Respond to the issue with whatever details are needed to clarify the question, or get more details about what's going on. +* Once the discussion wraps up and things are clarified, either close the issue, or ask the original issue filer (or a maintainer) to close it for you. + +Some notes on picking up support issues: + +* Avoid responding to issues you don't know you can answer accurately. +* As much as possible, try to refer to past issues with accepted answers. Link to them from your replies with the `#123` format. +* Be kind and patient with users -- often, folks who have run into confusing things might be upset or impatient. This is ok. Try to understand where they're coming from, and if you're too uncomfortable with the tone, feel free to stay away or withdraw from the issue. (note: if the user is outright hostile or is violating the CoC, [refer to the Code of Conduct](CODE_OF_CONDUCT.md) to resolve the conflict). + +## Label Issues + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +One of the most important tasks in handling issues is labeling them usefully and accurately. All other tasks involving issues ultimately rely on the issue being classified in such a way that relevant parties looking to do their own tasks can find them quickly and easily. + +In order to label issues, [open up the list of unlabeled issues](https://github.com/npm/libnpmconfig/issues?q=is%3Aopen+is%3Aissue+no%3Alabel) and, **from newest to oldest**, read through each one and apply issue labels according to the table below. If you're unsure about what label to apply, skip the issue and try the next one: don't feel obligated to label each and every issue yourself! + +Label | Apply When | Notes +--- | --- | --- +`bug` | Cases where the code (or documentation) is behaving in a way it wasn't intended to. | If something is happening that surprises the *user* but does not go against the way the code is designed, it should use the `enhancement` label. +`critical` | Added to `bug` issues if the problem described makes the code completely unusable in a common situation. | +`documentation` | Added to issues or pull requests that affect any of the documentation for the project. | Can be combined with other labels, such as `bug` or `enhancement`. +`duplicate` | Added to issues or PRs that refer to the exact same issue as another one that's been previously labeled. | Duplicate issues should be marked and closed right away, with a message referencing the issue it's a duplicate of (with `#123`) +`enhancement` | Added to [feature requests](#request-a-feature), PRs, or documentation issues that are purely additive: the code or docs currently work as expected, but a change is being requested or suggested. | +`help wanted` | Applied by [Committers](#join-the-project-team) to issues and PRs that they would like to get outside help for. Generally, this means it's lower priority for the maintainer team to itself implement, but that the community is encouraged to pick up if they so desire | Never applied on first-pass labeling. +`in-progress` | Applied by [Committers](#join-the-project-team) to PRs that are pending some work before they're ready for review. | The original PR submitter should @mention the team member that applied the label once the PR is complete. +`performance` | This issue or PR is directly related to improving performance. | +`refactor` | Added to issues or PRs that deal with cleaning up or modifying the project for the betterment of it. | +`starter` | Applied by [Committers](#join-the-project-team) to issues that they consider good introductions to the project for people who have not contributed before. These are not necessarily "easy", but rather focused around how much context is necessary in order to understand what needs to be done for this project in particular. | Existing project members are expected to stay away from these unless they increase in priority. +`support` | This issue is either asking a question about how to use the project, clarifying the reason for unexpected behavior, or possibly reporting a `bug` but does not have enough detail yet to determine whether it would count as such. | The label should be switched to `bug` if reliable reproduction steps are provided. Issues primarily with unintended configurations of a user's environment are not considered bugs, even if they cause crashes. +`tests` | This issue or PR either requests or adds primarily tests to the project. | If a PR is pending tests, that will be handled through the [PR review process](#review-pull-requests) +`wontfix` | Labelers may apply this label to issues that clearly have nothing at all to do with the project or are otherwise entirely outside of its scope/sphere of influence. [Committers](#join-the-project-team) may apply this label and close an issue or PR if they decide to pass on an otherwise relevant issue. | The issue or PR should be closed as soon as the label is applied, and a clear explanation provided of why the label was used. Contributors are free to contest the labeling, but the decision ultimately falls on committers as to whether to accept something or not. + +## Clean Up Issues and PRs + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +Issues and PRs can go stale after a while. Maybe they're abandoned. Maybe the team will just plain not have time to address them any time soon. + +In these cases, they should be closed until they're brought up again or the interaction starts over. + +To clean up issues and PRs: + +* Search the issue tracker for issues or PRs, and add the term `updated:<=YYYY-MM-DD`, where the date is 30 days before today. +* Go through each issue *from oldest to newest*, and close them if **all of the following are true**: + * not opened by a maintainer + * not marked as `critical` + * not marked as `starter` or `help wanted` (these might stick around for a while, in general, as they're intended to be available) + * no explicit messages in the comments asking for it to be left open + * does not belong to a milestone +* Leave a message when closing saying "Cleaning up stale issue. Please reopen or ping us if and when you're ready to resume this. See https://github.com/npm/libnpmconfig/blob/latest/CONTRIBUTING.md#clean-up-issues-and-prs for more details." + +## Review Pull Requests + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +While anyone can comment on a PR, add feedback, etc, PRs are only *approved* by team members with Issue Tracker or higher permissions. + +PR reviews use [GitHub's own review feature](https://help.github.com/articles/about-pull-request-reviews/), which manages comments, approval, and review iteration. + +Some notes: + +* You may ask for minor changes ("nitpicks"), but consider whether they are really blockers to merging: try to err on the side of "approve, with comments". +* *ALL PULL REQUESTS* should be covered by a test: either by a previously-failing test, an existing test that covers the entire functionality of the submitted code, or new tests to verify any new/changed behavior. All tests must also pass and follow established conventions. Test coverage should not drop, unless the specific case is considered reasonable by maintainers. +* Please make sure you're familiar with the code or documentation being updated, unless it's a minor change (spellchecking, minor formatting, etc). You may @mention another project member who you think is better suited for the review, but still provide a non-approving review of your own. +* Be extra kind: people who submit code/doc contributions are putting themselves in a pretty vulnerable position, and have put time and care into what they've done (even if that's not obvious to you!) -- always respond with respect, be understanding, but don't feel like you need to sacrifice your standards for their sake, either. Just don't be a jerk about it? + +## Merge Pull Requests + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. + +## Tag A Release + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. The most important bit here is probably that all tests must pass, and tags must use [semver](https://semver.org). + +## Join the Project Team + +### Ways to Join + +There are many ways to contribute! Most of them don't require any official status unless otherwise noted. That said, there's a couple of positions that grant special repository abilities, and this section describes how they're granted and what they do. + +All of the below positions are granted based on the project team's needs, as well as their consensus opinion about whether they would like to work with the person and think that they would fit well into that position. The process is relatively informal, and it's likely that people who express interest in participating can just be granted the permissions they'd like. + +You can spot a collaborator on the repo by looking for the `[Collaborator]` or `[Owner]` tags next to their names. + +Permission | Description +--- | --- +Issue Tracker | Granted to contributors who express a strong interest in spending time on the project's issue tracker. These tasks are mainly [labeling issues](#label-issues), [cleaning up old ones](#clean-up-issues-and-prs), and [reviewing pull requests](#review-pull-requests), as well as all the usual things non-team-member contributors can do. Issue handlers should not merge pull requests, tag releases, or directly commit code themselves: that should still be done through the usual pull request process. Becoming an Issue Handler means the project team trusts you to understand enough of the team's process and context to implement it on the issue tracker. +Committer | Granted to contributors who want to handle the actual pull request merges, tagging new versions, etc. Committers should have a good level of familiarity with the codebase, and enough context to understand the implications of various changes, as well as a good sense of the will and expectations of the project team. +Admin/Owner | Granted to people ultimately responsible for the project, its community, etc. + +## Attribution + +This guide was generated using the WeAllJS `CONTRIBUTING.md` generator. [Make your own](https://npm.im/weallcontribute)! diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmhook/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 000000000..8eee50a47 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,239 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="4.0.2"></a> +## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04) + + +### Bug Fixes + +* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9) +* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) + + +* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) + + +### BREAKING CHANGES + +* uid and gid are inferred from cache folder, rather than +being passed in as options. + + + +<a name="3.9.1"></a> +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + +<a name="3.9.0"></a> +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + +<a name="3.8.0"></a> +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + +<a name="3.7.0"></a> +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + +<a name="3.6.0"></a> +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + +<a name="3.5.0"></a> +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + +<a name="3.4.0"></a> +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + +<a name="3.3.0"></a> +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + +<a name="3.2.1"></a> +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + +<a name="3.2.0"></a> +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + +<a name="3.1.1"></a> +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + +<a name="3.1.0"></a> +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="1.1.1"></a> +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + +<a name="1.1.0"></a> +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + +<a name="1.0.1"></a> +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + +<a name="1.0.0"></a> +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmhook/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmhook/node_modules/npm-registry-fetch/README.md new file mode 100644 index 000000000..0c3f4f946 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### <a name="fetch"></a> `> fetch(url, [opts]) -> Promise<Response>` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### <a name="fetch-json"></a> `> fetch.json(url, [opts]) -> Promise<ResponseJSON>` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### <a name="fetch-json-stream"></a> `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### <a name="fetch-opts"></a> `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### <a name="opts-agent"></a> `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### <a name="opts-body"></a> `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### <a name="opts-ca"></a> `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### <a name="opts-cache"></a> `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### <a name="opts-cert"></a> `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### <a name="opts-fetch-retries"></a> `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-factor"></a> `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-mintimeout"></a> `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-maxtimeout"></a> `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-force-auth"></a> `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### <a name="opts-gzip"></a> `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### <a name="opts-headers"></a> `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### <a name="opts-ignore-body"></a> `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### <a name="opts-integrity"></a> `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### <a name='opts-is-from-ci'></a> `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### <a name="opts-key"></a> `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### <a name="opts-local-address"></a> `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### <a name="opts-log"></a> `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### <a name="opts-map-json"></a> `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### <a name="opts-maxsockets"></a> `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### <a name="opts-method"></a> `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### <a name="opts-noproxy"></a> `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### <a name="opts-npm-session"></a> `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### <a name="opts-offline"></a> `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-otp"></a> `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### <a name="opts-password"></a> `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### <a name="opts-prefer-offline"></a> `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-prefer-online"></a> `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### <a name="opts-project-scope"></a> `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### <a name="opts-proxy"></a> `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### <a name="opts-query"></a> `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### <a name="opts-refer"></a> `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### <a name="opts-registry"></a> `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.<scope>:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### <a name="opts-retry"></a> `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### <a name="opts-scope"></a> `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.<scope>:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### <a name="opts-scope-registry"></a> `opts.<scope>:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### <a name="opts-spec"></a> `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### <a name="opts-strict-ssl"></a> `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### <a name="opts-timeout"></a> `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### <a name="opts-token"></a> `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### <a name="opts-user-agent"></a> `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@<version>/node@<node-version>+<arch> (<platform>)'` + +User agent string to send in the `User-Agent` header. + +##### <a name="opts-username"></a> `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### <a name="opts-auth"></a> `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 000000000..d583982d0 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 000000000..14058239b --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/config.js new file mode 100644 index 000000000..1c43b26ea --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,96 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 000000000..ba78735fc --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/index.js new file mode 100644 index 000000000..c18487388 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,191 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmhook/node_modules/npm-registry-fetch/package.json new file mode 100644 index 000000000..da5ace349 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,93 @@ +{ + "_from": "npm-registry-fetch@^4.0.0", + "_id": "npm-registry-fetch@4.0.2", + "_inBundle": false, + "_integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "_location": "/libnpmhook/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^4.0.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/libnpmhook" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "_shasum": "2b1434f93ccbe6b6385f8e45f45db93e16921d7a", + "_spec": "npm-registry-fetch@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmhook", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^12.0.0", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmhook/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmhook/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 000000000..886c5d55b --- /dev/null +++ b/node_modules/libnpmhook/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmhook/node_modules/safe-buffer/LICENSE b/node_modules/libnpmhook/node_modules/safe-buffer/LICENSE new file mode 100644 index 000000000..0c068ceec --- /dev/null +++ b/node_modules/libnpmhook/node_modules/safe-buffer/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) Feross Aboukhadijeh + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/libnpmhook/node_modules/safe-buffer/README.md b/node_modules/libnpmhook/node_modules/safe-buffer/README.md new file mode 100644 index 000000000..356e35193 --- /dev/null +++ b/node_modules/libnpmhook/node_modules/safe-buffer/README.md @@ -0,0 +1,586 @@ +# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] + +[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg +[travis-url]: https://travis-ci.org/feross/safe-buffer +[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg +[npm-url]: https://npmjs.org/package/safe-buffer +[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg +[downloads-url]: https://npmjs.org/package/safe-buffer +[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg +[standard-url]: https://standardjs.com + +#### Safer Node.js Buffer API + +**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`, +`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.** + +**Uses the built-in implementation when available.** + +## install + +``` +npm install safe-buffer +``` + +[Get supported safe-buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-safe-buffer?utm_source=npm-safe-buffer&utm_medium=referral&utm_campaign=readme) + +## usage + +The goal of this package is to provide a safe replacement for the node.js `Buffer`. + +It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to +the top of your node.js modules: + +```js +var Buffer = require('safe-buffer').Buffer + +// Existing buffer code will continue to work without issues: + +new Buffer('hey', 'utf8') +new Buffer([1, 2, 3], 'utf8') +new Buffer(obj) +new Buffer(16) // create an uninitialized buffer (potentially unsafe) + +// But you can use these new explicit APIs to make clear what you want: + +Buffer.from('hey', 'utf8') // convert from many types to a Buffer +Buffer.alloc(16) // create a zero-filled buffer (safe) +Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe) +``` + +## api + +### Class Method: Buffer.from(array) +<!-- YAML +added: v3.0.0 +--> + +* `array` {Array} + +Allocates a new `Buffer` using an `array` of octets. + +```js +const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]); + // creates a new Buffer containing ASCII bytes + // ['b','u','f','f','e','r'] +``` + +A `TypeError` will be thrown if `array` is not an `Array`. + +### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]]) +<!-- YAML +added: v5.10.0 +--> + +* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or + a `new ArrayBuffer()` +* `byteOffset` {Number} Default: `0` +* `length` {Number} Default: `arrayBuffer.length - byteOffset` + +When passed a reference to the `.buffer` property of a `TypedArray` instance, +the newly created `Buffer` will share the same allocated memory as the +TypedArray. + +```js +const arr = new Uint16Array(2); +arr[0] = 5000; +arr[1] = 4000; + +const buf = Buffer.from(arr.buffer); // shares the memory with arr; + +console.log(buf); + // Prints: <Buffer 88 13 a0 0f> + +// changing the TypedArray changes the Buffer also +arr[1] = 6000; + +console.log(buf); + // Prints: <Buffer 88 13 70 17> +``` + +The optional `byteOffset` and `length` arguments specify a memory range within +the `arrayBuffer` that will be shared by the `Buffer`. + +```js +const ab = new ArrayBuffer(10); +const buf = Buffer.from(ab, 0, 2); +console.log(buf.length); + // Prints: 2 +``` + +A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`. + +### Class Method: Buffer.from(buffer) +<!-- YAML +added: v3.0.0 +--> + +* `buffer` {Buffer} + +Copies the passed `buffer` data onto a new `Buffer` instance. + +```js +const buf1 = Buffer.from('buffer'); +const buf2 = Buffer.from(buf1); + +buf1[0] = 0x61; +console.log(buf1.toString()); + // 'auffer' +console.log(buf2.toString()); + // 'buffer' (copy is not changed) +``` + +A `TypeError` will be thrown if `buffer` is not a `Buffer`. + +### Class Method: Buffer.from(str[, encoding]) +<!-- YAML +added: v5.10.0 +--> + +* `str` {String} String to encode. +* `encoding` {String} Encoding to use, Default: `'utf8'` + +Creates a new `Buffer` containing the given JavaScript string `str`. If +provided, the `encoding` parameter identifies the character encoding. +If not provided, `encoding` defaults to `'utf8'`. + +```js +const buf1 = Buffer.from('this is a tést'); +console.log(buf1.toString()); + // prints: this is a tést +console.log(buf1.toString('ascii')); + // prints: this is a tC)st + +const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex'); +console.log(buf2.toString()); + // prints: this is a tést +``` + +A `TypeError` will be thrown if `str` is not a string. + +### Class Method: Buffer.alloc(size[, fill[, encoding]]) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} +* `fill` {Value} Default: `undefined` +* `encoding` {String} Default: `utf8` + +Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the +`Buffer` will be *zero-filled*. + +```js +const buf = Buffer.alloc(5); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +The `size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +If `fill` is specified, the allocated `Buffer` will be initialized by calling +`buf.fill(fill)`. See [`buf.fill()`][] for more information. + +```js +const buf = Buffer.alloc(5, 'a'); +console.log(buf); + // <Buffer 61 61 61 61 61> +``` + +If both `fill` and `encoding` are specified, the allocated `Buffer` will be +initialized by calling `buf.fill(fill, encoding)`. For example: + +```js +const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64'); +console.log(buf); + // <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64> +``` + +Calling `Buffer.alloc(size)` can be significantly slower than the alternative +`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance +contents will *never contain sensitive data*. + +A `TypeError` will be thrown if `size` is not a number. + +### Class Method: Buffer.allocUnsafe(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* `Buffer` of `size` bytes. The `size` must +be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit +architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is +thrown. A zero-length Buffer will be created if a `size` less than or equal to +0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +```js +const buf = Buffer.allocUnsafe(5); +console.log(buf); + // <Buffer 78 e0 82 02 01> + // (octets will be different, every time) +buf.fill(0); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +A `TypeError` will be thrown if `size` is not a number. + +Note that the `Buffer` module pre-allocates an internal `Buffer` instance of +size `Buffer.poolSize` that is used as a pool for the fast allocation of new +`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated +`new Buffer(size)` constructor) only when `size` is less than or equal to +`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default +value of `Buffer.poolSize` is `8192` but can be modified. + +Use of this pre-allocated internal memory pool is a key difference between +calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`. +Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer +pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal +Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The +difference is subtle but can be important when an application requires the +additional performance that `Buffer.allocUnsafe(size)` provides. + +### Class Method: Buffer.allocUnsafeSlow(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes. The +`size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances, +allocations under 4KB are, by default, sliced from a single pre-allocated +`Buffer`. This allows applications to avoid the garbage collection overhead of +creating many individually allocated Buffers. This approach improves both +performance and memory usage by eliminating the need to track and cleanup as +many `Persistent` objects. + +However, in the case where a developer may need to retain a small chunk of +memory from a pool for an indeterminate amount of time, it may be appropriate +to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then +copy out the relevant bits. + +```js +// need to keep around a few small chunks of memory +const store = []; + +socket.on('readable', () => { + const data = socket.read(); + // allocate for retained data + const sb = Buffer.allocUnsafeSlow(10); + // copy the data into the new allocation + data.copy(sb, 0, 0, 10); + store.push(sb); +}); +``` + +Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after* +a developer has observed undue memory retention in their applications. + +A `TypeError` will be thrown if `size` is not a number. + +### All the Rest + +The rest of the `Buffer` API is exactly the same as in node.js. +[See the docs](https://nodejs.org/api/buffer.html). + + +## Related links + +- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660) +- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4) + +## Why is `Buffer` unsafe? + +Today, the node.js `Buffer` constructor is overloaded to handle many different argument +types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.), +`ArrayBuffer`, and also `Number`. + +The API is optimized for convenience: you can throw any type at it, and it will try to do +what you want. + +Because the Buffer constructor is so powerful, you often see code like this: + +```js +// Convert UTF-8 strings to hex +function toHex (str) { + return new Buffer(str).toString('hex') +} +``` + +***But what happens if `toHex` is called with a `Number` argument?*** + +### Remote Memory Disclosure + +If an attacker can make your program call the `Buffer` constructor with a `Number` +argument, then they can make it allocate uninitialized memory from the node.js process. +This could potentially disclose TLS private keys, user data, or database passwords. + +When the `Buffer` constructor is passed a `Number` argument, it returns an +**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like +this, you **MUST** overwrite the contents before returning it to the user. + +From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size): + +> `new Buffer(size)` +> +> - `size` Number +> +> The underlying memory for `Buffer` instances created in this way is not initialized. +> **The contents of a newly created `Buffer` are unknown and could contain sensitive +> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes. + +(Emphasis our own.) + +Whenever the programmer intended to create an uninitialized `Buffer` you often see code +like this: + +```js +var buf = new Buffer(16) + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### Would this ever be a problem in real code? + +Yes. It's surprisingly common to forget to check the type of your variables in a +dynamically-typed language like JavaScript. + +Usually the consequences of assuming the wrong type is that your program crashes with an +uncaught exception. But the failure mode for forgetting to check the type of arguments to +the `Buffer` constructor is more catastrophic. + +Here's an example of a vulnerable service that takes a JSON payload and converts it to +hex: + +```js +// Take a JSON payload {str: "some string"} and convert it to hex +var server = http.createServer(function (req, res) { + var data = '' + req.setEncoding('utf8') + req.on('data', function (chunk) { + data += chunk + }) + req.on('end', function () { + var body = JSON.parse(data) + res.end(new Buffer(body.str).toString('hex')) + }) +}) + +server.listen(8080) +``` + +In this example, an http client just has to send: + +```json +{ + "str": 1000 +} +``` + +and it will get back 1,000 bytes of uninitialized memory from the server. + +This is a very serious bug. It's similar in severity to the +[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process +memory by remote attackers. + + +### Which real-world packages were vulnerable? + +#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht) + +[Mathias Buus](https://github.com/mafintosh) and I +([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages, +[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow +anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get +them to reveal 20 bytes at a time of uninitialized memory from the node.js process. + +Here's +[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8) +that fixed it. We released a new fixed version, created a +[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all +vulnerable versions on npm so users will get a warning to upgrade to a newer version. + +#### [`ws`](https://www.npmjs.com/package/ws) + +That got us wondering if there were other vulnerable packages. Sure enough, within a short +period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the +most popular WebSocket implementation in node.js. + +If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as +expected, then uninitialized server memory would be disclosed to the remote peer. + +These were the vulnerable methods: + +```js +socket.send(number) +socket.ping(number) +socket.pong(number) +``` + +Here's a vulnerable socket server with some echo functionality: + +```js +server.on('connection', function (socket) { + socket.on('message', function (message) { + message = JSON.parse(message) + if (message.type === 'echo') { + socket.send(message.data) // send back the user's message + } + }) +}) +``` + +`socket.send(number)` called on the server, will disclose server memory. + +Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue +was fixed, with a more detailed explanation. Props to +[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the +[Node Security Project disclosure](https://nodesecurity.io/advisories/67). + + +### What's the solution? + +It's important that node.js offers a fast way to get memory otherwise performance-critical +applications would needlessly get a lot slower. + +But we need a better way to *signal our intent* as programmers. **When we want +uninitialized memory, we should request it explicitly.** + +Sensitive functionality should not be packed into a developer-friendly API that loosely +accepts many different types. This type of API encourages the lazy practice of passing +variables in without checking the type very carefully. + +#### A new API: `Buffer.allocUnsafe(number)` + +The functionality of creating buffers with uninitialized memory should be part of another +API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that +frequently gets user input of all sorts of different types passed into it. + +```js +var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory! + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### How do we fix node.js core? + +We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as +`semver-major`) which defends against one case: + +```js +var str = 16 +new Buffer(str, 'utf8') +``` + +In this situation, it's implied that the programmer intended the first argument to be a +string, since they passed an encoding as a second argument. Today, node.js will allocate +uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not +what the programmer intended. + +But this is only a partial solution, since if the programmer does `new Buffer(variable)` +(without an `encoding` parameter) there's no way to know what they intended. If `variable` +is sometimes a number, then uninitialized memory will sometimes be returned. + +### What's the real long-term fix? + +We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when +we need uninitialized memory. But that would break 1000s of packages. + +~~We believe the best solution is to:~~ + +~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~ + +~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~ + +#### Update + +We now support adding three new APIs: + +- `Buffer.from(value)` - convert from any type to a buffer +- `Buffer.alloc(size)` - create a zero-filled buffer +- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size + +This solves the core problem that affected `ws` and `bittorrent-dht` which is +`Buffer(variable)` getting tricked into taking a number argument. + +This way, existing code continues working and the impact on the npm ecosystem will be +minimal. Over time, npm maintainers can migrate performance-critical code to use +`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`. + + +### Conclusion + +We think there's a serious design issue with the `Buffer` API as it exists today. It +promotes insecure software by putting high-risk functionality into a convenient API +with friendly "developer ergonomics". + +This wasn't merely a theoretical exercise because we found the issue in some of the +most popular npm packages. + +Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of +`buffer`. + +```js +var Buffer = require('safe-buffer').Buffer +``` + +Eventually, we hope that node.js core can switch to this new, safer behavior. We believe +the impact on the ecosystem would be minimal since it's not a breaking change. +Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while +older, insecure packages would magically become safe from this attack vector. + + +## links + +- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514) +- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67) +- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68) + + +## credit + +The original issues in `bittorrent-dht` +([disclosure](https://nodesecurity.io/advisories/68)) and +`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by +[Mathias Buus](https://github.com/mafintosh) and +[Feross Aboukhadijeh](http://feross.org/). + +Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues +and for his work running the [Node Security Project](https://nodesecurity.io/). + +Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and +auditing the code. + + +## license + +MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org) diff --git a/node_modules/libnpmhook/node_modules/safe-buffer/index.d.ts b/node_modules/libnpmhook/node_modules/safe-buffer/index.d.ts new file mode 100644 index 000000000..e9fed809a --- /dev/null +++ b/node_modules/libnpmhook/node_modules/safe-buffer/index.d.ts @@ -0,0 +1,187 @@ +declare module "safe-buffer" { + export class Buffer { + length: number + write(string: string, offset?: number, length?: number, encoding?: string): number; + toString(encoding?: string, start?: number, end?: number): string; + toJSON(): { type: 'Buffer', data: any[] }; + equals(otherBuffer: Buffer): boolean; + compare(otherBuffer: Buffer, targetStart?: number, targetEnd?: number, sourceStart?: number, sourceEnd?: number): number; + copy(targetBuffer: Buffer, targetStart?: number, sourceStart?: number, sourceEnd?: number): number; + slice(start?: number, end?: number): Buffer; + writeUIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeUIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + readUIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readUIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readUInt8(offset: number, noAssert?: boolean): number; + readUInt16LE(offset: number, noAssert?: boolean): number; + readUInt16BE(offset: number, noAssert?: boolean): number; + readUInt32LE(offset: number, noAssert?: boolean): number; + readUInt32BE(offset: number, noAssert?: boolean): number; + readInt8(offset: number, noAssert?: boolean): number; + readInt16LE(offset: number, noAssert?: boolean): number; + readInt16BE(offset: number, noAssert?: boolean): number; + readInt32LE(offset: number, noAssert?: boolean): number; + readInt32BE(offset: number, noAssert?: boolean): number; + readFloatLE(offset: number, noAssert?: boolean): number; + readFloatBE(offset: number, noAssert?: boolean): number; + readDoubleLE(offset: number, noAssert?: boolean): number; + readDoubleBE(offset: number, noAssert?: boolean): number; + swap16(): Buffer; + swap32(): Buffer; + swap64(): Buffer; + writeUInt8(value: number, offset: number, noAssert?: boolean): number; + writeUInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeInt8(value: number, offset: number, noAssert?: boolean): number; + writeInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeFloatLE(value: number, offset: number, noAssert?: boolean): number; + writeFloatBE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleLE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleBE(value: number, offset: number, noAssert?: boolean): number; + fill(value: any, offset?: number, end?: number): this; + indexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + lastIndexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + includes(value: string | number | Buffer, byteOffset?: number, encoding?: string): boolean; + + /** + * Allocates a new buffer containing the given {str}. + * + * @param str String to store in buffer. + * @param encoding encoding to use, optional. Default is 'utf8' + */ + constructor (str: string, encoding?: string); + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + */ + constructor (size: number); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: Uint8Array); + /** + * Produces a Buffer backed by the same allocated memory as + * the given {ArrayBuffer}. + * + * + * @param arrayBuffer The ArrayBuffer with which to share memory. + */ + constructor (arrayBuffer: ArrayBuffer); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: any[]); + /** + * Copies the passed {buffer} data onto a new {Buffer} instance. + * + * @param buffer The buffer to copy. + */ + constructor (buffer: Buffer); + prototype: Buffer; + /** + * Allocates a new Buffer using an {array} of octets. + * + * @param array + */ + static from(array: any[]): Buffer; + /** + * When passed a reference to the .buffer property of a TypedArray instance, + * the newly created Buffer will share the same allocated memory as the TypedArray. + * The optional {byteOffset} and {length} arguments specify a memory range + * within the {arrayBuffer} that will be shared by the Buffer. + * + * @param arrayBuffer The .buffer property of a TypedArray or a new ArrayBuffer() + * @param byteOffset + * @param length + */ + static from(arrayBuffer: ArrayBuffer, byteOffset?: number, length?: number): Buffer; + /** + * Copies the passed {buffer} data onto a new Buffer instance. + * + * @param buffer + */ + static from(buffer: Buffer): Buffer; + /** + * Creates a new Buffer containing the given JavaScript string {str}. + * If provided, the {encoding} parameter identifies the character encoding. + * If not provided, {encoding} defaults to 'utf8'. + * + * @param str + */ + static from(str: string, encoding?: string): Buffer; + /** + * Returns true if {obj} is a Buffer + * + * @param obj object to test. + */ + static isBuffer(obj: any): obj is Buffer; + /** + * Returns true if {encoding} is a valid encoding argument. + * Valid string encodings in Node 0.12: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'binary'(deprecated)|'hex' + * + * @param encoding string to test. + */ + static isEncoding(encoding: string): boolean; + /** + * Gives the actual byte length of a string. encoding defaults to 'utf8'. + * This is not the same as String.prototype.length since that returns the number of characters in a string. + * + * @param string string to test. + * @param encoding encoding used to evaluate (defaults to 'utf8') + */ + static byteLength(string: string, encoding?: string): number; + /** + * Returns a buffer which is the result of concatenating all the buffers in the list together. + * + * If the list has no items, or if the totalLength is 0, then it returns a zero-length buffer. + * If the list has exactly one item, then the first item of the list is returned. + * If the list has more than one item, then a new Buffer is created. + * + * @param list An array of Buffer objects to concatenate + * @param totalLength Total length of the buffers when concatenated. + * If totalLength is not provided, it is read from the buffers in the list. However, this adds an additional loop to the function, so it is faster to provide the length explicitly. + */ + static concat(list: Buffer[], totalLength?: number): Buffer; + /** + * The same as buf1.compare(buf2). + */ + static compare(buf1: Buffer, buf2: Buffer): number; + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + * @param fill if specified, buffer will be initialized by calling buf.fill(fill). + * If parameter is omitted, buffer will be filled with zeros. + * @param encoding encoding used for call to buf.fill while initalizing + */ + static alloc(size: number, fill?: string | Buffer | number, encoding?: string): Buffer; + /** + * Allocates a new buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafe(size: number): Buffer; + /** + * Allocates a new non-pooled buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafeSlow(size: number): Buffer; + } +}
\ No newline at end of file diff --git a/node_modules/libnpmhook/node_modules/safe-buffer/index.js b/node_modules/libnpmhook/node_modules/safe-buffer/index.js new file mode 100644 index 000000000..054c8d30d --- /dev/null +++ b/node_modules/libnpmhook/node_modules/safe-buffer/index.js @@ -0,0 +1,64 @@ +/* eslint-disable node/no-deprecated-api */ +var buffer = require('buffer') +var Buffer = buffer.Buffer + +// alternative to using Object.keys for old browsers +function copyProps (src, dst) { + for (var key in src) { + dst[key] = src[key] + } +} +if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) { + module.exports = buffer +} else { + // Copy properties from require('buffer') + copyProps(buffer, exports) + exports.Buffer = SafeBuffer +} + +function SafeBuffer (arg, encodingOrOffset, length) { + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.prototype = Object.create(Buffer.prototype) + +// Copy static methods from Buffer +copyProps(Buffer, SafeBuffer) + +SafeBuffer.from = function (arg, encodingOrOffset, length) { + if (typeof arg === 'number') { + throw new TypeError('Argument must not be a number') + } + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.alloc = function (size, fill, encoding) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + var buf = Buffer(size) + if (fill !== undefined) { + if (typeof encoding === 'string') { + buf.fill(fill, encoding) + } else { + buf.fill(fill) + } + } else { + buf.fill(0) + } + return buf +} + +SafeBuffer.allocUnsafe = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return Buffer(size) +} + +SafeBuffer.allocUnsafeSlow = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return buffer.SlowBuffer(size) +} diff --git a/node_modules/libnpmhook/node_modules/safe-buffer/package.json b/node_modules/libnpmhook/node_modules/safe-buffer/package.json new file mode 100644 index 000000000..bdcbc949d --- /dev/null +++ b/node_modules/libnpmhook/node_modules/safe-buffer/package.json @@ -0,0 +1,62 @@ +{ + "_from": "safe-buffer@^5.2.0", + "_id": "safe-buffer@5.2.0", + "_inBundle": false, + "_integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==", + "_location": "/libnpmhook/safe-buffer", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "safe-buffer@^5.2.0", + "name": "safe-buffer", + "escapedName": "safe-buffer", + "rawSpec": "^5.2.0", + "saveSpec": null, + "fetchSpec": "^5.2.0" + }, + "_requiredBy": [ + "/libnpmhook/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "_shasum": "b74daec49b1148f88c64b68d49b1e815c1f2f519", + "_spec": "safe-buffer@^5.2.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmhook/node_modules/npm-registry-fetch", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/safe-buffer/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Safer Node.js Buffer API", + "devDependencies": { + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/safe-buffer", + "keywords": [ + "buffer", + "buffer allocate", + "node security", + "safe", + "safe-buffer", + "security", + "uninitialized" + ], + "license": "MIT", + "main": "index.js", + "name": "safe-buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/safe-buffer.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "types": "index.d.ts", + "version": "5.2.0" +} diff --git a/node_modules/libnpmorg/CODE_OF_CONDUCT.md b/node_modules/libnpmorg/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..aeb72f598 --- /dev/null +++ b/node_modules/libnpmorg/CODE_OF_CONDUCT.md @@ -0,0 +1,151 @@ +# Code of Conduct + +## When Something Happens + +If you see a Code of Conduct violation, follow these steps: + +1. Let the person know that what they did is not appropriate and ask them to stop and/or edit their message(s) or commits. +2. That person should immediately stop the behavior and correct the issue. +3. If this doesn’t happen, or if you're uncomfortable speaking up, [contact the maintainers](#contacting-maintainers). +4. As soon as available, a maintainer will look into the issue, and take [further action (see below)](#further-enforcement), starting with a warning, then temporary block, then long-term repo or organization ban. + +When reporting, please include any relevant details, links, screenshots, context, or other information that may be used to better understand and resolve the situation. + +**The maintainer team will prioritize the well-being and comfort of the recipients of the violation over the comfort of the violator.** See [some examples below](#enforcement-examples). + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as contributors and maintainers of this project pledge to making participation in our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, technical preferences, nationality, personal appearance, race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment include: + + * Using welcoming and inclusive language. + * Being respectful of differing viewpoints and experiences. + * Gracefully accepting constructive feedback. + * Focusing on what is best for the community. + * Showing empathy and kindness towards other community members. + * Encouraging and raising up your peers in the project so you can all bask in hacks and glory. + +Examples of unacceptable behavior by participants include: + + * The use of sexualized language or imagery and unwelcome sexual attention or advances, including when simulated online. The only exception to sexual topics is channels/spaces specifically for topics of sexual identity. + * Casual mention of slavery or indentured servitude and/or false comparisons of one's occupation or situation to slavery. Please consider using or asking about alternate terminology when referring to such metaphors in technology. + * Making light of/making mocking comments about trigger warnings and content warnings. + * Trolling, insulting/derogatory comments, and personal or political attacks. + * Public or private harassment, deliberate intimidation, or threats. + * Publishing others' private information, such as a physical or electronic address, without explicit permission. This includes any sort of "outing" of any aspect of someone's identity without their consent. + * Publishing private screenshots or quotes of interactions in the context of this project without all quoted users' *explicit* consent. + * Publishing of private communication that doesn't have to do with reporting harrassment. + * Any of the above even when [presented as "ironic" or "joking"](https://en.wikipedia.org/wiki/Hipster_racism). + * Any attempt to present "reverse-ism" versions of the above as violations. Examples of reverse-isms are "reverse racism", "reverse sexism", "heterophobia", and "cisphobia". + * Unsolicited explanations under the assumption that someone doesn't already know it. Ask before you teach! Don't assume what people's knowledge gaps are. + * [Feigning or exaggerating surprise](https://www.recurse.com/manual#no-feigned-surprise) when someone admits to not knowing something. + * "[Well-actuallies](https://www.recurse.com/manual#no-well-actuallys)" + * Other conduct which could reasonably be considered inappropriate in a professional or community setting. + +## Scope + +This Code of Conduct applies both within spaces involving this project and in other spaces involving community members. This includes the repository, its Pull Requests and Issue tracker, its Twitter community, private email communications in the context of the project, and any events where members of the project are participating, as well as adjacent communities and venues affecting the project's members. + +Depending on the violation, the maintainers may decide that violations of this code of conduct that have happened outside of the scope of the community may deem an individual unwelcome, and take appropriate action to maintain the comfort and safety of its members. + +### Other Community Standards + +As a project on GitHub, this project is additionally covered by the [GitHub Community Guidelines](https://help.github.com/articles/github-community-guidelines/). + +Additionally, as a project hosted on npm, is is covered by [npm, Inc's Code of Conduct](https://www.npmjs.com/policies/conduct). + +Enforcement of those guidelines after violations overlapping with the above are the responsibility of the entities, and enforcement may happen in any or all of the services/communities. + +## Maintainer Enforcement Process + +Once the maintainers get involved, they will follow a documented series of steps and do their best to preserve the well-being of project members. This section covers actual concrete steps. + +### Contacting Maintainers + +You may get in touch with the maintainer team through any of the following methods: + + * Through email: + * [kzm@zkat.tech](mailto:kzm@zkat.tech) (Kat Marchán) + + * Through Twitter: + * [@maybekatz](https://twitter.com/maybekatz) (Kat Marchán) + +### Further Enforcement + +If you've already followed the [initial enforcement steps](#enforcement), these are the steps maintainers will take for further enforcement, as needed: + + 1. Repeat the request to stop. + 2. If the person doubles down, they will have offending messages removed or edited by a maintainers given an official warning. The PR or Issue may be locked. + 3. If the behavior continues or is repeated later, the person will be blocked from participating for 24 hours. + 4. If the behavior continues or is repeated after the temporary block, a long-term (6-12mo) ban will be used. + +On top of this, maintainers may remove any offending messages, images, contributions, etc, as they deem necessary. + +Maintainers reserve full rights to skip any of these steps, at their discretion, if the violation is considered to be a serious and/or immediate threat to the health and well-being of members of the community. These include any threats, serious physical or verbal attacks, and other such behavior that would be completely unacceptable in any social setting that puts our members at risk. + +Members expelled from events or venues with any sort of paid attendance will not be refunded. + +### Who Watches the Watchers? + +Maintainers and other leaders who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. These may include anything from removal from the maintainer team to a permanent ban from the community. + +Additionally, as a project hosted on both GitHub and npm, [their own Codes of Conducts may be applied against maintainers of this project](#other-community-standards), externally of this project's procedures. + +### Enforcement Examples + +#### The Best Case + +The vast majority of situations work out like this. This interaction is common, and generally positive. + +> Alex: "Yeah I used X and it was really crazy!" + +> Patt (not a maintainer): "Hey, could you not use that word? What about 'ridiculous' instead?" + +> Alex: "oh sorry, sure." -> edits old comment to say "it was really confusing!" + +#### The Maintainer Case + +Sometimes, though, you need to get maintainers involved. Maintainers will do their best to resolve conflicts, but people who were harmed by something **will take priority**. + +> Patt: "Honestly, sometimes I just really hate using $library and anyone who uses it probably sucks at their job." + +> Alex: "Whoa there, could you dial it back a bit? There's a CoC thing about attacking folks' tech use like that." + +> Patt: "I'm not attacking anyone, what's your problem?" + +> Alex: "@maintainers hey uh. Can someone look at this issue? Patt is getting a bit aggro. I tried to nudge them about it, but nope." + +> KeeperOfCommitBits: (on issue) "Hey Patt, maintainer here. Could you tone it down? This sort of attack is really not okay in this space." + +> Patt: "Leave me alone I haven't said anything bad wtf is wrong with you." + +> KeeperOfCommitBits: (deletes user's comment), "@patt I mean it. Please refer to the CoC over at (URL to this CoC) if you have questions, but you can consider this an actual warning. I'd appreciate it if you reworded your messages in this thread, since they made folks there uncomfortable. Let's try and be kind, yeah?" + +> Patt: "@keeperofbits Okay sorry. I'm just frustrated and I'm kinda burnt out and I guess I got carried away. I'll DM Alex a note apologizing and edit my messages. Sorry for the trouble." + +> KeeperOfCommitBits: "@patt Thanks for that. I hear you on the stress. Burnout sucks :/. Have a good one!" + +#### The Nope Case + +> PepeTheFrog🐸: "Hi, I am a literal actual nazi and I think white supremacists are quite fashionable." + +> Patt: "NOOOOPE. OH NOPE NOPE." + +> Alex: "JFC NO. NOPE. @keeperofbits NOPE NOPE LOOK HERE" + +> KeeperOfCommitBits: "👀 Nope. NOPE NOPE NOPE. 🔥" + +> PepeTheFrog🐸 has been banned from all organization or user repositories belonging to KeeperOfCommitBits. + +## Attribution + +This Code of Conduct was generated using [WeAllJS Code of Conduct Generator](https://npm.im/weallbehave), which is based on the [WeAllJS Code of +Conduct](https://wealljs.org/code-of-conduct), which is itself based on +[Contributor Covenant](http://contributor-covenant.org), version 1.4, available +at +[http://contributor-covenant.org/version/1/4](http://contributor-covenant.org/version/1/4), +and the LGBTQ in Technology Slack [Code of +Conduct](http://lgbtq.technology/coc.html). diff --git a/node_modules/libnpmorg/CONTRIBUTING.md b/node_modules/libnpmorg/CONTRIBUTING.md new file mode 100644 index 000000000..eb4b58b03 --- /dev/null +++ b/node_modules/libnpmorg/CONTRIBUTING.md @@ -0,0 +1,256 @@ +# Contributing + +## How do I... <a name="toc"></a> + +* [Use This Guide](#introduction)? +* Ask or Say Something? 🤔🐛😱 + * [Request Support](#request-support) + * [Report an Error or Bug](#report-an-error-or-bug) + * [Request a Feature](#request-a-feature) +* Make Something? 🤓👩🏽💻📜🍳 + * [Project Setup](#project-setup) + * [Contribute Documentation](#contribute-documentation) + * [Contribute Code](#contribute-code) +* Manage Something ✅🙆🏼💃👔 + * [Provide Support on Issues](#provide-support-on-issues) + * [Label Issues](#label-issues) + * [Clean Up Issues and PRs](#clean-up-issues-and-prs) + * [Review Pull Requests](#review-pull-requests) + * [Merge Pull Requests](#merge-pull-requests) + * [Tag a Release](#tag-a-release) + * [Join the Project Team](#join-the-project-team) +* Add a Guide Like This One [To My Project](#attribution)? 🤖😻👻 + +## Introduction + +Thank you so much for your interest in contributing!. All types of contributions are encouraged and valued. See the [table of contents](#toc) for different ways to help and details about how this project handles them!📝 + +Please make sure to read the relevant section before making your contribution! It will make it a lot easier for us maintainers to make the most of it and smooth out the experience for all involved. 💚 + +The [Project Team](#join-the-project-team) looks forward to your contributions. 🙌🏾✨ + +## Request Support + +If you have a question about this project, how to use it, or just need clarification about something: + +* Open an Issue at https://github.com/npm/libnpmorg/issues +* Provide as much context as you can about what you're running into. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* Someone will try to have a response soon. +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. + +## Report an Error or Bug + +If you run into an error or bug with the project: + +* Open an Issue at https://github.com/npm/libnpmorg/issues +* Include *reproduction steps* that someone else can follow to recreate the bug or error on their own. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* A team member will try to reproduce the issue with your provided steps. If there are no repro steps or no obvious way to reproduce the issue, the team will ask you for those steps and mark the issue as `needs-repro`. Bugs with the `needs-repro` tag will not be addressed until they are reproduced. +* If the team is able to reproduce the issue, it will be marked `needs-fix`, as well as possibly other tags (such as `critical`), and the issue will be left to be [implemented by someone](#contribute-code). +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. +* `critical` issues may be left open, depending on perceived immediacy and severity, even past the 30 day deadline. + +## Request a Feature + +If the project doesn't do something you need or want it to do: + +* Open an Issue at https://github.com/npm/libnpmorg/issues +* Provide as much context as you can about what you're running into. +* Please try and be clear about why existing features and alternatives would not work for you. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* The project team will evaluate the feature request, possibly asking you more questions to understand its purpose and any relevant requirements. If the issue is closed, the team will convey their reasoning and suggest an alternative path forward. +* If the feature request is accepted, it will be marked for implementation with `feature-accepted`, which can then be done by either by a core team member or by anyone in the community who wants to [contribute code](#contribute-code). + +Note: The team is unlikely to be able to accept every single feature request that is filed. Please understand if they need to say no. + +## Project Setup + +So you wanna contribute some code! That's great! This project uses GitHub Pull Requests to manage contributions, so [read up on how to fork a GitHub project and file a PR](https://guides.github.com/activities/forking) if you've never done it before. + +If this seems like a lot or you aren't able to do all this setup, you might also be able to [edit the files directly](https://help.github.com/articles/editing-files-in-another-user-s-repository/) without having to do any of this setup. Yes, [even code](#contribute-code). + +If you want to go the usual route and run the project locally, though: + +* [Install Node.js](https://nodejs.org/en/download/) +* [Fork the project](https://guides.github.com/activities/forking/#fork) + +Then in your terminal: +* `cd path/to/your/clone` +* `npm install` +* `npm test` + +And you should be ready to go! + +## Contribute Documentation + +Documentation is a super important, critical part of this project. Docs are how we keep track of what we're doing, how, and why. It's how we stay on the same page about our policies. And it's how we tell others everything they need in order to be able to use this project -- or contribute to it. So thank you in advance. + +Documentation contributions of any size are welcome! Feel free to file a PR even if you're just rewording a sentence to be more clear, or fixing a spelling mistake! + +To contribute documentation: + +* [Set up the project](#project-setup). +* Edit or add any relevant documentation. +* Make sure your changes are formatted correctly and consistently with the rest of the documentation. +* Re-read what you wrote, and run a spellchecker on it to make sure you didn't miss anything. +* In your commit message(s), begin the first line with `docs: `. For example: `docs: Adding a doc contrib section to CONTRIBUTING.md`. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). Documentation commits should use `docs(<component>): <message>`. +* Go to https://github.com/npm/libnpmorg/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Contribute Code + +We like code commits a lot! They're super handy, and they keep the project going and doing the work it needs to do to be useful to others. + +Code contributions of just about any size are acceptable! + +The main difference between code contributions and documentation contributions is that contributing code requires inclusion of relevant tests for the code being added or changed. Contributions without accompanying tests will be held off until a test is added, unless the maintainers consider the specific tests to be either impossible, or way too much of a burden for such a contribution. + +To contribute code: + +* [Set up the project](#project-setup). +* Make any necessary changes to the source code. +* Include any [additional documentation](#contribute-documentation) the changes might need. +* Write tests that verify that your contribution works as expected. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). +* Dependency updates, additions, or removals must be in individual commits, and the message must use the format: `<prefix>(deps): PKG@VERSION`, where `<prefix>` is any of the usual `conventional-changelog` prefixes, at your discretion. +* Go to https://github.com/npm/libnpmorg/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* Barring special circumstances, maintainers will not review PRs until all checks pass (Travis, AppVeyor, etc). +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. Additional tags (such as `needs-tests`) will be added depending on the review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Provide Support on Issues + +[Needs Collaborator](#join-the-project-team): none + +Helping out other users with their questions is a really awesome way of contributing to any community. It's not uncommon for most of the issues on an open source projects being support-related questions by users trying to understand something they ran into, or find their way around a known bug. + +Sometimes, the `support` label will be added to things that turn out to actually be other things, like bugs or feature requests. In that case, suss out the details with the person who filed the original issue, add a comment explaining what the bug is, and change the label from `support` to `bug` or `feature`. If you can't do this yourself, @mention a maintainer so they can do it. + +In order to help other folks out with their questions: + +* Go to the issue tracker and [filter open issues by the `support` label](https://github.com/npm/libnpmorg/issues?q=is%3Aopen+is%3Aissue+label%3Asupport). +* Read through the list until you find something that you're familiar enough with to give an answer to. +* Respond to the issue with whatever details are needed to clarify the question, or get more details about what's going on. +* Once the discussion wraps up and things are clarified, either close the issue, or ask the original issue filer (or a maintainer) to close it for you. + +Some notes on picking up support issues: + +* Avoid responding to issues you don't know you can answer accurately. +* As much as possible, try to refer to past issues with accepted answers. Link to them from your replies with the `#123` format. +* Be kind and patient with users -- often, folks who have run into confusing things might be upset or impatient. This is ok. Try to understand where they're coming from, and if you're too uncomfortable with the tone, feel free to stay away or withdraw from the issue. (note: if the user is outright hostile or is violating the CoC, [refer to the Code of Conduct](CODE_OF_CONDUCT.md) to resolve the conflict). + +## Label Issues + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +One of the most important tasks in handling issues is labeling them usefully and accurately. All other tasks involving issues ultimately rely on the issue being classified in such a way that relevant parties looking to do their own tasks can find them quickly and easily. + +In order to label issues, [open up the list of unlabeled issues](https://github.com/npm/libnpmorg/issues?q=is%3Aopen+is%3Aissue+no%3Alabel) and, **from newest to oldest**, read through each one and apply issue labels according to the table below. If you're unsure about what label to apply, skip the issue and try the next one: don't feel obligated to label each and every issue yourself! + +Label | Apply When | Notes +--- | --- | --- +`bug` | Cases where the code (or documentation) is behaving in a way it wasn't intended to. | If something is happening that surprises the *user* but does not go against the way the code is designed, it should use the `enhancement` label. +`critical` | Added to `bug` issues if the problem described makes the code completely unusable in a common situation. | +`documentation` | Added to issues or pull requests that affect any of the documentation for the project. | Can be combined with other labels, such as `bug` or `enhancement`. +`duplicate` | Added to issues or PRs that refer to the exact same issue as another one that's been previously labeled. | Duplicate issues should be marked and closed right away, with a message referencing the issue it's a duplicate of (with `#123`) +`enhancement` | Added to [feature requests](#request-a-feature), PRs, or documentation issues that are purely additive: the code or docs currently work as expected, but a change is being requested or suggested. | +`help wanted` | Applied by [Committers](#join-the-project-team) to issues and PRs that they would like to get outside help for. Generally, this means it's lower priority for the maintainer team to itself implement, but that the community is encouraged to pick up if they so desire | Never applied on first-pass labeling. +`in-progress` | Applied by [Committers](#join-the-project-team) to PRs that are pending some work before they're ready for review. | The original PR submitter should @mention the team member that applied the label once the PR is complete. +`performance` | This issue or PR is directly related to improving performance. | +`refactor` | Added to issues or PRs that deal with cleaning up or modifying the project for the betterment of it. | +`starter` | Applied by [Committers](#join-the-project-team) to issues that they consider good introductions to the project for people who have not contributed before. These are not necessarily "easy", but rather focused around how much context is necessary in order to understand what needs to be done for this project in particular. | Existing project members are expected to stay away from these unless they increase in priority. +`support` | This issue is either asking a question about how to use the project, clarifying the reason for unexpected behavior, or possibly reporting a `bug` but does not have enough detail yet to determine whether it would count as such. | The label should be switched to `bug` if reliable reproduction steps are provided. Issues primarily with unintended configurations of a user's environment are not considered bugs, even if they cause crashes. +`tests` | This issue or PR either requests or adds primarily tests to the project. | If a PR is pending tests, that will be handled through the [PR review process](#review-pull-requests) +`wontfix` | Labelers may apply this label to issues that clearly have nothing at all to do with the project or are otherwise entirely outside of its scope/sphere of influence. [Committers](#join-the-project-team) may apply this label and close an issue or PR if they decide to pass on an otherwise relevant issue. | The issue or PR should be closed as soon as the label is applied, and a clear explanation provided of why the label was used. Contributors are free to contest the labeling, but the decision ultimately falls on committers as to whether to accept something or not. + +## Clean Up Issues and PRs + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +Issues and PRs can go stale after a while. Maybe they're abandoned. Maybe the team will just plain not have time to address them any time soon. + +In these cases, they should be closed until they're brought up again or the interaction starts over. + +To clean up issues and PRs: + +* Search the issue tracker for issues or PRs, and add the term `updated:<=YYYY-MM-DD`, where the date is 30 days before today. +* Go through each issue *from oldest to newest*, and close them if **all of the following are true**: + * not opened by a maintainer + * not marked as `critical` + * not marked as `starter` or `help wanted` (these might stick around for a while, in general, as they're intended to be available) + * no explicit messages in the comments asking for it to be left open + * does not belong to a milestone +* Leave a message when closing saying "Cleaning up stale issue. Please reopen or ping us if and when you're ready to resume this. See https://github.com/npm/libnpmorg/blob/latest/CONTRIBUTING.md#clean-up-issues-and-prs for more details." + +## Review Pull Requests + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +While anyone can comment on a PR, add feedback, etc, PRs are only *approved* by team members with Issue Tracker or higher permissions. + +PR reviews use [GitHub's own review feature](https://help.github.com/articles/about-pull-request-reviews/), which manages comments, approval, and review iteration. + +Some notes: + +* You may ask for minor changes ("nitpicks"), but consider whether they are really blockers to merging: try to err on the side of "approve, with comments". +* *ALL PULL REQUESTS* should be covered by a test: either by a previously-failing test, an existing test that covers the entire functionality of the submitted code, or new tests to verify any new/changed behavior. All tests must also pass and follow established conventions. Test coverage should not drop, unless the specific case is considered reasonable by maintainers. +* Please make sure you're familiar with the code or documentation being updated, unless it's a minor change (spellchecking, minor formatting, etc). You may @mention another project member who you think is better suited for the review, but still provide a non-approving review of your own. +* Be extra kind: people who submit code/doc contributions are putting themselves in a pretty vulnerable position, and have put time and care into what they've done (even if that's not obvious to you!) -- always respond with respect, be understanding, but don't feel like you need to sacrifice your standards for their sake, either. Just don't be a jerk about it? + +## Merge Pull Requests + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. + +## Tag A Release + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. The most important bit here is probably that all tests must pass, and tags must use [semver](https://semver.org). + +## Join the Project Team + +### Ways to Join + +There are many ways to contribute! Most of them don't require any official status unless otherwise noted. That said, there's a couple of positions that grant special repository abilities, and this section describes how they're granted and what they do. + +All of the below positions are granted based on the project team's needs, as well as their consensus opinion about whether they would like to work with the person and think that they would fit well into that position. The process is relatively informal, and it's likely that people who express interest in participating can just be granted the permissions they'd like. + +You can spot a collaborator on the repo by looking for the `[Collaborator]` or `[Owner]` tags next to their names. + +Permission | Description +--- | --- +Issue Tracker | Granted to contributors who express a strong interest in spending time on the project's issue tracker. These tasks are mainly [labeling issues](#label-issues), [cleaning up old ones](#clean-up-issues-and-prs), and [reviewing pull requests](#review-pull-requests), as well as all the usual things non-team-member contributors can do. Issue handlers should not merge pull requests, tag releases, or directly commit code themselves: that should still be done through the usual pull request process. Becoming an Issue Handler means the project team trusts you to understand enough of the team's process and context to implement it on the issue tracker. +Committer | Granted to contributors who want to handle the actual pull request merges, tagging new versions, etc. Committers should have a good level of familiarity with the codebase, and enough context to understand the implications of various changes, as well as a good sense of the will and expectations of the project team. +Admin/Owner | Granted to people ultimately responsible for the project, its community, etc. + +## Attribution + +This guide was generated using the WeAllJS `CONTRIBUTING.md` generator. [Make your own](https://npm.im/weallcontribute)! diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmorg/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 000000000..8eee50a47 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,239 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="4.0.2"></a> +## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04) + + +### Bug Fixes + +* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9) +* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) + + +* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) + + +### BREAKING CHANGES + +* uid and gid are inferred from cache folder, rather than +being passed in as options. + + + +<a name="3.9.1"></a> +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + +<a name="3.9.0"></a> +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + +<a name="3.8.0"></a> +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + +<a name="3.7.0"></a> +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + +<a name="3.6.0"></a> +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + +<a name="3.5.0"></a> +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + +<a name="3.4.0"></a> +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + +<a name="3.3.0"></a> +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + +<a name="3.2.1"></a> +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + +<a name="3.2.0"></a> +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + +<a name="3.1.1"></a> +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + +<a name="3.1.0"></a> +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="1.1.1"></a> +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + +<a name="1.1.0"></a> +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + +<a name="1.0.1"></a> +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + +<a name="1.0.0"></a> +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmorg/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmorg/node_modules/npm-registry-fetch/README.md new file mode 100644 index 000000000..0c3f4f946 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### <a name="fetch"></a> `> fetch(url, [opts]) -> Promise<Response>` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### <a name="fetch-json"></a> `> fetch.json(url, [opts]) -> Promise<ResponseJSON>` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### <a name="fetch-json-stream"></a> `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### <a name="fetch-opts"></a> `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### <a name="opts-agent"></a> `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### <a name="opts-body"></a> `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### <a name="opts-ca"></a> `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### <a name="opts-cache"></a> `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### <a name="opts-cert"></a> `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### <a name="opts-fetch-retries"></a> `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-factor"></a> `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-mintimeout"></a> `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-maxtimeout"></a> `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-force-auth"></a> `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### <a name="opts-gzip"></a> `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### <a name="opts-headers"></a> `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### <a name="opts-ignore-body"></a> `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### <a name="opts-integrity"></a> `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### <a name='opts-is-from-ci'></a> `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### <a name="opts-key"></a> `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### <a name="opts-local-address"></a> `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### <a name="opts-log"></a> `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### <a name="opts-map-json"></a> `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### <a name="opts-maxsockets"></a> `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### <a name="opts-method"></a> `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### <a name="opts-noproxy"></a> `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### <a name="opts-npm-session"></a> `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### <a name="opts-offline"></a> `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-otp"></a> `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### <a name="opts-password"></a> `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### <a name="opts-prefer-offline"></a> `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-prefer-online"></a> `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### <a name="opts-project-scope"></a> `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### <a name="opts-proxy"></a> `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### <a name="opts-query"></a> `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### <a name="opts-refer"></a> `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### <a name="opts-registry"></a> `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.<scope>:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### <a name="opts-retry"></a> `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### <a name="opts-scope"></a> `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.<scope>:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### <a name="opts-scope-registry"></a> `opts.<scope>:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### <a name="opts-spec"></a> `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### <a name="opts-strict-ssl"></a> `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### <a name="opts-timeout"></a> `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### <a name="opts-token"></a> `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### <a name="opts-user-agent"></a> `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@<version>/node@<node-version>+<arch> (<platform>)'` + +User agent string to send in the `User-Agent` header. + +##### <a name="opts-username"></a> `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### <a name="opts-auth"></a> `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 000000000..d583982d0 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 000000000..14058239b --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/config.js new file mode 100644 index 000000000..1c43b26ea --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,96 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 000000000..ba78735fc --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/index.js new file mode 100644 index 000000000..c18487388 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,191 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmorg/node_modules/npm-registry-fetch/package.json new file mode 100644 index 000000000..05f3d3d96 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,93 @@ +{ + "_from": "npm-registry-fetch@^4.0.0", + "_id": "npm-registry-fetch@4.0.2", + "_inBundle": false, + "_integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "_location": "/libnpmorg/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^4.0.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/libnpmorg" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "_shasum": "2b1434f93ccbe6b6385f8e45f45db93e16921d7a", + "_spec": "npm-registry-fetch@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmorg", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^12.0.0", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmorg/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmorg/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 000000000..886c5d55b --- /dev/null +++ b/node_modules/libnpmorg/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmorg/node_modules/safe-buffer/LICENSE b/node_modules/libnpmorg/node_modules/safe-buffer/LICENSE new file mode 100644 index 000000000..0c068ceec --- /dev/null +++ b/node_modules/libnpmorg/node_modules/safe-buffer/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) Feross Aboukhadijeh + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/libnpmorg/node_modules/safe-buffer/README.md b/node_modules/libnpmorg/node_modules/safe-buffer/README.md new file mode 100644 index 000000000..356e35193 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/safe-buffer/README.md @@ -0,0 +1,586 @@ +# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] + +[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg +[travis-url]: https://travis-ci.org/feross/safe-buffer +[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg +[npm-url]: https://npmjs.org/package/safe-buffer +[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg +[downloads-url]: https://npmjs.org/package/safe-buffer +[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg +[standard-url]: https://standardjs.com + +#### Safer Node.js Buffer API + +**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`, +`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.** + +**Uses the built-in implementation when available.** + +## install + +``` +npm install safe-buffer +``` + +[Get supported safe-buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-safe-buffer?utm_source=npm-safe-buffer&utm_medium=referral&utm_campaign=readme) + +## usage + +The goal of this package is to provide a safe replacement for the node.js `Buffer`. + +It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to +the top of your node.js modules: + +```js +var Buffer = require('safe-buffer').Buffer + +// Existing buffer code will continue to work without issues: + +new Buffer('hey', 'utf8') +new Buffer([1, 2, 3], 'utf8') +new Buffer(obj) +new Buffer(16) // create an uninitialized buffer (potentially unsafe) + +// But you can use these new explicit APIs to make clear what you want: + +Buffer.from('hey', 'utf8') // convert from many types to a Buffer +Buffer.alloc(16) // create a zero-filled buffer (safe) +Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe) +``` + +## api + +### Class Method: Buffer.from(array) +<!-- YAML +added: v3.0.0 +--> + +* `array` {Array} + +Allocates a new `Buffer` using an `array` of octets. + +```js +const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]); + // creates a new Buffer containing ASCII bytes + // ['b','u','f','f','e','r'] +``` + +A `TypeError` will be thrown if `array` is not an `Array`. + +### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]]) +<!-- YAML +added: v5.10.0 +--> + +* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or + a `new ArrayBuffer()` +* `byteOffset` {Number} Default: `0` +* `length` {Number} Default: `arrayBuffer.length - byteOffset` + +When passed a reference to the `.buffer` property of a `TypedArray` instance, +the newly created `Buffer` will share the same allocated memory as the +TypedArray. + +```js +const arr = new Uint16Array(2); +arr[0] = 5000; +arr[1] = 4000; + +const buf = Buffer.from(arr.buffer); // shares the memory with arr; + +console.log(buf); + // Prints: <Buffer 88 13 a0 0f> + +// changing the TypedArray changes the Buffer also +arr[1] = 6000; + +console.log(buf); + // Prints: <Buffer 88 13 70 17> +``` + +The optional `byteOffset` and `length` arguments specify a memory range within +the `arrayBuffer` that will be shared by the `Buffer`. + +```js +const ab = new ArrayBuffer(10); +const buf = Buffer.from(ab, 0, 2); +console.log(buf.length); + // Prints: 2 +``` + +A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`. + +### Class Method: Buffer.from(buffer) +<!-- YAML +added: v3.0.0 +--> + +* `buffer` {Buffer} + +Copies the passed `buffer` data onto a new `Buffer` instance. + +```js +const buf1 = Buffer.from('buffer'); +const buf2 = Buffer.from(buf1); + +buf1[0] = 0x61; +console.log(buf1.toString()); + // 'auffer' +console.log(buf2.toString()); + // 'buffer' (copy is not changed) +``` + +A `TypeError` will be thrown if `buffer` is not a `Buffer`. + +### Class Method: Buffer.from(str[, encoding]) +<!-- YAML +added: v5.10.0 +--> + +* `str` {String} String to encode. +* `encoding` {String} Encoding to use, Default: `'utf8'` + +Creates a new `Buffer` containing the given JavaScript string `str`. If +provided, the `encoding` parameter identifies the character encoding. +If not provided, `encoding` defaults to `'utf8'`. + +```js +const buf1 = Buffer.from('this is a tést'); +console.log(buf1.toString()); + // prints: this is a tést +console.log(buf1.toString('ascii')); + // prints: this is a tC)st + +const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex'); +console.log(buf2.toString()); + // prints: this is a tést +``` + +A `TypeError` will be thrown if `str` is not a string. + +### Class Method: Buffer.alloc(size[, fill[, encoding]]) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} +* `fill` {Value} Default: `undefined` +* `encoding` {String} Default: `utf8` + +Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the +`Buffer` will be *zero-filled*. + +```js +const buf = Buffer.alloc(5); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +The `size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +If `fill` is specified, the allocated `Buffer` will be initialized by calling +`buf.fill(fill)`. See [`buf.fill()`][] for more information. + +```js +const buf = Buffer.alloc(5, 'a'); +console.log(buf); + // <Buffer 61 61 61 61 61> +``` + +If both `fill` and `encoding` are specified, the allocated `Buffer` will be +initialized by calling `buf.fill(fill, encoding)`. For example: + +```js +const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64'); +console.log(buf); + // <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64> +``` + +Calling `Buffer.alloc(size)` can be significantly slower than the alternative +`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance +contents will *never contain sensitive data*. + +A `TypeError` will be thrown if `size` is not a number. + +### Class Method: Buffer.allocUnsafe(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* `Buffer` of `size` bytes. The `size` must +be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit +architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is +thrown. A zero-length Buffer will be created if a `size` less than or equal to +0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +```js +const buf = Buffer.allocUnsafe(5); +console.log(buf); + // <Buffer 78 e0 82 02 01> + // (octets will be different, every time) +buf.fill(0); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +A `TypeError` will be thrown if `size` is not a number. + +Note that the `Buffer` module pre-allocates an internal `Buffer` instance of +size `Buffer.poolSize` that is used as a pool for the fast allocation of new +`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated +`new Buffer(size)` constructor) only when `size` is less than or equal to +`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default +value of `Buffer.poolSize` is `8192` but can be modified. + +Use of this pre-allocated internal memory pool is a key difference between +calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`. +Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer +pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal +Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The +difference is subtle but can be important when an application requires the +additional performance that `Buffer.allocUnsafe(size)` provides. + +### Class Method: Buffer.allocUnsafeSlow(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes. The +`size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances, +allocations under 4KB are, by default, sliced from a single pre-allocated +`Buffer`. This allows applications to avoid the garbage collection overhead of +creating many individually allocated Buffers. This approach improves both +performance and memory usage by eliminating the need to track and cleanup as +many `Persistent` objects. + +However, in the case where a developer may need to retain a small chunk of +memory from a pool for an indeterminate amount of time, it may be appropriate +to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then +copy out the relevant bits. + +```js +// need to keep around a few small chunks of memory +const store = []; + +socket.on('readable', () => { + const data = socket.read(); + // allocate for retained data + const sb = Buffer.allocUnsafeSlow(10); + // copy the data into the new allocation + data.copy(sb, 0, 0, 10); + store.push(sb); +}); +``` + +Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after* +a developer has observed undue memory retention in their applications. + +A `TypeError` will be thrown if `size` is not a number. + +### All the Rest + +The rest of the `Buffer` API is exactly the same as in node.js. +[See the docs](https://nodejs.org/api/buffer.html). + + +## Related links + +- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660) +- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4) + +## Why is `Buffer` unsafe? + +Today, the node.js `Buffer` constructor is overloaded to handle many different argument +types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.), +`ArrayBuffer`, and also `Number`. + +The API is optimized for convenience: you can throw any type at it, and it will try to do +what you want. + +Because the Buffer constructor is so powerful, you often see code like this: + +```js +// Convert UTF-8 strings to hex +function toHex (str) { + return new Buffer(str).toString('hex') +} +``` + +***But what happens if `toHex` is called with a `Number` argument?*** + +### Remote Memory Disclosure + +If an attacker can make your program call the `Buffer` constructor with a `Number` +argument, then they can make it allocate uninitialized memory from the node.js process. +This could potentially disclose TLS private keys, user data, or database passwords. + +When the `Buffer` constructor is passed a `Number` argument, it returns an +**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like +this, you **MUST** overwrite the contents before returning it to the user. + +From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size): + +> `new Buffer(size)` +> +> - `size` Number +> +> The underlying memory for `Buffer` instances created in this way is not initialized. +> **The contents of a newly created `Buffer` are unknown and could contain sensitive +> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes. + +(Emphasis our own.) + +Whenever the programmer intended to create an uninitialized `Buffer` you often see code +like this: + +```js +var buf = new Buffer(16) + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### Would this ever be a problem in real code? + +Yes. It's surprisingly common to forget to check the type of your variables in a +dynamically-typed language like JavaScript. + +Usually the consequences of assuming the wrong type is that your program crashes with an +uncaught exception. But the failure mode for forgetting to check the type of arguments to +the `Buffer` constructor is more catastrophic. + +Here's an example of a vulnerable service that takes a JSON payload and converts it to +hex: + +```js +// Take a JSON payload {str: "some string"} and convert it to hex +var server = http.createServer(function (req, res) { + var data = '' + req.setEncoding('utf8') + req.on('data', function (chunk) { + data += chunk + }) + req.on('end', function () { + var body = JSON.parse(data) + res.end(new Buffer(body.str).toString('hex')) + }) +}) + +server.listen(8080) +``` + +In this example, an http client just has to send: + +```json +{ + "str": 1000 +} +``` + +and it will get back 1,000 bytes of uninitialized memory from the server. + +This is a very serious bug. It's similar in severity to the +[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process +memory by remote attackers. + + +### Which real-world packages were vulnerable? + +#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht) + +[Mathias Buus](https://github.com/mafintosh) and I +([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages, +[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow +anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get +them to reveal 20 bytes at a time of uninitialized memory from the node.js process. + +Here's +[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8) +that fixed it. We released a new fixed version, created a +[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all +vulnerable versions on npm so users will get a warning to upgrade to a newer version. + +#### [`ws`](https://www.npmjs.com/package/ws) + +That got us wondering if there were other vulnerable packages. Sure enough, within a short +period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the +most popular WebSocket implementation in node.js. + +If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as +expected, then uninitialized server memory would be disclosed to the remote peer. + +These were the vulnerable methods: + +```js +socket.send(number) +socket.ping(number) +socket.pong(number) +``` + +Here's a vulnerable socket server with some echo functionality: + +```js +server.on('connection', function (socket) { + socket.on('message', function (message) { + message = JSON.parse(message) + if (message.type === 'echo') { + socket.send(message.data) // send back the user's message + } + }) +}) +``` + +`socket.send(number)` called on the server, will disclose server memory. + +Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue +was fixed, with a more detailed explanation. Props to +[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the +[Node Security Project disclosure](https://nodesecurity.io/advisories/67). + + +### What's the solution? + +It's important that node.js offers a fast way to get memory otherwise performance-critical +applications would needlessly get a lot slower. + +But we need a better way to *signal our intent* as programmers. **When we want +uninitialized memory, we should request it explicitly.** + +Sensitive functionality should not be packed into a developer-friendly API that loosely +accepts many different types. This type of API encourages the lazy practice of passing +variables in without checking the type very carefully. + +#### A new API: `Buffer.allocUnsafe(number)` + +The functionality of creating buffers with uninitialized memory should be part of another +API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that +frequently gets user input of all sorts of different types passed into it. + +```js +var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory! + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### How do we fix node.js core? + +We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as +`semver-major`) which defends against one case: + +```js +var str = 16 +new Buffer(str, 'utf8') +``` + +In this situation, it's implied that the programmer intended the first argument to be a +string, since they passed an encoding as a second argument. Today, node.js will allocate +uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not +what the programmer intended. + +But this is only a partial solution, since if the programmer does `new Buffer(variable)` +(without an `encoding` parameter) there's no way to know what they intended. If `variable` +is sometimes a number, then uninitialized memory will sometimes be returned. + +### What's the real long-term fix? + +We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when +we need uninitialized memory. But that would break 1000s of packages. + +~~We believe the best solution is to:~~ + +~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~ + +~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~ + +#### Update + +We now support adding three new APIs: + +- `Buffer.from(value)` - convert from any type to a buffer +- `Buffer.alloc(size)` - create a zero-filled buffer +- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size + +This solves the core problem that affected `ws` and `bittorrent-dht` which is +`Buffer(variable)` getting tricked into taking a number argument. + +This way, existing code continues working and the impact on the npm ecosystem will be +minimal. Over time, npm maintainers can migrate performance-critical code to use +`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`. + + +### Conclusion + +We think there's a serious design issue with the `Buffer` API as it exists today. It +promotes insecure software by putting high-risk functionality into a convenient API +with friendly "developer ergonomics". + +This wasn't merely a theoretical exercise because we found the issue in some of the +most popular npm packages. + +Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of +`buffer`. + +```js +var Buffer = require('safe-buffer').Buffer +``` + +Eventually, we hope that node.js core can switch to this new, safer behavior. We believe +the impact on the ecosystem would be minimal since it's not a breaking change. +Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while +older, insecure packages would magically become safe from this attack vector. + + +## links + +- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514) +- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67) +- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68) + + +## credit + +The original issues in `bittorrent-dht` +([disclosure](https://nodesecurity.io/advisories/68)) and +`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by +[Mathias Buus](https://github.com/mafintosh) and +[Feross Aboukhadijeh](http://feross.org/). + +Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues +and for his work running the [Node Security Project](https://nodesecurity.io/). + +Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and +auditing the code. + + +## license + +MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org) diff --git a/node_modules/libnpmorg/node_modules/safe-buffer/index.d.ts b/node_modules/libnpmorg/node_modules/safe-buffer/index.d.ts new file mode 100644 index 000000000..e9fed809a --- /dev/null +++ b/node_modules/libnpmorg/node_modules/safe-buffer/index.d.ts @@ -0,0 +1,187 @@ +declare module "safe-buffer" { + export class Buffer { + length: number + write(string: string, offset?: number, length?: number, encoding?: string): number; + toString(encoding?: string, start?: number, end?: number): string; + toJSON(): { type: 'Buffer', data: any[] }; + equals(otherBuffer: Buffer): boolean; + compare(otherBuffer: Buffer, targetStart?: number, targetEnd?: number, sourceStart?: number, sourceEnd?: number): number; + copy(targetBuffer: Buffer, targetStart?: number, sourceStart?: number, sourceEnd?: number): number; + slice(start?: number, end?: number): Buffer; + writeUIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeUIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + readUIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readUIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readUInt8(offset: number, noAssert?: boolean): number; + readUInt16LE(offset: number, noAssert?: boolean): number; + readUInt16BE(offset: number, noAssert?: boolean): number; + readUInt32LE(offset: number, noAssert?: boolean): number; + readUInt32BE(offset: number, noAssert?: boolean): number; + readInt8(offset: number, noAssert?: boolean): number; + readInt16LE(offset: number, noAssert?: boolean): number; + readInt16BE(offset: number, noAssert?: boolean): number; + readInt32LE(offset: number, noAssert?: boolean): number; + readInt32BE(offset: number, noAssert?: boolean): number; + readFloatLE(offset: number, noAssert?: boolean): number; + readFloatBE(offset: number, noAssert?: boolean): number; + readDoubleLE(offset: number, noAssert?: boolean): number; + readDoubleBE(offset: number, noAssert?: boolean): number; + swap16(): Buffer; + swap32(): Buffer; + swap64(): Buffer; + writeUInt8(value: number, offset: number, noAssert?: boolean): number; + writeUInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeInt8(value: number, offset: number, noAssert?: boolean): number; + writeInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeFloatLE(value: number, offset: number, noAssert?: boolean): number; + writeFloatBE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleLE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleBE(value: number, offset: number, noAssert?: boolean): number; + fill(value: any, offset?: number, end?: number): this; + indexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + lastIndexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + includes(value: string | number | Buffer, byteOffset?: number, encoding?: string): boolean; + + /** + * Allocates a new buffer containing the given {str}. + * + * @param str String to store in buffer. + * @param encoding encoding to use, optional. Default is 'utf8' + */ + constructor (str: string, encoding?: string); + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + */ + constructor (size: number); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: Uint8Array); + /** + * Produces a Buffer backed by the same allocated memory as + * the given {ArrayBuffer}. + * + * + * @param arrayBuffer The ArrayBuffer with which to share memory. + */ + constructor (arrayBuffer: ArrayBuffer); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: any[]); + /** + * Copies the passed {buffer} data onto a new {Buffer} instance. + * + * @param buffer The buffer to copy. + */ + constructor (buffer: Buffer); + prototype: Buffer; + /** + * Allocates a new Buffer using an {array} of octets. + * + * @param array + */ + static from(array: any[]): Buffer; + /** + * When passed a reference to the .buffer property of a TypedArray instance, + * the newly created Buffer will share the same allocated memory as the TypedArray. + * The optional {byteOffset} and {length} arguments specify a memory range + * within the {arrayBuffer} that will be shared by the Buffer. + * + * @param arrayBuffer The .buffer property of a TypedArray or a new ArrayBuffer() + * @param byteOffset + * @param length + */ + static from(arrayBuffer: ArrayBuffer, byteOffset?: number, length?: number): Buffer; + /** + * Copies the passed {buffer} data onto a new Buffer instance. + * + * @param buffer + */ + static from(buffer: Buffer): Buffer; + /** + * Creates a new Buffer containing the given JavaScript string {str}. + * If provided, the {encoding} parameter identifies the character encoding. + * If not provided, {encoding} defaults to 'utf8'. + * + * @param str + */ + static from(str: string, encoding?: string): Buffer; + /** + * Returns true if {obj} is a Buffer + * + * @param obj object to test. + */ + static isBuffer(obj: any): obj is Buffer; + /** + * Returns true if {encoding} is a valid encoding argument. + * Valid string encodings in Node 0.12: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'binary'(deprecated)|'hex' + * + * @param encoding string to test. + */ + static isEncoding(encoding: string): boolean; + /** + * Gives the actual byte length of a string. encoding defaults to 'utf8'. + * This is not the same as String.prototype.length since that returns the number of characters in a string. + * + * @param string string to test. + * @param encoding encoding used to evaluate (defaults to 'utf8') + */ + static byteLength(string: string, encoding?: string): number; + /** + * Returns a buffer which is the result of concatenating all the buffers in the list together. + * + * If the list has no items, or if the totalLength is 0, then it returns a zero-length buffer. + * If the list has exactly one item, then the first item of the list is returned. + * If the list has more than one item, then a new Buffer is created. + * + * @param list An array of Buffer objects to concatenate + * @param totalLength Total length of the buffers when concatenated. + * If totalLength is not provided, it is read from the buffers in the list. However, this adds an additional loop to the function, so it is faster to provide the length explicitly. + */ + static concat(list: Buffer[], totalLength?: number): Buffer; + /** + * The same as buf1.compare(buf2). + */ + static compare(buf1: Buffer, buf2: Buffer): number; + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + * @param fill if specified, buffer will be initialized by calling buf.fill(fill). + * If parameter is omitted, buffer will be filled with zeros. + * @param encoding encoding used for call to buf.fill while initalizing + */ + static alloc(size: number, fill?: string | Buffer | number, encoding?: string): Buffer; + /** + * Allocates a new buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafe(size: number): Buffer; + /** + * Allocates a new non-pooled buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafeSlow(size: number): Buffer; + } +}
\ No newline at end of file diff --git a/node_modules/libnpmorg/node_modules/safe-buffer/index.js b/node_modules/libnpmorg/node_modules/safe-buffer/index.js new file mode 100644 index 000000000..054c8d30d --- /dev/null +++ b/node_modules/libnpmorg/node_modules/safe-buffer/index.js @@ -0,0 +1,64 @@ +/* eslint-disable node/no-deprecated-api */ +var buffer = require('buffer') +var Buffer = buffer.Buffer + +// alternative to using Object.keys for old browsers +function copyProps (src, dst) { + for (var key in src) { + dst[key] = src[key] + } +} +if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) { + module.exports = buffer +} else { + // Copy properties from require('buffer') + copyProps(buffer, exports) + exports.Buffer = SafeBuffer +} + +function SafeBuffer (arg, encodingOrOffset, length) { + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.prototype = Object.create(Buffer.prototype) + +// Copy static methods from Buffer +copyProps(Buffer, SafeBuffer) + +SafeBuffer.from = function (arg, encodingOrOffset, length) { + if (typeof arg === 'number') { + throw new TypeError('Argument must not be a number') + } + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.alloc = function (size, fill, encoding) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + var buf = Buffer(size) + if (fill !== undefined) { + if (typeof encoding === 'string') { + buf.fill(fill, encoding) + } else { + buf.fill(fill) + } + } else { + buf.fill(0) + } + return buf +} + +SafeBuffer.allocUnsafe = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return Buffer(size) +} + +SafeBuffer.allocUnsafeSlow = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return buffer.SlowBuffer(size) +} diff --git a/node_modules/libnpmorg/node_modules/safe-buffer/package.json b/node_modules/libnpmorg/node_modules/safe-buffer/package.json new file mode 100644 index 000000000..61317a170 --- /dev/null +++ b/node_modules/libnpmorg/node_modules/safe-buffer/package.json @@ -0,0 +1,62 @@ +{ + "_from": "safe-buffer@^5.2.0", + "_id": "safe-buffer@5.2.0", + "_inBundle": false, + "_integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==", + "_location": "/libnpmorg/safe-buffer", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "safe-buffer@^5.2.0", + "name": "safe-buffer", + "escapedName": "safe-buffer", + "rawSpec": "^5.2.0", + "saveSpec": null, + "fetchSpec": "^5.2.0" + }, + "_requiredBy": [ + "/libnpmorg/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "_shasum": "b74daec49b1148f88c64b68d49b1e815c1f2f519", + "_spec": "safe-buffer@^5.2.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmorg/node_modules/npm-registry-fetch", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/safe-buffer/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Safer Node.js Buffer API", + "devDependencies": { + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/safe-buffer", + "keywords": [ + "buffer", + "buffer allocate", + "node security", + "safe", + "safe-buffer", + "security", + "uninitialized" + ], + "license": "MIT", + "main": "index.js", + "name": "safe-buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/safe-buffer.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "types": "index.d.ts", + "version": "5.2.0" +} diff --git a/node_modules/libnpmpublish/CODE_OF_CONDUCT.md b/node_modules/libnpmpublish/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..aeb72f598 --- /dev/null +++ b/node_modules/libnpmpublish/CODE_OF_CONDUCT.md @@ -0,0 +1,151 @@ +# Code of Conduct + +## When Something Happens + +If you see a Code of Conduct violation, follow these steps: + +1. Let the person know that what they did is not appropriate and ask them to stop and/or edit their message(s) or commits. +2. That person should immediately stop the behavior and correct the issue. +3. If this doesn’t happen, or if you're uncomfortable speaking up, [contact the maintainers](#contacting-maintainers). +4. As soon as available, a maintainer will look into the issue, and take [further action (see below)](#further-enforcement), starting with a warning, then temporary block, then long-term repo or organization ban. + +When reporting, please include any relevant details, links, screenshots, context, or other information that may be used to better understand and resolve the situation. + +**The maintainer team will prioritize the well-being and comfort of the recipients of the violation over the comfort of the violator.** See [some examples below](#enforcement-examples). + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as contributors and maintainers of this project pledge to making participation in our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, technical preferences, nationality, personal appearance, race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment include: + + * Using welcoming and inclusive language. + * Being respectful of differing viewpoints and experiences. + * Gracefully accepting constructive feedback. + * Focusing on what is best for the community. + * Showing empathy and kindness towards other community members. + * Encouraging and raising up your peers in the project so you can all bask in hacks and glory. + +Examples of unacceptable behavior by participants include: + + * The use of sexualized language or imagery and unwelcome sexual attention or advances, including when simulated online. The only exception to sexual topics is channels/spaces specifically for topics of sexual identity. + * Casual mention of slavery or indentured servitude and/or false comparisons of one's occupation or situation to slavery. Please consider using or asking about alternate terminology when referring to such metaphors in technology. + * Making light of/making mocking comments about trigger warnings and content warnings. + * Trolling, insulting/derogatory comments, and personal or political attacks. + * Public or private harassment, deliberate intimidation, or threats. + * Publishing others' private information, such as a physical or electronic address, without explicit permission. This includes any sort of "outing" of any aspect of someone's identity without their consent. + * Publishing private screenshots or quotes of interactions in the context of this project without all quoted users' *explicit* consent. + * Publishing of private communication that doesn't have to do with reporting harrassment. + * Any of the above even when [presented as "ironic" or "joking"](https://en.wikipedia.org/wiki/Hipster_racism). + * Any attempt to present "reverse-ism" versions of the above as violations. Examples of reverse-isms are "reverse racism", "reverse sexism", "heterophobia", and "cisphobia". + * Unsolicited explanations under the assumption that someone doesn't already know it. Ask before you teach! Don't assume what people's knowledge gaps are. + * [Feigning or exaggerating surprise](https://www.recurse.com/manual#no-feigned-surprise) when someone admits to not knowing something. + * "[Well-actuallies](https://www.recurse.com/manual#no-well-actuallys)" + * Other conduct which could reasonably be considered inappropriate in a professional or community setting. + +## Scope + +This Code of Conduct applies both within spaces involving this project and in other spaces involving community members. This includes the repository, its Pull Requests and Issue tracker, its Twitter community, private email communications in the context of the project, and any events where members of the project are participating, as well as adjacent communities and venues affecting the project's members. + +Depending on the violation, the maintainers may decide that violations of this code of conduct that have happened outside of the scope of the community may deem an individual unwelcome, and take appropriate action to maintain the comfort and safety of its members. + +### Other Community Standards + +As a project on GitHub, this project is additionally covered by the [GitHub Community Guidelines](https://help.github.com/articles/github-community-guidelines/). + +Additionally, as a project hosted on npm, is is covered by [npm, Inc's Code of Conduct](https://www.npmjs.com/policies/conduct). + +Enforcement of those guidelines after violations overlapping with the above are the responsibility of the entities, and enforcement may happen in any or all of the services/communities. + +## Maintainer Enforcement Process + +Once the maintainers get involved, they will follow a documented series of steps and do their best to preserve the well-being of project members. This section covers actual concrete steps. + +### Contacting Maintainers + +You may get in touch with the maintainer team through any of the following methods: + + * Through email: + * [kzm@zkat.tech](mailto:kzm@zkat.tech) (Kat Marchán) + + * Through Twitter: + * [@maybekatz](https://twitter.com/maybekatz) (Kat Marchán) + +### Further Enforcement + +If you've already followed the [initial enforcement steps](#enforcement), these are the steps maintainers will take for further enforcement, as needed: + + 1. Repeat the request to stop. + 2. If the person doubles down, they will have offending messages removed or edited by a maintainers given an official warning. The PR or Issue may be locked. + 3. If the behavior continues or is repeated later, the person will be blocked from participating for 24 hours. + 4. If the behavior continues or is repeated after the temporary block, a long-term (6-12mo) ban will be used. + +On top of this, maintainers may remove any offending messages, images, contributions, etc, as they deem necessary. + +Maintainers reserve full rights to skip any of these steps, at their discretion, if the violation is considered to be a serious and/or immediate threat to the health and well-being of members of the community. These include any threats, serious physical or verbal attacks, and other such behavior that would be completely unacceptable in any social setting that puts our members at risk. + +Members expelled from events or venues with any sort of paid attendance will not be refunded. + +### Who Watches the Watchers? + +Maintainers and other leaders who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. These may include anything from removal from the maintainer team to a permanent ban from the community. + +Additionally, as a project hosted on both GitHub and npm, [their own Codes of Conducts may be applied against maintainers of this project](#other-community-standards), externally of this project's procedures. + +### Enforcement Examples + +#### The Best Case + +The vast majority of situations work out like this. This interaction is common, and generally positive. + +> Alex: "Yeah I used X and it was really crazy!" + +> Patt (not a maintainer): "Hey, could you not use that word? What about 'ridiculous' instead?" + +> Alex: "oh sorry, sure." -> edits old comment to say "it was really confusing!" + +#### The Maintainer Case + +Sometimes, though, you need to get maintainers involved. Maintainers will do their best to resolve conflicts, but people who were harmed by something **will take priority**. + +> Patt: "Honestly, sometimes I just really hate using $library and anyone who uses it probably sucks at their job." + +> Alex: "Whoa there, could you dial it back a bit? There's a CoC thing about attacking folks' tech use like that." + +> Patt: "I'm not attacking anyone, what's your problem?" + +> Alex: "@maintainers hey uh. Can someone look at this issue? Patt is getting a bit aggro. I tried to nudge them about it, but nope." + +> KeeperOfCommitBits: (on issue) "Hey Patt, maintainer here. Could you tone it down? This sort of attack is really not okay in this space." + +> Patt: "Leave me alone I haven't said anything bad wtf is wrong with you." + +> KeeperOfCommitBits: (deletes user's comment), "@patt I mean it. Please refer to the CoC over at (URL to this CoC) if you have questions, but you can consider this an actual warning. I'd appreciate it if you reworded your messages in this thread, since they made folks there uncomfortable. Let's try and be kind, yeah?" + +> Patt: "@keeperofbits Okay sorry. I'm just frustrated and I'm kinda burnt out and I guess I got carried away. I'll DM Alex a note apologizing and edit my messages. Sorry for the trouble." + +> KeeperOfCommitBits: "@patt Thanks for that. I hear you on the stress. Burnout sucks :/. Have a good one!" + +#### The Nope Case + +> PepeTheFrog🐸: "Hi, I am a literal actual nazi and I think white supremacists are quite fashionable." + +> Patt: "NOOOOPE. OH NOPE NOPE." + +> Alex: "JFC NO. NOPE. @keeperofbits NOPE NOPE LOOK HERE" + +> KeeperOfCommitBits: "👀 Nope. NOPE NOPE NOPE. 🔥" + +> PepeTheFrog🐸 has been banned from all organization or user repositories belonging to KeeperOfCommitBits. + +## Attribution + +This Code of Conduct was generated using [WeAllJS Code of Conduct Generator](https://npm.im/weallbehave), which is based on the [WeAllJS Code of +Conduct](https://wealljs.org/code-of-conduct), which is itself based on +[Contributor Covenant](http://contributor-covenant.org), version 1.4, available +at +[http://contributor-covenant.org/version/1/4](http://contributor-covenant.org/version/1/4), +and the LGBTQ in Technology Slack [Code of +Conduct](http://lgbtq.technology/coc.html). diff --git a/node_modules/libnpmpublish/CONTRIBUTING.md b/node_modules/libnpmpublish/CONTRIBUTING.md new file mode 100644 index 000000000..780044ffc --- /dev/null +++ b/node_modules/libnpmpublish/CONTRIBUTING.md @@ -0,0 +1,256 @@ +# Contributing + +## How do I... <a name="toc"></a> + +* [Use This Guide](#introduction)? +* Ask or Say Something? 🤔🐛😱 + * [Request Support](#request-support) + * [Report an Error or Bug](#report-an-error-or-bug) + * [Request a Feature](#request-a-feature) +* Make Something? 🤓👩🏽💻📜🍳 + * [Project Setup](#project-setup) + * [Contribute Documentation](#contribute-documentation) + * [Contribute Code](#contribute-code) +* Manage Something ✅🙆🏼💃👔 + * [Provide Support on Issues](#provide-support-on-issues) + * [Label Issues](#label-issues) + * [Clean Up Issues and PRs](#clean-up-issues-and-prs) + * [Review Pull Requests](#review-pull-requests) + * [Merge Pull Requests](#merge-pull-requests) + * [Tag a Release](#tag-a-release) + * [Join the Project Team](#join-the-project-team) +* Add a Guide Like This One [To My Project](#attribution)? 🤖😻👻 + +## Introduction + +Thank you so much for your interest in contributing!. All types of contributions are encouraged and valued. See the [table of contents](#toc) for different ways to help and details about how this project handles them!📝 + +Please make sure to read the relevant section before making your contribution! It will make it a lot easier for us maintainers to make the most of it and smooth out the experience for all involved. 💚 + +The [Project Team](#join-the-project-team) looks forward to your contributions. 🙌🏾✨ + +## Request Support + +If you have a question about this project, how to use it, or just need clarification about something: + +* Open an Issue at https://github.com/npm/libnpmpublish/issues +* Provide as much context as you can about what you're running into. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* Someone will try to have a response soon. +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. + +## Report an Error or Bug + +If you run into an error or bug with the project: + +* Open an Issue at https://github.com/npm/libnpmpublish/issues +* Include *reproduction steps* that someone else can follow to recreate the bug or error on their own. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* A team member will try to reproduce the issue with your provided steps. If there are no repro steps or no obvious way to reproduce the issue, the team will ask you for those steps and mark the issue as `needs-repro`. Bugs with the `needs-repro` tag will not be addressed until they are reproduced. +* If the team is able to reproduce the issue, it will be marked `needs-fix`, as well as possibly other tags (such as `critical`), and the issue will be left to be [implemented by someone](#contribute-code). +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. +* `critical` issues may be left open, depending on perceived immediacy and severity, even past the 30 day deadline. + +## Request a Feature + +If the project doesn't do something you need or want it to do: + +* Open an Issue at https://github.com/npm/libnpmpublish/issues +* Provide as much context as you can about what you're running into. +* Please try and be clear about why existing features and alternatives would not work for you. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* The project team will evaluate the feature request, possibly asking you more questions to understand its purpose and any relevant requirements. If the issue is closed, the team will convey their reasoning and suggest an alternative path forward. +* If the feature request is accepted, it will be marked for implementation with `feature-accepted`, which can then be done by either by a core team member or by anyone in the community who wants to [contribute code](#contribute-code). + +Note: The team is unlikely to be able to accept every single feature request that is filed. Please understand if they need to say no. + +## Project Setup + +So you wanna contribute some code! That's great! This project uses GitHub Pull Requests to manage contributions, so [read up on how to fork a GitHub project and file a PR](https://guides.github.com/activities/forking) if you've never done it before. + +If this seems like a lot or you aren't able to do all this setup, you might also be able to [edit the files directly](https://help.github.com/articles/editing-files-in-another-user-s-repository/) without having to do any of this setup. Yes, [even code](#contribute-code). + +If you want to go the usual route and run the project locally, though: + +* [Install Node.js](https://nodejs.org/en/download/) +* [Fork the project](https://guides.github.com/activities/forking/#fork) + +Then in your terminal: +* `cd path/to/your/clone` +* `npm install` +* `npm test` + +And you should be ready to go! + +## Contribute Documentation + +Documentation is a super important, critical part of this project. Docs are how we keep track of what we're doing, how, and why. It's how we stay on the same page about our policies. And it's how we tell others everything they need in order to be able to use this project -- or contribute to it. So thank you in advance. + +Documentation contributions of any size are welcome! Feel free to file a PR even if you're just rewording a sentence to be more clear, or fixing a spelling mistake! + +To contribute documentation: + +* [Set up the project](#project-setup). +* Edit or add any relevant documentation. +* Make sure your changes are formatted correctly and consistently with the rest of the documentation. +* Re-read what you wrote, and run a spellchecker on it to make sure you didn't miss anything. +* In your commit message(s), begin the first line with `docs: `. For example: `docs: Adding a doc contrib section to CONTRIBUTING.md`. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). Documentation commits should use `docs(<component>): <message>`. +* Go to https://github.com/npm/libnpmpublish/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Contribute Code + +We like code commits a lot! They're super handy, and they keep the project going and doing the work it needs to do to be useful to others. + +Code contributions of just about any size are acceptable! + +The main difference between code contributions and documentation contributions is that contributing code requires inclusion of relevant tests for the code being added or changed. Contributions without accompanying tests will be held off until a test is added, unless the maintainers consider the specific tests to be either impossible, or way too much of a burden for such a contribution. + +To contribute code: + +* [Set up the project](#project-setup). +* Make any necessary changes to the source code. +* Include any [additional documentation](#contribute-documentation) the changes might need. +* Write tests that verify that your contribution works as expected. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). +* Dependency updates, additions, or removals must be in individual commits, and the message must use the format: `<prefix>(deps): PKG@VERSION`, where `<prefix>` is any of the usual `conventional-changelog` prefixes, at your discretion. +* Go to https://github.com/npm/libnpmpublish/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* Barring special circumstances, maintainers will not review PRs until all checks pass (Travis, AppVeyor, etc). +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. Additional tags (such as `needs-tests`) will be added depending on the review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Provide Support on Issues + +[Needs Collaborator](#join-the-project-team): none + +Helping out other users with their questions is a really awesome way of contributing to any community. It's not uncommon for most of the issues on an open source projects being support-related questions by users trying to understand something they ran into, or find their way around a known bug. + +Sometimes, the `support` label will be added to things that turn out to actually be other things, like bugs or feature requests. In that case, suss out the details with the person who filed the original issue, add a comment explaining what the bug is, and change the label from `support` to `bug` or `feature`. If you can't do this yourself, @mention a maintainer so they can do it. + +In order to help other folks out with their questions: + +* Go to the issue tracker and [filter open issues by the `support` label](https://github.com/npm/libnpmpublish/issues?q=is%3Aopen+is%3Aissue+label%3Asupport). +* Read through the list until you find something that you're familiar enough with to give an answer to. +* Respond to the issue with whatever details are needed to clarify the question, or get more details about what's going on. +* Once the discussion wraps up and things are clarified, either close the issue, or ask the original issue filer (or a maintainer) to close it for you. + +Some notes on picking up support issues: + +* Avoid responding to issues you don't know you can answer accurately. +* As much as possible, try to refer to past issues with accepted answers. Link to them from your replies with the `#123` format. +* Be kind and patient with users -- often, folks who have run into confusing things might be upset or impatient. This is ok. Try to understand where they're coming from, and if you're too uncomfortable with the tone, feel free to stay away or withdraw from the issue. (note: if the user is outright hostile or is violating the CoC, [refer to the Code of Conduct](CODE_OF_CONDUCT.md) to resolve the conflict). + +## Label Issues + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +One of the most important tasks in handling issues is labeling them usefully and accurately. All other tasks involving issues ultimately rely on the issue being classified in such a way that relevant parties looking to do their own tasks can find them quickly and easily. + +In order to label issues, [open up the list of unlabeled issues](https://github.com/npm/libnpmpublish/issues?q=is%3Aopen+is%3Aissue+no%3Alabel) and, **from newest to oldest**, read through each one and apply issue labels according to the table below. If you're unsure about what label to apply, skip the issue and try the next one: don't feel obligated to label each and every issue yourself! + +Label | Apply When | Notes +--- | --- | --- +`bug` | Cases where the code (or documentation) is behaving in a way it wasn't intended to. | If something is happening that surprises the *user* but does not go against the way the code is designed, it should use the `enhancement` label. +`critical` | Added to `bug` issues if the problem described makes the code completely unusable in a common situation. | +`documentation` | Added to issues or pull requests that affect any of the documentation for the project. | Can be combined with other labels, such as `bug` or `enhancement`. +`duplicate` | Added to issues or PRs that refer to the exact same issue as another one that's been previously labeled. | Duplicate issues should be marked and closed right away, with a message referencing the issue it's a duplicate of (with `#123`) +`enhancement` | Added to [feature requests](#request-a-feature), PRs, or documentation issues that are purely additive: the code or docs currently work as expected, but a change is being requested or suggested. | +`help wanted` | Applied by [Committers](#join-the-project-team) to issues and PRs that they would like to get outside help for. Generally, this means it's lower priority for the maintainer team to itself implement, but that the community is encouraged to pick up if they so desire | Never applied on first-pass labeling. +`in-progress` | Applied by [Committers](#join-the-project-team) to PRs that are pending some work before they're ready for review. | The original PR submitter should @mention the team member that applied the label once the PR is complete. +`performance` | This issue or PR is directly related to improving performance. | +`refactor` | Added to issues or PRs that deal with cleaning up or modifying the project for the betterment of it. | +`starter` | Applied by [Committers](#join-the-project-team) to issues that they consider good introductions to the project for people who have not contributed before. These are not necessarily "easy", but rather focused around how much context is necessary in order to understand what needs to be done for this project in particular. | Existing project members are expected to stay away from these unless they increase in priority. +`support` | This issue is either asking a question about how to use the project, clarifying the reason for unexpected behavior, or possibly reporting a `bug` but does not have enough detail yet to determine whether it would count as such. | The label should be switched to `bug` if reliable reproduction steps are provided. Issues primarily with unintended configurations of a user's environment are not considered bugs, even if they cause crashes. +`tests` | This issue or PR either requests or adds primarily tests to the project. | If a PR is pending tests, that will be handled through the [PR review process](#review-pull-requests) +`wontfix` | Labelers may apply this label to issues that clearly have nothing at all to do with the project or are otherwise entirely outside of its scope/sphere of influence. [Committers](#join-the-project-team) may apply this label and close an issue or PR if they decide to pass on an otherwise relevant issue. | The issue or PR should be closed as soon as the label is applied, and a clear explanation provided of why the label was used. Contributors are free to contest the labeling, but the decision ultimately falls on committers as to whether to accept something or not. + +## Clean Up Issues and PRs + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +Issues and PRs can go stale after a while. Maybe they're abandoned. Maybe the team will just plain not have time to address them any time soon. + +In these cases, they should be closed until they're brought up again or the interaction starts over. + +To clean up issues and PRs: + +* Search the issue tracker for issues or PRs, and add the term `updated:<=YYYY-MM-DD`, where the date is 30 days before today. +* Go through each issue *from oldest to newest*, and close them if **all of the following are true**: + * not opened by a maintainer + * not marked as `critical` + * not marked as `starter` or `help wanted` (these might stick around for a while, in general, as they're intended to be available) + * no explicit messages in the comments asking for it to be left open + * does not belong to a milestone +* Leave a message when closing saying "Cleaning up stale issue. Please reopen or ping us if and when you're ready to resume this. See https://github.com/npm/libnpmpublish/blob/latest/CONTRIBUTING.md#clean-up-issues-and-prs for more details." + +## Review Pull Requests + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +While anyone can comment on a PR, add feedback, etc, PRs are only *approved* by team members with Issue Tracker or higher permissions. + +PR reviews use [GitHub's own review feature](https://help.github.com/articles/about-pull-request-reviews/), which manages comments, approval, and review iteration. + +Some notes: + +* You may ask for minor changes ("nitpicks"), but consider whether they are really blockers to merging: try to err on the side of "approve, with comments". +* *ALL PULL REQUESTS* should be covered by a test: either by a previously-failing test, an existing test that covers the entire functionality of the submitted code, or new tests to verify any new/changed behavior. All tests must also pass and follow established conventions. Test coverage should not drop, unless the specific case is considered reasonable by maintainers. +* Please make sure you're familiar with the code or documentation being updated, unless it's a minor change (spellchecking, minor formatting, etc). You may @mention another project member who you think is better suited for the review, but still provide a non-approving review of your own. +* Be extra kind: people who submit code/doc contributions are putting themselves in a pretty vulnerable position, and have put time and care into what they've done (even if that's not obvious to you!) -- always respond with respect, be understanding, but don't feel like you need to sacrifice your standards for their sake, either. Just don't be a jerk about it? + +## Merge Pull Requests + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. + +## Tag A Release + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. The most important bit here is probably that all tests must pass, and tags must use [semver](https://semver.org). + +## Join the Project Team + +### Ways to Join + +There are many ways to contribute! Most of them don't require any official status unless otherwise noted. That said, there's a couple of positions that grant special repository abilities, and this section describes how they're granted and what they do. + +All of the below positions are granted based on the project team's needs, as well as their consensus opinion about whether they would like to work with the person and think that they would fit well into that position. The process is relatively informal, and it's likely that people who express interest in participating can just be granted the permissions they'd like. + +You can spot a collaborator on the repo by looking for the `[Collaborator]` or `[Owner]` tags next to their names. + +Permission | Description +--- | --- +Issue Tracker | Granted to contributors who express a strong interest in spending time on the project's issue tracker. These tasks are mainly [labeling issues](#label-issues), [cleaning up old ones](#clean-up-issues-and-prs), and [reviewing pull requests](#review-pull-requests), as well as all the usual things non-team-member contributors can do. Issue handlers should not merge pull requests, tag releases, or directly commit code themselves: that should still be done through the usual pull request process. Becoming an Issue Handler means the project team trusts you to understand enough of the team's process and context to implement it on the issue tracker. +Committer | Granted to contributors who want to handle the actual pull request merges, tagging new versions, etc. Committers should have a good level of familiarity with the codebase, and enough context to understand the implications of various changes, as well as a good sense of the will and expectations of the project team. +Admin/Owner | Granted to people ultimately responsible for the project, its community, etc. + +## Attribution + +This guide was generated using the WeAllJS `CONTRIBUTING.md` generator. [Make your own](https://npm.im/weallcontribute)! diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 000000000..8eee50a47 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,239 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="4.0.2"></a> +## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04) + + +### Bug Fixes + +* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9) +* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) + + +* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) + + +### BREAKING CHANGES + +* uid and gid are inferred from cache folder, rather than +being passed in as options. + + + +<a name="3.9.1"></a> +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + +<a name="3.9.0"></a> +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + +<a name="3.8.0"></a> +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + +<a name="3.7.0"></a> +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + +<a name="3.6.0"></a> +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + +<a name="3.5.0"></a> +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + +<a name="3.4.0"></a> +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + +<a name="3.3.0"></a> +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + +<a name="3.2.1"></a> +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + +<a name="3.2.0"></a> +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + +<a name="3.1.1"></a> +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + +<a name="3.1.0"></a> +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="1.1.1"></a> +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + +<a name="1.1.0"></a> +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + +<a name="1.0.1"></a> +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + +<a name="1.0.0"></a> +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/README.md new file mode 100644 index 000000000..0c3f4f946 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### <a name="fetch"></a> `> fetch(url, [opts]) -> Promise<Response>` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### <a name="fetch-json"></a> `> fetch.json(url, [opts]) -> Promise<ResponseJSON>` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### <a name="fetch-json-stream"></a> `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### <a name="fetch-opts"></a> `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### <a name="opts-agent"></a> `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### <a name="opts-body"></a> `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### <a name="opts-ca"></a> `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### <a name="opts-cache"></a> `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### <a name="opts-cert"></a> `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### <a name="opts-fetch-retries"></a> `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-factor"></a> `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-mintimeout"></a> `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-maxtimeout"></a> `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-force-auth"></a> `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### <a name="opts-gzip"></a> `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### <a name="opts-headers"></a> `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### <a name="opts-ignore-body"></a> `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### <a name="opts-integrity"></a> `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### <a name='opts-is-from-ci'></a> `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### <a name="opts-key"></a> `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### <a name="opts-local-address"></a> `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### <a name="opts-log"></a> `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### <a name="opts-map-json"></a> `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### <a name="opts-maxsockets"></a> `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### <a name="opts-method"></a> `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### <a name="opts-noproxy"></a> `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### <a name="opts-npm-session"></a> `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### <a name="opts-offline"></a> `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-otp"></a> `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### <a name="opts-password"></a> `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### <a name="opts-prefer-offline"></a> `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-prefer-online"></a> `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### <a name="opts-project-scope"></a> `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### <a name="opts-proxy"></a> `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### <a name="opts-query"></a> `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### <a name="opts-refer"></a> `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### <a name="opts-registry"></a> `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.<scope>:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### <a name="opts-retry"></a> `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### <a name="opts-scope"></a> `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.<scope>:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### <a name="opts-scope-registry"></a> `opts.<scope>:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### <a name="opts-spec"></a> `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### <a name="opts-strict-ssl"></a> `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### <a name="opts-timeout"></a> `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### <a name="opts-token"></a> `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### <a name="opts-user-agent"></a> `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@<version>/node@<node-version>+<arch> (<platform>)'` + +User agent string to send in the `User-Agent` header. + +##### <a name="opts-username"></a> `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### <a name="opts-auth"></a> `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 000000000..d583982d0 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 000000000..14058239b --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/config.js new file mode 100644 index 000000000..1c43b26ea --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,96 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 000000000..ba78735fc --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/index.js new file mode 100644 index 000000000..c18487388 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,191 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/package.json new file mode 100644 index 000000000..7d1eb6576 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,93 @@ +{ + "_from": "npm-registry-fetch@^4.0.0", + "_id": "npm-registry-fetch@4.0.2", + "_inBundle": false, + "_integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "_location": "/libnpmpublish/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^4.0.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/libnpmpublish" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "_shasum": "2b1434f93ccbe6b6385f8e45f45db93e16921d7a", + "_spec": "npm-registry-fetch@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmpublish", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^12.0.0", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmpublish/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 000000000..886c5d55b --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmpublish/node_modules/safe-buffer/LICENSE b/node_modules/libnpmpublish/node_modules/safe-buffer/LICENSE new file mode 100644 index 000000000..0c068ceec --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/safe-buffer/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) Feross Aboukhadijeh + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/libnpmpublish/node_modules/safe-buffer/README.md b/node_modules/libnpmpublish/node_modules/safe-buffer/README.md new file mode 100644 index 000000000..356e35193 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/safe-buffer/README.md @@ -0,0 +1,586 @@ +# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] + +[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg +[travis-url]: https://travis-ci.org/feross/safe-buffer +[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg +[npm-url]: https://npmjs.org/package/safe-buffer +[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg +[downloads-url]: https://npmjs.org/package/safe-buffer +[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg +[standard-url]: https://standardjs.com + +#### Safer Node.js Buffer API + +**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`, +`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.** + +**Uses the built-in implementation when available.** + +## install + +``` +npm install safe-buffer +``` + +[Get supported safe-buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-safe-buffer?utm_source=npm-safe-buffer&utm_medium=referral&utm_campaign=readme) + +## usage + +The goal of this package is to provide a safe replacement for the node.js `Buffer`. + +It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to +the top of your node.js modules: + +```js +var Buffer = require('safe-buffer').Buffer + +// Existing buffer code will continue to work without issues: + +new Buffer('hey', 'utf8') +new Buffer([1, 2, 3], 'utf8') +new Buffer(obj) +new Buffer(16) // create an uninitialized buffer (potentially unsafe) + +// But you can use these new explicit APIs to make clear what you want: + +Buffer.from('hey', 'utf8') // convert from many types to a Buffer +Buffer.alloc(16) // create a zero-filled buffer (safe) +Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe) +``` + +## api + +### Class Method: Buffer.from(array) +<!-- YAML +added: v3.0.0 +--> + +* `array` {Array} + +Allocates a new `Buffer` using an `array` of octets. + +```js +const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]); + // creates a new Buffer containing ASCII bytes + // ['b','u','f','f','e','r'] +``` + +A `TypeError` will be thrown if `array` is not an `Array`. + +### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]]) +<!-- YAML +added: v5.10.0 +--> + +* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or + a `new ArrayBuffer()` +* `byteOffset` {Number} Default: `0` +* `length` {Number} Default: `arrayBuffer.length - byteOffset` + +When passed a reference to the `.buffer` property of a `TypedArray` instance, +the newly created `Buffer` will share the same allocated memory as the +TypedArray. + +```js +const arr = new Uint16Array(2); +arr[0] = 5000; +arr[1] = 4000; + +const buf = Buffer.from(arr.buffer); // shares the memory with arr; + +console.log(buf); + // Prints: <Buffer 88 13 a0 0f> + +// changing the TypedArray changes the Buffer also +arr[1] = 6000; + +console.log(buf); + // Prints: <Buffer 88 13 70 17> +``` + +The optional `byteOffset` and `length` arguments specify a memory range within +the `arrayBuffer` that will be shared by the `Buffer`. + +```js +const ab = new ArrayBuffer(10); +const buf = Buffer.from(ab, 0, 2); +console.log(buf.length); + // Prints: 2 +``` + +A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`. + +### Class Method: Buffer.from(buffer) +<!-- YAML +added: v3.0.0 +--> + +* `buffer` {Buffer} + +Copies the passed `buffer` data onto a new `Buffer` instance. + +```js +const buf1 = Buffer.from('buffer'); +const buf2 = Buffer.from(buf1); + +buf1[0] = 0x61; +console.log(buf1.toString()); + // 'auffer' +console.log(buf2.toString()); + // 'buffer' (copy is not changed) +``` + +A `TypeError` will be thrown if `buffer` is not a `Buffer`. + +### Class Method: Buffer.from(str[, encoding]) +<!-- YAML +added: v5.10.0 +--> + +* `str` {String} String to encode. +* `encoding` {String} Encoding to use, Default: `'utf8'` + +Creates a new `Buffer` containing the given JavaScript string `str`. If +provided, the `encoding` parameter identifies the character encoding. +If not provided, `encoding` defaults to `'utf8'`. + +```js +const buf1 = Buffer.from('this is a tést'); +console.log(buf1.toString()); + // prints: this is a tést +console.log(buf1.toString('ascii')); + // prints: this is a tC)st + +const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex'); +console.log(buf2.toString()); + // prints: this is a tést +``` + +A `TypeError` will be thrown if `str` is not a string. + +### Class Method: Buffer.alloc(size[, fill[, encoding]]) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} +* `fill` {Value} Default: `undefined` +* `encoding` {String} Default: `utf8` + +Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the +`Buffer` will be *zero-filled*. + +```js +const buf = Buffer.alloc(5); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +The `size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +If `fill` is specified, the allocated `Buffer` will be initialized by calling +`buf.fill(fill)`. See [`buf.fill()`][] for more information. + +```js +const buf = Buffer.alloc(5, 'a'); +console.log(buf); + // <Buffer 61 61 61 61 61> +``` + +If both `fill` and `encoding` are specified, the allocated `Buffer` will be +initialized by calling `buf.fill(fill, encoding)`. For example: + +```js +const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64'); +console.log(buf); + // <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64> +``` + +Calling `Buffer.alloc(size)` can be significantly slower than the alternative +`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance +contents will *never contain sensitive data*. + +A `TypeError` will be thrown if `size` is not a number. + +### Class Method: Buffer.allocUnsafe(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* `Buffer` of `size` bytes. The `size` must +be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit +architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is +thrown. A zero-length Buffer will be created if a `size` less than or equal to +0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +```js +const buf = Buffer.allocUnsafe(5); +console.log(buf); + // <Buffer 78 e0 82 02 01> + // (octets will be different, every time) +buf.fill(0); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +A `TypeError` will be thrown if `size` is not a number. + +Note that the `Buffer` module pre-allocates an internal `Buffer` instance of +size `Buffer.poolSize` that is used as a pool for the fast allocation of new +`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated +`new Buffer(size)` constructor) only when `size` is less than or equal to +`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default +value of `Buffer.poolSize` is `8192` but can be modified. + +Use of this pre-allocated internal memory pool is a key difference between +calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`. +Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer +pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal +Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The +difference is subtle but can be important when an application requires the +additional performance that `Buffer.allocUnsafe(size)` provides. + +### Class Method: Buffer.allocUnsafeSlow(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes. The +`size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances, +allocations under 4KB are, by default, sliced from a single pre-allocated +`Buffer`. This allows applications to avoid the garbage collection overhead of +creating many individually allocated Buffers. This approach improves both +performance and memory usage by eliminating the need to track and cleanup as +many `Persistent` objects. + +However, in the case where a developer may need to retain a small chunk of +memory from a pool for an indeterminate amount of time, it may be appropriate +to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then +copy out the relevant bits. + +```js +// need to keep around a few small chunks of memory +const store = []; + +socket.on('readable', () => { + const data = socket.read(); + // allocate for retained data + const sb = Buffer.allocUnsafeSlow(10); + // copy the data into the new allocation + data.copy(sb, 0, 0, 10); + store.push(sb); +}); +``` + +Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after* +a developer has observed undue memory retention in their applications. + +A `TypeError` will be thrown if `size` is not a number. + +### All the Rest + +The rest of the `Buffer` API is exactly the same as in node.js. +[See the docs](https://nodejs.org/api/buffer.html). + + +## Related links + +- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660) +- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4) + +## Why is `Buffer` unsafe? + +Today, the node.js `Buffer` constructor is overloaded to handle many different argument +types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.), +`ArrayBuffer`, and also `Number`. + +The API is optimized for convenience: you can throw any type at it, and it will try to do +what you want. + +Because the Buffer constructor is so powerful, you often see code like this: + +```js +// Convert UTF-8 strings to hex +function toHex (str) { + return new Buffer(str).toString('hex') +} +``` + +***But what happens if `toHex` is called with a `Number` argument?*** + +### Remote Memory Disclosure + +If an attacker can make your program call the `Buffer` constructor with a `Number` +argument, then they can make it allocate uninitialized memory from the node.js process. +This could potentially disclose TLS private keys, user data, or database passwords. + +When the `Buffer` constructor is passed a `Number` argument, it returns an +**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like +this, you **MUST** overwrite the contents before returning it to the user. + +From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size): + +> `new Buffer(size)` +> +> - `size` Number +> +> The underlying memory for `Buffer` instances created in this way is not initialized. +> **The contents of a newly created `Buffer` are unknown and could contain sensitive +> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes. + +(Emphasis our own.) + +Whenever the programmer intended to create an uninitialized `Buffer` you often see code +like this: + +```js +var buf = new Buffer(16) + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### Would this ever be a problem in real code? + +Yes. It's surprisingly common to forget to check the type of your variables in a +dynamically-typed language like JavaScript. + +Usually the consequences of assuming the wrong type is that your program crashes with an +uncaught exception. But the failure mode for forgetting to check the type of arguments to +the `Buffer` constructor is more catastrophic. + +Here's an example of a vulnerable service that takes a JSON payload and converts it to +hex: + +```js +// Take a JSON payload {str: "some string"} and convert it to hex +var server = http.createServer(function (req, res) { + var data = '' + req.setEncoding('utf8') + req.on('data', function (chunk) { + data += chunk + }) + req.on('end', function () { + var body = JSON.parse(data) + res.end(new Buffer(body.str).toString('hex')) + }) +}) + +server.listen(8080) +``` + +In this example, an http client just has to send: + +```json +{ + "str": 1000 +} +``` + +and it will get back 1,000 bytes of uninitialized memory from the server. + +This is a very serious bug. It's similar in severity to the +[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process +memory by remote attackers. + + +### Which real-world packages were vulnerable? + +#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht) + +[Mathias Buus](https://github.com/mafintosh) and I +([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages, +[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow +anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get +them to reveal 20 bytes at a time of uninitialized memory from the node.js process. + +Here's +[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8) +that fixed it. We released a new fixed version, created a +[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all +vulnerable versions on npm so users will get a warning to upgrade to a newer version. + +#### [`ws`](https://www.npmjs.com/package/ws) + +That got us wondering if there were other vulnerable packages. Sure enough, within a short +period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the +most popular WebSocket implementation in node.js. + +If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as +expected, then uninitialized server memory would be disclosed to the remote peer. + +These were the vulnerable methods: + +```js +socket.send(number) +socket.ping(number) +socket.pong(number) +``` + +Here's a vulnerable socket server with some echo functionality: + +```js +server.on('connection', function (socket) { + socket.on('message', function (message) { + message = JSON.parse(message) + if (message.type === 'echo') { + socket.send(message.data) // send back the user's message + } + }) +}) +``` + +`socket.send(number)` called on the server, will disclose server memory. + +Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue +was fixed, with a more detailed explanation. Props to +[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the +[Node Security Project disclosure](https://nodesecurity.io/advisories/67). + + +### What's the solution? + +It's important that node.js offers a fast way to get memory otherwise performance-critical +applications would needlessly get a lot slower. + +But we need a better way to *signal our intent* as programmers. **When we want +uninitialized memory, we should request it explicitly.** + +Sensitive functionality should not be packed into a developer-friendly API that loosely +accepts many different types. This type of API encourages the lazy practice of passing +variables in without checking the type very carefully. + +#### A new API: `Buffer.allocUnsafe(number)` + +The functionality of creating buffers with uninitialized memory should be part of another +API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that +frequently gets user input of all sorts of different types passed into it. + +```js +var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory! + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### How do we fix node.js core? + +We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as +`semver-major`) which defends against one case: + +```js +var str = 16 +new Buffer(str, 'utf8') +``` + +In this situation, it's implied that the programmer intended the first argument to be a +string, since they passed an encoding as a second argument. Today, node.js will allocate +uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not +what the programmer intended. + +But this is only a partial solution, since if the programmer does `new Buffer(variable)` +(without an `encoding` parameter) there's no way to know what they intended. If `variable` +is sometimes a number, then uninitialized memory will sometimes be returned. + +### What's the real long-term fix? + +We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when +we need uninitialized memory. But that would break 1000s of packages. + +~~We believe the best solution is to:~~ + +~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~ + +~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~ + +#### Update + +We now support adding three new APIs: + +- `Buffer.from(value)` - convert from any type to a buffer +- `Buffer.alloc(size)` - create a zero-filled buffer +- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size + +This solves the core problem that affected `ws` and `bittorrent-dht` which is +`Buffer(variable)` getting tricked into taking a number argument. + +This way, existing code continues working and the impact on the npm ecosystem will be +minimal. Over time, npm maintainers can migrate performance-critical code to use +`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`. + + +### Conclusion + +We think there's a serious design issue with the `Buffer` API as it exists today. It +promotes insecure software by putting high-risk functionality into a convenient API +with friendly "developer ergonomics". + +This wasn't merely a theoretical exercise because we found the issue in some of the +most popular npm packages. + +Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of +`buffer`. + +```js +var Buffer = require('safe-buffer').Buffer +``` + +Eventually, we hope that node.js core can switch to this new, safer behavior. We believe +the impact on the ecosystem would be minimal since it's not a breaking change. +Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while +older, insecure packages would magically become safe from this attack vector. + + +## links + +- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514) +- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67) +- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68) + + +## credit + +The original issues in `bittorrent-dht` +([disclosure](https://nodesecurity.io/advisories/68)) and +`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by +[Mathias Buus](https://github.com/mafintosh) and +[Feross Aboukhadijeh](http://feross.org/). + +Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues +and for his work running the [Node Security Project](https://nodesecurity.io/). + +Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and +auditing the code. + + +## license + +MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org) diff --git a/node_modules/libnpmpublish/node_modules/safe-buffer/index.d.ts b/node_modules/libnpmpublish/node_modules/safe-buffer/index.d.ts new file mode 100644 index 000000000..e9fed809a --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/safe-buffer/index.d.ts @@ -0,0 +1,187 @@ +declare module "safe-buffer" { + export class Buffer { + length: number + write(string: string, offset?: number, length?: number, encoding?: string): number; + toString(encoding?: string, start?: number, end?: number): string; + toJSON(): { type: 'Buffer', data: any[] }; + equals(otherBuffer: Buffer): boolean; + compare(otherBuffer: Buffer, targetStart?: number, targetEnd?: number, sourceStart?: number, sourceEnd?: number): number; + copy(targetBuffer: Buffer, targetStart?: number, sourceStart?: number, sourceEnd?: number): number; + slice(start?: number, end?: number): Buffer; + writeUIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeUIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + readUIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readUIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readUInt8(offset: number, noAssert?: boolean): number; + readUInt16LE(offset: number, noAssert?: boolean): number; + readUInt16BE(offset: number, noAssert?: boolean): number; + readUInt32LE(offset: number, noAssert?: boolean): number; + readUInt32BE(offset: number, noAssert?: boolean): number; + readInt8(offset: number, noAssert?: boolean): number; + readInt16LE(offset: number, noAssert?: boolean): number; + readInt16BE(offset: number, noAssert?: boolean): number; + readInt32LE(offset: number, noAssert?: boolean): number; + readInt32BE(offset: number, noAssert?: boolean): number; + readFloatLE(offset: number, noAssert?: boolean): number; + readFloatBE(offset: number, noAssert?: boolean): number; + readDoubleLE(offset: number, noAssert?: boolean): number; + readDoubleBE(offset: number, noAssert?: boolean): number; + swap16(): Buffer; + swap32(): Buffer; + swap64(): Buffer; + writeUInt8(value: number, offset: number, noAssert?: boolean): number; + writeUInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeInt8(value: number, offset: number, noAssert?: boolean): number; + writeInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeFloatLE(value: number, offset: number, noAssert?: boolean): number; + writeFloatBE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleLE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleBE(value: number, offset: number, noAssert?: boolean): number; + fill(value: any, offset?: number, end?: number): this; + indexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + lastIndexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + includes(value: string | number | Buffer, byteOffset?: number, encoding?: string): boolean; + + /** + * Allocates a new buffer containing the given {str}. + * + * @param str String to store in buffer. + * @param encoding encoding to use, optional. Default is 'utf8' + */ + constructor (str: string, encoding?: string); + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + */ + constructor (size: number); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: Uint8Array); + /** + * Produces a Buffer backed by the same allocated memory as + * the given {ArrayBuffer}. + * + * + * @param arrayBuffer The ArrayBuffer with which to share memory. + */ + constructor (arrayBuffer: ArrayBuffer); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: any[]); + /** + * Copies the passed {buffer} data onto a new {Buffer} instance. + * + * @param buffer The buffer to copy. + */ + constructor (buffer: Buffer); + prototype: Buffer; + /** + * Allocates a new Buffer using an {array} of octets. + * + * @param array + */ + static from(array: any[]): Buffer; + /** + * When passed a reference to the .buffer property of a TypedArray instance, + * the newly created Buffer will share the same allocated memory as the TypedArray. + * The optional {byteOffset} and {length} arguments specify a memory range + * within the {arrayBuffer} that will be shared by the Buffer. + * + * @param arrayBuffer The .buffer property of a TypedArray or a new ArrayBuffer() + * @param byteOffset + * @param length + */ + static from(arrayBuffer: ArrayBuffer, byteOffset?: number, length?: number): Buffer; + /** + * Copies the passed {buffer} data onto a new Buffer instance. + * + * @param buffer + */ + static from(buffer: Buffer): Buffer; + /** + * Creates a new Buffer containing the given JavaScript string {str}. + * If provided, the {encoding} parameter identifies the character encoding. + * If not provided, {encoding} defaults to 'utf8'. + * + * @param str + */ + static from(str: string, encoding?: string): Buffer; + /** + * Returns true if {obj} is a Buffer + * + * @param obj object to test. + */ + static isBuffer(obj: any): obj is Buffer; + /** + * Returns true if {encoding} is a valid encoding argument. + * Valid string encodings in Node 0.12: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'binary'(deprecated)|'hex' + * + * @param encoding string to test. + */ + static isEncoding(encoding: string): boolean; + /** + * Gives the actual byte length of a string. encoding defaults to 'utf8'. + * This is not the same as String.prototype.length since that returns the number of characters in a string. + * + * @param string string to test. + * @param encoding encoding used to evaluate (defaults to 'utf8') + */ + static byteLength(string: string, encoding?: string): number; + /** + * Returns a buffer which is the result of concatenating all the buffers in the list together. + * + * If the list has no items, or if the totalLength is 0, then it returns a zero-length buffer. + * If the list has exactly one item, then the first item of the list is returned. + * If the list has more than one item, then a new Buffer is created. + * + * @param list An array of Buffer objects to concatenate + * @param totalLength Total length of the buffers when concatenated. + * If totalLength is not provided, it is read from the buffers in the list. However, this adds an additional loop to the function, so it is faster to provide the length explicitly. + */ + static concat(list: Buffer[], totalLength?: number): Buffer; + /** + * The same as buf1.compare(buf2). + */ + static compare(buf1: Buffer, buf2: Buffer): number; + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + * @param fill if specified, buffer will be initialized by calling buf.fill(fill). + * If parameter is omitted, buffer will be filled with zeros. + * @param encoding encoding used for call to buf.fill while initalizing + */ + static alloc(size: number, fill?: string | Buffer | number, encoding?: string): Buffer; + /** + * Allocates a new buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafe(size: number): Buffer; + /** + * Allocates a new non-pooled buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafeSlow(size: number): Buffer; + } +}
\ No newline at end of file diff --git a/node_modules/libnpmpublish/node_modules/safe-buffer/index.js b/node_modules/libnpmpublish/node_modules/safe-buffer/index.js new file mode 100644 index 000000000..054c8d30d --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/safe-buffer/index.js @@ -0,0 +1,64 @@ +/* eslint-disable node/no-deprecated-api */ +var buffer = require('buffer') +var Buffer = buffer.Buffer + +// alternative to using Object.keys for old browsers +function copyProps (src, dst) { + for (var key in src) { + dst[key] = src[key] + } +} +if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) { + module.exports = buffer +} else { + // Copy properties from require('buffer') + copyProps(buffer, exports) + exports.Buffer = SafeBuffer +} + +function SafeBuffer (arg, encodingOrOffset, length) { + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.prototype = Object.create(Buffer.prototype) + +// Copy static methods from Buffer +copyProps(Buffer, SafeBuffer) + +SafeBuffer.from = function (arg, encodingOrOffset, length) { + if (typeof arg === 'number') { + throw new TypeError('Argument must not be a number') + } + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.alloc = function (size, fill, encoding) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + var buf = Buffer(size) + if (fill !== undefined) { + if (typeof encoding === 'string') { + buf.fill(fill, encoding) + } else { + buf.fill(fill) + } + } else { + buf.fill(0) + } + return buf +} + +SafeBuffer.allocUnsafe = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return Buffer(size) +} + +SafeBuffer.allocUnsafeSlow = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return buffer.SlowBuffer(size) +} diff --git a/node_modules/libnpmpublish/node_modules/safe-buffer/package.json b/node_modules/libnpmpublish/node_modules/safe-buffer/package.json new file mode 100644 index 000000000..e737ce5d6 --- /dev/null +++ b/node_modules/libnpmpublish/node_modules/safe-buffer/package.json @@ -0,0 +1,62 @@ +{ + "_from": "safe-buffer@^5.2.0", + "_id": "safe-buffer@5.2.0", + "_inBundle": false, + "_integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==", + "_location": "/libnpmpublish/safe-buffer", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "safe-buffer@^5.2.0", + "name": "safe-buffer", + "escapedName": "safe-buffer", + "rawSpec": "^5.2.0", + "saveSpec": null, + "fetchSpec": "^5.2.0" + }, + "_requiredBy": [ + "/libnpmpublish/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "_shasum": "b74daec49b1148f88c64b68d49b1e815c1f2f519", + "_spec": "safe-buffer@^5.2.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmpublish/node_modules/npm-registry-fetch", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/safe-buffer/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Safer Node.js Buffer API", + "devDependencies": { + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/safe-buffer", + "keywords": [ + "buffer", + "buffer allocate", + "node security", + "safe", + "safe-buffer", + "security", + "uninitialized" + ], + "license": "MIT", + "main": "index.js", + "name": "safe-buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/safe-buffer.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "types": "index.d.ts", + "version": "5.2.0" +} diff --git a/node_modules/libnpmsearch/CODE_OF_CONDUCT.md b/node_modules/libnpmsearch/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..aeb72f598 --- /dev/null +++ b/node_modules/libnpmsearch/CODE_OF_CONDUCT.md @@ -0,0 +1,151 @@ +# Code of Conduct + +## When Something Happens + +If you see a Code of Conduct violation, follow these steps: + +1. Let the person know that what they did is not appropriate and ask them to stop and/or edit their message(s) or commits. +2. That person should immediately stop the behavior and correct the issue. +3. If this doesn’t happen, or if you're uncomfortable speaking up, [contact the maintainers](#contacting-maintainers). +4. As soon as available, a maintainer will look into the issue, and take [further action (see below)](#further-enforcement), starting with a warning, then temporary block, then long-term repo or organization ban. + +When reporting, please include any relevant details, links, screenshots, context, or other information that may be used to better understand and resolve the situation. + +**The maintainer team will prioritize the well-being and comfort of the recipients of the violation over the comfort of the violator.** See [some examples below](#enforcement-examples). + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as contributors and maintainers of this project pledge to making participation in our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, technical preferences, nationality, personal appearance, race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment include: + + * Using welcoming and inclusive language. + * Being respectful of differing viewpoints and experiences. + * Gracefully accepting constructive feedback. + * Focusing on what is best for the community. + * Showing empathy and kindness towards other community members. + * Encouraging and raising up your peers in the project so you can all bask in hacks and glory. + +Examples of unacceptable behavior by participants include: + + * The use of sexualized language or imagery and unwelcome sexual attention or advances, including when simulated online. The only exception to sexual topics is channels/spaces specifically for topics of sexual identity. + * Casual mention of slavery or indentured servitude and/or false comparisons of one's occupation or situation to slavery. Please consider using or asking about alternate terminology when referring to such metaphors in technology. + * Making light of/making mocking comments about trigger warnings and content warnings. + * Trolling, insulting/derogatory comments, and personal or political attacks. + * Public or private harassment, deliberate intimidation, or threats. + * Publishing others' private information, such as a physical or electronic address, without explicit permission. This includes any sort of "outing" of any aspect of someone's identity without their consent. + * Publishing private screenshots or quotes of interactions in the context of this project without all quoted users' *explicit* consent. + * Publishing of private communication that doesn't have to do with reporting harrassment. + * Any of the above even when [presented as "ironic" or "joking"](https://en.wikipedia.org/wiki/Hipster_racism). + * Any attempt to present "reverse-ism" versions of the above as violations. Examples of reverse-isms are "reverse racism", "reverse sexism", "heterophobia", and "cisphobia". + * Unsolicited explanations under the assumption that someone doesn't already know it. Ask before you teach! Don't assume what people's knowledge gaps are. + * [Feigning or exaggerating surprise](https://www.recurse.com/manual#no-feigned-surprise) when someone admits to not knowing something. + * "[Well-actuallies](https://www.recurse.com/manual#no-well-actuallys)" + * Other conduct which could reasonably be considered inappropriate in a professional or community setting. + +## Scope + +This Code of Conduct applies both within spaces involving this project and in other spaces involving community members. This includes the repository, its Pull Requests and Issue tracker, its Twitter community, private email communications in the context of the project, and any events where members of the project are participating, as well as adjacent communities and venues affecting the project's members. + +Depending on the violation, the maintainers may decide that violations of this code of conduct that have happened outside of the scope of the community may deem an individual unwelcome, and take appropriate action to maintain the comfort and safety of its members. + +### Other Community Standards + +As a project on GitHub, this project is additionally covered by the [GitHub Community Guidelines](https://help.github.com/articles/github-community-guidelines/). + +Additionally, as a project hosted on npm, is is covered by [npm, Inc's Code of Conduct](https://www.npmjs.com/policies/conduct). + +Enforcement of those guidelines after violations overlapping with the above are the responsibility of the entities, and enforcement may happen in any or all of the services/communities. + +## Maintainer Enforcement Process + +Once the maintainers get involved, they will follow a documented series of steps and do their best to preserve the well-being of project members. This section covers actual concrete steps. + +### Contacting Maintainers + +You may get in touch with the maintainer team through any of the following methods: + + * Through email: + * [kzm@zkat.tech](mailto:kzm@zkat.tech) (Kat Marchán) + + * Through Twitter: + * [@maybekatz](https://twitter.com/maybekatz) (Kat Marchán) + +### Further Enforcement + +If you've already followed the [initial enforcement steps](#enforcement), these are the steps maintainers will take for further enforcement, as needed: + + 1. Repeat the request to stop. + 2. If the person doubles down, they will have offending messages removed or edited by a maintainers given an official warning. The PR or Issue may be locked. + 3. If the behavior continues or is repeated later, the person will be blocked from participating for 24 hours. + 4. If the behavior continues or is repeated after the temporary block, a long-term (6-12mo) ban will be used. + +On top of this, maintainers may remove any offending messages, images, contributions, etc, as they deem necessary. + +Maintainers reserve full rights to skip any of these steps, at their discretion, if the violation is considered to be a serious and/or immediate threat to the health and well-being of members of the community. These include any threats, serious physical or verbal attacks, and other such behavior that would be completely unacceptable in any social setting that puts our members at risk. + +Members expelled from events or venues with any sort of paid attendance will not be refunded. + +### Who Watches the Watchers? + +Maintainers and other leaders who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. These may include anything from removal from the maintainer team to a permanent ban from the community. + +Additionally, as a project hosted on both GitHub and npm, [their own Codes of Conducts may be applied against maintainers of this project](#other-community-standards), externally of this project's procedures. + +### Enforcement Examples + +#### The Best Case + +The vast majority of situations work out like this. This interaction is common, and generally positive. + +> Alex: "Yeah I used X and it was really crazy!" + +> Patt (not a maintainer): "Hey, could you not use that word? What about 'ridiculous' instead?" + +> Alex: "oh sorry, sure." -> edits old comment to say "it was really confusing!" + +#### The Maintainer Case + +Sometimes, though, you need to get maintainers involved. Maintainers will do their best to resolve conflicts, but people who were harmed by something **will take priority**. + +> Patt: "Honestly, sometimes I just really hate using $library and anyone who uses it probably sucks at their job." + +> Alex: "Whoa there, could you dial it back a bit? There's a CoC thing about attacking folks' tech use like that." + +> Patt: "I'm not attacking anyone, what's your problem?" + +> Alex: "@maintainers hey uh. Can someone look at this issue? Patt is getting a bit aggro. I tried to nudge them about it, but nope." + +> KeeperOfCommitBits: (on issue) "Hey Patt, maintainer here. Could you tone it down? This sort of attack is really not okay in this space." + +> Patt: "Leave me alone I haven't said anything bad wtf is wrong with you." + +> KeeperOfCommitBits: (deletes user's comment), "@patt I mean it. Please refer to the CoC over at (URL to this CoC) if you have questions, but you can consider this an actual warning. I'd appreciate it if you reworded your messages in this thread, since they made folks there uncomfortable. Let's try and be kind, yeah?" + +> Patt: "@keeperofbits Okay sorry. I'm just frustrated and I'm kinda burnt out and I guess I got carried away. I'll DM Alex a note apologizing and edit my messages. Sorry for the trouble." + +> KeeperOfCommitBits: "@patt Thanks for that. I hear you on the stress. Burnout sucks :/. Have a good one!" + +#### The Nope Case + +> PepeTheFrog🐸: "Hi, I am a literal actual nazi and I think white supremacists are quite fashionable." + +> Patt: "NOOOOPE. OH NOPE NOPE." + +> Alex: "JFC NO. NOPE. @keeperofbits NOPE NOPE LOOK HERE" + +> KeeperOfCommitBits: "👀 Nope. NOPE NOPE NOPE. 🔥" + +> PepeTheFrog🐸 has been banned from all organization or user repositories belonging to KeeperOfCommitBits. + +## Attribution + +This Code of Conduct was generated using [WeAllJS Code of Conduct Generator](https://npm.im/weallbehave), which is based on the [WeAllJS Code of +Conduct](https://wealljs.org/code-of-conduct), which is itself based on +[Contributor Covenant](http://contributor-covenant.org), version 1.4, available +at +[http://contributor-covenant.org/version/1/4](http://contributor-covenant.org/version/1/4), +and the LGBTQ in Technology Slack [Code of +Conduct](http://lgbtq.technology/coc.html). diff --git a/node_modules/libnpmsearch/CONTRIBUTING.md b/node_modules/libnpmsearch/CONTRIBUTING.md new file mode 100644 index 000000000..1a61601a1 --- /dev/null +++ b/node_modules/libnpmsearch/CONTRIBUTING.md @@ -0,0 +1,256 @@ +# Contributing + +## How do I... <a name="toc"></a> + +* [Use This Guide](#introduction)? +* Ask or Say Something? 🤔🐛😱 + * [Request Support](#request-support) + * [Report an Error or Bug](#report-an-error-or-bug) + * [Request a Feature](#request-a-feature) +* Make Something? 🤓👩🏽💻📜🍳 + * [Project Setup](#project-setup) + * [Contribute Documentation](#contribute-documentation) + * [Contribute Code](#contribute-code) +* Manage Something ✅🙆🏼💃👔 + * [Provide Support on Issues](#provide-support-on-issues) + * [Label Issues](#label-issues) + * [Clean Up Issues and PRs](#clean-up-issues-and-prs) + * [Review Pull Requests](#review-pull-requests) + * [Merge Pull Requests](#merge-pull-requests) + * [Tag a Release](#tag-a-release) + * [Join the Project Team](#join-the-project-team) +* Add a Guide Like This One [To My Project](#attribution)? 🤖😻👻 + +## Introduction + +Thank you so much for your interest in contributing!. All types of contributions are encouraged and valued. See the [table of contents](#toc) for different ways to help and details about how this project handles them!📝 + +Please make sure to read the relevant section before making your contribution! It will make it a lot easier for us maintainers to make the most of it and smooth out the experience for all involved. 💚 + +The [Project Team](#join-the-project-team) looks forward to your contributions. 🙌🏾✨ + +## Request Support + +If you have a question about this project, how to use it, or just need clarification about something: + +* Open an Issue at https://github.com/npm/libnpmsearch/issues +* Provide as much context as you can about what you're running into. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* Someone will try to have a response soon. +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. + +## Report an Error or Bug + +If you run into an error or bug with the project: + +* Open an Issue at https://github.com/npm/libnpmsearch/issues +* Include *reproduction steps* that someone else can follow to recreate the bug or error on their own. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* A team member will try to reproduce the issue with your provided steps. If there are no repro steps or no obvious way to reproduce the issue, the team will ask you for those steps and mark the issue as `needs-repro`. Bugs with the `needs-repro` tag will not be addressed until they are reproduced. +* If the team is able to reproduce the issue, it will be marked `needs-fix`, as well as possibly other tags (such as `critical`), and the issue will be left to be [implemented by someone](#contribute-code). +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. +* `critical` issues may be left open, depending on perceived immediacy and severity, even past the 30 day deadline. + +## Request a Feature + +If the project doesn't do something you need or want it to do: + +* Open an Issue at https://github.com/npm/libnpmsearch/issues +* Provide as much context as you can about what you're running into. +* Please try and be clear about why existing features and alternatives would not work for you. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* The project team will evaluate the feature request, possibly asking you more questions to understand its purpose and any relevant requirements. If the issue is closed, the team will convey their reasoning and suggest an alternative path forward. +* If the feature request is accepted, it will be marked for implementation with `feature-accepted`, which can then be done by either by a core team member or by anyone in the community who wants to [contribute code](#contribute-code). + +Note: The team is unlikely to be able to accept every single feature request that is filed. Please understand if they need to say no. + +## Project Setup + +So you wanna contribute some code! That's great! This project uses GitHub Pull Requests to manage contributions, so [read up on how to fork a GitHub project and file a PR](https://guides.github.com/activities/forking) if you've never done it before. + +If this seems like a lot or you aren't able to do all this setup, you might also be able to [edit the files directly](https://help.github.com/articles/editing-files-in-another-user-s-repository/) without having to do any of this setup. Yes, [even code](#contribute-code). + +If you want to go the usual route and run the project locally, though: + +* [Install Node.js](https://nodejs.org/en/download/) +* [Fork the project](https://guides.github.com/activities/forking/#fork) + +Then in your terminal: +* `cd path/to/your/clone` +* `npm install` +* `npm test` + +And you should be ready to go! + +## Contribute Documentation + +Documentation is a super important, critical part of this project. Docs are how we keep track of what we're doing, how, and why. It's how we stay on the same page about our policies. And it's how we tell others everything they need in order to be able to use this project -- or contribute to it. So thank you in advance. + +Documentation contributions of any size are welcome! Feel free to file a PR even if you're just rewording a sentence to be more clear, or fixing a spelling mistake! + +To contribute documentation: + +* [Set up the project](#project-setup). +* Edit or add any relevant documentation. +* Make sure your changes are formatted correctly and consistently with the rest of the documentation. +* Re-read what you wrote, and run a spellchecker on it to make sure you didn't miss anything. +* In your commit message(s), begin the first line with `docs: `. For example: `docs: Adding a doc contrib section to CONTRIBUTING.md`. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). Documentation commits should use `docs(<component>): <message>`. +* Go to https://github.com/npm/libnpmsearch/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Contribute Code + +We like code commits a lot! They're super handy, and they keep the project going and doing the work it needs to do to be useful to others. + +Code contributions of just about any size are acceptable! + +The main difference between code contributions and documentation contributions is that contributing code requires inclusion of relevant tests for the code being added or changed. Contributions without accompanying tests will be held off until a test is added, unless the maintainers consider the specific tests to be either impossible, or way too much of a burden for such a contribution. + +To contribute code: + +* [Set up the project](#project-setup). +* Make any necessary changes to the source code. +* Include any [additional documentation](#contribute-documentation) the changes might need. +* Write tests that verify that your contribution works as expected. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). +* Dependency updates, additions, or removals must be in individual commits, and the message must use the format: `<prefix>(deps): PKG@VERSION`, where `<prefix>` is any of the usual `conventional-changelog` prefixes, at your discretion. +* Go to https://github.com/npm/libnpmsearch/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* Barring special circumstances, maintainers will not review PRs until all checks pass (Travis, AppVeyor, etc). +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. Additional tags (such as `needs-tests`) will be added depending on the review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Provide Support on Issues + +[Needs Collaborator](#join-the-project-team): none + +Helping out other users with their questions is a really awesome way of contributing to any community. It's not uncommon for most of the issues on an open source projects being support-related questions by users trying to understand something they ran into, or find their way around a known bug. + +Sometimes, the `support` label will be added to things that turn out to actually be other things, like bugs or feature requests. In that case, suss out the details with the person who filed the original issue, add a comment explaining what the bug is, and change the label from `support` to `bug` or `feature`. If you can't do this yourself, @mention a maintainer so they can do it. + +In order to help other folks out with their questions: + +* Go to the issue tracker and [filter open issues by the `support` label](https://github.com/npm/libnpmsearch/issues?q=is%3Aopen+is%3Aissue+label%3Asupport). +* Read through the list until you find something that you're familiar enough with to give an answer to. +* Respond to the issue with whatever details are needed to clarify the question, or get more details about what's going on. +* Once the discussion wraps up and things are clarified, either close the issue, or ask the original issue filer (or a maintainer) to close it for you. + +Some notes on picking up support issues: + +* Avoid responding to issues you don't know you can answer accurately. +* As much as possible, try to refer to past issues with accepted answers. Link to them from your replies with the `#123` format. +* Be kind and patient with users -- often, folks who have run into confusing things might be upset or impatient. This is ok. Try to understand where they're coming from, and if you're too uncomfortable with the tone, feel free to stay away or withdraw from the issue. (note: if the user is outright hostile or is violating the CoC, [refer to the Code of Conduct](CODE_OF_CONDUCT.md) to resolve the conflict). + +## Label Issues + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +One of the most important tasks in handling issues is labeling them usefully and accurately. All other tasks involving issues ultimately rely on the issue being classified in such a way that relevant parties looking to do their own tasks can find them quickly and easily. + +In order to label issues, [open up the list of unlabeled issues](https://github.com/npm/libnpmsearch/issues?q=is%3Aopen+is%3Aissue+no%3Alabel) and, **from newest to oldest**, read through each one and apply issue labels according to the table below. If you're unsure about what label to apply, skip the issue and try the next one: don't feel obligated to label each and every issue yourself! + +Label | Apply When | Notes +--- | --- | --- +`bug` | Cases where the code (or documentation) is behaving in a way it wasn't intended to. | If something is happening that surprises the *user* but does not go against the way the code is designed, it should use the `enhancement` label. +`critical` | Added to `bug` issues if the problem described makes the code completely unusable in a common situation. | +`documentation` | Added to issues or pull requests that affect any of the documentation for the project. | Can be combined with other labels, such as `bug` or `enhancement`. +`duplicate` | Added to issues or PRs that refer to the exact same issue as another one that's been previously labeled. | Duplicate issues should be marked and closed right away, with a message referencing the issue it's a duplicate of (with `#123`) +`enhancement` | Added to [feature requests](#request-a-feature), PRs, or documentation issues that are purely additive: the code or docs currently work as expected, but a change is being requested or suggested. | +`help wanted` | Applied by [Committers](#join-the-project-team) to issues and PRs that they would like to get outside help for. Generally, this means it's lower priority for the maintainer team to itself implement, but that the community is encouraged to pick up if they so desire | Never applied on first-pass labeling. +`in-progress` | Applied by [Committers](#join-the-project-team) to PRs that are pending some work before they're ready for review. | The original PR submitter should @mention the team member that applied the label once the PR is complete. +`performance` | This issue or PR is directly related to improving performance. | +`refactor` | Added to issues or PRs that deal with cleaning up or modifying the project for the betterment of it. | +`starter` | Applied by [Committers](#join-the-project-team) to issues that they consider good introductions to the project for people who have not contributed before. These are not necessarily "easy", but rather focused around how much context is necessary in order to understand what needs to be done for this project in particular. | Existing project members are expected to stay away from these unless they increase in priority. +`support` | This issue is either asking a question about how to use the project, clarifying the reason for unexpected behavior, or possibly reporting a `bug` but does not have enough detail yet to determine whether it would count as such. | The label should be switched to `bug` if reliable reproduction steps are provided. Issues primarily with unintended configurations of a user's environment are not considered bugs, even if they cause crashes. +`tests` | This issue or PR either requests or adds primarily tests to the project. | If a PR is pending tests, that will be handled through the [PR review process](#review-pull-requests) +`wontfix` | Labelers may apply this label to issues that clearly have nothing at all to do with the project or are otherwise entirely outside of its scope/sphere of influence. [Committers](#join-the-project-team) may apply this label and close an issue or PR if they decide to pass on an otherwise relevant issue. | The issue or PR should be closed as soon as the label is applied, and a clear explanation provided of why the label was used. Contributors are free to contest the labeling, but the decision ultimately falls on committers as to whether to accept something or not. + +## Clean Up Issues and PRs + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +Issues and PRs can go stale after a while. Maybe they're abandoned. Maybe the team will just plain not have time to address them any time soon. + +In these cases, they should be closed until they're brought up again or the interaction starts over. + +To clean up issues and PRs: + +* Search the issue tracker for issues or PRs, and add the term `updated:<=YYYY-MM-DD`, where the date is 30 days before today. +* Go through each issue *from oldest to newest*, and close them if **all of the following are true**: + * not opened by a maintainer + * not marked as `critical` + * not marked as `starter` or `help wanted` (these might stick around for a while, in general, as they're intended to be available) + * no explicit messages in the comments asking for it to be left open + * does not belong to a milestone +* Leave a message when closing saying "Cleaning up stale issue. Please reopen or ping us if and when you're ready to resume this. See https://github.com/npm/libnpmsearch/blob/latest/CONTRIBUTING.md#clean-up-issues-and-prs for more details." + +## Review Pull Requests + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +While anyone can comment on a PR, add feedback, etc, PRs are only *approved* by team members with Issue Tracker or higher permissions. + +PR reviews use [GitHub's own review feature](https://help.github.com/articles/about-pull-request-reviews/), which manages comments, approval, and review iteration. + +Some notes: + +* You may ask for minor changes ("nitpicks"), but consider whether they are really blockers to merging: try to err on the side of "approve, with comments". +* *ALL PULL REQUESTS* should be covered by a test: either by a previously-failing test, an existing test that covers the entire functionality of the submitted code, or new tests to verify any new/changed behavior. All tests must also pass and follow established conventions. Test coverage should not drop, unless the specific case is considered reasonable by maintainers. +* Please make sure you're familiar with the code or documentation being updated, unless it's a minor change (spellchecking, minor formatting, etc). You may @mention another project member who you think is better suited for the review, but still provide a non-approving review of your own. +* Be extra kind: people who submit code/doc contributions are putting themselves in a pretty vulnerable position, and have put time and care into what they've done (even if that's not obvious to you!) -- always respond with respect, be understanding, but don't feel like you need to sacrifice your standards for their sake, either. Just don't be a jerk about it? + +## Merge Pull Requests + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. + +## Tag A Release + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. The most important bit here is probably that all tests must pass, and tags must use [semver](https://semver.org). + +## Join the Project Team + +### Ways to Join + +There are many ways to contribute! Most of them don't require any official status unless otherwise noted. That said, there's a couple of positions that grant special repository abilities, and this section describes how they're granted and what they do. + +All of the below positions are granted based on the project team's needs, as well as their consensus opinion about whether they would like to work with the person and think that they would fit well into that position. The process is relatively informal, and it's likely that people who express interest in participating can just be granted the permissions they'd like. + +You can spot a collaborator on the repo by looking for the `[Collaborator]` or `[Owner]` tags next to their names. + +Permission | Description +--- | --- +Issue Tracker | Granted to contributors who express a strong interest in spending time on the project's issue tracker. These tasks are mainly [labeling issues](#label-issues), [cleaning up old ones](#clean-up-issues-and-prs), and [reviewing pull requests](#review-pull-requests), as well as all the usual things non-team-member contributors can do. Issue handlers should not merge pull requests, tag releases, or directly commit code themselves: that should still be done through the usual pull request process. Becoming an Issue Handler means the project team trusts you to understand enough of the team's process and context to implement it on the issue tracker. +Committer | Granted to contributors who want to handle the actual pull request merges, tagging new versions, etc. Committers should have a good level of familiarity with the codebase, and enough context to understand the implications of various changes, as well as a good sense of the will and expectations of the project team. +Admin/Owner | Granted to people ultimately responsible for the project, its community, etc. + +## Attribution + +This guide was generated using the WeAllJS `CONTRIBUTING.md` generator. [Make your own](https://npm.im/weallcontribute)! diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 000000000..8eee50a47 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,239 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="4.0.2"></a> +## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04) + + +### Bug Fixes + +* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9) +* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) + + +* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) + + +### BREAKING CHANGES + +* uid and gid are inferred from cache folder, rather than +being passed in as options. + + + +<a name="3.9.1"></a> +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + +<a name="3.9.0"></a> +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + +<a name="3.8.0"></a> +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + +<a name="3.7.0"></a> +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + +<a name="3.6.0"></a> +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + +<a name="3.5.0"></a> +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + +<a name="3.4.0"></a> +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + +<a name="3.3.0"></a> +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + +<a name="3.2.1"></a> +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + +<a name="3.2.0"></a> +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + +<a name="3.1.1"></a> +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + +<a name="3.1.0"></a> +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="1.1.1"></a> +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + +<a name="1.1.0"></a> +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + +<a name="1.0.1"></a> +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + +<a name="1.0.0"></a> +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/README.md new file mode 100644 index 000000000..0c3f4f946 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### <a name="fetch"></a> `> fetch(url, [opts]) -> Promise<Response>` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### <a name="fetch-json"></a> `> fetch.json(url, [opts]) -> Promise<ResponseJSON>` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### <a name="fetch-json-stream"></a> `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### <a name="fetch-opts"></a> `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### <a name="opts-agent"></a> `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### <a name="opts-body"></a> `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### <a name="opts-ca"></a> `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### <a name="opts-cache"></a> `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### <a name="opts-cert"></a> `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### <a name="opts-fetch-retries"></a> `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-factor"></a> `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-mintimeout"></a> `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-maxtimeout"></a> `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-force-auth"></a> `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### <a name="opts-gzip"></a> `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### <a name="opts-headers"></a> `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### <a name="opts-ignore-body"></a> `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### <a name="opts-integrity"></a> `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### <a name='opts-is-from-ci'></a> `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### <a name="opts-key"></a> `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### <a name="opts-local-address"></a> `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### <a name="opts-log"></a> `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### <a name="opts-map-json"></a> `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### <a name="opts-maxsockets"></a> `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### <a name="opts-method"></a> `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### <a name="opts-noproxy"></a> `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### <a name="opts-npm-session"></a> `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### <a name="opts-offline"></a> `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-otp"></a> `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### <a name="opts-password"></a> `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### <a name="opts-prefer-offline"></a> `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-prefer-online"></a> `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### <a name="opts-project-scope"></a> `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### <a name="opts-proxy"></a> `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### <a name="opts-query"></a> `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### <a name="opts-refer"></a> `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### <a name="opts-registry"></a> `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.<scope>:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### <a name="opts-retry"></a> `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### <a name="opts-scope"></a> `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.<scope>:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### <a name="opts-scope-registry"></a> `opts.<scope>:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### <a name="opts-spec"></a> `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### <a name="opts-strict-ssl"></a> `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### <a name="opts-timeout"></a> `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### <a name="opts-token"></a> `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### <a name="opts-user-agent"></a> `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@<version>/node@<node-version>+<arch> (<platform>)'` + +User agent string to send in the `User-Agent` header. + +##### <a name="opts-username"></a> `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### <a name="opts-auth"></a> `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 000000000..d583982d0 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 000000000..14058239b --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/config.js new file mode 100644 index 000000000..1c43b26ea --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,96 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 000000000..ba78735fc --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/index.js new file mode 100644 index 000000000..c18487388 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,191 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/package.json new file mode 100644 index 000000000..4425ced99 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,93 @@ +{ + "_from": "npm-registry-fetch@^4.0.0", + "_id": "npm-registry-fetch@4.0.2", + "_inBundle": false, + "_integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "_location": "/libnpmsearch/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^4.0.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/libnpmsearch" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "_shasum": "2b1434f93ccbe6b6385f8e45f45db93e16921d7a", + "_spec": "npm-registry-fetch@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmsearch", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^12.0.0", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmsearch/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 000000000..886c5d55b --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmsearch/node_modules/safe-buffer/LICENSE b/node_modules/libnpmsearch/node_modules/safe-buffer/LICENSE new file mode 100644 index 000000000..0c068ceec --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/safe-buffer/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) Feross Aboukhadijeh + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/libnpmsearch/node_modules/safe-buffer/README.md b/node_modules/libnpmsearch/node_modules/safe-buffer/README.md new file mode 100644 index 000000000..356e35193 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/safe-buffer/README.md @@ -0,0 +1,586 @@ +# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] + +[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg +[travis-url]: https://travis-ci.org/feross/safe-buffer +[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg +[npm-url]: https://npmjs.org/package/safe-buffer +[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg +[downloads-url]: https://npmjs.org/package/safe-buffer +[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg +[standard-url]: https://standardjs.com + +#### Safer Node.js Buffer API + +**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`, +`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.** + +**Uses the built-in implementation when available.** + +## install + +``` +npm install safe-buffer +``` + +[Get supported safe-buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-safe-buffer?utm_source=npm-safe-buffer&utm_medium=referral&utm_campaign=readme) + +## usage + +The goal of this package is to provide a safe replacement for the node.js `Buffer`. + +It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to +the top of your node.js modules: + +```js +var Buffer = require('safe-buffer').Buffer + +// Existing buffer code will continue to work without issues: + +new Buffer('hey', 'utf8') +new Buffer([1, 2, 3], 'utf8') +new Buffer(obj) +new Buffer(16) // create an uninitialized buffer (potentially unsafe) + +// But you can use these new explicit APIs to make clear what you want: + +Buffer.from('hey', 'utf8') // convert from many types to a Buffer +Buffer.alloc(16) // create a zero-filled buffer (safe) +Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe) +``` + +## api + +### Class Method: Buffer.from(array) +<!-- YAML +added: v3.0.0 +--> + +* `array` {Array} + +Allocates a new `Buffer` using an `array` of octets. + +```js +const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]); + // creates a new Buffer containing ASCII bytes + // ['b','u','f','f','e','r'] +``` + +A `TypeError` will be thrown if `array` is not an `Array`. + +### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]]) +<!-- YAML +added: v5.10.0 +--> + +* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or + a `new ArrayBuffer()` +* `byteOffset` {Number} Default: `0` +* `length` {Number} Default: `arrayBuffer.length - byteOffset` + +When passed a reference to the `.buffer` property of a `TypedArray` instance, +the newly created `Buffer` will share the same allocated memory as the +TypedArray. + +```js +const arr = new Uint16Array(2); +arr[0] = 5000; +arr[1] = 4000; + +const buf = Buffer.from(arr.buffer); // shares the memory with arr; + +console.log(buf); + // Prints: <Buffer 88 13 a0 0f> + +// changing the TypedArray changes the Buffer also +arr[1] = 6000; + +console.log(buf); + // Prints: <Buffer 88 13 70 17> +``` + +The optional `byteOffset` and `length` arguments specify a memory range within +the `arrayBuffer` that will be shared by the `Buffer`. + +```js +const ab = new ArrayBuffer(10); +const buf = Buffer.from(ab, 0, 2); +console.log(buf.length); + // Prints: 2 +``` + +A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`. + +### Class Method: Buffer.from(buffer) +<!-- YAML +added: v3.0.0 +--> + +* `buffer` {Buffer} + +Copies the passed `buffer` data onto a new `Buffer` instance. + +```js +const buf1 = Buffer.from('buffer'); +const buf2 = Buffer.from(buf1); + +buf1[0] = 0x61; +console.log(buf1.toString()); + // 'auffer' +console.log(buf2.toString()); + // 'buffer' (copy is not changed) +``` + +A `TypeError` will be thrown if `buffer` is not a `Buffer`. + +### Class Method: Buffer.from(str[, encoding]) +<!-- YAML +added: v5.10.0 +--> + +* `str` {String} String to encode. +* `encoding` {String} Encoding to use, Default: `'utf8'` + +Creates a new `Buffer` containing the given JavaScript string `str`. If +provided, the `encoding` parameter identifies the character encoding. +If not provided, `encoding` defaults to `'utf8'`. + +```js +const buf1 = Buffer.from('this is a tést'); +console.log(buf1.toString()); + // prints: this is a tést +console.log(buf1.toString('ascii')); + // prints: this is a tC)st + +const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex'); +console.log(buf2.toString()); + // prints: this is a tést +``` + +A `TypeError` will be thrown if `str` is not a string. + +### Class Method: Buffer.alloc(size[, fill[, encoding]]) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} +* `fill` {Value} Default: `undefined` +* `encoding` {String} Default: `utf8` + +Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the +`Buffer` will be *zero-filled*. + +```js +const buf = Buffer.alloc(5); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +The `size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +If `fill` is specified, the allocated `Buffer` will be initialized by calling +`buf.fill(fill)`. See [`buf.fill()`][] for more information. + +```js +const buf = Buffer.alloc(5, 'a'); +console.log(buf); + // <Buffer 61 61 61 61 61> +``` + +If both `fill` and `encoding` are specified, the allocated `Buffer` will be +initialized by calling `buf.fill(fill, encoding)`. For example: + +```js +const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64'); +console.log(buf); + // <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64> +``` + +Calling `Buffer.alloc(size)` can be significantly slower than the alternative +`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance +contents will *never contain sensitive data*. + +A `TypeError` will be thrown if `size` is not a number. + +### Class Method: Buffer.allocUnsafe(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* `Buffer` of `size` bytes. The `size` must +be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit +architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is +thrown. A zero-length Buffer will be created if a `size` less than or equal to +0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +```js +const buf = Buffer.allocUnsafe(5); +console.log(buf); + // <Buffer 78 e0 82 02 01> + // (octets will be different, every time) +buf.fill(0); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +A `TypeError` will be thrown if `size` is not a number. + +Note that the `Buffer` module pre-allocates an internal `Buffer` instance of +size `Buffer.poolSize` that is used as a pool for the fast allocation of new +`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated +`new Buffer(size)` constructor) only when `size` is less than or equal to +`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default +value of `Buffer.poolSize` is `8192` but can be modified. + +Use of this pre-allocated internal memory pool is a key difference between +calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`. +Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer +pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal +Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The +difference is subtle but can be important when an application requires the +additional performance that `Buffer.allocUnsafe(size)` provides. + +### Class Method: Buffer.allocUnsafeSlow(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes. The +`size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances, +allocations under 4KB are, by default, sliced from a single pre-allocated +`Buffer`. This allows applications to avoid the garbage collection overhead of +creating many individually allocated Buffers. This approach improves both +performance and memory usage by eliminating the need to track and cleanup as +many `Persistent` objects. + +However, in the case where a developer may need to retain a small chunk of +memory from a pool for an indeterminate amount of time, it may be appropriate +to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then +copy out the relevant bits. + +```js +// need to keep around a few small chunks of memory +const store = []; + +socket.on('readable', () => { + const data = socket.read(); + // allocate for retained data + const sb = Buffer.allocUnsafeSlow(10); + // copy the data into the new allocation + data.copy(sb, 0, 0, 10); + store.push(sb); +}); +``` + +Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after* +a developer has observed undue memory retention in their applications. + +A `TypeError` will be thrown if `size` is not a number. + +### All the Rest + +The rest of the `Buffer` API is exactly the same as in node.js. +[See the docs](https://nodejs.org/api/buffer.html). + + +## Related links + +- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660) +- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4) + +## Why is `Buffer` unsafe? + +Today, the node.js `Buffer` constructor is overloaded to handle many different argument +types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.), +`ArrayBuffer`, and also `Number`. + +The API is optimized for convenience: you can throw any type at it, and it will try to do +what you want. + +Because the Buffer constructor is so powerful, you often see code like this: + +```js +// Convert UTF-8 strings to hex +function toHex (str) { + return new Buffer(str).toString('hex') +} +``` + +***But what happens if `toHex` is called with a `Number` argument?*** + +### Remote Memory Disclosure + +If an attacker can make your program call the `Buffer` constructor with a `Number` +argument, then they can make it allocate uninitialized memory from the node.js process. +This could potentially disclose TLS private keys, user data, or database passwords. + +When the `Buffer` constructor is passed a `Number` argument, it returns an +**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like +this, you **MUST** overwrite the contents before returning it to the user. + +From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size): + +> `new Buffer(size)` +> +> - `size` Number +> +> The underlying memory for `Buffer` instances created in this way is not initialized. +> **The contents of a newly created `Buffer` are unknown and could contain sensitive +> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes. + +(Emphasis our own.) + +Whenever the programmer intended to create an uninitialized `Buffer` you often see code +like this: + +```js +var buf = new Buffer(16) + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### Would this ever be a problem in real code? + +Yes. It's surprisingly common to forget to check the type of your variables in a +dynamically-typed language like JavaScript. + +Usually the consequences of assuming the wrong type is that your program crashes with an +uncaught exception. But the failure mode for forgetting to check the type of arguments to +the `Buffer` constructor is more catastrophic. + +Here's an example of a vulnerable service that takes a JSON payload and converts it to +hex: + +```js +// Take a JSON payload {str: "some string"} and convert it to hex +var server = http.createServer(function (req, res) { + var data = '' + req.setEncoding('utf8') + req.on('data', function (chunk) { + data += chunk + }) + req.on('end', function () { + var body = JSON.parse(data) + res.end(new Buffer(body.str).toString('hex')) + }) +}) + +server.listen(8080) +``` + +In this example, an http client just has to send: + +```json +{ + "str": 1000 +} +``` + +and it will get back 1,000 bytes of uninitialized memory from the server. + +This is a very serious bug. It's similar in severity to the +[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process +memory by remote attackers. + + +### Which real-world packages were vulnerable? + +#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht) + +[Mathias Buus](https://github.com/mafintosh) and I +([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages, +[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow +anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get +them to reveal 20 bytes at a time of uninitialized memory from the node.js process. + +Here's +[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8) +that fixed it. We released a new fixed version, created a +[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all +vulnerable versions on npm so users will get a warning to upgrade to a newer version. + +#### [`ws`](https://www.npmjs.com/package/ws) + +That got us wondering if there were other vulnerable packages. Sure enough, within a short +period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the +most popular WebSocket implementation in node.js. + +If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as +expected, then uninitialized server memory would be disclosed to the remote peer. + +These were the vulnerable methods: + +```js +socket.send(number) +socket.ping(number) +socket.pong(number) +``` + +Here's a vulnerable socket server with some echo functionality: + +```js +server.on('connection', function (socket) { + socket.on('message', function (message) { + message = JSON.parse(message) + if (message.type === 'echo') { + socket.send(message.data) // send back the user's message + } + }) +}) +``` + +`socket.send(number)` called on the server, will disclose server memory. + +Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue +was fixed, with a more detailed explanation. Props to +[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the +[Node Security Project disclosure](https://nodesecurity.io/advisories/67). + + +### What's the solution? + +It's important that node.js offers a fast way to get memory otherwise performance-critical +applications would needlessly get a lot slower. + +But we need a better way to *signal our intent* as programmers. **When we want +uninitialized memory, we should request it explicitly.** + +Sensitive functionality should not be packed into a developer-friendly API that loosely +accepts many different types. This type of API encourages the lazy practice of passing +variables in without checking the type very carefully. + +#### A new API: `Buffer.allocUnsafe(number)` + +The functionality of creating buffers with uninitialized memory should be part of another +API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that +frequently gets user input of all sorts of different types passed into it. + +```js +var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory! + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### How do we fix node.js core? + +We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as +`semver-major`) which defends against one case: + +```js +var str = 16 +new Buffer(str, 'utf8') +``` + +In this situation, it's implied that the programmer intended the first argument to be a +string, since they passed an encoding as a second argument. Today, node.js will allocate +uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not +what the programmer intended. + +But this is only a partial solution, since if the programmer does `new Buffer(variable)` +(without an `encoding` parameter) there's no way to know what they intended. If `variable` +is sometimes a number, then uninitialized memory will sometimes be returned. + +### What's the real long-term fix? + +We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when +we need uninitialized memory. But that would break 1000s of packages. + +~~We believe the best solution is to:~~ + +~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~ + +~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~ + +#### Update + +We now support adding three new APIs: + +- `Buffer.from(value)` - convert from any type to a buffer +- `Buffer.alloc(size)` - create a zero-filled buffer +- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size + +This solves the core problem that affected `ws` and `bittorrent-dht` which is +`Buffer(variable)` getting tricked into taking a number argument. + +This way, existing code continues working and the impact on the npm ecosystem will be +minimal. Over time, npm maintainers can migrate performance-critical code to use +`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`. + + +### Conclusion + +We think there's a serious design issue with the `Buffer` API as it exists today. It +promotes insecure software by putting high-risk functionality into a convenient API +with friendly "developer ergonomics". + +This wasn't merely a theoretical exercise because we found the issue in some of the +most popular npm packages. + +Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of +`buffer`. + +```js +var Buffer = require('safe-buffer').Buffer +``` + +Eventually, we hope that node.js core can switch to this new, safer behavior. We believe +the impact on the ecosystem would be minimal since it's not a breaking change. +Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while +older, insecure packages would magically become safe from this attack vector. + + +## links + +- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514) +- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67) +- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68) + + +## credit + +The original issues in `bittorrent-dht` +([disclosure](https://nodesecurity.io/advisories/68)) and +`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by +[Mathias Buus](https://github.com/mafintosh) and +[Feross Aboukhadijeh](http://feross.org/). + +Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues +and for his work running the [Node Security Project](https://nodesecurity.io/). + +Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and +auditing the code. + + +## license + +MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org) diff --git a/node_modules/libnpmsearch/node_modules/safe-buffer/index.d.ts b/node_modules/libnpmsearch/node_modules/safe-buffer/index.d.ts new file mode 100644 index 000000000..e9fed809a --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/safe-buffer/index.d.ts @@ -0,0 +1,187 @@ +declare module "safe-buffer" { + export class Buffer { + length: number + write(string: string, offset?: number, length?: number, encoding?: string): number; + toString(encoding?: string, start?: number, end?: number): string; + toJSON(): { type: 'Buffer', data: any[] }; + equals(otherBuffer: Buffer): boolean; + compare(otherBuffer: Buffer, targetStart?: number, targetEnd?: number, sourceStart?: number, sourceEnd?: number): number; + copy(targetBuffer: Buffer, targetStart?: number, sourceStart?: number, sourceEnd?: number): number; + slice(start?: number, end?: number): Buffer; + writeUIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeUIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + readUIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readUIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readUInt8(offset: number, noAssert?: boolean): number; + readUInt16LE(offset: number, noAssert?: boolean): number; + readUInt16BE(offset: number, noAssert?: boolean): number; + readUInt32LE(offset: number, noAssert?: boolean): number; + readUInt32BE(offset: number, noAssert?: boolean): number; + readInt8(offset: number, noAssert?: boolean): number; + readInt16LE(offset: number, noAssert?: boolean): number; + readInt16BE(offset: number, noAssert?: boolean): number; + readInt32LE(offset: number, noAssert?: boolean): number; + readInt32BE(offset: number, noAssert?: boolean): number; + readFloatLE(offset: number, noAssert?: boolean): number; + readFloatBE(offset: number, noAssert?: boolean): number; + readDoubleLE(offset: number, noAssert?: boolean): number; + readDoubleBE(offset: number, noAssert?: boolean): number; + swap16(): Buffer; + swap32(): Buffer; + swap64(): Buffer; + writeUInt8(value: number, offset: number, noAssert?: boolean): number; + writeUInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeInt8(value: number, offset: number, noAssert?: boolean): number; + writeInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeFloatLE(value: number, offset: number, noAssert?: boolean): number; + writeFloatBE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleLE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleBE(value: number, offset: number, noAssert?: boolean): number; + fill(value: any, offset?: number, end?: number): this; + indexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + lastIndexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + includes(value: string | number | Buffer, byteOffset?: number, encoding?: string): boolean; + + /** + * Allocates a new buffer containing the given {str}. + * + * @param str String to store in buffer. + * @param encoding encoding to use, optional. Default is 'utf8' + */ + constructor (str: string, encoding?: string); + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + */ + constructor (size: number); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: Uint8Array); + /** + * Produces a Buffer backed by the same allocated memory as + * the given {ArrayBuffer}. + * + * + * @param arrayBuffer The ArrayBuffer with which to share memory. + */ + constructor (arrayBuffer: ArrayBuffer); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: any[]); + /** + * Copies the passed {buffer} data onto a new {Buffer} instance. + * + * @param buffer The buffer to copy. + */ + constructor (buffer: Buffer); + prototype: Buffer; + /** + * Allocates a new Buffer using an {array} of octets. + * + * @param array + */ + static from(array: any[]): Buffer; + /** + * When passed a reference to the .buffer property of a TypedArray instance, + * the newly created Buffer will share the same allocated memory as the TypedArray. + * The optional {byteOffset} and {length} arguments specify a memory range + * within the {arrayBuffer} that will be shared by the Buffer. + * + * @param arrayBuffer The .buffer property of a TypedArray or a new ArrayBuffer() + * @param byteOffset + * @param length + */ + static from(arrayBuffer: ArrayBuffer, byteOffset?: number, length?: number): Buffer; + /** + * Copies the passed {buffer} data onto a new Buffer instance. + * + * @param buffer + */ + static from(buffer: Buffer): Buffer; + /** + * Creates a new Buffer containing the given JavaScript string {str}. + * If provided, the {encoding} parameter identifies the character encoding. + * If not provided, {encoding} defaults to 'utf8'. + * + * @param str + */ + static from(str: string, encoding?: string): Buffer; + /** + * Returns true if {obj} is a Buffer + * + * @param obj object to test. + */ + static isBuffer(obj: any): obj is Buffer; + /** + * Returns true if {encoding} is a valid encoding argument. + * Valid string encodings in Node 0.12: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'binary'(deprecated)|'hex' + * + * @param encoding string to test. + */ + static isEncoding(encoding: string): boolean; + /** + * Gives the actual byte length of a string. encoding defaults to 'utf8'. + * This is not the same as String.prototype.length since that returns the number of characters in a string. + * + * @param string string to test. + * @param encoding encoding used to evaluate (defaults to 'utf8') + */ + static byteLength(string: string, encoding?: string): number; + /** + * Returns a buffer which is the result of concatenating all the buffers in the list together. + * + * If the list has no items, or if the totalLength is 0, then it returns a zero-length buffer. + * If the list has exactly one item, then the first item of the list is returned. + * If the list has more than one item, then a new Buffer is created. + * + * @param list An array of Buffer objects to concatenate + * @param totalLength Total length of the buffers when concatenated. + * If totalLength is not provided, it is read from the buffers in the list. However, this adds an additional loop to the function, so it is faster to provide the length explicitly. + */ + static concat(list: Buffer[], totalLength?: number): Buffer; + /** + * The same as buf1.compare(buf2). + */ + static compare(buf1: Buffer, buf2: Buffer): number; + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + * @param fill if specified, buffer will be initialized by calling buf.fill(fill). + * If parameter is omitted, buffer will be filled with zeros. + * @param encoding encoding used for call to buf.fill while initalizing + */ + static alloc(size: number, fill?: string | Buffer | number, encoding?: string): Buffer; + /** + * Allocates a new buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafe(size: number): Buffer; + /** + * Allocates a new non-pooled buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafeSlow(size: number): Buffer; + } +}
\ No newline at end of file diff --git a/node_modules/libnpmsearch/node_modules/safe-buffer/index.js b/node_modules/libnpmsearch/node_modules/safe-buffer/index.js new file mode 100644 index 000000000..054c8d30d --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/safe-buffer/index.js @@ -0,0 +1,64 @@ +/* eslint-disable node/no-deprecated-api */ +var buffer = require('buffer') +var Buffer = buffer.Buffer + +// alternative to using Object.keys for old browsers +function copyProps (src, dst) { + for (var key in src) { + dst[key] = src[key] + } +} +if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) { + module.exports = buffer +} else { + // Copy properties from require('buffer') + copyProps(buffer, exports) + exports.Buffer = SafeBuffer +} + +function SafeBuffer (arg, encodingOrOffset, length) { + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.prototype = Object.create(Buffer.prototype) + +// Copy static methods from Buffer +copyProps(Buffer, SafeBuffer) + +SafeBuffer.from = function (arg, encodingOrOffset, length) { + if (typeof arg === 'number') { + throw new TypeError('Argument must not be a number') + } + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.alloc = function (size, fill, encoding) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + var buf = Buffer(size) + if (fill !== undefined) { + if (typeof encoding === 'string') { + buf.fill(fill, encoding) + } else { + buf.fill(fill) + } + } else { + buf.fill(0) + } + return buf +} + +SafeBuffer.allocUnsafe = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return Buffer(size) +} + +SafeBuffer.allocUnsafeSlow = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return buffer.SlowBuffer(size) +} diff --git a/node_modules/libnpmsearch/node_modules/safe-buffer/package.json b/node_modules/libnpmsearch/node_modules/safe-buffer/package.json new file mode 100644 index 000000000..5d50cea70 --- /dev/null +++ b/node_modules/libnpmsearch/node_modules/safe-buffer/package.json @@ -0,0 +1,62 @@ +{ + "_from": "safe-buffer@^5.2.0", + "_id": "safe-buffer@5.2.0", + "_inBundle": false, + "_integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==", + "_location": "/libnpmsearch/safe-buffer", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "safe-buffer@^5.2.0", + "name": "safe-buffer", + "escapedName": "safe-buffer", + "rawSpec": "^5.2.0", + "saveSpec": null, + "fetchSpec": "^5.2.0" + }, + "_requiredBy": [ + "/libnpmsearch/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "_shasum": "b74daec49b1148f88c64b68d49b1e815c1f2f519", + "_spec": "safe-buffer@^5.2.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmsearch/node_modules/npm-registry-fetch", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/safe-buffer/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Safer Node.js Buffer API", + "devDependencies": { + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/safe-buffer", + "keywords": [ + "buffer", + "buffer allocate", + "node security", + "safe", + "safe-buffer", + "security", + "uninitialized" + ], + "license": "MIT", + "main": "index.js", + "name": "safe-buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/safe-buffer.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "types": "index.d.ts", + "version": "5.2.0" +} diff --git a/node_modules/libnpmteam/CODE_OF_CONDUCT.md b/node_modules/libnpmteam/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..aeb72f598 --- /dev/null +++ b/node_modules/libnpmteam/CODE_OF_CONDUCT.md @@ -0,0 +1,151 @@ +# Code of Conduct + +## When Something Happens + +If you see a Code of Conduct violation, follow these steps: + +1. Let the person know that what they did is not appropriate and ask them to stop and/or edit their message(s) or commits. +2. That person should immediately stop the behavior and correct the issue. +3. If this doesn’t happen, or if you're uncomfortable speaking up, [contact the maintainers](#contacting-maintainers). +4. As soon as available, a maintainer will look into the issue, and take [further action (see below)](#further-enforcement), starting with a warning, then temporary block, then long-term repo or organization ban. + +When reporting, please include any relevant details, links, screenshots, context, or other information that may be used to better understand and resolve the situation. + +**The maintainer team will prioritize the well-being and comfort of the recipients of the violation over the comfort of the violator.** See [some examples below](#enforcement-examples). + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as contributors and maintainers of this project pledge to making participation in our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, technical preferences, nationality, personal appearance, race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment include: + + * Using welcoming and inclusive language. + * Being respectful of differing viewpoints and experiences. + * Gracefully accepting constructive feedback. + * Focusing on what is best for the community. + * Showing empathy and kindness towards other community members. + * Encouraging and raising up your peers in the project so you can all bask in hacks and glory. + +Examples of unacceptable behavior by participants include: + + * The use of sexualized language or imagery and unwelcome sexual attention or advances, including when simulated online. The only exception to sexual topics is channels/spaces specifically for topics of sexual identity. + * Casual mention of slavery or indentured servitude and/or false comparisons of one's occupation or situation to slavery. Please consider using or asking about alternate terminology when referring to such metaphors in technology. + * Making light of/making mocking comments about trigger warnings and content warnings. + * Trolling, insulting/derogatory comments, and personal or political attacks. + * Public or private harassment, deliberate intimidation, or threats. + * Publishing others' private information, such as a physical or electronic address, without explicit permission. This includes any sort of "outing" of any aspect of someone's identity without their consent. + * Publishing private screenshots or quotes of interactions in the context of this project without all quoted users' *explicit* consent. + * Publishing of private communication that doesn't have to do with reporting harrassment. + * Any of the above even when [presented as "ironic" or "joking"](https://en.wikipedia.org/wiki/Hipster_racism). + * Any attempt to present "reverse-ism" versions of the above as violations. Examples of reverse-isms are "reverse racism", "reverse sexism", "heterophobia", and "cisphobia". + * Unsolicited explanations under the assumption that someone doesn't already know it. Ask before you teach! Don't assume what people's knowledge gaps are. + * [Feigning or exaggerating surprise](https://www.recurse.com/manual#no-feigned-surprise) when someone admits to not knowing something. + * "[Well-actuallies](https://www.recurse.com/manual#no-well-actuallys)" + * Other conduct which could reasonably be considered inappropriate in a professional or community setting. + +## Scope + +This Code of Conduct applies both within spaces involving this project and in other spaces involving community members. This includes the repository, its Pull Requests and Issue tracker, its Twitter community, private email communications in the context of the project, and any events where members of the project are participating, as well as adjacent communities and venues affecting the project's members. + +Depending on the violation, the maintainers may decide that violations of this code of conduct that have happened outside of the scope of the community may deem an individual unwelcome, and take appropriate action to maintain the comfort and safety of its members. + +### Other Community Standards + +As a project on GitHub, this project is additionally covered by the [GitHub Community Guidelines](https://help.github.com/articles/github-community-guidelines/). + +Additionally, as a project hosted on npm, is is covered by [npm, Inc's Code of Conduct](https://www.npmjs.com/policies/conduct). + +Enforcement of those guidelines after violations overlapping with the above are the responsibility of the entities, and enforcement may happen in any or all of the services/communities. + +## Maintainer Enforcement Process + +Once the maintainers get involved, they will follow a documented series of steps and do their best to preserve the well-being of project members. This section covers actual concrete steps. + +### Contacting Maintainers + +You may get in touch with the maintainer team through any of the following methods: + + * Through email: + * [kzm@zkat.tech](mailto:kzm@zkat.tech) (Kat Marchán) + + * Through Twitter: + * [@maybekatz](https://twitter.com/maybekatz) (Kat Marchán) + +### Further Enforcement + +If you've already followed the [initial enforcement steps](#enforcement), these are the steps maintainers will take for further enforcement, as needed: + + 1. Repeat the request to stop. + 2. If the person doubles down, they will have offending messages removed or edited by a maintainers given an official warning. The PR or Issue may be locked. + 3. If the behavior continues or is repeated later, the person will be blocked from participating for 24 hours. + 4. If the behavior continues or is repeated after the temporary block, a long-term (6-12mo) ban will be used. + +On top of this, maintainers may remove any offending messages, images, contributions, etc, as they deem necessary. + +Maintainers reserve full rights to skip any of these steps, at their discretion, if the violation is considered to be a serious and/or immediate threat to the health and well-being of members of the community. These include any threats, serious physical or verbal attacks, and other such behavior that would be completely unacceptable in any social setting that puts our members at risk. + +Members expelled from events or venues with any sort of paid attendance will not be refunded. + +### Who Watches the Watchers? + +Maintainers and other leaders who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. These may include anything from removal from the maintainer team to a permanent ban from the community. + +Additionally, as a project hosted on both GitHub and npm, [their own Codes of Conducts may be applied against maintainers of this project](#other-community-standards), externally of this project's procedures. + +### Enforcement Examples + +#### The Best Case + +The vast majority of situations work out like this. This interaction is common, and generally positive. + +> Alex: "Yeah I used X and it was really crazy!" + +> Patt (not a maintainer): "Hey, could you not use that word? What about 'ridiculous' instead?" + +> Alex: "oh sorry, sure." -> edits old comment to say "it was really confusing!" + +#### The Maintainer Case + +Sometimes, though, you need to get maintainers involved. Maintainers will do their best to resolve conflicts, but people who were harmed by something **will take priority**. + +> Patt: "Honestly, sometimes I just really hate using $library and anyone who uses it probably sucks at their job." + +> Alex: "Whoa there, could you dial it back a bit? There's a CoC thing about attacking folks' tech use like that." + +> Patt: "I'm not attacking anyone, what's your problem?" + +> Alex: "@maintainers hey uh. Can someone look at this issue? Patt is getting a bit aggro. I tried to nudge them about it, but nope." + +> KeeperOfCommitBits: (on issue) "Hey Patt, maintainer here. Could you tone it down? This sort of attack is really not okay in this space." + +> Patt: "Leave me alone I haven't said anything bad wtf is wrong with you." + +> KeeperOfCommitBits: (deletes user's comment), "@patt I mean it. Please refer to the CoC over at (URL to this CoC) if you have questions, but you can consider this an actual warning. I'd appreciate it if you reworded your messages in this thread, since they made folks there uncomfortable. Let's try and be kind, yeah?" + +> Patt: "@keeperofbits Okay sorry. I'm just frustrated and I'm kinda burnt out and I guess I got carried away. I'll DM Alex a note apologizing and edit my messages. Sorry for the trouble." + +> KeeperOfCommitBits: "@patt Thanks for that. I hear you on the stress. Burnout sucks :/. Have a good one!" + +#### The Nope Case + +> PepeTheFrog🐸: "Hi, I am a literal actual nazi and I think white supremacists are quite fashionable." + +> Patt: "NOOOOPE. OH NOPE NOPE." + +> Alex: "JFC NO. NOPE. @keeperofbits NOPE NOPE LOOK HERE" + +> KeeperOfCommitBits: "👀 Nope. NOPE NOPE NOPE. 🔥" + +> PepeTheFrog🐸 has been banned from all organization or user repositories belonging to KeeperOfCommitBits. + +## Attribution + +This Code of Conduct was generated using [WeAllJS Code of Conduct Generator](https://npm.im/weallbehave), which is based on the [WeAllJS Code of +Conduct](https://wealljs.org/code-of-conduct), which is itself based on +[Contributor Covenant](http://contributor-covenant.org), version 1.4, available +at +[http://contributor-covenant.org/version/1/4](http://contributor-covenant.org/version/1/4), +and the LGBTQ in Technology Slack [Code of +Conduct](http://lgbtq.technology/coc.html). diff --git a/node_modules/libnpmteam/CONTRIBUTING.md b/node_modules/libnpmteam/CONTRIBUTING.md new file mode 100644 index 000000000..3fd40076c --- /dev/null +++ b/node_modules/libnpmteam/CONTRIBUTING.md @@ -0,0 +1,256 @@ +# Contributing + +## How do I... <a name="toc"></a> + +* [Use This Guide](#introduction)? +* Ask or Say Something? 🤔🐛😱 + * [Request Support](#request-support) + * [Report an Error or Bug](#report-an-error-or-bug) + * [Request a Feature](#request-a-feature) +* Make Something? 🤓👩🏽💻📜🍳 + * [Project Setup](#project-setup) + * [Contribute Documentation](#contribute-documentation) + * [Contribute Code](#contribute-code) +* Manage Something ✅🙆🏼💃👔 + * [Provide Support on Issues](#provide-support-on-issues) + * [Label Issues](#label-issues) + * [Clean Up Issues and PRs](#clean-up-issues-and-prs) + * [Review Pull Requests](#review-pull-requests) + * [Merge Pull Requests](#merge-pull-requests) + * [Tag a Release](#tag-a-release) + * [Join the Project Team](#join-the-project-team) +* Add a Guide Like This One [To My Project](#attribution)? 🤖😻👻 + +## Introduction + +Thank you so much for your interest in contributing!. All types of contributions are encouraged and valued. See the [table of contents](#toc) for different ways to help and details about how this project handles them!📝 + +Please make sure to read the relevant section before making your contribution! It will make it a lot easier for us maintainers to make the most of it and smooth out the experience for all involved. 💚 + +The [Project Team](#join-the-project-team) looks forward to your contributions. 🙌🏾✨ + +## Request Support + +If you have a question about this project, how to use it, or just need clarification about something: + +* Open an Issue at https://github.com/npm/libnpmteam/issues +* Provide as much context as you can about what you're running into. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* Someone will try to have a response soon. +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. + +## Report an Error or Bug + +If you run into an error or bug with the project: + +* Open an Issue at https://github.com/npm/libnpmteam/issues +* Include *reproduction steps* that someone else can follow to recreate the bug or error on their own. +* Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. If not, please be ready to provide that information if maintainers ask for it. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* A team member will try to reproduce the issue with your provided steps. If there are no repro steps or no obvious way to reproduce the issue, the team will ask you for those steps and mark the issue as `needs-repro`. Bugs with the `needs-repro` tag will not be addressed until they are reproduced. +* If the team is able to reproduce the issue, it will be marked `needs-fix`, as well as possibly other tags (such as `critical`), and the issue will be left to be [implemented by someone](#contribute-code). +* If you or the maintainers don't respond to an issue for 30 days, the [issue will be closed](#clean-up-issues-and-prs). If you want to come back to it, reply (once, please), and we'll reopen the existing issue. Please avoid filing new issues as extensions of one you already made. +* `critical` issues may be left open, depending on perceived immediacy and severity, even past the 30 day deadline. + +## Request a Feature + +If the project doesn't do something you need or want it to do: + +* Open an Issue at https://github.com/npm/libnpmteam/issues +* Provide as much context as you can about what you're running into. +* Please try and be clear about why existing features and alternatives would not work for you. + +Once it's filed: + +* The project team will [label the issue](#label-issues). +* The project team will evaluate the feature request, possibly asking you more questions to understand its purpose and any relevant requirements. If the issue is closed, the team will convey their reasoning and suggest an alternative path forward. +* If the feature request is accepted, it will be marked for implementation with `feature-accepted`, which can then be done by either by a core team member or by anyone in the community who wants to [contribute code](#contribute-code). + +Note: The team is unlikely to be able to accept every single feature request that is filed. Please understand if they need to say no. + +## Project Setup + +So you wanna contribute some code! That's great! This project uses GitHub Pull Requests to manage contributions, so [read up on how to fork a GitHub project and file a PR](https://guides.github.com/activities/forking) if you've never done it before. + +If this seems like a lot or you aren't able to do all this setup, you might also be able to [edit the files directly](https://help.github.com/articles/editing-files-in-another-user-s-repository/) without having to do any of this setup. Yes, [even code](#contribute-code). + +If you want to go the usual route and run the project locally, though: + +* [Install Node.js](https://nodejs.org/en/download/) +* [Fork the project](https://guides.github.com/activities/forking/#fork) + +Then in your terminal: +* `cd path/to/your/clone` +* `npm install` +* `npm test` + +And you should be ready to go! + +## Contribute Documentation + +Documentation is a super important, critical part of this project. Docs are how we keep track of what we're doing, how, and why. It's how we stay on the same page about our policies. And it's how we tell others everything they need in order to be able to use this project -- or contribute to it. So thank you in advance. + +Documentation contributions of any size are welcome! Feel free to file a PR even if you're just rewording a sentence to be more clear, or fixing a spelling mistake! + +To contribute documentation: + +* [Set up the project](#project-setup). +* Edit or add any relevant documentation. +* Make sure your changes are formatted correctly and consistently with the rest of the documentation. +* Re-read what you wrote, and run a spellchecker on it to make sure you didn't miss anything. +* In your commit message(s), begin the first line with `docs: `. For example: `docs: Adding a doc contrib section to CONTRIBUTING.md`. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). Documentation commits should use `docs(<component>): <message>`. +* Go to https://github.com/npm/libnpmteam/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Contribute Code + +We like code commits a lot! They're super handy, and they keep the project going and doing the work it needs to do to be useful to others. + +Code contributions of just about any size are acceptable! + +The main difference between code contributions and documentation contributions is that contributing code requires inclusion of relevant tests for the code being added or changed. Contributions without accompanying tests will be held off until a test is added, unless the maintainers consider the specific tests to be either impossible, or way too much of a burden for such a contribution. + +To contribute code: + +* [Set up the project](#project-setup). +* Make any necessary changes to the source code. +* Include any [additional documentation](#contribute-documentation) the changes might need. +* Write tests that verify that your contribution works as expected. +* Write clear, concise commit message(s) using [conventional-changelog format](https://github.com/conventional-changelog/conventional-changelog-angular/blob/master/convention.md). +* Dependency updates, additions, or removals must be in individual commits, and the message must use the format: `<prefix>(deps): PKG@VERSION`, where `<prefix>` is any of the usual `conventional-changelog` prefixes, at your discretion. +* Go to https://github.com/npm/libnpmteam/pulls and open a new pull request with your changes. +* If your PR is connected to an open issue, add a line in your PR's description that says `Fixes: #123`, where `#123` is the number of the issue you're fixing. + +Once you've filed the PR: + +* Barring special circumstances, maintainers will not review PRs until all checks pass (Travis, AppVeyor, etc). +* One or more maintainers will use GitHub's review feature to review your PR. +* If the maintainer asks for any changes, edit your changes, push, and ask for another review. Additional tags (such as `needs-tests`) will be added depending on the review. +* If the maintainer decides to pass on your PR, they will thank you for the contribution and explain why they won't be accepting the changes. That's ok! We still really appreciate you taking the time to do it, and we don't take that lightly. 💚 +* If your PR gets accepted, it will be marked as such, and merged into the `latest` branch soon after. Your contribution will be distributed to the masses next time the maintainers [tag a release](#tag-a-release) + +## Provide Support on Issues + +[Needs Collaborator](#join-the-project-team): none + +Helping out other users with their questions is a really awesome way of contributing to any community. It's not uncommon for most of the issues on an open source projects being support-related questions by users trying to understand something they ran into, or find their way around a known bug. + +Sometimes, the `support` label will be added to things that turn out to actually be other things, like bugs or feature requests. In that case, suss out the details with the person who filed the original issue, add a comment explaining what the bug is, and change the label from `support` to `bug` or `feature`. If you can't do this yourself, @mention a maintainer so they can do it. + +In order to help other folks out with their questions: + +* Go to the issue tracker and [filter open issues by the `support` label](https://github.com/npm/libnpmteam/issues?q=is%3Aopen+is%3Aissue+label%3Asupport). +* Read through the list until you find something that you're familiar enough with to give an answer to. +* Respond to the issue with whatever details are needed to clarify the question, or get more details about what's going on. +* Once the discussion wraps up and things are clarified, either close the issue, or ask the original issue filer (or a maintainer) to close it for you. + +Some notes on picking up support issues: + +* Avoid responding to issues you don't know you can answer accurately. +* As much as possible, try to refer to past issues with accepted answers. Link to them from your replies with the `#123` format. +* Be kind and patient with users -- often, folks who have run into confusing things might be upset or impatient. This is ok. Try to understand where they're coming from, and if you're too uncomfortable with the tone, feel free to stay away or withdraw from the issue. (note: if the user is outright hostile or is violating the CoC, [refer to the Code of Conduct](CODE_OF_CONDUCT.md) to resolve the conflict). + +## Label Issues + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +One of the most important tasks in handling issues is labeling them usefully and accurately. All other tasks involving issues ultimately rely on the issue being classified in such a way that relevant parties looking to do their own tasks can find them quickly and easily. + +In order to label issues, [open up the list of unlabeled issues](https://github.com/npm/libnpmteam/issues?q=is%3Aopen+is%3Aissue+no%3Alabel) and, **from newest to oldest**, read through each one and apply issue labels according to the table below. If you're unsure about what label to apply, skip the issue and try the next one: don't feel obligated to label each and every issue yourself! + +Label | Apply When | Notes +--- | --- | --- +`bug` | Cases where the code (or documentation) is behaving in a way it wasn't intended to. | If something is happening that surprises the *user* but does not go against the way the code is designed, it should use the `enhancement` label. +`critical` | Added to `bug` issues if the problem described makes the code completely unusable in a common situation. | +`documentation` | Added to issues or pull requests that affect any of the documentation for the project. | Can be combined with other labels, such as `bug` or `enhancement`. +`duplicate` | Added to issues or PRs that refer to the exact same issue as another one that's been previously labeled. | Duplicate issues should be marked and closed right away, with a message referencing the issue it's a duplicate of (with `#123`) +`enhancement` | Added to [feature requests](#request-a-feature), PRs, or documentation issues that are purely additive: the code or docs currently work as expected, but a change is being requested or suggested. | +`help wanted` | Applied by [Committers](#join-the-project-team) to issues and PRs that they would like to get outside help for. Generally, this means it's lower priority for the maintainer team to itself implement, but that the community is encouraged to pick up if they so desire | Never applied on first-pass labeling. +`in-progress` | Applied by [Committers](#join-the-project-team) to PRs that are pending some work before they're ready for review. | The original PR submitter should @mention the team member that applied the label once the PR is complete. +`performance` | This issue or PR is directly related to improving performance. | +`refactor` | Added to issues or PRs that deal with cleaning up or modifying the project for the betterment of it. | +`starter` | Applied by [Committers](#join-the-project-team) to issues that they consider good introductions to the project for people who have not contributed before. These are not necessarily "easy", but rather focused around how much context is necessary in order to understand what needs to be done for this project in particular. | Existing project members are expected to stay away from these unless they increase in priority. +`support` | This issue is either asking a question about how to use the project, clarifying the reason for unexpected behavior, or possibly reporting a `bug` but does not have enough detail yet to determine whether it would count as such. | The label should be switched to `bug` if reliable reproduction steps are provided. Issues primarily with unintended configurations of a user's environment are not considered bugs, even if they cause crashes. +`tests` | This issue or PR either requests or adds primarily tests to the project. | If a PR is pending tests, that will be handled through the [PR review process](#review-pull-requests) +`wontfix` | Labelers may apply this label to issues that clearly have nothing at all to do with the project or are otherwise entirely outside of its scope/sphere of influence. [Committers](#join-the-project-team) may apply this label and close an issue or PR if they decide to pass on an otherwise relevant issue. | The issue or PR should be closed as soon as the label is applied, and a clear explanation provided of why the label was used. Contributors are free to contest the labeling, but the decision ultimately falls on committers as to whether to accept something or not. + +## Clean Up Issues and PRs + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +Issues and PRs can go stale after a while. Maybe they're abandoned. Maybe the team will just plain not have time to address them any time soon. + +In these cases, they should be closed until they're brought up again or the interaction starts over. + +To clean up issues and PRs: + +* Search the issue tracker for issues or PRs, and add the term `updated:<=YYYY-MM-DD`, where the date is 30 days before today. +* Go through each issue *from oldest to newest*, and close them if **all of the following are true**: + * not opened by a maintainer + * not marked as `critical` + * not marked as `starter` or `help wanted` (these might stick around for a while, in general, as they're intended to be available) + * no explicit messages in the comments asking for it to be left open + * does not belong to a milestone +* Leave a message when closing saying "Cleaning up stale issue. Please reopen or ping us if and when you're ready to resume this. See https://github.com/npm/libnpmteam/blob/latest/CONTRIBUTING.md#clean-up-issues-and-prs for more details." + +## Review Pull Requests + +[Needs Collaborator](#join-the-project-team): Issue Tracker + +While anyone can comment on a PR, add feedback, etc, PRs are only *approved* by team members with Issue Tracker or higher permissions. + +PR reviews use [GitHub's own review feature](https://help.github.com/articles/about-pull-request-reviews/), which manages comments, approval, and review iteration. + +Some notes: + +* You may ask for minor changes ("nitpicks"), but consider whether they are really blockers to merging: try to err on the side of "approve, with comments". +* *ALL PULL REQUESTS* should be covered by a test: either by a previously-failing test, an existing test that covers the entire functionality of the submitted code, or new tests to verify any new/changed behavior. All tests must also pass and follow established conventions. Test coverage should not drop, unless the specific case is considered reasonable by maintainers. +* Please make sure you're familiar with the code or documentation being updated, unless it's a minor change (spellchecking, minor formatting, etc). You may @mention another project member who you think is better suited for the review, but still provide a non-approving review of your own. +* Be extra kind: people who submit code/doc contributions are putting themselves in a pretty vulnerable position, and have put time and care into what they've done (even if that's not obvious to you!) -- always respond with respect, be understanding, but don't feel like you need to sacrifice your standards for their sake, either. Just don't be a jerk about it? + +## Merge Pull Requests + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. + +## Tag A Release + +[Needs Collaborator](#join-the-project-team): Committer + +TBD - need to hash out a bit more of this process. The most important bit here is probably that all tests must pass, and tags must use [semver](https://semver.org). + +## Join the Project Team + +### Ways to Join + +There are many ways to contribute! Most of them don't require any official status unless otherwise noted. That said, there's a couple of positions that grant special repository abilities, and this section describes how they're granted and what they do. + +All of the below positions are granted based on the project team's needs, as well as their consensus opinion about whether they would like to work with the person and think that they would fit well into that position. The process is relatively informal, and it's likely that people who express interest in participating can just be granted the permissions they'd like. + +You can spot a collaborator on the repo by looking for the `[Collaborator]` or `[Owner]` tags next to their names. + +Permission | Description +--- | --- +Issue Tracker | Granted to contributors who express a strong interest in spending time on the project's issue tracker. These tasks are mainly [labeling issues](#label-issues), [cleaning up old ones](#clean-up-issues-and-prs), and [reviewing pull requests](#review-pull-requests), as well as all the usual things non-team-member contributors can do. Issue handlers should not merge pull requests, tag releases, or directly commit code themselves: that should still be done through the usual pull request process. Becoming an Issue Handler means the project team trusts you to understand enough of the team's process and context to implement it on the issue tracker. +Committer | Granted to contributors who want to handle the actual pull request merges, tagging new versions, etc. Committers should have a good level of familiarity with the codebase, and enough context to understand the implications of various changes, as well as a good sense of the will and expectations of the project team. +Admin/Owner | Granted to people ultimately responsible for the project, its community, etc. + +## Attribution + +This guide was generated using the WeAllJS `CONTRIBUTING.md` generator. [Make your own](https://npm.im/weallcontribute)! diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/libnpmteam/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 000000000..8eee50a47 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,239 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="4.0.2"></a> +## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04) + + +### Bug Fixes + +* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9) +* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) + + +* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) + + +### BREAKING CHANGES + +* uid and gid are inferred from cache folder, rather than +being passed in as options. + + + +<a name="3.9.1"></a> +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + +<a name="3.9.0"></a> +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + +<a name="3.8.0"></a> +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + +<a name="3.7.0"></a> +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + +<a name="3.6.0"></a> +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + +<a name="3.5.0"></a> +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + +<a name="3.4.0"></a> +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + +<a name="3.3.0"></a> +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + +<a name="3.2.1"></a> +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + +<a name="3.2.0"></a> +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + +<a name="3.1.1"></a> +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + +<a name="3.1.0"></a> +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="1.1.1"></a> +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + +<a name="1.1.0"></a> +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + +<a name="1.0.1"></a> +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + +<a name="1.0.0"></a> +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/libnpmteam/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/README.md b/node_modules/libnpmteam/node_modules/npm-registry-fetch/README.md new file mode 100644 index 000000000..0c3f4f946 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### <a name="fetch"></a> `> fetch(url, [opts]) -> Promise<Response>` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### <a name="fetch-json"></a> `> fetch.json(url, [opts]) -> Promise<ResponseJSON>` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### <a name="fetch-json-stream"></a> `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### <a name="fetch-opts"></a> `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### <a name="opts-agent"></a> `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### <a name="opts-body"></a> `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### <a name="opts-ca"></a> `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### <a name="opts-cache"></a> `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### <a name="opts-cert"></a> `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### <a name="opts-fetch-retries"></a> `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-factor"></a> `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-mintimeout"></a> `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-maxtimeout"></a> `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-force-auth"></a> `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### <a name="opts-gzip"></a> `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### <a name="opts-headers"></a> `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### <a name="opts-ignore-body"></a> `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### <a name="opts-integrity"></a> `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### <a name='opts-is-from-ci'></a> `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### <a name="opts-key"></a> `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### <a name="opts-local-address"></a> `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### <a name="opts-log"></a> `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### <a name="opts-map-json"></a> `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### <a name="opts-maxsockets"></a> `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### <a name="opts-method"></a> `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### <a name="opts-noproxy"></a> `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### <a name="opts-npm-session"></a> `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### <a name="opts-offline"></a> `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-otp"></a> `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### <a name="opts-password"></a> `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### <a name="opts-prefer-offline"></a> `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-prefer-online"></a> `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### <a name="opts-project-scope"></a> `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### <a name="opts-proxy"></a> `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### <a name="opts-query"></a> `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### <a name="opts-refer"></a> `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### <a name="opts-registry"></a> `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.<scope>:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### <a name="opts-retry"></a> `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### <a name="opts-scope"></a> `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.<scope>:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### <a name="opts-scope-registry"></a> `opts.<scope>:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### <a name="opts-spec"></a> `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### <a name="opts-strict-ssl"></a> `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### <a name="opts-timeout"></a> `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### <a name="opts-token"></a> `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### <a name="opts-user-agent"></a> `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@<version>/node@<node-version>+<arch> (<platform>)'` + +User agent string to send in the `User-Agent` header. + +##### <a name="opts-username"></a> `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### <a name="opts-auth"></a> `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/auth.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 000000000..d583982d0 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/check-response.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 000000000..14058239b --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/config.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/config.js new file mode 100644 index 000000000..1c43b26ea --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,96 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/errors.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 000000000..ba78735fc --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/index.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/index.js new file mode 100644 index 000000000..c18487388 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,191 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/package.json b/node_modules/libnpmteam/node_modules/npm-registry-fetch/package.json new file mode 100644 index 000000000..643d71698 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,93 @@ +{ + "_from": "npm-registry-fetch@^4.0.0", + "_id": "npm-registry-fetch@4.0.2", + "_inBundle": false, + "_integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "_location": "/libnpmteam/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^4.0.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/libnpmteam" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "_shasum": "2b1434f93ccbe6b6385f8e45f45db93e16921d7a", + "_spec": "npm-registry-fetch@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmteam", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^12.0.0", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/libnpmteam/node_modules/npm-registry-fetch/silentlog.js b/node_modules/libnpmteam/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 000000000..886c5d55b --- /dev/null +++ b/node_modules/libnpmteam/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/libnpmteam/node_modules/safe-buffer/LICENSE b/node_modules/libnpmteam/node_modules/safe-buffer/LICENSE new file mode 100644 index 000000000..0c068ceec --- /dev/null +++ b/node_modules/libnpmteam/node_modules/safe-buffer/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) Feross Aboukhadijeh + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/libnpmteam/node_modules/safe-buffer/README.md b/node_modules/libnpmteam/node_modules/safe-buffer/README.md new file mode 100644 index 000000000..356e35193 --- /dev/null +++ b/node_modules/libnpmteam/node_modules/safe-buffer/README.md @@ -0,0 +1,586 @@ +# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] + +[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg +[travis-url]: https://travis-ci.org/feross/safe-buffer +[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg +[npm-url]: https://npmjs.org/package/safe-buffer +[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg +[downloads-url]: https://npmjs.org/package/safe-buffer +[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg +[standard-url]: https://standardjs.com + +#### Safer Node.js Buffer API + +**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`, +`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.** + +**Uses the built-in implementation when available.** + +## install + +``` +npm install safe-buffer +``` + +[Get supported safe-buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-safe-buffer?utm_source=npm-safe-buffer&utm_medium=referral&utm_campaign=readme) + +## usage + +The goal of this package is to provide a safe replacement for the node.js `Buffer`. + +It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to +the top of your node.js modules: + +```js +var Buffer = require('safe-buffer').Buffer + +// Existing buffer code will continue to work without issues: + +new Buffer('hey', 'utf8') +new Buffer([1, 2, 3], 'utf8') +new Buffer(obj) +new Buffer(16) // create an uninitialized buffer (potentially unsafe) + +// But you can use these new explicit APIs to make clear what you want: + +Buffer.from('hey', 'utf8') // convert from many types to a Buffer +Buffer.alloc(16) // create a zero-filled buffer (safe) +Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe) +``` + +## api + +### Class Method: Buffer.from(array) +<!-- YAML +added: v3.0.0 +--> + +* `array` {Array} + +Allocates a new `Buffer` using an `array` of octets. + +```js +const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]); + // creates a new Buffer containing ASCII bytes + // ['b','u','f','f','e','r'] +``` + +A `TypeError` will be thrown if `array` is not an `Array`. + +### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]]) +<!-- YAML +added: v5.10.0 +--> + +* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or + a `new ArrayBuffer()` +* `byteOffset` {Number} Default: `0` +* `length` {Number} Default: `arrayBuffer.length - byteOffset` + +When passed a reference to the `.buffer` property of a `TypedArray` instance, +the newly created `Buffer` will share the same allocated memory as the +TypedArray. + +```js +const arr = new Uint16Array(2); +arr[0] = 5000; +arr[1] = 4000; + +const buf = Buffer.from(arr.buffer); // shares the memory with arr; + +console.log(buf); + // Prints: <Buffer 88 13 a0 0f> + +// changing the TypedArray changes the Buffer also +arr[1] = 6000; + +console.log(buf); + // Prints: <Buffer 88 13 70 17> +``` + +The optional `byteOffset` and `length` arguments specify a memory range within +the `arrayBuffer` that will be shared by the `Buffer`. + +```js +const ab = new ArrayBuffer(10); +const buf = Buffer.from(ab, 0, 2); +console.log(buf.length); + // Prints: 2 +``` + +A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`. + +### Class Method: Buffer.from(buffer) +<!-- YAML +added: v3.0.0 +--> + +* `buffer` {Buffer} + +Copies the passed `buffer` data onto a new `Buffer` instance. + +```js +const buf1 = Buffer.from('buffer'); +const buf2 = Buffer.from(buf1); + +buf1[0] = 0x61; +console.log(buf1.toString()); + // 'auffer' +console.log(buf2.toString()); + // 'buffer' (copy is not changed) +``` + +A `TypeError` will be thrown if `buffer` is not a `Buffer`. + +### Class Method: Buffer.from(str[, encoding]) +<!-- YAML +added: v5.10.0 +--> + +* `str` {String} String to encode. +* `encoding` {String} Encoding to use, Default: `'utf8'` + +Creates a new `Buffer` containing the given JavaScript string `str`. If +provided, the `encoding` parameter identifies the character encoding. +If not provided, `encoding` defaults to `'utf8'`. + +```js +const buf1 = Buffer.from('this is a tést'); +console.log(buf1.toString()); + // prints: this is a tést +console.log(buf1.toString('ascii')); + // prints: this is a tC)st + +const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex'); +console.log(buf2.toString()); + // prints: this is a tést +``` + +A `TypeError` will be thrown if `str` is not a string. + +### Class Method: Buffer.alloc(size[, fill[, encoding]]) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} +* `fill` {Value} Default: `undefined` +* `encoding` {String} Default: `utf8` + +Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the +`Buffer` will be *zero-filled*. + +```js +const buf = Buffer.alloc(5); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +The `size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +If `fill` is specified, the allocated `Buffer` will be initialized by calling +`buf.fill(fill)`. See [`buf.fill()`][] for more information. + +```js +const buf = Buffer.alloc(5, 'a'); +console.log(buf); + // <Buffer 61 61 61 61 61> +``` + +If both `fill` and `encoding` are specified, the allocated `Buffer` will be +initialized by calling `buf.fill(fill, encoding)`. For example: + +```js +const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64'); +console.log(buf); + // <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64> +``` + +Calling `Buffer.alloc(size)` can be significantly slower than the alternative +`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance +contents will *never contain sensitive data*. + +A `TypeError` will be thrown if `size` is not a number. + +### Class Method: Buffer.allocUnsafe(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* `Buffer` of `size` bytes. The `size` must +be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit +architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is +thrown. A zero-length Buffer will be created if a `size` less than or equal to +0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +```js +const buf = Buffer.allocUnsafe(5); +console.log(buf); + // <Buffer 78 e0 82 02 01> + // (octets will be different, every time) +buf.fill(0); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +A `TypeError` will be thrown if `size` is not a number. + +Note that the `Buffer` module pre-allocates an internal `Buffer` instance of +size `Buffer.poolSize` that is used as a pool for the fast allocation of new +`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated +`new Buffer(size)` constructor) only when `size` is less than or equal to +`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default +value of `Buffer.poolSize` is `8192` but can be modified. + +Use of this pre-allocated internal memory pool is a key difference between +calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`. +Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer +pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal +Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The +difference is subtle but can be important when an application requires the +additional performance that `Buffer.allocUnsafe(size)` provides. + +### Class Method: Buffer.allocUnsafeSlow(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes. The +`size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances, +allocations under 4KB are, by default, sliced from a single pre-allocated +`Buffer`. This allows applications to avoid the garbage collection overhead of +creating many individually allocated Buffers. This approach improves both +performance and memory usage by eliminating the need to track and cleanup as +many `Persistent` objects. + +However, in the case where a developer may need to retain a small chunk of +memory from a pool for an indeterminate amount of time, it may be appropriate +to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then +copy out the relevant bits. + +```js +// need to keep around a few small chunks of memory +const store = []; + +socket.on('readable', () => { + const data = socket.read(); + // allocate for retained data + const sb = Buffer.allocUnsafeSlow(10); + // copy the data into the new allocation + data.copy(sb, 0, 0, 10); + store.push(sb); +}); +``` + +Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after* +a developer has observed undue memory retention in their applications. + +A `TypeError` will be thrown if `size` is not a number. + +### All the Rest + +The rest of the `Buffer` API is exactly the same as in node.js. +[See the docs](https://nodejs.org/api/buffer.html). + + +## Related links + +- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660) +- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4) + +## Why is `Buffer` unsafe? + +Today, the node.js `Buffer` constructor is overloaded to handle many different argument +types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.), +`ArrayBuffer`, and also `Number`. + +The API is optimized for convenience: you can throw any type at it, and it will try to do +what you want. + +Because the Buffer constructor is so powerful, you often see code like this: + +```js +// Convert UTF-8 strings to hex +function toHex (str) { + return new Buffer(str).toString('hex') +} +``` + +***But what happens if `toHex` is called with a `Number` argument?*** + +### Remote Memory Disclosure + +If an attacker can make your program call the `Buffer` constructor with a `Number` +argument, then they can make it allocate uninitialized memory from the node.js process. +This could potentially disclose TLS private keys, user data, or database passwords. + +When the `Buffer` constructor is passed a `Number` argument, it returns an +**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like +this, you **MUST** overwrite the contents before returning it to the user. + +From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size): + +> `new Buffer(size)` +> +> - `size` Number +> +> The underlying memory for `Buffer` instances created in this way is not initialized. +> **The contents of a newly created `Buffer` are unknown and could contain sensitive +> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes. + +(Emphasis our own.) + +Whenever the programmer intended to create an uninitialized `Buffer` you often see code +like this: + +```js +var buf = new Buffer(16) + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### Would this ever be a problem in real code? + +Yes. It's surprisingly common to forget to check the type of your variables in a +dynamically-typed language like JavaScript. + +Usually the consequences of assuming the wrong type is that your program crashes with an +uncaught exception. But the failure mode for forgetting to check the type of arguments to +the `Buffer` constructor is more catastrophic. + +Here's an example of a vulnerable service that takes a JSON payload and converts it to +hex: + +```js +// Take a JSON payload {str: "some string"} and convert it to hex +var server = http.createServer(function (req, res) { + var data = '' + req.setEncoding('utf8') + req.on('data', function (chunk) { + data += chunk + }) + req.on('end', function () { + var body = JSON.parse(data) + res.end(new Buffer(body.str).toString('hex')) + }) +}) + +server.listen(8080) +``` + +In this example, an http client just has to send: + +```json +{ + "str": 1000 +} +``` + +and it will get back 1,000 bytes of uninitialized memory from the server. + +This is a very serious bug. It's similar in severity to the +[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process +memory by remote attackers. + + +### Which real-world packages were vulnerable? + +#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht) + +[Mathias Buus](https://github.com/mafintosh) and I +([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages, +[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow +anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get +them to reveal 20 bytes at a time of uninitialized memory from the node.js process. + +Here's +[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8) +that fixed it. We released a new fixed version, created a +[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all +vulnerable versions on npm so users will get a warning to upgrade to a newer version. + +#### [`ws`](https://www.npmjs.com/package/ws) + +That got us wondering if there were other vulnerable packages. Sure enough, within a short +period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the +most popular WebSocket implementation in node.js. + +If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as +expected, then uninitialized server memory would be disclosed to the remote peer. + +These were the vulnerable methods: + +```js +socket.send(number) +socket.ping(number) +socket.pong(number) +``` + +Here's a vulnerable socket server with some echo functionality: + +```js +server.on('connection', function (socket) { + socket.on('message', function (message) { + message = JSON.parse(message) + if (message.type === 'echo') { + socket.send(message.data) // send back the user's message + } + }) +}) +``` + +`socket.send(number)` called on the server, will disclose server memory. + +Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue +was fixed, with a more detailed explanation. Props to +[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the +[Node Security Project disclosure](https://nodesecurity.io/advisories/67). + + +### What's the solution? + +It's important that node.js offers a fast way to get memory otherwise performance-critical +applications would needlessly get a lot slower. + +But we need a better way to *signal our intent* as programmers. **When we want +uninitialized memory, we should request it explicitly.** + +Sensitive functionality should not be packed into a developer-friendly API that loosely +accepts many different types. This type of API encourages the lazy practice of passing +variables in without checking the type very carefully. + +#### A new API: `Buffer.allocUnsafe(number)` + +The functionality of creating buffers with uninitialized memory should be part of another +API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that +frequently gets user input of all sorts of different types passed into it. + +```js +var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory! + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### How do we fix node.js core? + +We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as +`semver-major`) which defends against one case: + +```js +var str = 16 +new Buffer(str, 'utf8') +``` + +In this situation, it's implied that the programmer intended the first argument to be a +string, since they passed an encoding as a second argument. Today, node.js will allocate +uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not +what the programmer intended. + +But this is only a partial solution, since if the programmer does `new Buffer(variable)` +(without an `encoding` parameter) there's no way to know what they intended. If `variable` +is sometimes a number, then uninitialized memory will sometimes be returned. + +### What's the real long-term fix? + +We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when +we need uninitialized memory. But that would break 1000s of packages. + +~~We believe the best solution is to:~~ + +~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~ + +~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~ + +#### Update + +We now support adding three new APIs: + +- `Buffer.from(value)` - convert from any type to a buffer +- `Buffer.alloc(size)` - create a zero-filled buffer +- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size + +This solves the core problem that affected `ws` and `bittorrent-dht` which is +`Buffer(variable)` getting tricked into taking a number argument. + +This way, existing code continues working and the impact on the npm ecosystem will be +minimal. Over time, npm maintainers can migrate performance-critical code to use +`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`. + + +### Conclusion + +We think there's a serious design issue with the `Buffer` API as it exists today. It +promotes insecure software by putting high-risk functionality into a convenient API +with friendly "developer ergonomics". + +This wasn't merely a theoretical exercise because we found the issue in some of the +most popular npm packages. + +Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of +`buffer`. + +```js +var Buffer = require('safe-buffer').Buffer +``` + +Eventually, we hope that node.js core can switch to this new, safer behavior. We believe +the impact on the ecosystem would be minimal since it's not a breaking change. +Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while +older, insecure packages would magically become safe from this attack vector. + + +## links + +- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514) +- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67) +- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68) + + +## credit + +The original issues in `bittorrent-dht` +([disclosure](https://nodesecurity.io/advisories/68)) and +`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by +[Mathias Buus](https://github.com/mafintosh) and +[Feross Aboukhadijeh](http://feross.org/). + +Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues +and for his work running the [Node Security Project](https://nodesecurity.io/). + +Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and +auditing the code. + + +## license + +MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org) diff --git a/node_modules/libnpmteam/node_modules/safe-buffer/index.d.ts b/node_modules/libnpmteam/node_modules/safe-buffer/index.d.ts new file mode 100644 index 000000000..e9fed809a --- /dev/null +++ b/node_modules/libnpmteam/node_modules/safe-buffer/index.d.ts @@ -0,0 +1,187 @@ +declare module "safe-buffer" { + export class Buffer { + length: number + write(string: string, offset?: number, length?: number, encoding?: string): number; + toString(encoding?: string, start?: number, end?: number): string; + toJSON(): { type: 'Buffer', data: any[] }; + equals(otherBuffer: Buffer): boolean; + compare(otherBuffer: Buffer, targetStart?: number, targetEnd?: number, sourceStart?: number, sourceEnd?: number): number; + copy(targetBuffer: Buffer, targetStart?: number, sourceStart?: number, sourceEnd?: number): number; + slice(start?: number, end?: number): Buffer; + writeUIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeUIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + readUIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readUIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readUInt8(offset: number, noAssert?: boolean): number; + readUInt16LE(offset: number, noAssert?: boolean): number; + readUInt16BE(offset: number, noAssert?: boolean): number; + readUInt32LE(offset: number, noAssert?: boolean): number; + readUInt32BE(offset: number, noAssert?: boolean): number; + readInt8(offset: number, noAssert?: boolean): number; + readInt16LE(offset: number, noAssert?: boolean): number; + readInt16BE(offset: number, noAssert?: boolean): number; + readInt32LE(offset: number, noAssert?: boolean): number; + readInt32BE(offset: number, noAssert?: boolean): number; + readFloatLE(offset: number, noAssert?: boolean): number; + readFloatBE(offset: number, noAssert?: boolean): number; + readDoubleLE(offset: number, noAssert?: boolean): number; + readDoubleBE(offset: number, noAssert?: boolean): number; + swap16(): Buffer; + swap32(): Buffer; + swap64(): Buffer; + writeUInt8(value: number, offset: number, noAssert?: boolean): number; + writeUInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeInt8(value: number, offset: number, noAssert?: boolean): number; + writeInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeFloatLE(value: number, offset: number, noAssert?: boolean): number; + writeFloatBE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleLE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleBE(value: number, offset: number, noAssert?: boolean): number; + fill(value: any, offset?: number, end?: number): this; + indexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + lastIndexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + includes(value: string | number | Buffer, byteOffset?: number, encoding?: string): boolean; + + /** + * Allocates a new buffer containing the given {str}. + * + * @param str String to store in buffer. + * @param encoding encoding to use, optional. Default is 'utf8' + */ + constructor (str: string, encoding?: string); + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + */ + constructor (size: number); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: Uint8Array); + /** + * Produces a Buffer backed by the same allocated memory as + * the given {ArrayBuffer}. + * + * + * @param arrayBuffer The ArrayBuffer with which to share memory. + */ + constructor (arrayBuffer: ArrayBuffer); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: any[]); + /** + * Copies the passed {buffer} data onto a new {Buffer} instance. + * + * @param buffer The buffer to copy. + */ + constructor (buffer: Buffer); + prototype: Buffer; + /** + * Allocates a new Buffer using an {array} of octets. + * + * @param array + */ + static from(array: any[]): Buffer; + /** + * When passed a reference to the .buffer property of a TypedArray instance, + * the newly created Buffer will share the same allocated memory as the TypedArray. + * The optional {byteOffset} and {length} arguments specify a memory range + * within the {arrayBuffer} that will be shared by the Buffer. + * + * @param arrayBuffer The .buffer property of a TypedArray or a new ArrayBuffer() + * @param byteOffset + * @param length + */ + static from(arrayBuffer: ArrayBuffer, byteOffset?: number, length?: number): Buffer; + /** + * Copies the passed {buffer} data onto a new Buffer instance. + * + * @param buffer + */ + static from(buffer: Buffer): Buffer; + /** + * Creates a new Buffer containing the given JavaScript string {str}. + * If provided, the {encoding} parameter identifies the character encoding. + * If not provided, {encoding} defaults to 'utf8'. + * + * @param str + */ + static from(str: string, encoding?: string): Buffer; + /** + * Returns true if {obj} is a Buffer + * + * @param obj object to test. + */ + static isBuffer(obj: any): obj is Buffer; + /** + * Returns true if {encoding} is a valid encoding argument. + * Valid string encodings in Node 0.12: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'binary'(deprecated)|'hex' + * + * @param encoding string to test. + */ + static isEncoding(encoding: string): boolean; + /** + * Gives the actual byte length of a string. encoding defaults to 'utf8'. + * This is not the same as String.prototype.length since that returns the number of characters in a string. + * + * @param string string to test. + * @param encoding encoding used to evaluate (defaults to 'utf8') + */ + static byteLength(string: string, encoding?: string): number; + /** + * Returns a buffer which is the result of concatenating all the buffers in the list together. + * + * If the list has no items, or if the totalLength is 0, then it returns a zero-length buffer. + * If the list has exactly one item, then the first item of the list is returned. + * If the list has more than one item, then a new Buffer is created. + * + * @param list An array of Buffer objects to concatenate + * @param totalLength Total length of the buffers when concatenated. + * If totalLength is not provided, it is read from the buffers in the list. However, this adds an additional loop to the function, so it is faster to provide the length explicitly. + */ + static concat(list: Buffer[], totalLength?: number): Buffer; + /** + * The same as buf1.compare(buf2). + */ + static compare(buf1: Buffer, buf2: Buffer): number; + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + * @param fill if specified, buffer will be initialized by calling buf.fill(fill). + * If parameter is omitted, buffer will be filled with zeros. + * @param encoding encoding used for call to buf.fill while initalizing + */ + static alloc(size: number, fill?: string | Buffer | number, encoding?: string): Buffer; + /** + * Allocates a new buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafe(size: number): Buffer; + /** + * Allocates a new non-pooled buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafeSlow(size: number): Buffer; + } +}
\ No newline at end of file diff --git a/node_modules/libnpmteam/node_modules/safe-buffer/index.js b/node_modules/libnpmteam/node_modules/safe-buffer/index.js new file mode 100644 index 000000000..054c8d30d --- /dev/null +++ b/node_modules/libnpmteam/node_modules/safe-buffer/index.js @@ -0,0 +1,64 @@ +/* eslint-disable node/no-deprecated-api */ +var buffer = require('buffer') +var Buffer = buffer.Buffer + +// alternative to using Object.keys for old browsers +function copyProps (src, dst) { + for (var key in src) { + dst[key] = src[key] + } +} +if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) { + module.exports = buffer +} else { + // Copy properties from require('buffer') + copyProps(buffer, exports) + exports.Buffer = SafeBuffer +} + +function SafeBuffer (arg, encodingOrOffset, length) { + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.prototype = Object.create(Buffer.prototype) + +// Copy static methods from Buffer +copyProps(Buffer, SafeBuffer) + +SafeBuffer.from = function (arg, encodingOrOffset, length) { + if (typeof arg === 'number') { + throw new TypeError('Argument must not be a number') + } + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.alloc = function (size, fill, encoding) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + var buf = Buffer(size) + if (fill !== undefined) { + if (typeof encoding === 'string') { + buf.fill(fill, encoding) + } else { + buf.fill(fill) + } + } else { + buf.fill(0) + } + return buf +} + +SafeBuffer.allocUnsafe = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return Buffer(size) +} + +SafeBuffer.allocUnsafeSlow = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return buffer.SlowBuffer(size) +} diff --git a/node_modules/libnpmteam/node_modules/safe-buffer/package.json b/node_modules/libnpmteam/node_modules/safe-buffer/package.json new file mode 100644 index 000000000..c0ebf4c2e --- /dev/null +++ b/node_modules/libnpmteam/node_modules/safe-buffer/package.json @@ -0,0 +1,62 @@ +{ + "_from": "safe-buffer@^5.2.0", + "_id": "safe-buffer@5.2.0", + "_inBundle": false, + "_integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==", + "_location": "/libnpmteam/safe-buffer", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "safe-buffer@^5.2.0", + "name": "safe-buffer", + "escapedName": "safe-buffer", + "rawSpec": "^5.2.0", + "saveSpec": null, + "fetchSpec": "^5.2.0" + }, + "_requiredBy": [ + "/libnpmteam/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "_shasum": "b74daec49b1148f88c64b68d49b1e815c1f2f519", + "_spec": "safe-buffer@^5.2.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/libnpmteam/node_modules/npm-registry-fetch", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/safe-buffer/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Safer Node.js Buffer API", + "devDependencies": { + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/safe-buffer", + "keywords": [ + "buffer", + "buffer allocate", + "node security", + "safe", + "safe-buffer", + "security", + "uninitialized" + ], + "license": "MIT", + "main": "index.js", + "name": "safe-buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/safe-buffer.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "types": "index.d.ts", + "version": "5.2.0" +} diff --git a/node_modules/minipass-collect/LICENSE b/node_modules/minipass-collect/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/minipass-collect/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-collect/README.md b/node_modules/minipass-collect/README.md new file mode 100644 index 000000000..ae1c3daca --- /dev/null +++ b/node_modules/minipass-collect/README.md @@ -0,0 +1,48 @@ +# minipass-collect + +A Minipass stream that collects all the data into a single chunk + +Note that this buffers ALL data written to it, so it's only good for +situations where you are sure the entire stream fits in memory. + +Note: this is primarily useful for the `Collect.PassThrough` class, since +Minipass streams already have a `.collect()` method which returns a promise +that resolves to the array of chunks, and a `.concat()` method that returns +the data concatenated into a single Buffer or String. + +## USAGE + +```js +const Collect = require('minipass-collect') + +const collector = new Collect() +collector.on('data', allTheData => { + console.log('all the data!', allTheData) +}) + +someSourceOfData.pipe(collector) + +// note that you can also simply do: +someSourceOfData.pipe(new Minipass()).concat().then(data => ...) +// or even, if someSourceOfData is a Minipass: +someSourceOfData.concat().then(data => ...) +// but you might prefer to have it stream-shaped rather than +// Promise-shaped in some scenarios. +``` + +If you want to collect the data, but _also_ act as a passthrough stream, +then use `Collect.PassThrough` instead (for example to memoize streaming +responses), and listen on the `collect` event. + +```js +const Collect = require('minipass-collect') + +const collector = new Collect.PassThrough() +collector.on('collect', allTheData => { + console.log('all the data!', allTheData) +}) + +someSourceOfData.pipe(collector).pipe(someOtherStream) +``` + +All [minipass options](http://npm.im/minipass) are supported. diff --git a/node_modules/minipass-collect/index.js b/node_modules/minipass-collect/index.js new file mode 100644 index 000000000..2fe68c0b5 --- /dev/null +++ b/node_modules/minipass-collect/index.js @@ -0,0 +1,71 @@ +const Minipass = require('minipass') +const _data = Symbol('_data') +const _length = Symbol('_length') +class Collect extends Minipass { + constructor (options) { + super(options) + this[_data] = [] + this[_length] = 0 + } + write (chunk, encoding, cb) { + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + + if (!encoding) + encoding = 'utf8' + + const c = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk, encoding) + this[_data].push(c) + this[_length] += c.length + if (cb) + cb() + return true + } + end (chunk, encoding, cb) { + if (typeof chunk === 'function') + cb = chunk, chunk = null + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + if (chunk) + this.write(chunk, encoding) + const result = Buffer.concat(this[_data], this[_length]) + super.write(result) + return super.end(cb) + } +} +module.exports = Collect + +// it would be possible to DRY this a bit by doing something like +// this.collector = new Collect() and listening on its data event, +// but it's not much code, and we may as well save the extra obj +class CollectPassThrough extends Minipass { + constructor (options) { + super(options) + this[_data] = [] + this[_length] = 0 + } + write (chunk, encoding, cb) { + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + + if (!encoding) + encoding = 'utf8' + + const c = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk, encoding) + this[_data].push(c) + this[_length] += c.length + return super.write(chunk, encoding, cb) + } + end (chunk, encoding, cb) { + if (typeof chunk === 'function') + cb = chunk, chunk = null + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + if (chunk) + this.write(chunk, encoding) + const result = Buffer.concat(this[_data], this[_length]) + this.emit('collect', result) + return super.end(cb) + } +} +module.exports.PassThrough = CollectPassThrough diff --git a/node_modules/minipass-collect/node_modules/minipass/LICENSE b/node_modules/minipass-collect/node_modules/minipass/LICENSE new file mode 100644 index 000000000..20a476254 --- /dev/null +++ b/node_modules/minipass-collect/node_modules/minipass/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) npm, Inc. and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-collect/node_modules/minipass/README.md b/node_modules/minipass-collect/node_modules/minipass/README.md new file mode 100644 index 000000000..32ace2fb9 --- /dev/null +++ b/node_modules/minipass-collect/node_modules/minipass/README.md @@ -0,0 +1,606 @@ +# minipass + +A _very_ minimal implementation of a [PassThrough +stream](https://nodejs.org/api/stream.html#stream_class_stream_passthrough) + +[It's very +fast](https://docs.google.com/spreadsheets/d/1oObKSrVwLX_7Ut4Z6g3fZW-AX1j1-k6w-cDsrkaSbHM/edit#gid=0) +for objects, strings, and buffers. + +Supports pipe()ing (including multi-pipe() and backpressure transmission), +buffering data until either a `data` event handler or `pipe()` is added (so +you don't lose the first chunk), and most other cases where PassThrough is +a good idea. + +There is a `read()` method, but it's much more efficient to consume data +from this stream via `'data'` events or by calling `pipe()` into some other +stream. Calling `read()` requires the buffer to be flattened in some +cases, which requires copying memory. + +There is also no `unpipe()` method. Once you start piping, there is no +stopping it! + +If you set `objectMode: true` in the options, then whatever is written will +be emitted. Otherwise, it'll do a minimal amount of Buffer copying to +ensure proper Streams semantics when `read(n)` is called. + +`objectMode` can also be set by doing `stream.objectMode = true`, or by +writing any non-string/non-buffer data. `objectMode` cannot be set to +false once it is set. + +This is not a `through` or `through2` stream. It doesn't transform the +data, it just passes it right through. If you want to transform the data, +extend the class, and override the `write()` method. Once you're done +transforming the data however you want, call `super.write()` with the +transform output. + +For some examples of streams that extend Minipass in various ways, check +out: + +- [minizlib](http://npm.im/minizlib) +- [fs-minipass](http://npm.im/fs-minipass) +- [tar](http://npm.im/tar) +- [minipass-collect](http://npm.im/minipass-collect) +- [minipass-flush](http://npm.im/minipass-flush) +- [minipass-pipeline](http://npm.im/minipass-pipeline) +- [tap](http://npm.im/tap) +- [tap-parser](http://npm.im/tap) +- [treport](http://npm.im/tap) +- [minipass-fetch](http://npm.im/minipass-fetch) + +## Differences from Node.js Streams + +There are several things that make Minipass streams different from (and in +some ways superior to) Node.js core streams. + +Please read these caveats if you are familiar with noode-core streams and +intend to use Minipass streams in your programs. + +### Timing + +Minipass streams are designed to support synchronous use-cases. Thus, data +is emitted as soon as it is available, always. It is buffered until read, +but no longer. Another way to look at it is that Minipass streams are +exactly as synchronous as the logic that writes into them. + +This can be surprising if your code relies on `PassThrough.write()` always +providing data on the next tick rather than the current one, or being able +to call `resume()` and not have the entire buffer disappear immediately. + +However, without this synchronicity guarantee, there would be no way for +Minipass to achieve the speeds it does, or support the synchronous use +cases that it does. Simply put, waiting takes time. + +This non-deferring approach makes Minipass streams much easier to reason +about, especially in the context of Promises and other flow-control +mechanisms. + +### No High/Low Water Marks + +Node.js core streams will optimistically fill up a buffer, returning `true` +on all writes until the limit is hit, even if the data has nowhere to go. +Then, they will not attempt to draw more data in until the buffer size dips +below a minimum value. + +Minipass streams are much simpler. The `write()` method will return `true` +if the data has somewhere to go (which is to say, given the timing +guarantees, that the data is already there by the time `write()` returns). + +If the data has nowhere to go, then `write()` returns false, and the data +sits in a buffer, to be drained out immediately as soon as anyone consumes +it. + +### Hazards of Buffering (or: Why Minipass Is So Fast) + +Since data written to a Minipass stream is immediately written all the way +through the pipeline, and `write()` always returns true/false based on +whether the data was fully flushed, backpressure is communicated +immediately to the upstream caller. This minimizes buffering. + +Consider this case: + +```js +const {PassThrough} = require('stream') +const p1 = new PassThrough({ highWaterMark: 1024 }) +const p2 = new PassThrough({ highWaterMark: 1024 }) +const p3 = new PassThrough({ highWaterMark: 1024 }) +const p4 = new PassThrough({ highWaterMark: 1024 }) + +p1.pipe(p2).pipe(p3).pipe(p4) +p4.on('data', () => console.log('made it through')) + +// this returns false and buffers, then writes to p2 on next tick (1) +// p2 returns false and buffers, pausing p1, then writes to p3 on next tick (2) +// p3 returns false and buffers, pausing p2, then writes to p4 on next tick (3) +// p4 returns false and buffers, pausing p3, then emits 'data' and 'drain' +// on next tick (4) +// p3 sees p4's 'drain' event, and calls resume(), emitting 'resume' and +// 'drain' on next tick (5) +// p2 sees p3's 'drain', calls resume(), emits 'resume' and 'drain' on next tick (6) +// p1 sees p2's 'drain', calls resume(), emits 'resume' and 'drain' on next +// tick (7) + +p1.write(Buffer.alloc(2048)) // returns false +``` + +Along the way, the data was buffered and deferred at each stage, and +multiple event deferrals happened, for an unblocked pipeline where it was +perfectly safe to write all the way through! + +Furthermore, setting a `highWaterMark` of `1024` might lead someone reading +the code to think an advisory maximum of 1KiB is being set for the +pipeline. However, the actual advisory buffering level is the _sum_ of +`highWaterMark` values, since each one has its own bucket. + +Consider the Minipass case: + +```js +const m1 = new Minipass() +const m2 = new Minipass() +const m3 = new Minipass() +const m4 = new Minipass() + +m1.pipe(m2).pipe(m3).pipe(m4) +m4.on('data', () => console.log('made it through')) + +// m1 is flowing, so it writes the data to m2 immediately +// m2 is flowing, so it writes the data to m3 immediately +// m3 is flowing, so it writes the data to m4 immediately +// m4 is flowing, so it fires the 'data' event immediately, returns true +// m4's write returned true, so m3 is still flowing, returns true +// m3's write returned true, so m2 is still flowing, returns true +// m2's write returned true, so m1 is still flowing, returns true +// No event deferrals or buffering along the way! + +m1.write(Buffer.alloc(2048)) // returns true +``` + +It is extremely unlikely that you _don't_ want to buffer any data written, +or _ever_ buffer data that can be flushed all the way through. Neither +node-core streams nor Minipass ever fail to buffer written data, but +node-core streams do a lot of unnecessary buffering and pausing. + +As always, the faster implementation is the one that does less stuff and +waits less time to do it. + +### Immediately emit `end` for empty streams (when not paused) + +If a stream is not paused, and `end()` is called before writing any data +into it, then it will emit `end` immediately. + +If you have logic that occurs on the `end` event which you don't want to +potentially happen immediately (for example, closing file descriptors, +moving on to the next entry in an archive parse stream, etc.) then be sure +to call `stream.pause()` on creation, and then `stream.resume()` once you +are ready to respond to the `end` event. + +### Emit `end` When Asked + +One hazard of immediately emitting `'end'` is that you may not yet have had +a chance to add a listener. In order to avoid this hazard, Minipass +streams safely re-emit the `'end'` event if a new listener is added after +`'end'` has been emitted. + +Ie, if you do `stream.on('end', someFunction)`, and the stream has already +emitted `end`, then it will call the handler right away. (You can think of +this somewhat like attaching a new `.then(fn)` to a previously-resolved +Promise.) + +To prevent calling handlers multiple times who would not expect multiple +ends to occur, all listeners are removed from the `'end'` event whenever it +is emitted. + +### Impact of "immediate flow" on Tee-streams + +A "tee stream" is a stream piping to multiple destinations: + +```js +const tee = new Minipass() +t.pipe(dest1) +t.pipe(dest2) +t.write('foo') // goes to both destinations +``` + +Since Minipass streams _immediately_ process any pending data through the +pipeline when a new pipe destination is added, this can have surprising +effects, especially when a stream comes in from some other function and may +or may not have data in its buffer. + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.pipe(dest1) // 'foo' chunk flows to dest1 immediately, and is gone +src.pipe(dest2) // gets nothing! +``` + +The solution is to create a dedicated tee-stream junction that pipes to +both locations, and then pipe to _that_ instead. + +```js +// Safe example: tee to both places +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.pipe(dest1) +tee.pipe(dest2) +stream.pipe(tee) // tee gets 'foo', pipes to both locations +``` + +The same caveat applies to `on('data')` event listeners. The first one +added will _immediately_ receive all of the data, leaving nothing for the +second: + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.on('data', handler1) // receives 'foo' right away +src.on('data', handler2) // nothing to see here! +``` + +Using a dedicated tee-stream can be used in this case as well: + +```js +// Safe example: tee to both data handlers +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.on('data', handler1) +tee.on('data', handler2) +src.pipe(tee) +``` + +## USAGE + +It's a stream! Use it like a stream and it'll most likely do what you +want. + +```js +const Minipass = require('minipass') +const mp = new Minipass(options) // optional: { encoding, objectMode } +mp.write('foo') +mp.pipe(someOtherStream) +mp.end('bar') +``` + +### OPTIONS + +* `encoding` How would you like the data coming _out_ of the stream to be + encoded? Accepts any values that can be passed to `Buffer.toString()`. +* `objectMode` Emit data exactly as it comes in. This will be flipped on + by default if you write() something other than a string or Buffer at any + point. Setting `objectMode: true` will prevent setting any encoding + value. + +### API + +Implements the user-facing portions of Node.js's `Readable` and `Writable` +streams. + +### Methods + +* `write(chunk, [encoding], [callback])` - Put data in. (Note that, in the + base Minipass class, the same data will come out.) Returns `false` if + the stream will buffer the next write, or true if it's still in "flowing" + mode. +* `end([chunk, [encoding]], [callback])` - Signal that you have no more + data to write. This will queue an `end` event to be fired when all the + data has been consumed. +* `setEncoding(encoding)` - Set the encoding for data coming of the stream. + This can only be done once. +* `pause()` - No more data for a while, please. This also prevents `end` + from being emitted for empty streams until the stream is resumed. +* `resume()` - Resume the stream. If there's data in the buffer, it is all + discarded. Any buffered events are immediately emitted. +* `pipe(dest)` - Send all output to the stream provided. There is no way + to unpipe. When data is emitted, it is immediately written to any and + all pipe destinations. +* `on(ev, fn)`, `emit(ev, fn)` - Minipass streams are EventEmitters. Some + events are given special treatment, however. (See below under "events".) +* `promise()` - Returns a Promise that resolves when the stream emits + `end`, or rejects if the stream emits `error`. +* `collect()` - Return a Promise that resolves on `end` with an array + containing each chunk of data that was emitted, or rejects if the stream + emits `error`. Note that this consumes the stream data. +* `concat()` - Same as `collect()`, but concatenates the data into a single + Buffer object. Will reject the returned promise if the stream is in + objectMode, or if it goes into objectMode by the end of the data. +* `read(n)` - Consume `n` bytes of data out of the buffer. If `n` is not + provided, then consume all of it. If `n` bytes are not available, then + it returns null. **Note** consuming streams in this way is less + efficient, and can lead to unnecessary Buffer copying. +* `destroy([er])` - Destroy the stream. If an error is provided, then an + `'error'` event is emitted. If the stream has a `close()` method, and + has not emitted a `'close'` event yet, then `stream.close()` will be + called. Any Promises returned by `.promise()`, `.collect()` or + `.concat()` will be rejected. After being destroyed, writing to the + stream will emit an error. No more data will be emitted if the stream is + destroyed, even if it was previously buffered. + +### Properties + +* `bufferLength` Read-only. Total number of bytes buffered, or in the case + of objectMode, the total number of objects. +* `encoding` The encoding that has been set. (Setting this is equivalent + to calling `setEncoding(enc)` and has the same prohibition against + setting multiple times.) +* `flowing` Read-only. Boolean indicating whether a chunk written to the + stream will be immediately emitted. +* `emittedEnd` Read-only. Boolean indicating whether the end-ish events + (ie, `end`, `prefinish`, `finish`) have been emitted. Note that + listening on any end-ish event will immediateyl re-emit it if it has + already been emitted. +* `writable` Whether the stream is writable. Default `true`. Set to + `false` when `end()` +* `readable` Whether the stream is readable. Default `true`. +* `buffer` A [yallist](http://npm.im/yallist) linked list of chunks written + to the stream that have not yet been emitted. (It's probably a bad idea + to mess with this.) +* `pipes` A [yallist](http://npm.im/yallist) linked list of streams that + this stream is piping into. (It's probably a bad idea to mess with + this.) +* `destroyed` A getter that indicates whether the stream was destroyed. +* `paused` True if the stream has been explicitly paused, otherwise false. +* `objectMode` Indicates whether the stream is in `objectMode`. Once set + to `true`, it cannot be set to `false`. + +### Events + +* `data` Emitted when there's data to read. Argument is the data to read. + This is never emitted while not flowing. If a listener is attached, that + will resume the stream. +* `end` Emitted when there's no more data to read. This will be emitted + immediately for empty streams when `end()` is called. If a listener is + attached, and `end` was already emitted, then it will be emitted again. + All listeners are removed when `end` is emitted. +* `prefinish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'end'`. +* `finish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'prefinish'`. +* `close` An indication that an underlying resource has been released. + Minipass does not emit this event, but will defer it until after `end` + has been emitted, since it throws off some stream libraries otherwise. +* `drain` Emitted when the internal buffer empties, and it is again + suitable to `write()` into the stream. +* `readable` Emitted when data is buffered and ready to be read by a + consumer. +* `resume` Emitted when stream changes state from buffering to flowing + mode. (Ie, when `resume` is called, `pipe` is called, or a `data` event + listener is added.) + +### Static Methods + +* `Minipass.isStream(stream)` Returns `true` if the argument is a stream, + and false otherwise. To be considered a stream, the object must be + either an instance of Minipass, or an EventEmitter that has either a + `pipe()` method, or both `write()` and `end()` methods. (Pretty much any + stream in node-land will return `true` for this.) + +## EXAMPLES + +Here are some examples of things you can do with Minipass streams. + +### simple "are you done yet" promise + +```js +mp.promise().then(() => { + // stream is finished +}, er => { + // stream emitted an error +}) +``` + +### collecting + +```js +mp.collect().then(all => { + // all is an array of all the data emitted + // encoding is supported in this case, so + // so the result will be a collection of strings if + // an encoding is specified, or buffers/objects if not. + // + // In an async function, you may do + // const data = await stream.collect() +}) +``` + +### collecting into a single blob + +This is a bit slower because it concatenates the data into one chunk for +you, but if you're going to do it yourself anyway, it's convenient this +way: + +```js +mp.concat().then(onebigchunk => { + // onebigchunk is a string if the stream + // had an encoding set, or a buffer otherwise. +}) +``` + +### iteration + +You can iterate over streams synchronously or asynchronously in platforms +that support it. + +Synchronous iteration will end when the currently available data is +consumed, even if the `end` event has not been reached. In string and +buffer mode, the data is concatenated, so unless multiple writes are +occurring in the same tick as the `read()`, sync iteration loops will +generally only have a single iteration. + +To consume chunks in this way exactly as they have been written, with no +flattening, create the stream with the `{ objectMode: true }` option. + +```js +const mp = new Minipass({ objectMode: true }) +mp.write('a') +mp.write('b') +for (let letter of mp) { + console.log(letter) // a, b +} +mp.write('c') +mp.write('d') +for (let letter of mp) { + console.log(letter) // c, d +} +mp.write('e') +mp.end() +for (let letter of mp) { + console.log(letter) // e +} +for (let letter of mp) { + console.log(letter) // nothing +} +``` + +Asynchronous iteration will continue until the end event is reached, +consuming all of the data. + +```js +const mp = new Minipass({ encoding: 'utf8' }) + +// some source of some data +let i = 5 +const inter = setInterval(() => { + if (i --> 0) + mp.write(Buffer.from('foo\n', 'utf8')) + else { + mp.end() + clearInterval(inter) + } +}, 100) + +// consume the data with asynchronous iteration +async function consume () { + for await (let chunk of mp) { + console.log(chunk) + } + return 'ok' +} + +consume().then(res => console.log(res)) +// logs `foo\n` 5 times, and then `ok` +``` + +### subclass that `console.log()`s everything written into it + +```js +class Logger extends Minipass { + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } +} + +someSource.pipe(new Logger()).pipe(someDest) +``` + +### same thing, but using an inline anonymous class + +```js +// js classes are fun +someSource + .pipe(new (class extends Minipass { + emit (ev, ...data) { + // let's also log events, because debugging some weird thing + console.log('EMIT', ev) + return super.emit(ev, ...data) + } + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } + })) + .pipe(someDest) +``` + +### subclass that defers 'end' for some reason + +```js +class SlowEnd extends Minipass { + emit (ev, ...args) { + if (ev === 'end') { + console.log('going to end, hold on a sec') + setTimeout(() => { + console.log('ok, ready to end now') + super.emit('end', ...args) + }, 100) + } else { + return super.emit(ev, ...args) + } + } +} +``` + +### transform that creates newline-delimited JSON + +```js +class NDJSONEncode extends Minipass { + write (obj, cb) { + try { + // JSON.stringify can throw, emit an error on that + return super.write(JSON.stringify(obj) + '\n', 'utf8', cb) + } catch (er) { + this.emit('error', er) + } + } + end (obj, cb) { + if (typeof obj === 'function') { + cb = obj + obj = undefined + } + if (obj !== undefined) { + this.write(obj) + } + return super.end(cb) + } +} +``` + +### transform that parses newline-delimited JSON + +```js +class NDJSONDecode extends Minipass { + constructor (options) { + // always be in object mode, as far as Minipass is concerned + super({ objectMode: true }) + this._jsonBuffer = '' + } + write (chunk, encoding, cb) { + if (typeof chunk === 'string' && + typeof encoding === 'string' && + encoding !== 'utf8') { + chunk = Buffer.from(chunk, encoding).toString() + } else if (Buffer.isBuffer(chunk)) + chunk = chunk.toString() + } + if (typeof encoding === 'function') { + cb = encoding + } + const jsonData = (this._jsonBuffer + chunk).split('\n') + this._jsonBuffer = jsonData.pop() + for (let i = 0; i < jsonData.length; i++) { + let parsed + try { + super.write(parsed) + } catch (er) { + this.emit('error', er) + continue + } + } + if (cb) + cb() + } +} +``` diff --git a/node_modules/minipass-collect/node_modules/minipass/index.js b/node_modules/minipass-collect/node_modules/minipass/index.js new file mode 100644 index 000000000..55ea0f3dd --- /dev/null +++ b/node_modules/minipass-collect/node_modules/minipass/index.js @@ -0,0 +1,538 @@ +'use strict' +const EE = require('events') +const Stream = require('stream') +const Yallist = require('yallist') +const SD = require('string_decoder').StringDecoder + +const EOF = Symbol('EOF') +const MAYBE_EMIT_END = Symbol('maybeEmitEnd') +const EMITTED_END = Symbol('emittedEnd') +const EMITTING_END = Symbol('emittingEnd') +const CLOSED = Symbol('closed') +const READ = Symbol('read') +const FLUSH = Symbol('flush') +const FLUSHCHUNK = Symbol('flushChunk') +const ENCODING = Symbol('encoding') +const DECODER = Symbol('decoder') +const FLOWING = Symbol('flowing') +const PAUSED = Symbol('paused') +const RESUME = Symbol('resume') +const BUFFERLENGTH = Symbol('bufferLength') +const BUFFERPUSH = Symbol('bufferPush') +const BUFFERSHIFT = Symbol('bufferShift') +const OBJECTMODE = Symbol('objectMode') +const DESTROYED = Symbol('destroyed') + +// TODO remove when Node v8 support drops +const doIter = global._MP_NO_ITERATOR_SYMBOLS_ !== '1' +const ASYNCITERATOR = doIter && Symbol.asyncIterator + || Symbol('asyncIterator not implemented') +const ITERATOR = doIter && Symbol.iterator + || Symbol('iterator not implemented') + +// events that mean 'the stream is over' +// these are treated specially, and re-emitted +// if they are listened for after emitting. +const isEndish = ev => + ev === 'end' || + ev === 'finish' || + ev === 'prefinish' + +const isArrayBuffer = b => b instanceof ArrayBuffer || + typeof b === 'object' && + b.constructor && + b.constructor.name === 'ArrayBuffer' && + b.byteLength >= 0 + +const isArrayBufferView = b => !Buffer.isBuffer(b) && ArrayBuffer.isView(b) + +module.exports = class Minipass extends Stream { + constructor (options) { + super() + this[FLOWING] = false + // whether we're explicitly paused + this[PAUSED] = false + this.pipes = new Yallist() + this.buffer = new Yallist() + this[OBJECTMODE] = options && options.objectMode || false + if (this[OBJECTMODE]) + this[ENCODING] = null + else + this[ENCODING] = options && options.encoding || null + if (this[ENCODING] === 'buffer') + this[ENCODING] = null + this[DECODER] = this[ENCODING] ? new SD(this[ENCODING]) : null + this[EOF] = false + this[EMITTED_END] = false + this[EMITTING_END] = false + this[CLOSED] = false + this.writable = true + this.readable = true + this[BUFFERLENGTH] = 0 + this[DESTROYED] = false + } + + get bufferLength () { return this[BUFFERLENGTH] } + + get encoding () { return this[ENCODING] } + set encoding (enc) { + if (this[OBJECTMODE]) + throw new Error('cannot set encoding in objectMode') + + if (this[ENCODING] && enc !== this[ENCODING] && + (this[DECODER] && this[DECODER].lastNeed || this[BUFFERLENGTH])) + throw new Error('cannot change encoding') + + if (this[ENCODING] !== enc) { + this[DECODER] = enc ? new SD(enc) : null + if (this.buffer.length) + this.buffer = this.buffer.map(chunk => this[DECODER].write(chunk)) + } + + this[ENCODING] = enc + } + + setEncoding (enc) { + this.encoding = enc + } + + get objectMode () { return this[OBJECTMODE] } + set objectMode (ॐ ) { this[OBJECTMODE] = this[OBJECTMODE] || !!ॐ } + + write (chunk, encoding, cb) { + if (this[EOF]) + throw new Error('write after end') + + if (this[DESTROYED]) { + this.emit('error', Object.assign( + new Error('Cannot call write after a stream was destroyed'), + { code: 'ERR_STREAM_DESTROYED' } + )) + return true + } + + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + + if (!encoding) + encoding = 'utf8' + + // convert array buffers and typed array views into buffers + // at some point in the future, we may want to do the opposite! + // leave strings and buffers as-is + // anything else switches us into object mode + if (!this[OBJECTMODE] && !Buffer.isBuffer(chunk)) { + if (isArrayBufferView(chunk)) + chunk = Buffer.from(chunk.buffer, chunk.byteOffset, chunk.byteLength) + else if (isArrayBuffer(chunk)) + chunk = Buffer.from(chunk) + else if (typeof chunk !== 'string') + // use the setter so we throw if we have encoding set + this.objectMode = true + } + + // this ensures at this point that the chunk is a buffer or string + // don't buffer it up or send it to the decoder + if (!this.objectMode && !chunk.length) { + const ret = this.flowing + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + return ret + } + + // fast-path writing strings of same encoding to a stream with + // an empty buffer, skipping the buffer/decoder dance + if (typeof chunk === 'string' && !this[OBJECTMODE] && + // unless it is a string already ready for us to use + !(encoding === this[ENCODING] && !this[DECODER].lastNeed)) { + chunk = Buffer.from(chunk, encoding) + } + + if (Buffer.isBuffer(chunk) && this[ENCODING]) + chunk = this[DECODER].write(chunk) + + try { + return this.flowing + ? (this.emit('data', chunk), this.flowing) + : (this[BUFFERPUSH](chunk), false) + } finally { + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + } + } + + read (n) { + if (this[DESTROYED]) + return null + + try { + if (this[BUFFERLENGTH] === 0 || n === 0 || n > this[BUFFERLENGTH]) + return null + + if (this[OBJECTMODE]) + n = null + + if (this.buffer.length > 1 && !this[OBJECTMODE]) { + if (this.encoding) + this.buffer = new Yallist([ + Array.from(this.buffer).join('') + ]) + else + this.buffer = new Yallist([ + Buffer.concat(Array.from(this.buffer), this[BUFFERLENGTH]) + ]) + } + + return this[READ](n || null, this.buffer.head.value) + } finally { + this[MAYBE_EMIT_END]() + } + } + + [READ] (n, chunk) { + if (n === chunk.length || n === null) + this[BUFFERSHIFT]() + else { + this.buffer.head.value = chunk.slice(n) + chunk = chunk.slice(0, n) + this[BUFFERLENGTH] -= n + } + + this.emit('data', chunk) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + + return chunk + } + + end (chunk, encoding, cb) { + if (typeof chunk === 'function') + cb = chunk, chunk = null + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + if (chunk) + this.write(chunk, encoding) + if (cb) + this.once('end', cb) + this[EOF] = true + this.writable = false + + // if we haven't written anything, then go ahead and emit, + // even if we're not reading. + // we'll re-emit if a new 'end' listener is added anyway. + // This makes MP more suitable to write-only use cases. + if (this.flowing || !this[PAUSED]) + this[MAYBE_EMIT_END]() + return this + } + + // don't let the internal resume be overwritten + [RESUME] () { + if (this[DESTROYED]) + return + + this[PAUSED] = false + this[FLOWING] = true + this.emit('resume') + if (this.buffer.length) + this[FLUSH]() + else if (this[EOF]) + this[MAYBE_EMIT_END]() + else + this.emit('drain') + } + + resume () { + return this[RESUME]() + } + + pause () { + this[FLOWING] = false + this[PAUSED] = true + } + + get destroyed () { + return this[DESTROYED] + } + + get flowing () { + return this[FLOWING] + } + + get paused () { + return this[PAUSED] + } + + [BUFFERPUSH] (chunk) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] += 1 + else + this[BUFFERLENGTH] += chunk.length + return this.buffer.push(chunk) + } + + [BUFFERSHIFT] () { + if (this.buffer.length) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] -= 1 + else + this[BUFFERLENGTH] -= this.buffer.head.value.length + } + return this.buffer.shift() + } + + [FLUSH] () { + do {} while (this[FLUSHCHUNK](this[BUFFERSHIFT]())) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + } + + [FLUSHCHUNK] (chunk) { + return chunk ? (this.emit('data', chunk), this.flowing) : false + } + + pipe (dest, opts) { + if (this[DESTROYED]) + return + + const ended = this[EMITTED_END] + opts = opts || {} + if (dest === process.stdout || dest === process.stderr) + opts.end = false + else + opts.end = opts.end !== false + + const p = { dest: dest, opts: opts, ondrain: _ => this[RESUME]() } + this.pipes.push(p) + + dest.on('drain', p.ondrain) + this[RESUME]() + // piping an ended stream ends immediately + if (ended && p.opts.end) + p.dest.end() + return dest + } + + addListener (ev, fn) { + return this.on(ev, fn) + } + + on (ev, fn) { + try { + return super.on(ev, fn) + } finally { + if (ev === 'data' && !this.pipes.length && !this.flowing) + this[RESUME]() + else if (isEndish(ev) && this[EMITTED_END]) { + super.emit(ev) + this.removeAllListeners(ev) + } + } + } + + get emittedEnd () { + return this[EMITTED_END] + } + + [MAYBE_EMIT_END] () { + if (!this[EMITTING_END] && + !this[EMITTED_END] && + !this[DESTROYED] && + this.buffer.length === 0 && + this[EOF]) { + this[EMITTING_END] = true + this.emit('end') + this.emit('prefinish') + this.emit('finish') + if (this[CLOSED]) + this.emit('close') + this[EMITTING_END] = false + } + } + + emit (ev, data) { + // error and close are only events allowed after calling destroy() + if (ev !== 'error' && ev !== 'close' && ev !== DESTROYED && this[DESTROYED]) + return + else if (ev === 'data') { + if (!data) + return + + if (this.pipes.length) + this.pipes.forEach(p => + p.dest.write(data) === false && this.pause()) + } else if (ev === 'end') { + // only actual end gets this treatment + if (this[EMITTED_END] === true) + return + + this[EMITTED_END] = true + this.readable = false + + if (this[DECODER]) { + data = this[DECODER].end() + if (data) { + this.pipes.forEach(p => p.dest.write(data)) + super.emit('data', data) + } + } + + this.pipes.forEach(p => { + p.dest.removeListener('drain', p.ondrain) + if (p.opts.end) + p.dest.end() + }) + } else if (ev === 'close') { + this[CLOSED] = true + // don't emit close before 'end' and 'finish' + if (!this[EMITTED_END] && !this[DESTROYED]) + return + } + + // TODO: replace with a spread operator when Node v4 support drops + const args = new Array(arguments.length) + args[0] = ev + args[1] = data + if (arguments.length > 2) { + for (let i = 2; i < arguments.length; i++) { + args[i] = arguments[i] + } + } + + try { + return super.emit.apply(this, args) + } finally { + if (!isEndish(ev)) + this[MAYBE_EMIT_END]() + else + this.removeAllListeners(ev) + } + } + + // const all = await stream.collect() + collect () { + const buf = [] + if (!this[OBJECTMODE]) + buf.dataLength = 0 + // set the promise first, in case an error is raised + // by triggering the flow here. + const p = this.promise() + this.on('data', c => { + buf.push(c) + if (!this[OBJECTMODE]) + buf.dataLength += c.length + }) + return p.then(() => buf) + } + + // const data = await stream.concat() + concat () { + return this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this.collect().then(buf => + this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this[ENCODING] ? buf.join('') : Buffer.concat(buf, buf.dataLength)) + } + + // stream.promise().then(() => done, er => emitted error) + promise () { + return new Promise((resolve, reject) => { + this.on(DESTROYED, () => reject(new Error('stream destroyed'))) + this.on('end', () => resolve()) + this.on('error', er => reject(er)) + }) + } + + // for await (let chunk of stream) + [ASYNCITERATOR] () { + const next = () => { + const res = this.read() + if (res !== null) + return Promise.resolve({ done: false, value: res }) + + if (this[EOF]) + return Promise.resolve({ done: true }) + + let resolve = null + let reject = null + const onerr = er => { + this.removeListener('data', ondata) + this.removeListener('end', onend) + reject(er) + } + const ondata = value => { + this.removeListener('error', onerr) + this.removeListener('end', onend) + this.pause() + resolve({ value: value, done: !!this[EOF] }) + } + const onend = () => { + this.removeListener('error', onerr) + this.removeListener('data', ondata) + resolve({ done: true }) + } + const ondestroy = () => onerr(new Error('stream destroyed')) + return new Promise((res, rej) => { + reject = rej + resolve = res + this.once(DESTROYED, ondestroy) + this.once('error', onerr) + this.once('end', onend) + this.once('data', ondata) + }) + } + + return { next } + } + + // for (let chunk of stream) + [ITERATOR] () { + const next = () => { + const value = this.read() + const done = value === null + return { value, done } + } + return { next } + } + + destroy (er) { + if (this[DESTROYED]) { + if (er) + this.emit('error', er) + else + this.emit(DESTROYED) + return this + } + + this[DESTROYED] = true + + // throw away all buffered data, it's never coming out + this.buffer = new Yallist() + this[BUFFERLENGTH] = 0 + + if (typeof this.close === 'function' && !this[CLOSED]) + this.close() + + if (er) + this.emit('error', er) + else // if no error to emit, still reject pending promises + this.emit(DESTROYED) + + return this + } + + static isStream (s) { + return !!s && (s instanceof Minipass || s instanceof Stream || + s instanceof EE && ( + typeof s.pipe === 'function' || // readable + (typeof s.write === 'function' && typeof s.end === 'function') // writable + )) + } +} diff --git a/node_modules/minipass-collect/node_modules/minipass/package.json b/node_modules/minipass-collect/node_modules/minipass/package.json new file mode 100644 index 000000000..36c389354 --- /dev/null +++ b/node_modules/minipass-collect/node_modules/minipass/package.json @@ -0,0 +1,72 @@ +{ + "_from": "minipass@^3.0.0", + "_id": "minipass@3.1.1", + "_inBundle": false, + "_integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "_location": "/minipass-collect/minipass", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass@^3.0.0", + "name": "minipass", + "escapedName": "minipass", + "rawSpec": "^3.0.0", + "saveSpec": null, + "fetchSpec": "^3.0.0" + }, + "_requiredBy": [ + "/minipass-collect" + ], + "_resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "_shasum": "7607ce778472a185ad6d89082aa2070f79cedcd5", + "_spec": "minipass@^3.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-collect", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/minipass/issues" + }, + "bundleDependencies": false, + "dependencies": { + "yallist": "^4.0.0" + }, + "deprecated": false, + "description": "minimal implementation of a PassThrough stream", + "devDependencies": { + "end-of-stream": "^1.4.0", + "tap": "^14.6.5", + "through2": "^2.0.3" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/isaacs/minipass#readme", + "keywords": [ + "passthrough", + "stream" + ], + "license": "ISC", + "main": "index.js", + "name": "minipass", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/minipass.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish --tag=next", + "preversion": "npm test", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "3.1.1" +} diff --git a/node_modules/minipass-collect/node_modules/yallist/LICENSE b/node_modules/minipass-collect/node_modules/yallist/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/minipass-collect/node_modules/yallist/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-collect/node_modules/yallist/README.md b/node_modules/minipass-collect/node_modules/yallist/README.md new file mode 100644 index 000000000..f58610186 --- /dev/null +++ b/node_modules/minipass-collect/node_modules/yallist/README.md @@ -0,0 +1,204 @@ +# yallist + +Yet Another Linked List + +There are many doubly-linked list implementations like it, but this +one is mine. + +For when an array would be too big, and a Map can't be iterated in +reverse order. + + +[](https://travis-ci.org/isaacs/yallist) [](https://coveralls.io/github/isaacs/yallist) + +## basic usage + +```javascript +var yallist = require('yallist') +var myList = yallist.create([1, 2, 3]) +myList.push('foo') +myList.unshift('bar') +// of course pop() and shift() are there, too +console.log(myList.toArray()) // ['bar', 1, 2, 3, 'foo'] +myList.forEach(function (k) { + // walk the list head to tail +}) +myList.forEachReverse(function (k, index, list) { + // walk the list tail to head +}) +var myDoubledList = myList.map(function (k) { + return k + k +}) +// now myDoubledList contains ['barbar', 2, 4, 6, 'foofoo'] +// mapReverse is also a thing +var myDoubledListReverse = myList.mapReverse(function (k) { + return k + k +}) // ['foofoo', 6, 4, 2, 'barbar'] + +var reduced = myList.reduce(function (set, entry) { + set += entry + return set +}, 'start') +console.log(reduced) // 'startfoo123bar' +``` + +## api + +The whole API is considered "public". + +Functions with the same name as an Array method work more or less the +same way. + +There's reverse versions of most things because that's the point. + +### Yallist + +Default export, the class that holds and manages a list. + +Call it with either a forEach-able (like an array) or a set of +arguments, to initialize the list. + +The Array-ish methods all act like you'd expect. No magic length, +though, so if you change that it won't automatically prune or add +empty spots. + +### Yallist.create(..) + +Alias for Yallist function. Some people like factories. + +#### yallist.head + +The first node in the list + +#### yallist.tail + +The last node in the list + +#### yallist.length + +The number of nodes in the list. (Change this at your peril. It is +not magic like Array length.) + +#### yallist.toArray() + +Convert the list to an array. + +#### yallist.forEach(fn, [thisp]) + +Call a function on each item in the list. + +#### yallist.forEachReverse(fn, [thisp]) + +Call a function on each item in the list, in reverse order. + +#### yallist.get(n) + +Get the data at position `n` in the list. If you use this a lot, +probably better off just using an Array. + +#### yallist.getReverse(n) + +Get the data at position `n`, counting from the tail. + +#### yallist.map(fn, thisp) + +Create a new Yallist with the result of calling the function on each +item. + +#### yallist.mapReverse(fn, thisp) + +Same as `map`, but in reverse. + +#### yallist.pop() + +Get the data from the list tail, and remove the tail from the list. + +#### yallist.push(item, ...) + +Insert one or more items to the tail of the list. + +#### yallist.reduce(fn, initialValue) + +Like Array.reduce. + +#### yallist.reduceReverse + +Like Array.reduce, but in reverse. + +#### yallist.reverse + +Reverse the list in place. + +#### yallist.shift() + +Get the data from the list head, and remove the head from the list. + +#### yallist.slice([from], [to]) + +Just like Array.slice, but returns a new Yallist. + +#### yallist.sliceReverse([from], [to]) + +Just like yallist.slice, but the result is returned in reverse. + +#### yallist.toArray() + +Create an array representation of the list. + +#### yallist.toArrayReverse() + +Create a reversed array representation of the list. + +#### yallist.unshift(item, ...) + +Insert one or more items to the head of the list. + +#### yallist.unshiftNode(node) + +Move a Node object to the front of the list. (That is, pull it out of +wherever it lives, and make it the new head.) + +If the node belongs to a different list, then that list will remove it +first. + +#### yallist.pushNode(node) + +Move a Node object to the end of the list. (That is, pull it out of +wherever it lives, and make it the new tail.) + +If the node belongs to a list already, then that list will remove it +first. + +#### yallist.removeNode(node) + +Remove a node from the list, preserving referential integrity of head +and tail and other nodes. + +Will throw an error if you try to have a list remove a node that +doesn't belong to it. + +### Yallist.Node + +The class that holds the data and is actually the list. + +Call with `var n = new Node(value, previousNode, nextNode)` + +Note that if you do direct operations on Nodes themselves, it's very +easy to get into weird states where the list is broken. Be careful :) + +#### node.next + +The next node in the list. + +#### node.prev + +The previous node in the list. + +#### node.value + +The data the node contains. + +#### node.list + +The list to which this node belongs. (Null if it does not belong to +any list.) diff --git a/node_modules/minipass-collect/node_modules/yallist/iterator.js b/node_modules/minipass-collect/node_modules/yallist/iterator.js new file mode 100644 index 000000000..d41c97a19 --- /dev/null +++ b/node_modules/minipass-collect/node_modules/yallist/iterator.js @@ -0,0 +1,8 @@ +'use strict' +module.exports = function (Yallist) { + Yallist.prototype[Symbol.iterator] = function* () { + for (let walker = this.head; walker; walker = walker.next) { + yield walker.value + } + } +} diff --git a/node_modules/minipass-collect/node_modules/yallist/package.json b/node_modules/minipass-collect/node_modules/yallist/package.json new file mode 100644 index 000000000..24d569ce5 --- /dev/null +++ b/node_modules/minipass-collect/node_modules/yallist/package.json @@ -0,0 +1,62 @@ +{ + "_from": "yallist@^4.0.0", + "_id": "yallist@4.0.0", + "_inBundle": false, + "_integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "_location": "/minipass-collect/yallist", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "yallist@^4.0.0", + "name": "yallist", + "escapedName": "yallist", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/minipass-collect/minipass" + ], + "_resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "_shasum": "9bb92790d9c0effec63be73519e11a35019a3a72", + "_spec": "yallist@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-collect/node_modules/minipass", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/yallist/issues" + }, + "bundleDependencies": false, + "dependencies": {}, + "deprecated": false, + "description": "Yet Another Linked List", + "devDependencies": { + "tap": "^12.1.0" + }, + "directories": { + "test": "test" + }, + "files": [ + "yallist.js", + "iterator.js" + ], + "homepage": "https://github.com/isaacs/yallist#readme", + "license": "ISC", + "main": "yallist.js", + "name": "yallist", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/yallist.git" + }, + "scripts": { + "postpublish": "git push origin --all; git push origin --tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap test/*.js --100" + }, + "version": "4.0.0" +} diff --git a/node_modules/minipass-collect/node_modules/yallist/yallist.js b/node_modules/minipass-collect/node_modules/yallist/yallist.js new file mode 100644 index 000000000..4e83ab1c5 --- /dev/null +++ b/node_modules/minipass-collect/node_modules/yallist/yallist.js @@ -0,0 +1,426 @@ +'use strict' +module.exports = Yallist + +Yallist.Node = Node +Yallist.create = Yallist + +function Yallist (list) { + var self = this + if (!(self instanceof Yallist)) { + self = new Yallist() + } + + self.tail = null + self.head = null + self.length = 0 + + if (list && typeof list.forEach === 'function') { + list.forEach(function (item) { + self.push(item) + }) + } else if (arguments.length > 0) { + for (var i = 0, l = arguments.length; i < l; i++) { + self.push(arguments[i]) + } + } + + return self +} + +Yallist.prototype.removeNode = function (node) { + if (node.list !== this) { + throw new Error('removing node which does not belong to this list') + } + + var next = node.next + var prev = node.prev + + if (next) { + next.prev = prev + } + + if (prev) { + prev.next = next + } + + if (node === this.head) { + this.head = next + } + if (node === this.tail) { + this.tail = prev + } + + node.list.length-- + node.next = null + node.prev = null + node.list = null + + return next +} + +Yallist.prototype.unshiftNode = function (node) { + if (node === this.head) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var head = this.head + node.list = this + node.next = head + if (head) { + head.prev = node + } + + this.head = node + if (!this.tail) { + this.tail = node + } + this.length++ +} + +Yallist.prototype.pushNode = function (node) { + if (node === this.tail) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var tail = this.tail + node.list = this + node.prev = tail + if (tail) { + tail.next = node + } + + this.tail = node + if (!this.head) { + this.head = node + } + this.length++ +} + +Yallist.prototype.push = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + push(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.unshift = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + unshift(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.pop = function () { + if (!this.tail) { + return undefined + } + + var res = this.tail.value + this.tail = this.tail.prev + if (this.tail) { + this.tail.next = null + } else { + this.head = null + } + this.length-- + return res +} + +Yallist.prototype.shift = function () { + if (!this.head) { + return undefined + } + + var res = this.head.value + this.head = this.head.next + if (this.head) { + this.head.prev = null + } else { + this.tail = null + } + this.length-- + return res +} + +Yallist.prototype.forEach = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.head, i = 0; walker !== null; i++) { + fn.call(thisp, walker.value, i, this) + walker = walker.next + } +} + +Yallist.prototype.forEachReverse = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.tail, i = this.length - 1; walker !== null; i--) { + fn.call(thisp, walker.value, i, this) + walker = walker.prev + } +} + +Yallist.prototype.get = function (n) { + for (var i = 0, walker = this.head; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.next + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.getReverse = function (n) { + for (var i = 0, walker = this.tail; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.prev + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.map = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.head; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.next + } + return res +} + +Yallist.prototype.mapReverse = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.tail; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.prev + } + return res +} + +Yallist.prototype.reduce = function (fn, initial) { + var acc + var walker = this.head + if (arguments.length > 1) { + acc = initial + } else if (this.head) { + walker = this.head.next + acc = this.head.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = 0; walker !== null; i++) { + acc = fn(acc, walker.value, i) + walker = walker.next + } + + return acc +} + +Yallist.prototype.reduceReverse = function (fn, initial) { + var acc + var walker = this.tail + if (arguments.length > 1) { + acc = initial + } else if (this.tail) { + walker = this.tail.prev + acc = this.tail.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = this.length - 1; walker !== null; i--) { + acc = fn(acc, walker.value, i) + walker = walker.prev + } + + return acc +} + +Yallist.prototype.toArray = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.head; walker !== null; i++) { + arr[i] = walker.value + walker = walker.next + } + return arr +} + +Yallist.prototype.toArrayReverse = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.tail; walker !== null; i++) { + arr[i] = walker.value + walker = walker.prev + } + return arr +} + +Yallist.prototype.slice = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = 0, walker = this.head; walker !== null && i < from; i++) { + walker = walker.next + } + for (; walker !== null && i < to; i++, walker = walker.next) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.sliceReverse = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = this.length, walker = this.tail; walker !== null && i > to; i--) { + walker = walker.prev + } + for (; walker !== null && i > from; i--, walker = walker.prev) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.splice = function (start, deleteCount, ...nodes) { + if (start > this.length) { + start = this.length - 1 + } + if (start < 0) { + start = this.length + start; + } + + for (var i = 0, walker = this.head; walker !== null && i < start; i++) { + walker = walker.next + } + + var ret = [] + for (var i = 0; walker && i < deleteCount; i++) { + ret.push(walker.value) + walker = this.removeNode(walker) + } + if (walker === null) { + walker = this.tail + } + + if (walker !== this.head && walker !== this.tail) { + walker = walker.prev + } + + for (var i = 0; i < nodes.length; i++) { + walker = insert(this, walker, nodes[i]) + } + return ret; +} + +Yallist.prototype.reverse = function () { + var head = this.head + var tail = this.tail + for (var walker = head; walker !== null; walker = walker.prev) { + var p = walker.prev + walker.prev = walker.next + walker.next = p + } + this.head = tail + this.tail = head + return this +} + +function insert (self, node, value) { + var inserted = node === self.head ? + new Node(value, null, node, self) : + new Node(value, node, node.next, self) + + if (inserted.next === null) { + self.tail = inserted + } + if (inserted.prev === null) { + self.head = inserted + } + + self.length++ + + return inserted +} + +function push (self, item) { + self.tail = new Node(item, self.tail, null, self) + if (!self.head) { + self.head = self.tail + } + self.length++ +} + +function unshift (self, item) { + self.head = new Node(item, null, self.head, self) + if (!self.tail) { + self.tail = self.head + } + self.length++ +} + +function Node (value, prev, next, list) { + if (!(this instanceof Node)) { + return new Node(value, prev, next, list) + } + + this.list = list + this.value = value + + if (prev) { + prev.next = this + this.prev = prev + } else { + this.prev = null + } + + if (next) { + next.prev = this + this.next = next + } else { + this.next = null + } +} + +try { + // add if support for Symbol.iterator is present + require('./iterator.js')(Yallist) +} catch (er) {} diff --git a/node_modules/minipass-collect/package.json b/node_modules/minipass-collect/package.json new file mode 100644 index 000000000..af7d38f38 --- /dev/null +++ b/node_modules/minipass-collect/package.json @@ -0,0 +1,59 @@ +{ + "_from": "minipass-collect@^1.0.2", + "_id": "minipass-collect@1.0.2", + "_inBundle": false, + "_integrity": "sha512-6T6lH0H8OG9kITm/Jm6tdooIbogG9e0tLgpY6mphXSm/A9u8Nq1ryBG+Qspiub9LjWlBPsPS3tWQ/Botq4FdxA==", + "_location": "/minipass-collect", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass-collect@^1.0.2", + "name": "minipass-collect", + "escapedName": "minipass-collect", + "rawSpec": "^1.0.2", + "saveSpec": null, + "fetchSpec": "^1.0.2" + }, + "_requiredBy": [ + "/npm-registry-fetch/cacache", + "/npm-registry-fetch/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/minipass-collect/-/minipass-collect-1.0.2.tgz", + "_shasum": "22b813bf745dc6edba2576b940022ad6edc8c617", + "_spec": "minipass-collect@^1.0.2", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/make-fetch-happen", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "https://izs.me" + }, + "bundleDependencies": false, + "dependencies": { + "minipass": "^3.0.0" + }, + "deprecated": false, + "description": "A Minipass stream that collects all the data into a single chunk", + "devDependencies": { + "tap": "^14.6.9" + }, + "engines": { + "node": ">= 8" + }, + "files": [ + "index.js" + ], + "license": "ISC", + "name": "minipass-collect", + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "snap": "tap", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "1.0.2" +} diff --git a/node_modules/minipass-fetch/LICENSE b/node_modules/minipass-fetch/LICENSE new file mode 100644 index 000000000..3c3410cdc --- /dev/null +++ b/node_modules/minipass-fetch/LICENSE @@ -0,0 +1,28 @@ +The MIT License (MIT) + +Copyright (c) Isaac Z. Schlueter and Contributors +Copyright (c) 2016 David Frank + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + +--- + +Note: This is a derivative work based on "node-fetch" by David Frank, +modified and distributed under the terms of the MIT license above. +https://github.com/bitinn/node-fetch diff --git a/node_modules/minipass-fetch/README.md b/node_modules/minipass-fetch/README.md new file mode 100644 index 000000000..df80d6994 --- /dev/null +++ b/node_modules/minipass-fetch/README.md @@ -0,0 +1,20 @@ +# minipass-fetch + +An implementation of window.fetch in Node.js using Minipass streams + +This is a fork (or more precisely, a reimplementation) of +[node-fetch](http://npm.im/node-fetch). All streams have been replaced +with [minipass streams](http://npm.im/minipass). + +The goal of this module is to stay in sync with the API presented by +`node-fetch`, with the exception of the streaming interface provided. + +## Why + +Minipass streams are faster and more deterministic in their timing contract +than node-core streams, making them a better fit for many server-side use +cases. + +## API + +See [node-fetch](http://npm.im/node-fetch) diff --git a/node_modules/minipass-fetch/index.js b/node_modules/minipass-fetch/index.js new file mode 100644 index 000000000..07efc1788 --- /dev/null +++ b/node_modules/minipass-fetch/index.js @@ -0,0 +1 @@ +module.exports = require('./lib/index.js') diff --git a/node_modules/minipass-fetch/lib/abort-error.js b/node_modules/minipass-fetch/lib/abort-error.js new file mode 100644 index 000000000..b18f64326 --- /dev/null +++ b/node_modules/minipass-fetch/lib/abort-error.js @@ -0,0 +1,17 @@ +'use strict' +class AbortError extends Error { + constructor (message) { + super(message) + this.code = 'FETCH_ABORTED' + this.type = 'aborted' + Error.captureStackTrace(this, this.constructor) + } + + get name () { + return 'AbortError' + } + + // don't allow name to be overridden, but don't throw either + set name (s) {} +} +module.exports = AbortError diff --git a/node_modules/minipass-fetch/lib/blob.js b/node_modules/minipass-fetch/lib/blob.js new file mode 100644 index 000000000..9225db6f6 --- /dev/null +++ b/node_modules/minipass-fetch/lib/blob.js @@ -0,0 +1,97 @@ +'use strict' +const Minipass = require('minipass') +const TYPE = Symbol('type') +const BUFFER = Symbol('buffer') + +class Blob { + constructor (blobParts, options) { + this[TYPE] = '' + + const buffers = [] + let size = 0 + + if (blobParts) { + const a = blobParts + const length = Number(a.length) + for (let i = 0; i < length; i++) { + const element = a[i] + const buffer = element instanceof Buffer ? element + : ArrayBuffer.isView(element) + ? Buffer.from(element.buffer, element.byteOffset, element.byteLength) + : element instanceof ArrayBuffer ? Buffer.from(element) + : element instanceof Blob ? element[BUFFER] + : typeof element === 'string' ? Buffer.from(element) + : Buffer.from(String(element)) + size += buffer.length + buffers.push(buffer) + } + } + + this[BUFFER] = Buffer.concat(buffers, size) + + const type = options && options.type !== undefined + && String(options.type).toLowerCase() + if (type && !/[^\u0020-\u007E]/.test(type)) { + this[TYPE] = type + } + } + + get size () { + return this[BUFFER].length + } + + get type () { + return this[TYPE] + } + + text () { + return Promise.resolve(this[BUFFER].toString()) + } + + arrayBuffer () { + const buf = this[BUFFER] + const off = buf.byteOffset + const len = buf.byteLength + const ab = buf.buffer.slice(off, off + len) + return Promise.resolve(ab) + } + + stream () { + return new Minipass().end(this[BUFFER]) + } + + slice (start, end, type) { + const size = this.size + const relativeStart = start === undefined ? 0 + : start < 0 ? Math.max(size + start, 0) + : Math.min(start, size) + const relativeEnd = end === undefined ? size + : end < 0 ? Math.max(size + end, 0) + : Math.min(end, size) + const span = Math.max(relativeEnd - relativeStart, 0) + + const buffer = this[BUFFER] + const slicedBuffer = buffer.slice( + relativeStart, + relativeStart + span + ) + const blob = new Blob([], { type }) + blob[BUFFER] = slicedBuffer + return blob + } + + get [Symbol.toStringTag] () { + return 'Blob' + } + + static get BUFFER () { + return BUFFER + } +} + +Object.defineProperties(Blob.prototype, { + size: { enumerable: true }, + type: { enumerable: true }, +}) + +module.exports = Blob diff --git a/node_modules/minipass-fetch/lib/body.js b/node_modules/minipass-fetch/lib/body.js new file mode 100644 index 000000000..8a00c550f --- /dev/null +++ b/node_modules/minipass-fetch/lib/body.js @@ -0,0 +1,328 @@ +'use strict' +const Minipass = require('minipass') +const MinipassSized = require('minipass-sized') + +const Blob = require('./blob.js') +const {BUFFER} = Blob +const FetchError = require('./fetch-error.js') + +// optional dependency on 'encoding' +let convert +try { + convert = require('encoding').convert +} catch (e) {} + +const INTERNALS = Symbol('Body internals') +const CONSUME_BODY = Symbol('consumeBody') + +class Body { + constructor (bodyArg, options = {}) { + const { size = 0, timeout = 0 } = options + const body = bodyArg === undefined || bodyArg === null ? null + : isURLSearchParams(bodyArg) ? Buffer.from(bodyArg.toString()) + : isBlob(bodyArg) ? bodyArg + : Buffer.isBuffer(bodyArg) ? bodyArg + : Object.prototype.toString.call(bodyArg) === '[object ArrayBuffer]' + ? Buffer.from(bodyArg) + : ArrayBuffer.isView(bodyArg) + ? Buffer.from(bodyArg.buffer, bodyArg.byteOffset, bodyArg.byteLength) + : Minipass.isStream(bodyArg) ? bodyArg + : Buffer.from(String(bodyArg)) + + this[INTERNALS] = { + body, + disturbed: false, + error: null, + } + + this.size = size + this.timeout = timeout + + if (Minipass.isStream(body)) { + body.on('error', er => { + const error = er.name === 'AbortError' ? er + : new FetchError(`Invalid response while trying to fetch ${ + this.url}: ${er.message}`, 'system', er) + this[INTERNALS].error = error + }) + } + } + + get body () { + return this[INTERNALS].body + } + + get bodyUsed () { + return this[INTERNALS].disturbed + } + + arrayBuffer () { + return this[CONSUME_BODY]().then(buf => + buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.byteLength)) + } + + blob () { + const ct = this.headers && this.headers.get('content-type') || '' + return this[CONSUME_BODY]().then(buf => Object.assign( + new Blob([], { type: ct.toLowerCase() }), + { [BUFFER]: buf } + )) + } + + json () { + return this[CONSUME_BODY]().then(buf => { + try { + return JSON.parse(buf.toString()) + } catch (er) { + return Promise.reject(new FetchError( + `invalid json response body at ${ + this.url} reason: ${er.message}`, 'invalid-json')) + } + }) + } + + text () { + return this[CONSUME_BODY]().then(buf => buf.toString()) + } + + buffer () { + return this[CONSUME_BODY]() + } + + textConverted () { + return this[CONSUME_BODY]().then(buf => convertBody(buf, this.headers)) + } + + [CONSUME_BODY] () { + if (this[INTERNALS].disturbed) + return Promise.reject(new TypeError(`body used already for: ${ + this.url}`)) + + this[INTERNALS].disturbed = true + + if (this[INTERNALS].error) + return Promise.reject(this[INTERNALS].error) + + // body is null + if (this.body === null) { + return Promise.resolve(Buffer.alloc(0)); + } + + if (Buffer.isBuffer(this.body)) + return Promise.resolve(this.body) + + const upstream = isBlob(this.body) ? this.body.stream() : this.body + + /* istanbul ignore if: should never happen */ + if (!Minipass.isStream(upstream)) + return Promise.resolve(Buffer.alloc(0)); + + const stream = this.size && upstream instanceof MinipassSized ? upstream + : !this.size && upstream instanceof Minipass && + !(upstream instanceof MinipassSized) ? upstream + : this.size ? new MinipassSized({ size: this.size }) + : new Minipass() + + // allow timeout on slow response body + const resTimeout = this.timeout ? setTimeout(() => { + stream.emit('error', new FetchError( + `Response timeout while trying to fetch ${ + this.url} (over ${this.timeout}ms)`, 'body-timeout')) + }, this.timeout) : null + + // do the pipe in the promise, because the pipe() can send too much + // data through right away and upset the MP Sized object + return new Promise((resolve, reject) => { + // if the stream is some other kind of stream, then pipe through a MP + // so we can collect it more easily. + if (stream !== upstream) { + upstream.on('error', er => stream.emit('error', er)) + upstream.pipe(stream) + } + resolve() + }).then(() => stream.concat()).then(buf => { + clearTimeout(resTimeout) + return buf + }).catch(er => { + clearTimeout(resTimeout) + // request was aborted, reject with this Error + if (er.name === 'AbortError' || er.name === 'FetchError') + throw er + else if (er.name === 'RangeError') + throw new FetchError(`Could not create Buffer from response body for ${ + this.url}: ${er.message}`, 'system', er) + else + // other errors, such as incorrect content-encoding or content-length + throw new FetchError(`Invalid response body while trying to fetch ${ + this.url}: ${er.message}`, 'system', er) + }) + } + + static clone (instance) { + if (instance.bodyUsed) + throw new Error('cannot clone body after it is used') + + const body = instance.body + + // check that body is a stream and not form-data object + // NB: can't clone the form-data object without having it as a dependency + if (Minipass.isStream(body) && typeof body.getBoundary !== 'function') { + // create a dedicated tee stream so that we don't lose data + // potentially sitting in the body stream's buffer by writing it + // immediately to p1 and not having it for p2. + const tee = new Minipass() + const p1 = new Minipass() + const p2 = new Minipass() + tee.on('error', er => { + p1.emit('error', er) + p2.emit('error', er) + }) + body.on('error', er => tee.emit('error', er)) + tee.pipe(p1) + tee.pipe(p2) + body.pipe(tee) + // set instance body to one fork, return the other + instance[INTERNALS].body = p1 + return p2 + } else + return instance.body + } + + static extractContentType (body) { + return body === null || body === undefined ? null + : typeof body === 'string' ? 'text/plain;charset=UTF-8' + : isURLSearchParams(body) + ? 'application/x-www-form-urlencoded;charset=UTF-8' + : isBlob(body) ? body.type || null + : Buffer.isBuffer(body) ? null + : Object.prototype.toString.call(body) === '[object ArrayBuffer]' ? null + : ArrayBuffer.isView(body) ? null + : typeof body.getBoundary === 'function' + ? `multipart/form-data;boundary=${body.getBoundary()}` + : Minipass.isStream(body) ? null + : 'text/plain;charset=UTF-8' + } + + static getTotalBytes (instance) { + const {body} = instance + return (body === null || body === undefined) ? 0 + : isBlob(body) ? body.size + : Buffer.isBuffer(body) ? body.length + : body && typeof body.getLengthSync === 'function' && ( + // detect form data input from form-data module + body._lengthRetrievers && + /* istanbul ignore next */ body._lengthRetrievers.length == 0 || // 1.x + body.hasKnownLength && body.hasKnownLength()) // 2.x + ? body.getLengthSync() + : null + } + + static writeToStream (dest, instance) { + const {body} = instance; + + if (body === null || body === undefined) + dest.end() + else if (Buffer.isBuffer(body) || typeof body === 'string') + dest.end(body) + else { + // body is stream or blob + const stream = isBlob(body) ? body.stream() : body + stream.on('error', er => dest.emit('error', er)).pipe(dest) + } + + return dest + } +} + +Object.defineProperties(Body.prototype, { + body: { enumerable: true }, + bodyUsed: { enumerable: true }, + arrayBuffer: { enumerable: true }, + blob: { enumerable: true }, + json: { enumerable: true }, + text: { enumerable: true } +}); + + +const isURLSearchParams = obj => + // Duck-typing as a necessary condition. + (typeof obj !== 'object' || + typeof obj.append !== 'function' || + typeof obj.delete !== 'function' || + typeof obj.get !== 'function' || + typeof obj.getAll !== 'function' || + typeof obj.has !== 'function' || + typeof obj.set !== 'function') ? false + // Brand-checking and more duck-typing as optional condition. + : obj.constructor.name === 'URLSearchParams' || + Object.prototype.toString.call(obj) === '[object URLSearchParams]' || + typeof obj.sort === 'function' + +const isBlob = obj => + typeof obj === 'object' && + typeof obj.arrayBuffer === 'function' && + typeof obj.type === 'string' && + typeof obj.stream === 'function' && + typeof obj.constructor === 'function' && + typeof obj.constructor.name === 'string' && + /^(Blob|File)$/.test(obj.constructor.name) && + /^(Blob|File)$/.test(obj[Symbol.toStringTag]) + + +const convertBody = (buffer, headers) => { + /* istanbul ignore if */ + if (typeof convert !== 'function') + throw new Error('The package `encoding` must be installed to use the textConverted() function') + + const ct = headers && headers.get('content-type') + let charset = 'utf-8' + let res, str + + // header + if (ct) + res = /charset=([^;]*)/i.exec(ct) + + // no charset in content type, peek at response body for at most 1024 bytes + str = buffer.slice(0, 1024).toString() + + // html5 + if (!res && str) + res = /<meta.+?charset=(['"])(.+?)\1/i.exec(str) + + // html4 + if (!res && str) { + res = /<meta[\s]+?http-equiv=(['"])content-type\1[\s]+?content=(['"])(.+?)\2/i.exec(str) + + if (!res) { + res = /<meta[\s]+?content=(['"])(.+?)\1[\s]+?http-equiv=(['"])content-type\3/i.exec(str) + if (res) + res.pop() // drop last quote + } + + if (res) + res = /charset=(.*)/i.exec(res.pop()) + } + + // xml + if (!res && str) + res = /<\?xml.+?encoding=(['"])(.+?)\1/i.exec(str) + + // found charset + if (res) { + charset = res.pop() + + // prevent decode issues when sites use incorrect encoding + // ref: https://hsivonen.fi/encoding-menu/ + if (charset === 'gb2312' || charset === 'gbk') + charset = 'gb18030' + } + + // turn raw buffers into a single utf-8 buffer + return convert( + buffer, + 'UTF-8', + charset + ).toString() +} + +module.exports = Body diff --git a/node_modules/minipass-fetch/lib/fetch-error.js b/node_modules/minipass-fetch/lib/fetch-error.js new file mode 100644 index 000000000..b0445cf84 --- /dev/null +++ b/node_modules/minipass-fetch/lib/fetch-error.js @@ -0,0 +1,31 @@ +'use strict' +class FetchError extends Error { + constructor (message, type, systemError) { + super(message) + this.code = 'FETCH_ERROR' + + // pick up code, expected, path, ... + if (systemError) + Object.assign(this, systemError) + + this.errno = this.code + + // override anything the system error might've clobbered + this.type = this.code === 'EBADSIZE' && this.found > this.expect + ? 'max-size' : type + this.message = message + Error.captureStackTrace(this, this.constructor) + } + + get name () { + return 'FetchError' + } + + // don't allow name to be overwritten + set name (n) {} + + get [Symbol.toStringTag] () { + return 'FetchError' + } +} +module.exports = FetchError diff --git a/node_modules/minipass-fetch/lib/headers.js b/node_modules/minipass-fetch/lib/headers.js new file mode 100644 index 000000000..56c54a41f --- /dev/null +++ b/node_modules/minipass-fetch/lib/headers.js @@ -0,0 +1,250 @@ +'use strict' +const invalidTokenRegex = /[^\^_`a-zA-Z\-0-9!#$%&'*+.|~]/ +const invalidHeaderCharRegex = /[^\t\x20-\x7e\x80-\xff]/ + +const validateName = name => { + name = `${name}` + if (invalidTokenRegex.test(name) || name === '') + throw new TypeError(`${name} is not a legal HTTP header name`) +} + +const validateValue = value => { + value = `${value}`; + if (invalidHeaderCharRegex.test(value)) + throw new TypeError(`${value} is not a legal HTTP header value`) +} + +const find = (map, name) => { + name = name.toLowerCase() + for (const key in map) { + if (key.toLowerCase() === name) + return key + } + return undefined +} + +const MAP = Symbol('map') +class Headers { + constructor (init = undefined) { + this[MAP] = Object.create(null) + if (init instanceof Headers) { + const rawHeaders = init.raw() + const headerNames = Object.keys(rawHeaders) + for (const headerName of headerNames) { + for (const value of rawHeaders[headerName]) { + this.append(headerName, value) + } + } + return + } + + // no-op + if (init === undefined || init === null) + return + + if (typeof init === 'object') { + const method = init[Symbol.iterator] + if (method !== null && method !== undefined) { + if (typeof method !== 'function') + throw new TypeError('Header pairs must be iterable') + + // sequence<sequence<ByteString>> + // Note: per spec we have to first exhaust the lists then process them + const pairs = [] + for (const pair of init) { + if (typeof pair !== 'object' || + typeof pair[Symbol.iterator] !== 'function') + throw new TypeError('Each header pair must be iterable') + const arrPair = Array.from(pair) + if (arrPair.length !== 2) + throw new TypeError('Each header pair must be a name/value tuple') + pairs.push(arrPair) + } + + for (const pair of pairs) { + this.append(pair[0], pair[1]) + } + } else { + // record<ByteString, ByteString> + for (const key of Object.keys(init)) { + this.append(key, init[key]) + } + } + } else + throw new TypeError('Provided initializer must be an object') + } + + get (name) { + name = `${name}` + validateName(name) + const key = find(this[MAP], name) + if (key === undefined) + return null + + return this[MAP][key].join(', ') + } + + forEach (callback, thisArg = undefined) { + let pairs = getHeaders(this); + for (let i = 0; i < pairs.length; i++) { + const [name, value] = pairs[i] + callback.call(thisArg, value, name, this) + // refresh in case the callback added more headers + pairs = getHeaders(this) + } + } + + set (name, value) { + name = `${name}` + value = `${value}` + validateName(name) + validateValue(value) + const key = find(this[MAP], name) + this[MAP][key !== undefined ? key : name] = [value] + } + + append (name, value) { + name = `${name}` + value = `${value}` + validateName(name) + validateValue(value) + const key = find(this[MAP], name) + if (key !== undefined) + this[MAP][key].push(value) + else + this[MAP][name] = [value] + } + + has (name) { + name = `${name}` + validateName(name) + return find(this[MAP], name) !== undefined + } + + delete (name) { + name = `${name}` + validateName(name) + const key = find(this[MAP], name) + if (key !== undefined) + delete this[MAP][key] + } + + raw () { + return this[MAP] + } + + keys () { + return new HeadersIterator(this, 'key') + } + + values () { + return new HeadersIterator(this, 'value') + } + + [Symbol.iterator]() { + return new HeadersIterator(this, 'key+value') + } + + entries () { + return new HeadersIterator(this, 'key+value') + } + + get [Symbol.toStringTag] () { + return 'Headers' + } + + static exportNodeCompatibleHeaders (headers) { + const obj = Object.assign(Object.create(null), headers[MAP]) + + // http.request() only supports string as Host header. This hack makes + // specifying custom Host header possible. + const hostHeaderKey = find(headers[MAP], 'Host') + if (hostHeaderKey !== undefined) + obj[hostHeaderKey] = obj[hostHeaderKey][0] + + return obj + } + + static createHeadersLenient (obj) { + const headers = new Headers() + for (const name of Object.keys(obj)) { + if (invalidTokenRegex.test(name)) + continue + + if (Array.isArray(obj[name])) { + for (const val of obj[name]) { + if (invalidHeaderCharRegex.test(val)) + continue + + if (headers[MAP][name] === undefined) + headers[MAP][name] = [val] + else + headers[MAP][name].push(val); + } + } else if (!invalidHeaderCharRegex.test(obj[name])) + headers[MAP][name] = [obj[name]] + } + return headers + } +} + +Object.defineProperties(Headers.prototype, { + get: { enumerable: true }, + forEach: { enumerable: true }, + set: { enumerable: true }, + append: { enumerable: true }, + has: { enumerable: true }, + delete: { enumerable: true }, + keys: { enumerable: true }, + values: { enumerable: true }, + entries: { enumerable: true }, +}) + +const getHeaders = (headers, kind = 'key+value') => + Object.keys(headers[MAP]).sort().map( + kind === 'key' ? k => k.toLowerCase() + : kind === 'value' ? k => headers[MAP][k].join(', ') + : k => [k.toLowerCase(), headers[MAP][k].join(', ')] + ) + +const INTERNAL = Symbol('internal') + +class HeadersIterator { + constructor (target, kind) { + this[INTERNAL] = { + target, + kind, + index: 0, + } + } + + get [Symbol.toStringTag] () { + return 'HeadersIterator' + } + + next () { + /* istanbul ignore if: should be impossible */ + if (!this || Object.getPrototypeOf(this) !== HeadersIterator.prototype) + throw new TypeError('Value of `this` is not a HeadersIterator') + + const { target, kind, index } = this[INTERNAL] + const values = getHeaders(target, kind) + const len = values.length + if (index >= len) { + return { + value: undefined, + done: true, + } + } + + this[INTERNAL].index++ + + return { value: values[index], done: false } + } +} + +// manually extend because 'extends' requires a ctor +Object.setPrototypeOf(HeadersIterator.prototype, + Object.getPrototypeOf(Object.getPrototypeOf([][Symbol.iterator]()))) + +module.exports = Headers diff --git a/node_modules/minipass-fetch/lib/index.js b/node_modules/minipass-fetch/lib/index.js new file mode 100644 index 000000000..725846565 --- /dev/null +++ b/node_modules/minipass-fetch/lib/index.js @@ -0,0 +1,318 @@ +'use strict' +const Url = require('url') +const http = require('http') +const https = require('https') +const zlib = require('minizlib') +const Minipass = require('minipass') + +const Body = require('./body.js') +const { writeToStream, getTotalBytes } = Body +const Response = require('./response.js') +const Headers = require('./headers.js') +const { createHeadersLenient } = Headers +const Request = require('./request.js') +const { getNodeRequestOptions } = Request +const FetchError = require('./fetch-error.js') +const AbortError = require('./abort-error.js') + +const resolveUrl = Url.resolve + +const fetch = (url, opts) => { + if (/^data:/.test(url)) { + const request = new Request(url, opts) + try { + const split = url.split(',') + const data = Buffer.from(split[1], 'base64') + const type = split[0].match(/^data:(.*);base64$/)[1] + return Promise.resolve(new Response(data, { + headers: { + 'Content-Type': type, + 'Content-Length': data.length, + } + })) + } catch (er) { + return Promise.reject(new FetchError(`[${request.method}] ${ + request.url} invalid URL, ${er.message}`, 'system', er)) + } + } + + return new Promise((resolve, reject) => { + // build request object + const request = new Request(url, opts) + let options + try { + options = getNodeRequestOptions(request) + } catch (er) { + return reject(er) + } + + const send = (options.protocol === 'https:' ? https : http).request + const { signal } = request + let response = null + const abort = () => { + const error = new AbortError('The user aborted a request.') + reject(error) + if (Minipass.isStream(request.body) && + typeof request.body.destroy === 'function') { + request.body.destroy(error) + } + if (response && response.body) { + response.body.emit('error', error) + } + } + + if (signal && signal.aborted) + return abort() + + const abortAndFinalize = () => { + abort() + finalize() + } + + const finalize = () => { + req.abort() + if (signal) + signal.removeEventListener('abort', abortAndFinalize) + clearTimeout(reqTimeout) + } + + // send request + const req = send(options) + + if (signal) + signal.addEventListener('abort', abortAndFinalize) + + let reqTimeout = null + if (request.timeout) { + req.once('socket', socket => { + reqTimeout = setTimeout(() => { + reject(new FetchError(`network timeout at: ${ + request.url}`, 'request-timeout')) + finalize() + }, request.timeout) + }) + } + + req.on('error', er => { + reject(new FetchError(`request to ${request.url} failed, reason: ${ + er.message}`, 'system', er)) + finalize() + }) + + req.on('response', res => { + clearTimeout(reqTimeout) + + const headers = createHeadersLenient(res.headers) + + // HTTP fetch step 5 + if (fetch.isRedirect(res.statusCode)) { + // HTTP fetch step 5.2 + const location = headers.get('Location') + + // HTTP fetch step 5.3 + const locationURL = location === null ? null + : resolveUrl(request.url, location) + + // HTTP fetch step 5.5 + switch (request.redirect) { + case 'error': + reject(new FetchError(`uri requested responds with a redirect, redirect mode is set to error: ${ + request.url}`, 'no-redirect')) + finalize() + return + + case 'manual': + // node-fetch-specific step: make manual redirect a bit easier to + // use by setting the Location header value to the resolved URL. + if (locationURL !== null) { + // handle corrupted header + try { + headers.set('Location', locationURL) + } catch (err) { + /* istanbul ignore next: nodejs server prevent invalid + response headers, we can't test this through normal + request */ + reject(err) + } + } + break + + case 'follow': + // HTTP-redirect fetch step 2 + if (locationURL === null) { + break + } + + // HTTP-redirect fetch step 5 + if (request.counter >= request.follow) { + reject(new FetchError(`maximum redirect reached at: ${ + request.url}`, 'max-redirect')); + finalize() + return + } + + // HTTP-redirect fetch step 9 + if (res.statusCode !== 303 && + request.body && + getTotalBytes(request) === null) { + reject(new FetchError( + 'Cannot follow redirect with body being a readable stream', + 'unsupported-redirect' + )) + finalize() + return + } + + // Update host due to redirection + request.headers.set('host', Url.parse(locationURL).host) + + // HTTP-redirect fetch step 6 (counter increment) + // Create a new Request object. + const requestOpts = { + headers: new Headers(request.headers), + follow: request.follow, + counter: request.counter + 1, + agent: request.agent, + compress: request.compress, + method: request.method, + body: request.body, + signal: request.signal, + timeout: request.timeout, + } + + // HTTP-redirect fetch step 11 + if (res.statusCode === 303 || ( + (res.statusCode === 301 || res.statusCode === 302) && + request.method === 'POST' + )) { + requestOpts.method = 'GET' + requestOpts.body = undefined + requestOpts.headers.delete('content-length') + } + + // HTTP-redirect fetch step 15 + resolve(fetch(new Request(locationURL, requestOpts))) + finalize() + return + } + } // end if(isRedirect) + + + // prepare response + res.once('end', () => + signal && signal.removeEventListener('abort', abortAndFinalize)) + + const body = new Minipass() + // exceedingly rare that the stream would have an error, + // but just in case we proxy it to the stream in use. + res.on('error', /* istanbul ignore next */ er => body.emit('error', er)).pipe(body) + + const responseOptions = { + url: request.url, + status: res.statusCode, + statusText: res.statusMessage, + headers: headers, + size: request.size, + timeout: request.timeout, + counter: request.counter, + trailer: new Promise(resolve => + res.on('end', () => resolve(createHeadersLenient(res.trailers)))) + } + + // HTTP-network fetch step 12.1.1.3 + const codings = headers.get('Content-Encoding') + + // HTTP-network fetch step 12.1.1.4: handle content codings + + // in following scenarios we ignore compression support + // 1. compression support is disabled + // 2. HEAD request + // 3. no Content-Encoding header + // 4. no content response (204) + // 5. content not modified response (304) + if (!request.compress || + request.method === 'HEAD' || + codings === null || + res.statusCode === 204 || + res.statusCode === 304) { + response = new Response(body, responseOptions) + resolve(response) + return + } + + + // Be less strict when decoding compressed responses, since sometimes + // servers send slightly invalid responses that are still accepted + // by common browsers. + // Always using Z_SYNC_FLUSH is what cURL does. + const zlibOptions = { + flush: zlib.constants.Z_SYNC_FLUSH, + finishFlush: zlib.constants.Z_SYNC_FLUSH, + } + + // for gzip + if (codings == 'gzip' || codings == 'x-gzip') { + const unzip = new zlib.Gunzip(zlibOptions) + response = new Response( + // exceedingly rare that the stream would have an error, + // but just in case we proxy it to the stream in use. + body.on('error', /* istanbul ignore next */ er => unzip.emit('error', er)).pipe(unzip), + responseOptions + ) + resolve(response) + return + } + + // for deflate + if (codings == 'deflate' || codings == 'x-deflate') { + // handle the infamous raw deflate response from old servers + // a hack for old IIS and Apache servers + const raw = res.pipe(new Minipass()) + raw.once('data', chunk => { + // see http://stackoverflow.com/questions/37519828 + const decoder = (chunk[0] & 0x0F) === 0x08 + ? new zlib.Inflate() + : new zlib.InflateRaw() + // exceedingly rare that the stream would have an error, + // but just in case we proxy it to the stream in use. + body.on('error', /* istanbul ignore next */ er => decoder.emit('error', er)).pipe(decoder) + response = new Response(decoder, responseOptions) + resolve(response) + }) + return + } + + + // for br + if (codings == 'br' && typeof zlib.BrotliDecompress === 'function') { + const decoder = new zlib.BrotliDecompress() + // exceedingly rare that the stream would have an error, + // but just in case we proxy it to the stream in use. + body.on('error', /* istanbul ignore next */ er => decoder.emit('error', er)).pipe(decoder) + response = new Response(decoder, responseOptions) + resolve(response) + return + } + + // otherwise, use response as-is + response = new Response(body, responseOptions) + resolve(response) + }) + + writeToStream(req, request) + }) +} + +module.exports = fetch + +fetch.isRedirect = code => + code === 301 || + code === 302 || + code === 303 || + code === 307 || + code === 308 + +fetch.Headers = Headers +fetch.Request = Request +fetch.Response = Response +fetch.FetchError = FetchError diff --git a/node_modules/minipass-fetch/lib/request.js b/node_modules/minipass-fetch/lib/request.js new file mode 100644 index 000000000..5602315d7 --- /dev/null +++ b/node_modules/minipass-fetch/lib/request.js @@ -0,0 +1,186 @@ +'use strict' +const Url = require('url') +const Minipass = require('minipass') +const Headers = require('./headers.js') +const { exportNodeCompatibleHeaders } = Headers +const Body = require('./body.js') +const { clone, extractContentType, getTotalBytes } = Body + +const version = require('../package.json').version +const defaultUserAgent = + `minipass-fetch/${version} (+https://github.com/isaacs/minipass-fetch)` + +const INTERNALS = Symbol('Request internals') + +const { parse: parseUrl, format: formatUrl } = Url + +const isRequest = input => + typeof input === 'object' && typeof input[INTERNALS] === 'object' + +const isAbortSignal = signal => { + const proto = ( + signal + && typeof signal === 'object' + && Object.getPrototypeOf(signal) + ) + return !!(proto && proto.constructor.name === 'AbortSignal') +} + +class Request extends Body { + constructor (input, init = {}) { + const parsedURL = isRequest(input) ? Url.parse(input.url) + : input && input.href ? Url.parse(input.href) + : Url.parse(`${input}`) + + if (!isRequest(input)) + input = {} + + const method = (init.method || input.method || 'GET').toUpperCase() + const isGETHEAD = method === 'GET' || method === 'HEAD' + + if ((init.body !== null && init.body !== undefined || + isRequest(input) && input.body !== null) && isGETHEAD) + throw new TypeError('Request with GET/HEAD method cannot have body') + + const inputBody = init.body !== null && init.body !== undefined ? init.body + : isRequest(input) && input.body !== null ? clone(input) + : null + + super(inputBody, { + timeout: init.timeout || input.timeout || 0, + size: init.size || input.size || 0, + }) + + const headers = new Headers(init.headers || input.headers || {}) + + if (inputBody !== null && inputBody !== undefined && + !headers.has('Content-Type')) { + const contentType = extractContentType(inputBody) + if (contentType) + headers.append('Content-Type', contentType) + } + + const signal = 'signal' in init ? init.signal + : isRequest(input) ? input.signal + : null + + if (signal !== null && signal !== undefined && !isAbortSignal(signal)) + throw new TypeError('Expected signal must be an instanceof AbortSignal') + + this[INTERNALS] = { + method, + redirect: init.redirect || input.redirect || 'follow', + headers, + parsedURL, + signal, + } + + // node-fetch-only options + this.follow = init.follow !== undefined ? init.follow + : input.follow !== undefined ? input.follow + : 20 + this.compress = init.compress !== undefined ? init.compress + : input.compress !== undefined ? input.compress + : true + this.counter = init.counter || input.counter || 0 + this.agent = init.agent || input.agent + } + + get method() { + return this[INTERNALS].method; + } + + get url() { + return formatUrl(this[INTERNALS].parsedURL); + } + + get headers() { + return this[INTERNALS].headers; + } + + get redirect() { + return this[INTERNALS].redirect; + } + + get signal() { + return this[INTERNALS].signal; + } + + clone () { + return new Request(this) + } + + get [Symbol.toStringTag] () { + return 'Request' + } + + static getNodeRequestOptions (request) { + const parsedURL = request[INTERNALS].parsedURL + const headers = new Headers(request[INTERNALS].headers) + + // fetch step 1.3 + if (!headers.has('Accept')) + headers.set('Accept', '*/*') + + // Basic fetch + if (!parsedURL.protocol || !parsedURL.hostname) + throw new TypeError('Only absolute URLs are supported') + + if (!/^https?:$/.test(parsedURL.protocol)) + throw new TypeError('Only HTTP(S) protocols are supported') + + if (request.signal && + Minipass.isStream(request.body) && + typeof request.body.destroy !== 'function') { + throw new Error( + 'Cancellation of streamed requests with AbortSignal is not supported') + } + + // HTTP-network-or-cache fetch steps 2.4-2.7 + const contentLengthValue = + (request.body === null || request.body === undefined) && + /^(POST|PUT)$/i.test(request.method) ? '0' + : request.body !== null && request.body !== undefined + ? getTotalBytes(request) + : null + + if (contentLengthValue) + headers.set('Content-Length', contentLengthValue + ''); + + // HTTP-network-or-cache fetch step 2.11 + if (!headers.has('User-Agent')) + headers.set('User-Agent', defaultUserAgent) + + // HTTP-network-or-cache fetch step 2.15 + if (request.compress && !headers.has('Accept-Encoding')) + headers.set('Accept-Encoding', 'gzip,deflate') + + const agent = typeof request.agent === 'function' + ? request.agent(parsedURL) + : request.agent + + if (!headers.has('Connection') && !agent) + headers.set('Connection', 'close'); + + // HTTP-network fetch step 4.2 + // chunked encoding is handled by Node.js + + return { + ...parsedURL, + method: request.method, + headers: exportNodeCompatibleHeaders(headers), + agent, + } + } +} + +module.exports = Request + +Object.defineProperties(Request.prototype, { + method: { enumerable: true }, + url: { enumerable: true }, + headers: { enumerable: true }, + redirect: { enumerable: true }, + clone: { enumerable: true }, + signal: { enumerable: true }, +}) diff --git a/node_modules/minipass-fetch/lib/response.js b/node_modules/minipass-fetch/lib/response.js new file mode 100644 index 000000000..854f789f8 --- /dev/null +++ b/node_modules/minipass-fetch/lib/response.js @@ -0,0 +1,89 @@ +'use strict' +const http = require('http') +const { STATUS_CODES } = http + +const Headers = require('./headers.js') +const Body = require('./body.js') +const { clone, extractContentType } = Body + +const INTERNALS = Symbol('Response internals') + +class Response extends Body { + constructor (body = null, opts = {}) { + super(body, opts) + + const status = opts.status || 200 + const headers = new Headers(opts.headers) + + if (body !== null && body !== undefined && !headers.has('Content-Type')) { + const contentType = extractContentType(body) + if (contentType) + headers.append('Content-Type', contentType) + } + + this[INTERNALS] = { + url: opts.url, + status, + statusText: opts.statusText || STATUS_CODES[status], + headers, + counter: opts.counter, + trailer: Promise.resolve(opts.trailer || new Headers()), + } + } + + get trailer () { + return this[INTERNALS].trailer + } + + get url () { + return this[INTERNALS].url || '' + } + + get status () { + return this[INTERNALS].status + } + + get ok () { + return this[INTERNALS].status >= 200 && this[INTERNALS].status < 300 + } + + get redirected () { + return this[INTERNALS].counter > 0 + } + + get statusText () { + return this[INTERNALS].statusText + } + + get headers () { + return this[INTERNALS].headers + } + + clone () { + return new Response(clone(this), { + url: this.url, + status: this.status, + statusText: this.statusText, + headers: this.headers, + ok: this.ok, + redirected: this.redirected, + trailer: this.trailer, + }) + } + + get [Symbol.toStringTag] () { + return 'Response' + } +} + +module.exports = Response + +Object.defineProperties(Response.prototype, { + url: { enumerable: true }, + status: { enumerable: true }, + ok: { enumerable: true }, + redirected: { enumerable: true }, + statusText: { enumerable: true }, + headers: { enumerable: true }, + clone: { enumerable: true }, +}) diff --git a/node_modules/minipass-fetch/node_modules/minipass/LICENSE b/node_modules/minipass-fetch/node_modules/minipass/LICENSE new file mode 100644 index 000000000..20a476254 --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/minipass/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) npm, Inc. and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-fetch/node_modules/minipass/README.md b/node_modules/minipass-fetch/node_modules/minipass/README.md new file mode 100644 index 000000000..32ace2fb9 --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/minipass/README.md @@ -0,0 +1,606 @@ +# minipass + +A _very_ minimal implementation of a [PassThrough +stream](https://nodejs.org/api/stream.html#stream_class_stream_passthrough) + +[It's very +fast](https://docs.google.com/spreadsheets/d/1oObKSrVwLX_7Ut4Z6g3fZW-AX1j1-k6w-cDsrkaSbHM/edit#gid=0) +for objects, strings, and buffers. + +Supports pipe()ing (including multi-pipe() and backpressure transmission), +buffering data until either a `data` event handler or `pipe()` is added (so +you don't lose the first chunk), and most other cases where PassThrough is +a good idea. + +There is a `read()` method, but it's much more efficient to consume data +from this stream via `'data'` events or by calling `pipe()` into some other +stream. Calling `read()` requires the buffer to be flattened in some +cases, which requires copying memory. + +There is also no `unpipe()` method. Once you start piping, there is no +stopping it! + +If you set `objectMode: true` in the options, then whatever is written will +be emitted. Otherwise, it'll do a minimal amount of Buffer copying to +ensure proper Streams semantics when `read(n)` is called. + +`objectMode` can also be set by doing `stream.objectMode = true`, or by +writing any non-string/non-buffer data. `objectMode` cannot be set to +false once it is set. + +This is not a `through` or `through2` stream. It doesn't transform the +data, it just passes it right through. If you want to transform the data, +extend the class, and override the `write()` method. Once you're done +transforming the data however you want, call `super.write()` with the +transform output. + +For some examples of streams that extend Minipass in various ways, check +out: + +- [minizlib](http://npm.im/minizlib) +- [fs-minipass](http://npm.im/fs-minipass) +- [tar](http://npm.im/tar) +- [minipass-collect](http://npm.im/minipass-collect) +- [minipass-flush](http://npm.im/minipass-flush) +- [minipass-pipeline](http://npm.im/minipass-pipeline) +- [tap](http://npm.im/tap) +- [tap-parser](http://npm.im/tap) +- [treport](http://npm.im/tap) +- [minipass-fetch](http://npm.im/minipass-fetch) + +## Differences from Node.js Streams + +There are several things that make Minipass streams different from (and in +some ways superior to) Node.js core streams. + +Please read these caveats if you are familiar with noode-core streams and +intend to use Minipass streams in your programs. + +### Timing + +Minipass streams are designed to support synchronous use-cases. Thus, data +is emitted as soon as it is available, always. It is buffered until read, +but no longer. Another way to look at it is that Minipass streams are +exactly as synchronous as the logic that writes into them. + +This can be surprising if your code relies on `PassThrough.write()` always +providing data on the next tick rather than the current one, or being able +to call `resume()` and not have the entire buffer disappear immediately. + +However, without this synchronicity guarantee, there would be no way for +Minipass to achieve the speeds it does, or support the synchronous use +cases that it does. Simply put, waiting takes time. + +This non-deferring approach makes Minipass streams much easier to reason +about, especially in the context of Promises and other flow-control +mechanisms. + +### No High/Low Water Marks + +Node.js core streams will optimistically fill up a buffer, returning `true` +on all writes until the limit is hit, even if the data has nowhere to go. +Then, they will not attempt to draw more data in until the buffer size dips +below a minimum value. + +Minipass streams are much simpler. The `write()` method will return `true` +if the data has somewhere to go (which is to say, given the timing +guarantees, that the data is already there by the time `write()` returns). + +If the data has nowhere to go, then `write()` returns false, and the data +sits in a buffer, to be drained out immediately as soon as anyone consumes +it. + +### Hazards of Buffering (or: Why Minipass Is So Fast) + +Since data written to a Minipass stream is immediately written all the way +through the pipeline, and `write()` always returns true/false based on +whether the data was fully flushed, backpressure is communicated +immediately to the upstream caller. This minimizes buffering. + +Consider this case: + +```js +const {PassThrough} = require('stream') +const p1 = new PassThrough({ highWaterMark: 1024 }) +const p2 = new PassThrough({ highWaterMark: 1024 }) +const p3 = new PassThrough({ highWaterMark: 1024 }) +const p4 = new PassThrough({ highWaterMark: 1024 }) + +p1.pipe(p2).pipe(p3).pipe(p4) +p4.on('data', () => console.log('made it through')) + +// this returns false and buffers, then writes to p2 on next tick (1) +// p2 returns false and buffers, pausing p1, then writes to p3 on next tick (2) +// p3 returns false and buffers, pausing p2, then writes to p4 on next tick (3) +// p4 returns false and buffers, pausing p3, then emits 'data' and 'drain' +// on next tick (4) +// p3 sees p4's 'drain' event, and calls resume(), emitting 'resume' and +// 'drain' on next tick (5) +// p2 sees p3's 'drain', calls resume(), emits 'resume' and 'drain' on next tick (6) +// p1 sees p2's 'drain', calls resume(), emits 'resume' and 'drain' on next +// tick (7) + +p1.write(Buffer.alloc(2048)) // returns false +``` + +Along the way, the data was buffered and deferred at each stage, and +multiple event deferrals happened, for an unblocked pipeline where it was +perfectly safe to write all the way through! + +Furthermore, setting a `highWaterMark` of `1024` might lead someone reading +the code to think an advisory maximum of 1KiB is being set for the +pipeline. However, the actual advisory buffering level is the _sum_ of +`highWaterMark` values, since each one has its own bucket. + +Consider the Minipass case: + +```js +const m1 = new Minipass() +const m2 = new Minipass() +const m3 = new Minipass() +const m4 = new Minipass() + +m1.pipe(m2).pipe(m3).pipe(m4) +m4.on('data', () => console.log('made it through')) + +// m1 is flowing, so it writes the data to m2 immediately +// m2 is flowing, so it writes the data to m3 immediately +// m3 is flowing, so it writes the data to m4 immediately +// m4 is flowing, so it fires the 'data' event immediately, returns true +// m4's write returned true, so m3 is still flowing, returns true +// m3's write returned true, so m2 is still flowing, returns true +// m2's write returned true, so m1 is still flowing, returns true +// No event deferrals or buffering along the way! + +m1.write(Buffer.alloc(2048)) // returns true +``` + +It is extremely unlikely that you _don't_ want to buffer any data written, +or _ever_ buffer data that can be flushed all the way through. Neither +node-core streams nor Minipass ever fail to buffer written data, but +node-core streams do a lot of unnecessary buffering and pausing. + +As always, the faster implementation is the one that does less stuff and +waits less time to do it. + +### Immediately emit `end` for empty streams (when not paused) + +If a stream is not paused, and `end()` is called before writing any data +into it, then it will emit `end` immediately. + +If you have logic that occurs on the `end` event which you don't want to +potentially happen immediately (for example, closing file descriptors, +moving on to the next entry in an archive parse stream, etc.) then be sure +to call `stream.pause()` on creation, and then `stream.resume()` once you +are ready to respond to the `end` event. + +### Emit `end` When Asked + +One hazard of immediately emitting `'end'` is that you may not yet have had +a chance to add a listener. In order to avoid this hazard, Minipass +streams safely re-emit the `'end'` event if a new listener is added after +`'end'` has been emitted. + +Ie, if you do `stream.on('end', someFunction)`, and the stream has already +emitted `end`, then it will call the handler right away. (You can think of +this somewhat like attaching a new `.then(fn)` to a previously-resolved +Promise.) + +To prevent calling handlers multiple times who would not expect multiple +ends to occur, all listeners are removed from the `'end'` event whenever it +is emitted. + +### Impact of "immediate flow" on Tee-streams + +A "tee stream" is a stream piping to multiple destinations: + +```js +const tee = new Minipass() +t.pipe(dest1) +t.pipe(dest2) +t.write('foo') // goes to both destinations +``` + +Since Minipass streams _immediately_ process any pending data through the +pipeline when a new pipe destination is added, this can have surprising +effects, especially when a stream comes in from some other function and may +or may not have data in its buffer. + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.pipe(dest1) // 'foo' chunk flows to dest1 immediately, and is gone +src.pipe(dest2) // gets nothing! +``` + +The solution is to create a dedicated tee-stream junction that pipes to +both locations, and then pipe to _that_ instead. + +```js +// Safe example: tee to both places +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.pipe(dest1) +tee.pipe(dest2) +stream.pipe(tee) // tee gets 'foo', pipes to both locations +``` + +The same caveat applies to `on('data')` event listeners. The first one +added will _immediately_ receive all of the data, leaving nothing for the +second: + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.on('data', handler1) // receives 'foo' right away +src.on('data', handler2) // nothing to see here! +``` + +Using a dedicated tee-stream can be used in this case as well: + +```js +// Safe example: tee to both data handlers +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.on('data', handler1) +tee.on('data', handler2) +src.pipe(tee) +``` + +## USAGE + +It's a stream! Use it like a stream and it'll most likely do what you +want. + +```js +const Minipass = require('minipass') +const mp = new Minipass(options) // optional: { encoding, objectMode } +mp.write('foo') +mp.pipe(someOtherStream) +mp.end('bar') +``` + +### OPTIONS + +* `encoding` How would you like the data coming _out_ of the stream to be + encoded? Accepts any values that can be passed to `Buffer.toString()`. +* `objectMode` Emit data exactly as it comes in. This will be flipped on + by default if you write() something other than a string or Buffer at any + point. Setting `objectMode: true` will prevent setting any encoding + value. + +### API + +Implements the user-facing portions of Node.js's `Readable` and `Writable` +streams. + +### Methods + +* `write(chunk, [encoding], [callback])` - Put data in. (Note that, in the + base Minipass class, the same data will come out.) Returns `false` if + the stream will buffer the next write, or true if it's still in "flowing" + mode. +* `end([chunk, [encoding]], [callback])` - Signal that you have no more + data to write. This will queue an `end` event to be fired when all the + data has been consumed. +* `setEncoding(encoding)` - Set the encoding for data coming of the stream. + This can only be done once. +* `pause()` - No more data for a while, please. This also prevents `end` + from being emitted for empty streams until the stream is resumed. +* `resume()` - Resume the stream. If there's data in the buffer, it is all + discarded. Any buffered events are immediately emitted. +* `pipe(dest)` - Send all output to the stream provided. There is no way + to unpipe. When data is emitted, it is immediately written to any and + all pipe destinations. +* `on(ev, fn)`, `emit(ev, fn)` - Minipass streams are EventEmitters. Some + events are given special treatment, however. (See below under "events".) +* `promise()` - Returns a Promise that resolves when the stream emits + `end`, or rejects if the stream emits `error`. +* `collect()` - Return a Promise that resolves on `end` with an array + containing each chunk of data that was emitted, or rejects if the stream + emits `error`. Note that this consumes the stream data. +* `concat()` - Same as `collect()`, but concatenates the data into a single + Buffer object. Will reject the returned promise if the stream is in + objectMode, or if it goes into objectMode by the end of the data. +* `read(n)` - Consume `n` bytes of data out of the buffer. If `n` is not + provided, then consume all of it. If `n` bytes are not available, then + it returns null. **Note** consuming streams in this way is less + efficient, and can lead to unnecessary Buffer copying. +* `destroy([er])` - Destroy the stream. If an error is provided, then an + `'error'` event is emitted. If the stream has a `close()` method, and + has not emitted a `'close'` event yet, then `stream.close()` will be + called. Any Promises returned by `.promise()`, `.collect()` or + `.concat()` will be rejected. After being destroyed, writing to the + stream will emit an error. No more data will be emitted if the stream is + destroyed, even if it was previously buffered. + +### Properties + +* `bufferLength` Read-only. Total number of bytes buffered, or in the case + of objectMode, the total number of objects. +* `encoding` The encoding that has been set. (Setting this is equivalent + to calling `setEncoding(enc)` and has the same prohibition against + setting multiple times.) +* `flowing` Read-only. Boolean indicating whether a chunk written to the + stream will be immediately emitted. +* `emittedEnd` Read-only. Boolean indicating whether the end-ish events + (ie, `end`, `prefinish`, `finish`) have been emitted. Note that + listening on any end-ish event will immediateyl re-emit it if it has + already been emitted. +* `writable` Whether the stream is writable. Default `true`. Set to + `false` when `end()` +* `readable` Whether the stream is readable. Default `true`. +* `buffer` A [yallist](http://npm.im/yallist) linked list of chunks written + to the stream that have not yet been emitted. (It's probably a bad idea + to mess with this.) +* `pipes` A [yallist](http://npm.im/yallist) linked list of streams that + this stream is piping into. (It's probably a bad idea to mess with + this.) +* `destroyed` A getter that indicates whether the stream was destroyed. +* `paused` True if the stream has been explicitly paused, otherwise false. +* `objectMode` Indicates whether the stream is in `objectMode`. Once set + to `true`, it cannot be set to `false`. + +### Events + +* `data` Emitted when there's data to read. Argument is the data to read. + This is never emitted while not flowing. If a listener is attached, that + will resume the stream. +* `end` Emitted when there's no more data to read. This will be emitted + immediately for empty streams when `end()` is called. If a listener is + attached, and `end` was already emitted, then it will be emitted again. + All listeners are removed when `end` is emitted. +* `prefinish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'end'`. +* `finish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'prefinish'`. +* `close` An indication that an underlying resource has been released. + Minipass does not emit this event, but will defer it until after `end` + has been emitted, since it throws off some stream libraries otherwise. +* `drain` Emitted when the internal buffer empties, and it is again + suitable to `write()` into the stream. +* `readable` Emitted when data is buffered and ready to be read by a + consumer. +* `resume` Emitted when stream changes state from buffering to flowing + mode. (Ie, when `resume` is called, `pipe` is called, or a `data` event + listener is added.) + +### Static Methods + +* `Minipass.isStream(stream)` Returns `true` if the argument is a stream, + and false otherwise. To be considered a stream, the object must be + either an instance of Minipass, or an EventEmitter that has either a + `pipe()` method, or both `write()` and `end()` methods. (Pretty much any + stream in node-land will return `true` for this.) + +## EXAMPLES + +Here are some examples of things you can do with Minipass streams. + +### simple "are you done yet" promise + +```js +mp.promise().then(() => { + // stream is finished +}, er => { + // stream emitted an error +}) +``` + +### collecting + +```js +mp.collect().then(all => { + // all is an array of all the data emitted + // encoding is supported in this case, so + // so the result will be a collection of strings if + // an encoding is specified, or buffers/objects if not. + // + // In an async function, you may do + // const data = await stream.collect() +}) +``` + +### collecting into a single blob + +This is a bit slower because it concatenates the data into one chunk for +you, but if you're going to do it yourself anyway, it's convenient this +way: + +```js +mp.concat().then(onebigchunk => { + // onebigchunk is a string if the stream + // had an encoding set, or a buffer otherwise. +}) +``` + +### iteration + +You can iterate over streams synchronously or asynchronously in platforms +that support it. + +Synchronous iteration will end when the currently available data is +consumed, even if the `end` event has not been reached. In string and +buffer mode, the data is concatenated, so unless multiple writes are +occurring in the same tick as the `read()`, sync iteration loops will +generally only have a single iteration. + +To consume chunks in this way exactly as they have been written, with no +flattening, create the stream with the `{ objectMode: true }` option. + +```js +const mp = new Minipass({ objectMode: true }) +mp.write('a') +mp.write('b') +for (let letter of mp) { + console.log(letter) // a, b +} +mp.write('c') +mp.write('d') +for (let letter of mp) { + console.log(letter) // c, d +} +mp.write('e') +mp.end() +for (let letter of mp) { + console.log(letter) // e +} +for (let letter of mp) { + console.log(letter) // nothing +} +``` + +Asynchronous iteration will continue until the end event is reached, +consuming all of the data. + +```js +const mp = new Minipass({ encoding: 'utf8' }) + +// some source of some data +let i = 5 +const inter = setInterval(() => { + if (i --> 0) + mp.write(Buffer.from('foo\n', 'utf8')) + else { + mp.end() + clearInterval(inter) + } +}, 100) + +// consume the data with asynchronous iteration +async function consume () { + for await (let chunk of mp) { + console.log(chunk) + } + return 'ok' +} + +consume().then(res => console.log(res)) +// logs `foo\n` 5 times, and then `ok` +``` + +### subclass that `console.log()`s everything written into it + +```js +class Logger extends Minipass { + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } +} + +someSource.pipe(new Logger()).pipe(someDest) +``` + +### same thing, but using an inline anonymous class + +```js +// js classes are fun +someSource + .pipe(new (class extends Minipass { + emit (ev, ...data) { + // let's also log events, because debugging some weird thing + console.log('EMIT', ev) + return super.emit(ev, ...data) + } + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } + })) + .pipe(someDest) +``` + +### subclass that defers 'end' for some reason + +```js +class SlowEnd extends Minipass { + emit (ev, ...args) { + if (ev === 'end') { + console.log('going to end, hold on a sec') + setTimeout(() => { + console.log('ok, ready to end now') + super.emit('end', ...args) + }, 100) + } else { + return super.emit(ev, ...args) + } + } +} +``` + +### transform that creates newline-delimited JSON + +```js +class NDJSONEncode extends Minipass { + write (obj, cb) { + try { + // JSON.stringify can throw, emit an error on that + return super.write(JSON.stringify(obj) + '\n', 'utf8', cb) + } catch (er) { + this.emit('error', er) + } + } + end (obj, cb) { + if (typeof obj === 'function') { + cb = obj + obj = undefined + } + if (obj !== undefined) { + this.write(obj) + } + return super.end(cb) + } +} +``` + +### transform that parses newline-delimited JSON + +```js +class NDJSONDecode extends Minipass { + constructor (options) { + // always be in object mode, as far as Minipass is concerned + super({ objectMode: true }) + this._jsonBuffer = '' + } + write (chunk, encoding, cb) { + if (typeof chunk === 'string' && + typeof encoding === 'string' && + encoding !== 'utf8') { + chunk = Buffer.from(chunk, encoding).toString() + } else if (Buffer.isBuffer(chunk)) + chunk = chunk.toString() + } + if (typeof encoding === 'function') { + cb = encoding + } + const jsonData = (this._jsonBuffer + chunk).split('\n') + this._jsonBuffer = jsonData.pop() + for (let i = 0; i < jsonData.length; i++) { + let parsed + try { + super.write(parsed) + } catch (er) { + this.emit('error', er) + continue + } + } + if (cb) + cb() + } +} +``` diff --git a/node_modules/minipass-fetch/node_modules/minipass/index.js b/node_modules/minipass-fetch/node_modules/minipass/index.js new file mode 100644 index 000000000..55ea0f3dd --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/minipass/index.js @@ -0,0 +1,538 @@ +'use strict' +const EE = require('events') +const Stream = require('stream') +const Yallist = require('yallist') +const SD = require('string_decoder').StringDecoder + +const EOF = Symbol('EOF') +const MAYBE_EMIT_END = Symbol('maybeEmitEnd') +const EMITTED_END = Symbol('emittedEnd') +const EMITTING_END = Symbol('emittingEnd') +const CLOSED = Symbol('closed') +const READ = Symbol('read') +const FLUSH = Symbol('flush') +const FLUSHCHUNK = Symbol('flushChunk') +const ENCODING = Symbol('encoding') +const DECODER = Symbol('decoder') +const FLOWING = Symbol('flowing') +const PAUSED = Symbol('paused') +const RESUME = Symbol('resume') +const BUFFERLENGTH = Symbol('bufferLength') +const BUFFERPUSH = Symbol('bufferPush') +const BUFFERSHIFT = Symbol('bufferShift') +const OBJECTMODE = Symbol('objectMode') +const DESTROYED = Symbol('destroyed') + +// TODO remove when Node v8 support drops +const doIter = global._MP_NO_ITERATOR_SYMBOLS_ !== '1' +const ASYNCITERATOR = doIter && Symbol.asyncIterator + || Symbol('asyncIterator not implemented') +const ITERATOR = doIter && Symbol.iterator + || Symbol('iterator not implemented') + +// events that mean 'the stream is over' +// these are treated specially, and re-emitted +// if they are listened for after emitting. +const isEndish = ev => + ev === 'end' || + ev === 'finish' || + ev === 'prefinish' + +const isArrayBuffer = b => b instanceof ArrayBuffer || + typeof b === 'object' && + b.constructor && + b.constructor.name === 'ArrayBuffer' && + b.byteLength >= 0 + +const isArrayBufferView = b => !Buffer.isBuffer(b) && ArrayBuffer.isView(b) + +module.exports = class Minipass extends Stream { + constructor (options) { + super() + this[FLOWING] = false + // whether we're explicitly paused + this[PAUSED] = false + this.pipes = new Yallist() + this.buffer = new Yallist() + this[OBJECTMODE] = options && options.objectMode || false + if (this[OBJECTMODE]) + this[ENCODING] = null + else + this[ENCODING] = options && options.encoding || null + if (this[ENCODING] === 'buffer') + this[ENCODING] = null + this[DECODER] = this[ENCODING] ? new SD(this[ENCODING]) : null + this[EOF] = false + this[EMITTED_END] = false + this[EMITTING_END] = false + this[CLOSED] = false + this.writable = true + this.readable = true + this[BUFFERLENGTH] = 0 + this[DESTROYED] = false + } + + get bufferLength () { return this[BUFFERLENGTH] } + + get encoding () { return this[ENCODING] } + set encoding (enc) { + if (this[OBJECTMODE]) + throw new Error('cannot set encoding in objectMode') + + if (this[ENCODING] && enc !== this[ENCODING] && + (this[DECODER] && this[DECODER].lastNeed || this[BUFFERLENGTH])) + throw new Error('cannot change encoding') + + if (this[ENCODING] !== enc) { + this[DECODER] = enc ? new SD(enc) : null + if (this.buffer.length) + this.buffer = this.buffer.map(chunk => this[DECODER].write(chunk)) + } + + this[ENCODING] = enc + } + + setEncoding (enc) { + this.encoding = enc + } + + get objectMode () { return this[OBJECTMODE] } + set objectMode (ॐ ) { this[OBJECTMODE] = this[OBJECTMODE] || !!ॐ } + + write (chunk, encoding, cb) { + if (this[EOF]) + throw new Error('write after end') + + if (this[DESTROYED]) { + this.emit('error', Object.assign( + new Error('Cannot call write after a stream was destroyed'), + { code: 'ERR_STREAM_DESTROYED' } + )) + return true + } + + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + + if (!encoding) + encoding = 'utf8' + + // convert array buffers and typed array views into buffers + // at some point in the future, we may want to do the opposite! + // leave strings and buffers as-is + // anything else switches us into object mode + if (!this[OBJECTMODE] && !Buffer.isBuffer(chunk)) { + if (isArrayBufferView(chunk)) + chunk = Buffer.from(chunk.buffer, chunk.byteOffset, chunk.byteLength) + else if (isArrayBuffer(chunk)) + chunk = Buffer.from(chunk) + else if (typeof chunk !== 'string') + // use the setter so we throw if we have encoding set + this.objectMode = true + } + + // this ensures at this point that the chunk is a buffer or string + // don't buffer it up or send it to the decoder + if (!this.objectMode && !chunk.length) { + const ret = this.flowing + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + return ret + } + + // fast-path writing strings of same encoding to a stream with + // an empty buffer, skipping the buffer/decoder dance + if (typeof chunk === 'string' && !this[OBJECTMODE] && + // unless it is a string already ready for us to use + !(encoding === this[ENCODING] && !this[DECODER].lastNeed)) { + chunk = Buffer.from(chunk, encoding) + } + + if (Buffer.isBuffer(chunk) && this[ENCODING]) + chunk = this[DECODER].write(chunk) + + try { + return this.flowing + ? (this.emit('data', chunk), this.flowing) + : (this[BUFFERPUSH](chunk), false) + } finally { + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + } + } + + read (n) { + if (this[DESTROYED]) + return null + + try { + if (this[BUFFERLENGTH] === 0 || n === 0 || n > this[BUFFERLENGTH]) + return null + + if (this[OBJECTMODE]) + n = null + + if (this.buffer.length > 1 && !this[OBJECTMODE]) { + if (this.encoding) + this.buffer = new Yallist([ + Array.from(this.buffer).join('') + ]) + else + this.buffer = new Yallist([ + Buffer.concat(Array.from(this.buffer), this[BUFFERLENGTH]) + ]) + } + + return this[READ](n || null, this.buffer.head.value) + } finally { + this[MAYBE_EMIT_END]() + } + } + + [READ] (n, chunk) { + if (n === chunk.length || n === null) + this[BUFFERSHIFT]() + else { + this.buffer.head.value = chunk.slice(n) + chunk = chunk.slice(0, n) + this[BUFFERLENGTH] -= n + } + + this.emit('data', chunk) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + + return chunk + } + + end (chunk, encoding, cb) { + if (typeof chunk === 'function') + cb = chunk, chunk = null + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + if (chunk) + this.write(chunk, encoding) + if (cb) + this.once('end', cb) + this[EOF] = true + this.writable = false + + // if we haven't written anything, then go ahead and emit, + // even if we're not reading. + // we'll re-emit if a new 'end' listener is added anyway. + // This makes MP more suitable to write-only use cases. + if (this.flowing || !this[PAUSED]) + this[MAYBE_EMIT_END]() + return this + } + + // don't let the internal resume be overwritten + [RESUME] () { + if (this[DESTROYED]) + return + + this[PAUSED] = false + this[FLOWING] = true + this.emit('resume') + if (this.buffer.length) + this[FLUSH]() + else if (this[EOF]) + this[MAYBE_EMIT_END]() + else + this.emit('drain') + } + + resume () { + return this[RESUME]() + } + + pause () { + this[FLOWING] = false + this[PAUSED] = true + } + + get destroyed () { + return this[DESTROYED] + } + + get flowing () { + return this[FLOWING] + } + + get paused () { + return this[PAUSED] + } + + [BUFFERPUSH] (chunk) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] += 1 + else + this[BUFFERLENGTH] += chunk.length + return this.buffer.push(chunk) + } + + [BUFFERSHIFT] () { + if (this.buffer.length) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] -= 1 + else + this[BUFFERLENGTH] -= this.buffer.head.value.length + } + return this.buffer.shift() + } + + [FLUSH] () { + do {} while (this[FLUSHCHUNK](this[BUFFERSHIFT]())) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + } + + [FLUSHCHUNK] (chunk) { + return chunk ? (this.emit('data', chunk), this.flowing) : false + } + + pipe (dest, opts) { + if (this[DESTROYED]) + return + + const ended = this[EMITTED_END] + opts = opts || {} + if (dest === process.stdout || dest === process.stderr) + opts.end = false + else + opts.end = opts.end !== false + + const p = { dest: dest, opts: opts, ondrain: _ => this[RESUME]() } + this.pipes.push(p) + + dest.on('drain', p.ondrain) + this[RESUME]() + // piping an ended stream ends immediately + if (ended && p.opts.end) + p.dest.end() + return dest + } + + addListener (ev, fn) { + return this.on(ev, fn) + } + + on (ev, fn) { + try { + return super.on(ev, fn) + } finally { + if (ev === 'data' && !this.pipes.length && !this.flowing) + this[RESUME]() + else if (isEndish(ev) && this[EMITTED_END]) { + super.emit(ev) + this.removeAllListeners(ev) + } + } + } + + get emittedEnd () { + return this[EMITTED_END] + } + + [MAYBE_EMIT_END] () { + if (!this[EMITTING_END] && + !this[EMITTED_END] && + !this[DESTROYED] && + this.buffer.length === 0 && + this[EOF]) { + this[EMITTING_END] = true + this.emit('end') + this.emit('prefinish') + this.emit('finish') + if (this[CLOSED]) + this.emit('close') + this[EMITTING_END] = false + } + } + + emit (ev, data) { + // error and close are only events allowed after calling destroy() + if (ev !== 'error' && ev !== 'close' && ev !== DESTROYED && this[DESTROYED]) + return + else if (ev === 'data') { + if (!data) + return + + if (this.pipes.length) + this.pipes.forEach(p => + p.dest.write(data) === false && this.pause()) + } else if (ev === 'end') { + // only actual end gets this treatment + if (this[EMITTED_END] === true) + return + + this[EMITTED_END] = true + this.readable = false + + if (this[DECODER]) { + data = this[DECODER].end() + if (data) { + this.pipes.forEach(p => p.dest.write(data)) + super.emit('data', data) + } + } + + this.pipes.forEach(p => { + p.dest.removeListener('drain', p.ondrain) + if (p.opts.end) + p.dest.end() + }) + } else if (ev === 'close') { + this[CLOSED] = true + // don't emit close before 'end' and 'finish' + if (!this[EMITTED_END] && !this[DESTROYED]) + return + } + + // TODO: replace with a spread operator when Node v4 support drops + const args = new Array(arguments.length) + args[0] = ev + args[1] = data + if (arguments.length > 2) { + for (let i = 2; i < arguments.length; i++) { + args[i] = arguments[i] + } + } + + try { + return super.emit.apply(this, args) + } finally { + if (!isEndish(ev)) + this[MAYBE_EMIT_END]() + else + this.removeAllListeners(ev) + } + } + + // const all = await stream.collect() + collect () { + const buf = [] + if (!this[OBJECTMODE]) + buf.dataLength = 0 + // set the promise first, in case an error is raised + // by triggering the flow here. + const p = this.promise() + this.on('data', c => { + buf.push(c) + if (!this[OBJECTMODE]) + buf.dataLength += c.length + }) + return p.then(() => buf) + } + + // const data = await stream.concat() + concat () { + return this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this.collect().then(buf => + this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this[ENCODING] ? buf.join('') : Buffer.concat(buf, buf.dataLength)) + } + + // stream.promise().then(() => done, er => emitted error) + promise () { + return new Promise((resolve, reject) => { + this.on(DESTROYED, () => reject(new Error('stream destroyed'))) + this.on('end', () => resolve()) + this.on('error', er => reject(er)) + }) + } + + // for await (let chunk of stream) + [ASYNCITERATOR] () { + const next = () => { + const res = this.read() + if (res !== null) + return Promise.resolve({ done: false, value: res }) + + if (this[EOF]) + return Promise.resolve({ done: true }) + + let resolve = null + let reject = null + const onerr = er => { + this.removeListener('data', ondata) + this.removeListener('end', onend) + reject(er) + } + const ondata = value => { + this.removeListener('error', onerr) + this.removeListener('end', onend) + this.pause() + resolve({ value: value, done: !!this[EOF] }) + } + const onend = () => { + this.removeListener('error', onerr) + this.removeListener('data', ondata) + resolve({ done: true }) + } + const ondestroy = () => onerr(new Error('stream destroyed')) + return new Promise((res, rej) => { + reject = rej + resolve = res + this.once(DESTROYED, ondestroy) + this.once('error', onerr) + this.once('end', onend) + this.once('data', ondata) + }) + } + + return { next } + } + + // for (let chunk of stream) + [ITERATOR] () { + const next = () => { + const value = this.read() + const done = value === null + return { value, done } + } + return { next } + } + + destroy (er) { + if (this[DESTROYED]) { + if (er) + this.emit('error', er) + else + this.emit(DESTROYED) + return this + } + + this[DESTROYED] = true + + // throw away all buffered data, it's never coming out + this.buffer = new Yallist() + this[BUFFERLENGTH] = 0 + + if (typeof this.close === 'function' && !this[CLOSED]) + this.close() + + if (er) + this.emit('error', er) + else // if no error to emit, still reject pending promises + this.emit(DESTROYED) + + return this + } + + static isStream (s) { + return !!s && (s instanceof Minipass || s instanceof Stream || + s instanceof EE && ( + typeof s.pipe === 'function' || // readable + (typeof s.write === 'function' && typeof s.end === 'function') // writable + )) + } +} diff --git a/node_modules/minipass-fetch/node_modules/minipass/package.json b/node_modules/minipass-fetch/node_modules/minipass/package.json new file mode 100644 index 000000000..15bbedd51 --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/minipass/package.json @@ -0,0 +1,73 @@ +{ + "_from": "minipass@^3.1.0", + "_id": "minipass@3.1.1", + "_inBundle": false, + "_integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "_location": "/minipass-fetch/minipass", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass@^3.1.0", + "name": "minipass", + "escapedName": "minipass", + "rawSpec": "^3.1.0", + "saveSpec": null, + "fetchSpec": "^3.1.0" + }, + "_requiredBy": [ + "/minipass-fetch", + "/minipass-fetch/minizlib" + ], + "_resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "_shasum": "7607ce778472a185ad6d89082aa2070f79cedcd5", + "_spec": "minipass@^3.1.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-fetch", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/minipass/issues" + }, + "bundleDependencies": false, + "dependencies": { + "yallist": "^4.0.0" + }, + "deprecated": false, + "description": "minimal implementation of a PassThrough stream", + "devDependencies": { + "end-of-stream": "^1.4.0", + "tap": "^14.6.5", + "through2": "^2.0.3" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/isaacs/minipass#readme", + "keywords": [ + "passthrough", + "stream" + ], + "license": "ISC", + "main": "index.js", + "name": "minipass", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/minipass.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish --tag=next", + "preversion": "npm test", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "3.1.1" +} diff --git a/node_modules/minipass-fetch/node_modules/minizlib/LICENSE b/node_modules/minipass-fetch/node_modules/minizlib/LICENSE new file mode 100644 index 000000000..ffce7383f --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/minizlib/LICENSE @@ -0,0 +1,26 @@ +Minizlib was created by Isaac Z. Schlueter. +It is a derivative work of the Node.js project. + +""" +Copyright Isaac Z. Schlueter and Contributors +Copyright Node.js contributors. All rights reserved. +Copyright Joyent, Inc. and other Node contributors. All rights reserved. + +Permission is hereby granted, free of charge, to any person obtaining a +copy of this software and associated documentation files (the "Software"), +to deal in the Software without restriction, including without limitation +the rights to use, copy, modify, merge, publish, distribute, sublicense, +and/or sell copies of the Software, and to permit persons to whom the +Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +""" diff --git a/node_modules/minipass-fetch/node_modules/minizlib/README.md b/node_modules/minipass-fetch/node_modules/minizlib/README.md new file mode 100644 index 000000000..80e067ab3 --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/minizlib/README.md @@ -0,0 +1,60 @@ +# minizlib + +A fast zlib stream built on [minipass](http://npm.im/minipass) and +Node.js's zlib binding. + +This module was created to serve the needs of +[node-tar](http://npm.im/tar) and +[minipass-fetch](http://npm.im/minipass-fetch). + +Brotli is supported in versions of node with a Brotli binding. + +## How does this differ from the streams in `require('zlib')`? + +First, there are no convenience methods to compress or decompress a +buffer. If you want those, use the built-in `zlib` module. This is +only streams. That being said, Minipass streams to make it fairly easy to +use as one-liners: `new zlib.Deflate().end(data).read()` will return the +deflate compressed result. + +This module compresses and decompresses the data as fast as you feed +it in. It is synchronous, and runs on the main process thread. Zlib +and Brotli operations can be high CPU, but they're very fast, and doing it +this way means much less bookkeeping and artificial deferral. + +Node's built in zlib streams are built on top of `stream.Transform`. +They do the maximally safe thing with respect to consistent +asynchrony, buffering, and backpressure. + +See [Minipass](http://npm.im/minipass) for more on the differences between +Node.js core streams and Minipass streams, and the convenience methods +provided by that class. + +## Classes + +- Deflate +- Inflate +- Gzip +- Gunzip +- DeflateRaw +- InflateRaw +- Unzip +- BrotliCompress (Node v10 and higher) +- BrotliDecompress (Node v10 and higher) + +## USAGE + +```js +const zlib = require('minizlib') +const input = sourceOfCompressedData() +const decode = new zlib.BrotliDecompress() +const output = whereToWriteTheDecodedData() +input.pipe(decode).pipe(output) +``` + +## REPRODUCIBLE BUILDS + +To create reproducible gzip compressed files across different operating +systems, set `portable: true` in the options. This causes minizlib to set +the `OS` indicator in byte 9 of the extended gzip header to `0xFF` for +'unknown'. diff --git a/node_modules/minipass-fetch/node_modules/minizlib/constants.js b/node_modules/minipass-fetch/node_modules/minizlib/constants.js new file mode 100644 index 000000000..641ebc731 --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/minizlib/constants.js @@ -0,0 +1,115 @@ +// Update with any zlib constants that are added or changed in the future. +// Node v6 didn't export this, so we just hard code the version and rely +// on all the other hard-coded values from zlib v4736. When node v6 +// support drops, we can just export the realZlibConstants object. +const realZlibConstants = require('zlib').constants || + /* istanbul ignore next */ { ZLIB_VERNUM: 4736 } + +module.exports = Object.freeze(Object.assign(Object.create(null), { + Z_NO_FLUSH: 0, + Z_PARTIAL_FLUSH: 1, + Z_SYNC_FLUSH: 2, + Z_FULL_FLUSH: 3, + Z_FINISH: 4, + Z_BLOCK: 5, + Z_OK: 0, + Z_STREAM_END: 1, + Z_NEED_DICT: 2, + Z_ERRNO: -1, + Z_STREAM_ERROR: -2, + Z_DATA_ERROR: -3, + Z_MEM_ERROR: -4, + Z_BUF_ERROR: -5, + Z_VERSION_ERROR: -6, + Z_NO_COMPRESSION: 0, + Z_BEST_SPEED: 1, + Z_BEST_COMPRESSION: 9, + Z_DEFAULT_COMPRESSION: -1, + Z_FILTERED: 1, + Z_HUFFMAN_ONLY: 2, + Z_RLE: 3, + Z_FIXED: 4, + Z_DEFAULT_STRATEGY: 0, + DEFLATE: 1, + INFLATE: 2, + GZIP: 3, + GUNZIP: 4, + DEFLATERAW: 5, + INFLATERAW: 6, + UNZIP: 7, + BROTLI_DECODE: 8, + BROTLI_ENCODE: 9, + Z_MIN_WINDOWBITS: 8, + Z_MAX_WINDOWBITS: 15, + Z_DEFAULT_WINDOWBITS: 15, + Z_MIN_CHUNK: 64, + Z_MAX_CHUNK: Infinity, + Z_DEFAULT_CHUNK: 16384, + Z_MIN_MEMLEVEL: 1, + Z_MAX_MEMLEVEL: 9, + Z_DEFAULT_MEMLEVEL: 8, + Z_MIN_LEVEL: -1, + Z_MAX_LEVEL: 9, + Z_DEFAULT_LEVEL: -1, + BROTLI_OPERATION_PROCESS: 0, + BROTLI_OPERATION_FLUSH: 1, + BROTLI_OPERATION_FINISH: 2, + BROTLI_OPERATION_EMIT_METADATA: 3, + BROTLI_MODE_GENERIC: 0, + BROTLI_MODE_TEXT: 1, + BROTLI_MODE_FONT: 2, + BROTLI_DEFAULT_MODE: 0, + BROTLI_MIN_QUALITY: 0, + BROTLI_MAX_QUALITY: 11, + BROTLI_DEFAULT_QUALITY: 11, + BROTLI_MIN_WINDOW_BITS: 10, + BROTLI_MAX_WINDOW_BITS: 24, + BROTLI_LARGE_MAX_WINDOW_BITS: 30, + BROTLI_DEFAULT_WINDOW: 22, + BROTLI_MIN_INPUT_BLOCK_BITS: 16, + BROTLI_MAX_INPUT_BLOCK_BITS: 24, + BROTLI_PARAM_MODE: 0, + BROTLI_PARAM_QUALITY: 1, + BROTLI_PARAM_LGWIN: 2, + BROTLI_PARAM_LGBLOCK: 3, + BROTLI_PARAM_DISABLE_LITERAL_CONTEXT_MODELING: 4, + BROTLI_PARAM_SIZE_HINT: 5, + BROTLI_PARAM_LARGE_WINDOW: 6, + BROTLI_PARAM_NPOSTFIX: 7, + BROTLI_PARAM_NDIRECT: 8, + BROTLI_DECODER_RESULT_ERROR: 0, + BROTLI_DECODER_RESULT_SUCCESS: 1, + BROTLI_DECODER_RESULT_NEEDS_MORE_INPUT: 2, + BROTLI_DECODER_RESULT_NEEDS_MORE_OUTPUT: 3, + BROTLI_DECODER_PARAM_DISABLE_RING_BUFFER_REALLOCATION: 0, + BROTLI_DECODER_PARAM_LARGE_WINDOW: 1, + BROTLI_DECODER_NO_ERROR: 0, + BROTLI_DECODER_SUCCESS: 1, + BROTLI_DECODER_NEEDS_MORE_INPUT: 2, + BROTLI_DECODER_NEEDS_MORE_OUTPUT: 3, + BROTLI_DECODER_ERROR_FORMAT_EXUBERANT_NIBBLE: -1, + BROTLI_DECODER_ERROR_FORMAT_RESERVED: -2, + BROTLI_DECODER_ERROR_FORMAT_EXUBERANT_META_NIBBLE: -3, + BROTLI_DECODER_ERROR_FORMAT_SIMPLE_HUFFMAN_ALPHABET: -4, + BROTLI_DECODER_ERROR_FORMAT_SIMPLE_HUFFMAN_SAME: -5, + BROTLI_DECODER_ERROR_FORMAT_CL_SPACE: -6, + BROTLI_DECODER_ERROR_FORMAT_HUFFMAN_SPACE: -7, + BROTLI_DECODER_ERROR_FORMAT_CONTEXT_MAP_REPEAT: -8, + BROTLI_DECODER_ERROR_FORMAT_BLOCK_LENGTH_1: -9, + BROTLI_DECODER_ERROR_FORMAT_BLOCK_LENGTH_2: -10, + BROTLI_DECODER_ERROR_FORMAT_TRANSFORM: -11, + BROTLI_DECODER_ERROR_FORMAT_DICTIONARY: -12, + BROTLI_DECODER_ERROR_FORMAT_WINDOW_BITS: -13, + BROTLI_DECODER_ERROR_FORMAT_PADDING_1: -14, + BROTLI_DECODER_ERROR_FORMAT_PADDING_2: -15, + BROTLI_DECODER_ERROR_FORMAT_DISTANCE: -16, + BROTLI_DECODER_ERROR_DICTIONARY_NOT_SET: -19, + BROTLI_DECODER_ERROR_INVALID_ARGUMENTS: -20, + BROTLI_DECODER_ERROR_ALLOC_CONTEXT_MODES: -21, + BROTLI_DECODER_ERROR_ALLOC_TREE_GROUPS: -22, + BROTLI_DECODER_ERROR_ALLOC_CONTEXT_MAP: -25, + BROTLI_DECODER_ERROR_ALLOC_RING_BUFFER_1: -26, + BROTLI_DECODER_ERROR_ALLOC_RING_BUFFER_2: -27, + BROTLI_DECODER_ERROR_ALLOC_BLOCK_TYPE_TREES: -30, + BROTLI_DECODER_ERROR_UNREACHABLE: -31, +}, realZlibConstants)) diff --git a/node_modules/minipass-fetch/node_modules/minizlib/index.js b/node_modules/minipass-fetch/node_modules/minizlib/index.js new file mode 100644 index 000000000..c84bda1b5 --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/minizlib/index.js @@ -0,0 +1,338 @@ +'use strict' + +const assert = require('assert') +const Buffer = require('buffer').Buffer +const realZlib = require('zlib') + +const constants = exports.constants = require('./constants.js') +const Minipass = require('minipass') + +const OriginalBufferConcat = Buffer.concat + +const _superWrite = Symbol('_superWrite') +class ZlibError extends Error { + constructor (err) { + super('zlib: ' + err.message) + this.code = err.code + this.errno = err.errno + /* istanbul ignore if */ + if (!this.code) + this.code = 'ZLIB_ERROR' + + this.message = 'zlib: ' + err.message + Error.captureStackTrace(this, this.constructor) + } + + get name () { + return 'ZlibError' + } +} + +// the Zlib class they all inherit from +// This thing manages the queue of requests, and returns +// true or false if there is anything in the queue when +// you call the .write() method. +const _opts = Symbol('opts') +const _flushFlag = Symbol('flushFlag') +const _finishFlushFlag = Symbol('finishFlushFlag') +const _fullFlushFlag = Symbol('fullFlushFlag') +const _handle = Symbol('handle') +const _onError = Symbol('onError') +const _sawError = Symbol('sawError') +const _level = Symbol('level') +const _strategy = Symbol('strategy') +const _ended = Symbol('ended') +const _defaultFullFlush = Symbol('_defaultFullFlush') + +class ZlibBase extends Minipass { + constructor (opts, mode) { + if (!opts || typeof opts !== 'object') + throw new TypeError('invalid options for ZlibBase constructor') + + super(opts) + this[_ended] = false + this[_opts] = opts + + this[_flushFlag] = opts.flush + this[_finishFlushFlag] = opts.finishFlush + // this will throw if any options are invalid for the class selected + try { + this[_handle] = new realZlib[mode](opts) + } catch (er) { + // make sure that all errors get decorated properly + throw new ZlibError(er) + } + + this[_onError] = (err) => { + this[_sawError] = true + // there is no way to cleanly recover. + // continuing only obscures problems. + this.close() + this.emit('error', err) + } + + this[_handle].on('error', er => this[_onError](new ZlibError(er))) + this.once('end', () => this.close) + } + + close () { + if (this[_handle]) { + this[_handle].close() + this[_handle] = null + this.emit('close') + } + } + + reset () { + if (!this[_sawError]) { + assert(this[_handle], 'zlib binding closed') + return this[_handle].reset() + } + } + + flush (flushFlag) { + if (this.ended) + return + + if (typeof flushFlag !== 'number') + flushFlag = this[_fullFlushFlag] + this.write(Object.assign(Buffer.alloc(0), { [_flushFlag]: flushFlag })) + } + + end (chunk, encoding, cb) { + if (chunk) + this.write(chunk, encoding) + this.flush(this[_finishFlushFlag]) + this[_ended] = true + return super.end(null, null, cb) + } + + get ended () { + return this[_ended] + } + + write (chunk, encoding, cb) { + // process the chunk using the sync process + // then super.write() all the outputted chunks + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + + if (typeof chunk === 'string') + chunk = Buffer.from(chunk, encoding) + + if (this[_sawError]) + return + assert(this[_handle], 'zlib binding closed') + + // _processChunk tries to .close() the native handle after it's done, so we + // intercept that by temporarily making it a no-op. + const nativeHandle = this[_handle]._handle + const originalNativeClose = nativeHandle.close + nativeHandle.close = () => {} + const originalClose = this[_handle].close + this[_handle].close = () => {} + // It also calls `Buffer.concat()` at the end, which may be convenient + // for some, but which we are not interested in as it slows us down. + Buffer.concat = (args) => args + let result + try { + const flushFlag = typeof chunk[_flushFlag] === 'number' + ? chunk[_flushFlag] : this[_flushFlag] + result = this[_handle]._processChunk(chunk, flushFlag) + // if we don't throw, reset it back how it was + Buffer.concat = OriginalBufferConcat + } catch (err) { + // or if we do, put Buffer.concat() back before we emit error + // Error events call into user code, which may call Buffer.concat() + Buffer.concat = OriginalBufferConcat + this[_onError](new ZlibError(err)) + } finally { + if (this[_handle]) { + // Core zlib resets `_handle` to null after attempting to close the + // native handle. Our no-op handler prevented actual closure, but we + // need to restore the `._handle` property. + this[_handle]._handle = nativeHandle + nativeHandle.close = originalNativeClose + this[_handle].close = originalClose + // `_processChunk()` adds an 'error' listener. If we don't remove it + // after each call, these handlers start piling up. + this[_handle].removeAllListeners('error') + } + } + + let writeReturn + if (result) { + if (Array.isArray(result) && result.length > 0) { + // The first buffer is always `handle._outBuffer`, which would be + // re-used for later invocations; so, we always have to copy that one. + writeReturn = this[_superWrite](Buffer.from(result[0])) + for (let i = 1; i < result.length; i++) { + writeReturn = this[_superWrite](result[i]) + } + } else { + writeReturn = this[_superWrite](Buffer.from(result)) + } + } + + if (cb) + cb() + return writeReturn + } + + [_superWrite] (data) { + return super.write(data) + } +} + +class Zlib extends ZlibBase { + constructor (opts, mode) { + opts = opts || {} + + opts.flush = opts.flush || constants.Z_NO_FLUSH + opts.finishFlush = opts.finishFlush || constants.Z_FINISH + super(opts, mode) + + this[_fullFlushFlag] = constants.Z_FULL_FLUSH + this[_level] = opts.level + this[_strategy] = opts.strategy + } + + params (level, strategy) { + if (this[_sawError]) + return + + if (!this[_handle]) + throw new Error('cannot switch params when binding is closed') + + // no way to test this without also not supporting params at all + /* istanbul ignore if */ + if (!this[_handle].params) + throw new Error('not supported in this implementation') + + if (this[_level] !== level || this[_strategy] !== strategy) { + this.flush(constants.Z_SYNC_FLUSH) + assert(this[_handle], 'zlib binding closed') + // .params() calls .flush(), but the latter is always async in the + // core zlib. We override .flush() temporarily to intercept that and + // flush synchronously. + const origFlush = this[_handle].flush + this[_handle].flush = (flushFlag, cb) => { + this.flush(flushFlag) + cb() + } + try { + this[_handle].params(level, strategy) + } finally { + this[_handle].flush = origFlush + } + /* istanbul ignore else */ + if (this[_handle]) { + this[_level] = level + this[_strategy] = strategy + } + } + } +} + +// minimal 2-byte header +class Deflate extends Zlib { + constructor (opts) { + super(opts, 'Deflate') + } +} + +class Inflate extends Zlib { + constructor (opts) { + super(opts, 'Inflate') + } +} + +// gzip - bigger header, same deflate compression +const _portable = Symbol('_portable') +class Gzip extends Zlib { + constructor (opts) { + super(opts, 'Gzip') + this[_portable] = opts && !!opts.portable + } + + [_superWrite] (data) { + if (!this[_portable]) + return super[_superWrite](data) + + // we'll always get the header emitted in one first chunk + // overwrite the OS indicator byte with 0xFF + this[_portable] = false + data[9] = 255 + return super[_superWrite](data) + } +} + +class Gunzip extends Zlib { + constructor (opts) { + super(opts, 'Gunzip') + } +} + +// raw - no header +class DeflateRaw extends Zlib { + constructor (opts) { + super(opts, 'DeflateRaw') + } +} + +class InflateRaw extends Zlib { + constructor (opts) { + super(opts, 'InflateRaw') + } +} + +// auto-detect header. +class Unzip extends Zlib { + constructor (opts) { + super(opts, 'Unzip') + } +} + +class Brotli extends ZlibBase { + constructor (opts, mode) { + opts = opts || {} + + opts.flush = opts.flush || constants.BROTLI_OPERATION_PROCESS + opts.finishFlush = opts.finishFlush || constants.BROTLI_OPERATION_FINISH + + super(opts, mode) + + this[_fullFlushFlag] = constants.BROTLI_OPERATION_FLUSH + } +} + +class BrotliCompress extends Brotli { + constructor (opts) { + super(opts, 'BrotliCompress') + } +} + +class BrotliDecompress extends Brotli { + constructor (opts) { + super(opts, 'BrotliDecompress') + } +} + +exports.Deflate = Deflate +exports.Inflate = Inflate +exports.Gzip = Gzip +exports.Gunzip = Gunzip +exports.DeflateRaw = DeflateRaw +exports.InflateRaw = InflateRaw +exports.Unzip = Unzip +/* istanbul ignore else */ +if (typeof realZlib.BrotliCompress === 'function') { + exports.BrotliCompress = BrotliCompress + exports.BrotliDecompress = BrotliDecompress +} else { + exports.BrotliCompress = exports.BrotliDecompress = class { + constructor () { + throw new Error('Brotli is not supported in this version of Node.js') + } + } +} diff --git a/node_modules/minipass-fetch/node_modules/minizlib/package.json b/node_modules/minipass-fetch/node_modules/minizlib/package.json new file mode 100644 index 000000000..7d5a9e7ff --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/minizlib/package.json @@ -0,0 +1,75 @@ +{ + "_from": "minizlib@^2.0.0", + "_id": "minizlib@2.1.0", + "_inBundle": false, + "_integrity": "sha512-EzTZN/fjSvifSX0SlqUERCN39o6T40AMarPbv0MrarSFtIITCBh7bi+dU8nxGFHuqs9jdIAeoYoKuQAAASsPPA==", + "_location": "/minipass-fetch/minizlib", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minizlib@^2.0.0", + "name": "minizlib", + "escapedName": "minizlib", + "rawSpec": "^2.0.0", + "saveSpec": null, + "fetchSpec": "^2.0.0" + }, + "_requiredBy": [ + "/minipass-fetch" + ], + "_resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.0.tgz", + "_shasum": "fd52c645301ef09a63a2c209697c294c6ce02cf3", + "_spec": "minizlib@^2.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-fetch", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/minizlib/issues" + }, + "bundleDependencies": false, + "dependencies": { + "minipass": "^3.0.0", + "yallist": "^4.0.0" + }, + "deprecated": false, + "description": "A small fast zlib stream built on [minipass](http://npm.im/minipass) and Node.js's zlib binding.", + "devDependencies": { + "tap": "^14.6.9" + }, + "engines": { + "node": ">= 8" + }, + "files": [ + "index.js", + "constants.js" + ], + "homepage": "https://github.com/isaacs/minizlib#readme", + "keywords": [ + "zlib", + "gzip", + "gunzip", + "deflate", + "inflate", + "compression", + "zip", + "unzip" + ], + "license": "MIT", + "main": "index.js", + "name": "minizlib", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/minizlib.git" + }, + "scripts": { + "postpublish": "git push origin --all; git push origin --tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap test/*.js --100 -J" + }, + "version": "2.1.0" +} diff --git a/node_modules/minipass-fetch/node_modules/yallist/LICENSE b/node_modules/minipass-fetch/node_modules/yallist/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/yallist/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-fetch/node_modules/yallist/README.md b/node_modules/minipass-fetch/node_modules/yallist/README.md new file mode 100644 index 000000000..f58610186 --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/yallist/README.md @@ -0,0 +1,204 @@ +# yallist + +Yet Another Linked List + +There are many doubly-linked list implementations like it, but this +one is mine. + +For when an array would be too big, and a Map can't be iterated in +reverse order. + + +[](https://travis-ci.org/isaacs/yallist) [](https://coveralls.io/github/isaacs/yallist) + +## basic usage + +```javascript +var yallist = require('yallist') +var myList = yallist.create([1, 2, 3]) +myList.push('foo') +myList.unshift('bar') +// of course pop() and shift() are there, too +console.log(myList.toArray()) // ['bar', 1, 2, 3, 'foo'] +myList.forEach(function (k) { + // walk the list head to tail +}) +myList.forEachReverse(function (k, index, list) { + // walk the list tail to head +}) +var myDoubledList = myList.map(function (k) { + return k + k +}) +// now myDoubledList contains ['barbar', 2, 4, 6, 'foofoo'] +// mapReverse is also a thing +var myDoubledListReverse = myList.mapReverse(function (k) { + return k + k +}) // ['foofoo', 6, 4, 2, 'barbar'] + +var reduced = myList.reduce(function (set, entry) { + set += entry + return set +}, 'start') +console.log(reduced) // 'startfoo123bar' +``` + +## api + +The whole API is considered "public". + +Functions with the same name as an Array method work more or less the +same way. + +There's reverse versions of most things because that's the point. + +### Yallist + +Default export, the class that holds and manages a list. + +Call it with either a forEach-able (like an array) or a set of +arguments, to initialize the list. + +The Array-ish methods all act like you'd expect. No magic length, +though, so if you change that it won't automatically prune or add +empty spots. + +### Yallist.create(..) + +Alias for Yallist function. Some people like factories. + +#### yallist.head + +The first node in the list + +#### yallist.tail + +The last node in the list + +#### yallist.length + +The number of nodes in the list. (Change this at your peril. It is +not magic like Array length.) + +#### yallist.toArray() + +Convert the list to an array. + +#### yallist.forEach(fn, [thisp]) + +Call a function on each item in the list. + +#### yallist.forEachReverse(fn, [thisp]) + +Call a function on each item in the list, in reverse order. + +#### yallist.get(n) + +Get the data at position `n` in the list. If you use this a lot, +probably better off just using an Array. + +#### yallist.getReverse(n) + +Get the data at position `n`, counting from the tail. + +#### yallist.map(fn, thisp) + +Create a new Yallist with the result of calling the function on each +item. + +#### yallist.mapReverse(fn, thisp) + +Same as `map`, but in reverse. + +#### yallist.pop() + +Get the data from the list tail, and remove the tail from the list. + +#### yallist.push(item, ...) + +Insert one or more items to the tail of the list. + +#### yallist.reduce(fn, initialValue) + +Like Array.reduce. + +#### yallist.reduceReverse + +Like Array.reduce, but in reverse. + +#### yallist.reverse + +Reverse the list in place. + +#### yallist.shift() + +Get the data from the list head, and remove the head from the list. + +#### yallist.slice([from], [to]) + +Just like Array.slice, but returns a new Yallist. + +#### yallist.sliceReverse([from], [to]) + +Just like yallist.slice, but the result is returned in reverse. + +#### yallist.toArray() + +Create an array representation of the list. + +#### yallist.toArrayReverse() + +Create a reversed array representation of the list. + +#### yallist.unshift(item, ...) + +Insert one or more items to the head of the list. + +#### yallist.unshiftNode(node) + +Move a Node object to the front of the list. (That is, pull it out of +wherever it lives, and make it the new head.) + +If the node belongs to a different list, then that list will remove it +first. + +#### yallist.pushNode(node) + +Move a Node object to the end of the list. (That is, pull it out of +wherever it lives, and make it the new tail.) + +If the node belongs to a list already, then that list will remove it +first. + +#### yallist.removeNode(node) + +Remove a node from the list, preserving referential integrity of head +and tail and other nodes. + +Will throw an error if you try to have a list remove a node that +doesn't belong to it. + +### Yallist.Node + +The class that holds the data and is actually the list. + +Call with `var n = new Node(value, previousNode, nextNode)` + +Note that if you do direct operations on Nodes themselves, it's very +easy to get into weird states where the list is broken. Be careful :) + +#### node.next + +The next node in the list. + +#### node.prev + +The previous node in the list. + +#### node.value + +The data the node contains. + +#### node.list + +The list to which this node belongs. (Null if it does not belong to +any list.) diff --git a/node_modules/minipass-fetch/node_modules/yallist/iterator.js b/node_modules/minipass-fetch/node_modules/yallist/iterator.js new file mode 100644 index 000000000..d41c97a19 --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/yallist/iterator.js @@ -0,0 +1,8 @@ +'use strict' +module.exports = function (Yallist) { + Yallist.prototype[Symbol.iterator] = function* () { + for (let walker = this.head; walker; walker = walker.next) { + yield walker.value + } + } +} diff --git a/node_modules/minipass-fetch/node_modules/yallist/package.json b/node_modules/minipass-fetch/node_modules/yallist/package.json new file mode 100644 index 000000000..c9f4b90e2 --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/yallist/package.json @@ -0,0 +1,63 @@ +{ + "_from": "yallist@^4.0.0", + "_id": "yallist@4.0.0", + "_inBundle": false, + "_integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "_location": "/minipass-fetch/yallist", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "yallist@^4.0.0", + "name": "yallist", + "escapedName": "yallist", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/minipass-fetch/minipass", + "/minipass-fetch/minizlib" + ], + "_resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "_shasum": "9bb92790d9c0effec63be73519e11a35019a3a72", + "_spec": "yallist@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-fetch/node_modules/minipass", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/yallist/issues" + }, + "bundleDependencies": false, + "dependencies": {}, + "deprecated": false, + "description": "Yet Another Linked List", + "devDependencies": { + "tap": "^12.1.0" + }, + "directories": { + "test": "test" + }, + "files": [ + "yallist.js", + "iterator.js" + ], + "homepage": "https://github.com/isaacs/yallist#readme", + "license": "ISC", + "main": "yallist.js", + "name": "yallist", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/yallist.git" + }, + "scripts": { + "postpublish": "git push origin --all; git push origin --tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap test/*.js --100" + }, + "version": "4.0.0" +} diff --git a/node_modules/minipass-fetch/node_modules/yallist/yallist.js b/node_modules/minipass-fetch/node_modules/yallist/yallist.js new file mode 100644 index 000000000..4e83ab1c5 --- /dev/null +++ b/node_modules/minipass-fetch/node_modules/yallist/yallist.js @@ -0,0 +1,426 @@ +'use strict' +module.exports = Yallist + +Yallist.Node = Node +Yallist.create = Yallist + +function Yallist (list) { + var self = this + if (!(self instanceof Yallist)) { + self = new Yallist() + } + + self.tail = null + self.head = null + self.length = 0 + + if (list && typeof list.forEach === 'function') { + list.forEach(function (item) { + self.push(item) + }) + } else if (arguments.length > 0) { + for (var i = 0, l = arguments.length; i < l; i++) { + self.push(arguments[i]) + } + } + + return self +} + +Yallist.prototype.removeNode = function (node) { + if (node.list !== this) { + throw new Error('removing node which does not belong to this list') + } + + var next = node.next + var prev = node.prev + + if (next) { + next.prev = prev + } + + if (prev) { + prev.next = next + } + + if (node === this.head) { + this.head = next + } + if (node === this.tail) { + this.tail = prev + } + + node.list.length-- + node.next = null + node.prev = null + node.list = null + + return next +} + +Yallist.prototype.unshiftNode = function (node) { + if (node === this.head) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var head = this.head + node.list = this + node.next = head + if (head) { + head.prev = node + } + + this.head = node + if (!this.tail) { + this.tail = node + } + this.length++ +} + +Yallist.prototype.pushNode = function (node) { + if (node === this.tail) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var tail = this.tail + node.list = this + node.prev = tail + if (tail) { + tail.next = node + } + + this.tail = node + if (!this.head) { + this.head = node + } + this.length++ +} + +Yallist.prototype.push = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + push(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.unshift = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + unshift(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.pop = function () { + if (!this.tail) { + return undefined + } + + var res = this.tail.value + this.tail = this.tail.prev + if (this.tail) { + this.tail.next = null + } else { + this.head = null + } + this.length-- + return res +} + +Yallist.prototype.shift = function () { + if (!this.head) { + return undefined + } + + var res = this.head.value + this.head = this.head.next + if (this.head) { + this.head.prev = null + } else { + this.tail = null + } + this.length-- + return res +} + +Yallist.prototype.forEach = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.head, i = 0; walker !== null; i++) { + fn.call(thisp, walker.value, i, this) + walker = walker.next + } +} + +Yallist.prototype.forEachReverse = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.tail, i = this.length - 1; walker !== null; i--) { + fn.call(thisp, walker.value, i, this) + walker = walker.prev + } +} + +Yallist.prototype.get = function (n) { + for (var i = 0, walker = this.head; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.next + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.getReverse = function (n) { + for (var i = 0, walker = this.tail; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.prev + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.map = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.head; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.next + } + return res +} + +Yallist.prototype.mapReverse = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.tail; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.prev + } + return res +} + +Yallist.prototype.reduce = function (fn, initial) { + var acc + var walker = this.head + if (arguments.length > 1) { + acc = initial + } else if (this.head) { + walker = this.head.next + acc = this.head.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = 0; walker !== null; i++) { + acc = fn(acc, walker.value, i) + walker = walker.next + } + + return acc +} + +Yallist.prototype.reduceReverse = function (fn, initial) { + var acc + var walker = this.tail + if (arguments.length > 1) { + acc = initial + } else if (this.tail) { + walker = this.tail.prev + acc = this.tail.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = this.length - 1; walker !== null; i--) { + acc = fn(acc, walker.value, i) + walker = walker.prev + } + + return acc +} + +Yallist.prototype.toArray = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.head; walker !== null; i++) { + arr[i] = walker.value + walker = walker.next + } + return arr +} + +Yallist.prototype.toArrayReverse = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.tail; walker !== null; i++) { + arr[i] = walker.value + walker = walker.prev + } + return arr +} + +Yallist.prototype.slice = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = 0, walker = this.head; walker !== null && i < from; i++) { + walker = walker.next + } + for (; walker !== null && i < to; i++, walker = walker.next) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.sliceReverse = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = this.length, walker = this.tail; walker !== null && i > to; i--) { + walker = walker.prev + } + for (; walker !== null && i > from; i--, walker = walker.prev) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.splice = function (start, deleteCount, ...nodes) { + if (start > this.length) { + start = this.length - 1 + } + if (start < 0) { + start = this.length + start; + } + + for (var i = 0, walker = this.head; walker !== null && i < start; i++) { + walker = walker.next + } + + var ret = [] + for (var i = 0; walker && i < deleteCount; i++) { + ret.push(walker.value) + walker = this.removeNode(walker) + } + if (walker === null) { + walker = this.tail + } + + if (walker !== this.head && walker !== this.tail) { + walker = walker.prev + } + + for (var i = 0; i < nodes.length; i++) { + walker = insert(this, walker, nodes[i]) + } + return ret; +} + +Yallist.prototype.reverse = function () { + var head = this.head + var tail = this.tail + for (var walker = head; walker !== null; walker = walker.prev) { + var p = walker.prev + walker.prev = walker.next + walker.next = p + } + this.head = tail + this.tail = head + return this +} + +function insert (self, node, value) { + var inserted = node === self.head ? + new Node(value, null, node, self) : + new Node(value, node, node.next, self) + + if (inserted.next === null) { + self.tail = inserted + } + if (inserted.prev === null) { + self.head = inserted + } + + self.length++ + + return inserted +} + +function push (self, item) { + self.tail = new Node(item, self.tail, null, self) + if (!self.head) { + self.head = self.tail + } + self.length++ +} + +function unshift (self, item) { + self.head = new Node(item, null, self.head, self) + if (!self.tail) { + self.tail = self.head + } + self.length++ +} + +function Node (value, prev, next, list) { + if (!(this instanceof Node)) { + return new Node(value, prev, next, list) + } + + this.list = list + this.value = value + + if (prev) { + prev.next = this + this.prev = prev + } else { + this.prev = null + } + + if (next) { + next.prev = this + this.next = next + } else { + this.next = null + } +} + +try { + // add if support for Symbol.iterator is present + require('./iterator.js')(Yallist) +} catch (er) {} diff --git a/node_modules/minipass-fetch/package.json b/node_modules/minipass-fetch/package.json new file mode 100644 index 000000000..98effa224 --- /dev/null +++ b/node_modules/minipass-fetch/package.json @@ -0,0 +1,85 @@ +{ + "_from": "minipass-fetch@^1.1.2", + "_id": "minipass-fetch@1.2.1", + "_inBundle": false, + "_integrity": "sha512-ssHt0dkljEDaKmTgQ04DQgx2ag6G2gMPxA5hpcsoeTbfDgRf2fC2gNSRc6kISjD7ckCpHwwQvXxuTBK8402fXg==", + "_location": "/minipass-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass-fetch@^1.1.2", + "name": "minipass-fetch", + "escapedName": "minipass-fetch", + "rawSpec": "^1.1.2", + "saveSpec": null, + "fetchSpec": "^1.1.2" + }, + "_requiredBy": [ + "/npm-registry-fetch", + "/npm-registry-fetch/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-1.2.1.tgz", + "_shasum": "1b97ecb559be56b09812d45b2e9509f1f59ece2f", + "_spec": "minipass-fetch@^1.1.2", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch", + "bugs": { + "url": "https://github.com/npm/minipass-fetch/issues" + }, + "bundleDependencies": false, + "dependencies": { + "encoding": "^0.1.12", + "minipass": "^3.1.0", + "minipass-pipeline": "^1.2.2", + "minipass-sized": "^1.0.3", + "minizlib": "^2.0.0" + }, + "deprecated": false, + "description": "An implementation of window.fetch in Node.js using Minipass streams", + "devDependencies": { + "@ungap/url-search-params": "^0.1.2", + "abort-controller": "^3.0.0", + "abortcontroller-polyfill": "^1.3.0", + "form-data": "^2.5.1", + "parted": "^0.1.1", + "string-to-arraybuffer": "^1.0.2", + "tap": "^14.6.9", + "whatwg-url": "^7.0.0" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js", + "lib/*.js" + ], + "homepage": "https://github.com/npm/minipass-fetch#readme", + "keywords": [ + "fetch", + "minipass", + "node-fetch", + "window.fetch" + ], + "license": "MIT", + "main": "lib/index.js", + "name": "minipass-fetch", + "optionalDependencies": { + "encoding": "^0.1.12" + }, + "repository": { + "type": "git", + "url": "git+https://github.com/npm/minipass-fetch.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "snap": "tap", + "test": "tap" + }, + "tap": { + "coverage-map": "map.js", + "check-coverage": true + }, + "version": "1.2.1" +} diff --git a/node_modules/minipass-flush/LICENSE b/node_modules/minipass-flush/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/minipass-flush/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-flush/README.md b/node_modules/minipass-flush/README.md new file mode 100644 index 000000000..7eea40013 --- /dev/null +++ b/node_modules/minipass-flush/README.md @@ -0,0 +1,47 @@ +# minipass-flush + +A Minipass stream that calls a flush function before emitting 'end' + +## USAGE + +```js +const Flush = require('minipass-flush') +cons f = new Flush({ + flush (cb) { + // call the cb when done, or return a promise + // the 'end' event will wait for it, along with + // close, finish, and prefinish. + // call the cb with an error, or return a rejecting + // promise to emit 'error' instead of doing the 'end' + return rerouteAllEncryptions().then(() => clearAllChannels()) + }, + // all other minipass options accepted as well +}) + +someDataSource.pipe(f).on('end', () => { + // proper flushing has been accomplished +}) + +// Or as a subclass implementing a 'flush' method: +class MyFlush extends Flush { + flush (cb) { + // old fashioned callback style! + rerouteAllEncryptions(er => { + if (er) + return cb(er) + clearAllChannels(er => { + if (er) + cb(er) + cb() + }) + }) + } +} +``` + +That's about it. + +If your `flush` method doesn't have to do anything asynchronous, then it's +better to call the callback right away in this tick, rather than returning +`Promise.resolve()`, so that the `end` event can happen as soon as +possible. diff --git a/node_modules/minipass-flush/index.js b/node_modules/minipass-flush/index.js new file mode 100644 index 000000000..cb2537fa6 --- /dev/null +++ b/node_modules/minipass-flush/index.js @@ -0,0 +1,39 @@ +const Minipass = require('minipass') +const _flush = Symbol('_flush') +const _flushed = Symbol('_flushed') +const _flushing = Symbol('_flushing') +class Flush extends Minipass { + constructor (opt = {}) { + if (typeof opt === 'function') + opt = { flush: opt } + + super(opt) + + // or extend this class and provide a 'flush' method in your subclass + if (typeof opt.flush !== 'function' && typeof this.flush !== 'function') + throw new TypeError('must provide flush function in options') + + this[_flush] = opt.flush || this.flush + } + + emit (ev, ...data) { + if ((ev !== 'end' && ev !== 'finish') || this[_flushed]) + return super.emit(ev, ...data) + + if (this[_flushing]) + return + + this[_flushing] = true + + const afterFlush = er => { + this[_flushed] = true + er ? super.emit('error', er) : super.emit('end') + } + + const ret = this[_flush](afterFlush) + if (ret && ret.then) + ret.then(() => afterFlush(), er => afterFlush(er)) + } +} + +module.exports = Flush diff --git a/node_modules/minipass-flush/node_modules/minipass/LICENSE b/node_modules/minipass-flush/node_modules/minipass/LICENSE new file mode 100644 index 000000000..20a476254 --- /dev/null +++ b/node_modules/minipass-flush/node_modules/minipass/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) npm, Inc. and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-flush/node_modules/minipass/README.md b/node_modules/minipass-flush/node_modules/minipass/README.md new file mode 100644 index 000000000..32ace2fb9 --- /dev/null +++ b/node_modules/minipass-flush/node_modules/minipass/README.md @@ -0,0 +1,606 @@ +# minipass + +A _very_ minimal implementation of a [PassThrough +stream](https://nodejs.org/api/stream.html#stream_class_stream_passthrough) + +[It's very +fast](https://docs.google.com/spreadsheets/d/1oObKSrVwLX_7Ut4Z6g3fZW-AX1j1-k6w-cDsrkaSbHM/edit#gid=0) +for objects, strings, and buffers. + +Supports pipe()ing (including multi-pipe() and backpressure transmission), +buffering data until either a `data` event handler or `pipe()` is added (so +you don't lose the first chunk), and most other cases where PassThrough is +a good idea. + +There is a `read()` method, but it's much more efficient to consume data +from this stream via `'data'` events or by calling `pipe()` into some other +stream. Calling `read()` requires the buffer to be flattened in some +cases, which requires copying memory. + +There is also no `unpipe()` method. Once you start piping, there is no +stopping it! + +If you set `objectMode: true` in the options, then whatever is written will +be emitted. Otherwise, it'll do a minimal amount of Buffer copying to +ensure proper Streams semantics when `read(n)` is called. + +`objectMode` can also be set by doing `stream.objectMode = true`, or by +writing any non-string/non-buffer data. `objectMode` cannot be set to +false once it is set. + +This is not a `through` or `through2` stream. It doesn't transform the +data, it just passes it right through. If you want to transform the data, +extend the class, and override the `write()` method. Once you're done +transforming the data however you want, call `super.write()` with the +transform output. + +For some examples of streams that extend Minipass in various ways, check +out: + +- [minizlib](http://npm.im/minizlib) +- [fs-minipass](http://npm.im/fs-minipass) +- [tar](http://npm.im/tar) +- [minipass-collect](http://npm.im/minipass-collect) +- [minipass-flush](http://npm.im/minipass-flush) +- [minipass-pipeline](http://npm.im/minipass-pipeline) +- [tap](http://npm.im/tap) +- [tap-parser](http://npm.im/tap) +- [treport](http://npm.im/tap) +- [minipass-fetch](http://npm.im/minipass-fetch) + +## Differences from Node.js Streams + +There are several things that make Minipass streams different from (and in +some ways superior to) Node.js core streams. + +Please read these caveats if you are familiar with noode-core streams and +intend to use Minipass streams in your programs. + +### Timing + +Minipass streams are designed to support synchronous use-cases. Thus, data +is emitted as soon as it is available, always. It is buffered until read, +but no longer. Another way to look at it is that Minipass streams are +exactly as synchronous as the logic that writes into them. + +This can be surprising if your code relies on `PassThrough.write()` always +providing data on the next tick rather than the current one, or being able +to call `resume()` and not have the entire buffer disappear immediately. + +However, without this synchronicity guarantee, there would be no way for +Minipass to achieve the speeds it does, or support the synchronous use +cases that it does. Simply put, waiting takes time. + +This non-deferring approach makes Minipass streams much easier to reason +about, especially in the context of Promises and other flow-control +mechanisms. + +### No High/Low Water Marks + +Node.js core streams will optimistically fill up a buffer, returning `true` +on all writes until the limit is hit, even if the data has nowhere to go. +Then, they will not attempt to draw more data in until the buffer size dips +below a minimum value. + +Minipass streams are much simpler. The `write()` method will return `true` +if the data has somewhere to go (which is to say, given the timing +guarantees, that the data is already there by the time `write()` returns). + +If the data has nowhere to go, then `write()` returns false, and the data +sits in a buffer, to be drained out immediately as soon as anyone consumes +it. + +### Hazards of Buffering (or: Why Minipass Is So Fast) + +Since data written to a Minipass stream is immediately written all the way +through the pipeline, and `write()` always returns true/false based on +whether the data was fully flushed, backpressure is communicated +immediately to the upstream caller. This minimizes buffering. + +Consider this case: + +```js +const {PassThrough} = require('stream') +const p1 = new PassThrough({ highWaterMark: 1024 }) +const p2 = new PassThrough({ highWaterMark: 1024 }) +const p3 = new PassThrough({ highWaterMark: 1024 }) +const p4 = new PassThrough({ highWaterMark: 1024 }) + +p1.pipe(p2).pipe(p3).pipe(p4) +p4.on('data', () => console.log('made it through')) + +// this returns false and buffers, then writes to p2 on next tick (1) +// p2 returns false and buffers, pausing p1, then writes to p3 on next tick (2) +// p3 returns false and buffers, pausing p2, then writes to p4 on next tick (3) +// p4 returns false and buffers, pausing p3, then emits 'data' and 'drain' +// on next tick (4) +// p3 sees p4's 'drain' event, and calls resume(), emitting 'resume' and +// 'drain' on next tick (5) +// p2 sees p3's 'drain', calls resume(), emits 'resume' and 'drain' on next tick (6) +// p1 sees p2's 'drain', calls resume(), emits 'resume' and 'drain' on next +// tick (7) + +p1.write(Buffer.alloc(2048)) // returns false +``` + +Along the way, the data was buffered and deferred at each stage, and +multiple event deferrals happened, for an unblocked pipeline where it was +perfectly safe to write all the way through! + +Furthermore, setting a `highWaterMark` of `1024` might lead someone reading +the code to think an advisory maximum of 1KiB is being set for the +pipeline. However, the actual advisory buffering level is the _sum_ of +`highWaterMark` values, since each one has its own bucket. + +Consider the Minipass case: + +```js +const m1 = new Minipass() +const m2 = new Minipass() +const m3 = new Minipass() +const m4 = new Minipass() + +m1.pipe(m2).pipe(m3).pipe(m4) +m4.on('data', () => console.log('made it through')) + +// m1 is flowing, so it writes the data to m2 immediately +// m2 is flowing, so it writes the data to m3 immediately +// m3 is flowing, so it writes the data to m4 immediately +// m4 is flowing, so it fires the 'data' event immediately, returns true +// m4's write returned true, so m3 is still flowing, returns true +// m3's write returned true, so m2 is still flowing, returns true +// m2's write returned true, so m1 is still flowing, returns true +// No event deferrals or buffering along the way! + +m1.write(Buffer.alloc(2048)) // returns true +``` + +It is extremely unlikely that you _don't_ want to buffer any data written, +or _ever_ buffer data that can be flushed all the way through. Neither +node-core streams nor Minipass ever fail to buffer written data, but +node-core streams do a lot of unnecessary buffering and pausing. + +As always, the faster implementation is the one that does less stuff and +waits less time to do it. + +### Immediately emit `end` for empty streams (when not paused) + +If a stream is not paused, and `end()` is called before writing any data +into it, then it will emit `end` immediately. + +If you have logic that occurs on the `end` event which you don't want to +potentially happen immediately (for example, closing file descriptors, +moving on to the next entry in an archive parse stream, etc.) then be sure +to call `stream.pause()` on creation, and then `stream.resume()` once you +are ready to respond to the `end` event. + +### Emit `end` When Asked + +One hazard of immediately emitting `'end'` is that you may not yet have had +a chance to add a listener. In order to avoid this hazard, Minipass +streams safely re-emit the `'end'` event if a new listener is added after +`'end'` has been emitted. + +Ie, if you do `stream.on('end', someFunction)`, and the stream has already +emitted `end`, then it will call the handler right away. (You can think of +this somewhat like attaching a new `.then(fn)` to a previously-resolved +Promise.) + +To prevent calling handlers multiple times who would not expect multiple +ends to occur, all listeners are removed from the `'end'` event whenever it +is emitted. + +### Impact of "immediate flow" on Tee-streams + +A "tee stream" is a stream piping to multiple destinations: + +```js +const tee = new Minipass() +t.pipe(dest1) +t.pipe(dest2) +t.write('foo') // goes to both destinations +``` + +Since Minipass streams _immediately_ process any pending data through the +pipeline when a new pipe destination is added, this can have surprising +effects, especially when a stream comes in from some other function and may +or may not have data in its buffer. + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.pipe(dest1) // 'foo' chunk flows to dest1 immediately, and is gone +src.pipe(dest2) // gets nothing! +``` + +The solution is to create a dedicated tee-stream junction that pipes to +both locations, and then pipe to _that_ instead. + +```js +// Safe example: tee to both places +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.pipe(dest1) +tee.pipe(dest2) +stream.pipe(tee) // tee gets 'foo', pipes to both locations +``` + +The same caveat applies to `on('data')` event listeners. The first one +added will _immediately_ receive all of the data, leaving nothing for the +second: + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.on('data', handler1) // receives 'foo' right away +src.on('data', handler2) // nothing to see here! +``` + +Using a dedicated tee-stream can be used in this case as well: + +```js +// Safe example: tee to both data handlers +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.on('data', handler1) +tee.on('data', handler2) +src.pipe(tee) +``` + +## USAGE + +It's a stream! Use it like a stream and it'll most likely do what you +want. + +```js +const Minipass = require('minipass') +const mp = new Minipass(options) // optional: { encoding, objectMode } +mp.write('foo') +mp.pipe(someOtherStream) +mp.end('bar') +``` + +### OPTIONS + +* `encoding` How would you like the data coming _out_ of the stream to be + encoded? Accepts any values that can be passed to `Buffer.toString()`. +* `objectMode` Emit data exactly as it comes in. This will be flipped on + by default if you write() something other than a string or Buffer at any + point. Setting `objectMode: true` will prevent setting any encoding + value. + +### API + +Implements the user-facing portions of Node.js's `Readable` and `Writable` +streams. + +### Methods + +* `write(chunk, [encoding], [callback])` - Put data in. (Note that, in the + base Minipass class, the same data will come out.) Returns `false` if + the stream will buffer the next write, or true if it's still in "flowing" + mode. +* `end([chunk, [encoding]], [callback])` - Signal that you have no more + data to write. This will queue an `end` event to be fired when all the + data has been consumed. +* `setEncoding(encoding)` - Set the encoding for data coming of the stream. + This can only be done once. +* `pause()` - No more data for a while, please. This also prevents `end` + from being emitted for empty streams until the stream is resumed. +* `resume()` - Resume the stream. If there's data in the buffer, it is all + discarded. Any buffered events are immediately emitted. +* `pipe(dest)` - Send all output to the stream provided. There is no way + to unpipe. When data is emitted, it is immediately written to any and + all pipe destinations. +* `on(ev, fn)`, `emit(ev, fn)` - Minipass streams are EventEmitters. Some + events are given special treatment, however. (See below under "events".) +* `promise()` - Returns a Promise that resolves when the stream emits + `end`, or rejects if the stream emits `error`. +* `collect()` - Return a Promise that resolves on `end` with an array + containing each chunk of data that was emitted, or rejects if the stream + emits `error`. Note that this consumes the stream data. +* `concat()` - Same as `collect()`, but concatenates the data into a single + Buffer object. Will reject the returned promise if the stream is in + objectMode, or if it goes into objectMode by the end of the data. +* `read(n)` - Consume `n` bytes of data out of the buffer. If `n` is not + provided, then consume all of it. If `n` bytes are not available, then + it returns null. **Note** consuming streams in this way is less + efficient, and can lead to unnecessary Buffer copying. +* `destroy([er])` - Destroy the stream. If an error is provided, then an + `'error'` event is emitted. If the stream has a `close()` method, and + has not emitted a `'close'` event yet, then `stream.close()` will be + called. Any Promises returned by `.promise()`, `.collect()` or + `.concat()` will be rejected. After being destroyed, writing to the + stream will emit an error. No more data will be emitted if the stream is + destroyed, even if it was previously buffered. + +### Properties + +* `bufferLength` Read-only. Total number of bytes buffered, or in the case + of objectMode, the total number of objects. +* `encoding` The encoding that has been set. (Setting this is equivalent + to calling `setEncoding(enc)` and has the same prohibition against + setting multiple times.) +* `flowing` Read-only. Boolean indicating whether a chunk written to the + stream will be immediately emitted. +* `emittedEnd` Read-only. Boolean indicating whether the end-ish events + (ie, `end`, `prefinish`, `finish`) have been emitted. Note that + listening on any end-ish event will immediateyl re-emit it if it has + already been emitted. +* `writable` Whether the stream is writable. Default `true`. Set to + `false` when `end()` +* `readable` Whether the stream is readable. Default `true`. +* `buffer` A [yallist](http://npm.im/yallist) linked list of chunks written + to the stream that have not yet been emitted. (It's probably a bad idea + to mess with this.) +* `pipes` A [yallist](http://npm.im/yallist) linked list of streams that + this stream is piping into. (It's probably a bad idea to mess with + this.) +* `destroyed` A getter that indicates whether the stream was destroyed. +* `paused` True if the stream has been explicitly paused, otherwise false. +* `objectMode` Indicates whether the stream is in `objectMode`. Once set + to `true`, it cannot be set to `false`. + +### Events + +* `data` Emitted when there's data to read. Argument is the data to read. + This is never emitted while not flowing. If a listener is attached, that + will resume the stream. +* `end` Emitted when there's no more data to read. This will be emitted + immediately for empty streams when `end()` is called. If a listener is + attached, and `end` was already emitted, then it will be emitted again. + All listeners are removed when `end` is emitted. +* `prefinish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'end'`. +* `finish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'prefinish'`. +* `close` An indication that an underlying resource has been released. + Minipass does not emit this event, but will defer it until after `end` + has been emitted, since it throws off some stream libraries otherwise. +* `drain` Emitted when the internal buffer empties, and it is again + suitable to `write()` into the stream. +* `readable` Emitted when data is buffered and ready to be read by a + consumer. +* `resume` Emitted when stream changes state from buffering to flowing + mode. (Ie, when `resume` is called, `pipe` is called, or a `data` event + listener is added.) + +### Static Methods + +* `Minipass.isStream(stream)` Returns `true` if the argument is a stream, + and false otherwise. To be considered a stream, the object must be + either an instance of Minipass, or an EventEmitter that has either a + `pipe()` method, or both `write()` and `end()` methods. (Pretty much any + stream in node-land will return `true` for this.) + +## EXAMPLES + +Here are some examples of things you can do with Minipass streams. + +### simple "are you done yet" promise + +```js +mp.promise().then(() => { + // stream is finished +}, er => { + // stream emitted an error +}) +``` + +### collecting + +```js +mp.collect().then(all => { + // all is an array of all the data emitted + // encoding is supported in this case, so + // so the result will be a collection of strings if + // an encoding is specified, or buffers/objects if not. + // + // In an async function, you may do + // const data = await stream.collect() +}) +``` + +### collecting into a single blob + +This is a bit slower because it concatenates the data into one chunk for +you, but if you're going to do it yourself anyway, it's convenient this +way: + +```js +mp.concat().then(onebigchunk => { + // onebigchunk is a string if the stream + // had an encoding set, or a buffer otherwise. +}) +``` + +### iteration + +You can iterate over streams synchronously or asynchronously in platforms +that support it. + +Synchronous iteration will end when the currently available data is +consumed, even if the `end` event has not been reached. In string and +buffer mode, the data is concatenated, so unless multiple writes are +occurring in the same tick as the `read()`, sync iteration loops will +generally only have a single iteration. + +To consume chunks in this way exactly as they have been written, with no +flattening, create the stream with the `{ objectMode: true }` option. + +```js +const mp = new Minipass({ objectMode: true }) +mp.write('a') +mp.write('b') +for (let letter of mp) { + console.log(letter) // a, b +} +mp.write('c') +mp.write('d') +for (let letter of mp) { + console.log(letter) // c, d +} +mp.write('e') +mp.end() +for (let letter of mp) { + console.log(letter) // e +} +for (let letter of mp) { + console.log(letter) // nothing +} +``` + +Asynchronous iteration will continue until the end event is reached, +consuming all of the data. + +```js +const mp = new Minipass({ encoding: 'utf8' }) + +// some source of some data +let i = 5 +const inter = setInterval(() => { + if (i --> 0) + mp.write(Buffer.from('foo\n', 'utf8')) + else { + mp.end() + clearInterval(inter) + } +}, 100) + +// consume the data with asynchronous iteration +async function consume () { + for await (let chunk of mp) { + console.log(chunk) + } + return 'ok' +} + +consume().then(res => console.log(res)) +// logs `foo\n` 5 times, and then `ok` +``` + +### subclass that `console.log()`s everything written into it + +```js +class Logger extends Minipass { + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } +} + +someSource.pipe(new Logger()).pipe(someDest) +``` + +### same thing, but using an inline anonymous class + +```js +// js classes are fun +someSource + .pipe(new (class extends Minipass { + emit (ev, ...data) { + // let's also log events, because debugging some weird thing + console.log('EMIT', ev) + return super.emit(ev, ...data) + } + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } + })) + .pipe(someDest) +``` + +### subclass that defers 'end' for some reason + +```js +class SlowEnd extends Minipass { + emit (ev, ...args) { + if (ev === 'end') { + console.log('going to end, hold on a sec') + setTimeout(() => { + console.log('ok, ready to end now') + super.emit('end', ...args) + }, 100) + } else { + return super.emit(ev, ...args) + } + } +} +``` + +### transform that creates newline-delimited JSON + +```js +class NDJSONEncode extends Minipass { + write (obj, cb) { + try { + // JSON.stringify can throw, emit an error on that + return super.write(JSON.stringify(obj) + '\n', 'utf8', cb) + } catch (er) { + this.emit('error', er) + } + } + end (obj, cb) { + if (typeof obj === 'function') { + cb = obj + obj = undefined + } + if (obj !== undefined) { + this.write(obj) + } + return super.end(cb) + } +} +``` + +### transform that parses newline-delimited JSON + +```js +class NDJSONDecode extends Minipass { + constructor (options) { + // always be in object mode, as far as Minipass is concerned + super({ objectMode: true }) + this._jsonBuffer = '' + } + write (chunk, encoding, cb) { + if (typeof chunk === 'string' && + typeof encoding === 'string' && + encoding !== 'utf8') { + chunk = Buffer.from(chunk, encoding).toString() + } else if (Buffer.isBuffer(chunk)) + chunk = chunk.toString() + } + if (typeof encoding === 'function') { + cb = encoding + } + const jsonData = (this._jsonBuffer + chunk).split('\n') + this._jsonBuffer = jsonData.pop() + for (let i = 0; i < jsonData.length; i++) { + let parsed + try { + super.write(parsed) + } catch (er) { + this.emit('error', er) + continue + } + } + if (cb) + cb() + } +} +``` diff --git a/node_modules/minipass-flush/node_modules/minipass/index.js b/node_modules/minipass-flush/node_modules/minipass/index.js new file mode 100644 index 000000000..55ea0f3dd --- /dev/null +++ b/node_modules/minipass-flush/node_modules/minipass/index.js @@ -0,0 +1,538 @@ +'use strict' +const EE = require('events') +const Stream = require('stream') +const Yallist = require('yallist') +const SD = require('string_decoder').StringDecoder + +const EOF = Symbol('EOF') +const MAYBE_EMIT_END = Symbol('maybeEmitEnd') +const EMITTED_END = Symbol('emittedEnd') +const EMITTING_END = Symbol('emittingEnd') +const CLOSED = Symbol('closed') +const READ = Symbol('read') +const FLUSH = Symbol('flush') +const FLUSHCHUNK = Symbol('flushChunk') +const ENCODING = Symbol('encoding') +const DECODER = Symbol('decoder') +const FLOWING = Symbol('flowing') +const PAUSED = Symbol('paused') +const RESUME = Symbol('resume') +const BUFFERLENGTH = Symbol('bufferLength') +const BUFFERPUSH = Symbol('bufferPush') +const BUFFERSHIFT = Symbol('bufferShift') +const OBJECTMODE = Symbol('objectMode') +const DESTROYED = Symbol('destroyed') + +// TODO remove when Node v8 support drops +const doIter = global._MP_NO_ITERATOR_SYMBOLS_ !== '1' +const ASYNCITERATOR = doIter && Symbol.asyncIterator + || Symbol('asyncIterator not implemented') +const ITERATOR = doIter && Symbol.iterator + || Symbol('iterator not implemented') + +// events that mean 'the stream is over' +// these are treated specially, and re-emitted +// if they are listened for after emitting. +const isEndish = ev => + ev === 'end' || + ev === 'finish' || + ev === 'prefinish' + +const isArrayBuffer = b => b instanceof ArrayBuffer || + typeof b === 'object' && + b.constructor && + b.constructor.name === 'ArrayBuffer' && + b.byteLength >= 0 + +const isArrayBufferView = b => !Buffer.isBuffer(b) && ArrayBuffer.isView(b) + +module.exports = class Minipass extends Stream { + constructor (options) { + super() + this[FLOWING] = false + // whether we're explicitly paused + this[PAUSED] = false + this.pipes = new Yallist() + this.buffer = new Yallist() + this[OBJECTMODE] = options && options.objectMode || false + if (this[OBJECTMODE]) + this[ENCODING] = null + else + this[ENCODING] = options && options.encoding || null + if (this[ENCODING] === 'buffer') + this[ENCODING] = null + this[DECODER] = this[ENCODING] ? new SD(this[ENCODING]) : null + this[EOF] = false + this[EMITTED_END] = false + this[EMITTING_END] = false + this[CLOSED] = false + this.writable = true + this.readable = true + this[BUFFERLENGTH] = 0 + this[DESTROYED] = false + } + + get bufferLength () { return this[BUFFERLENGTH] } + + get encoding () { return this[ENCODING] } + set encoding (enc) { + if (this[OBJECTMODE]) + throw new Error('cannot set encoding in objectMode') + + if (this[ENCODING] && enc !== this[ENCODING] && + (this[DECODER] && this[DECODER].lastNeed || this[BUFFERLENGTH])) + throw new Error('cannot change encoding') + + if (this[ENCODING] !== enc) { + this[DECODER] = enc ? new SD(enc) : null + if (this.buffer.length) + this.buffer = this.buffer.map(chunk => this[DECODER].write(chunk)) + } + + this[ENCODING] = enc + } + + setEncoding (enc) { + this.encoding = enc + } + + get objectMode () { return this[OBJECTMODE] } + set objectMode (ॐ ) { this[OBJECTMODE] = this[OBJECTMODE] || !!ॐ } + + write (chunk, encoding, cb) { + if (this[EOF]) + throw new Error('write after end') + + if (this[DESTROYED]) { + this.emit('error', Object.assign( + new Error('Cannot call write after a stream was destroyed'), + { code: 'ERR_STREAM_DESTROYED' } + )) + return true + } + + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + + if (!encoding) + encoding = 'utf8' + + // convert array buffers and typed array views into buffers + // at some point in the future, we may want to do the opposite! + // leave strings and buffers as-is + // anything else switches us into object mode + if (!this[OBJECTMODE] && !Buffer.isBuffer(chunk)) { + if (isArrayBufferView(chunk)) + chunk = Buffer.from(chunk.buffer, chunk.byteOffset, chunk.byteLength) + else if (isArrayBuffer(chunk)) + chunk = Buffer.from(chunk) + else if (typeof chunk !== 'string') + // use the setter so we throw if we have encoding set + this.objectMode = true + } + + // this ensures at this point that the chunk is a buffer or string + // don't buffer it up or send it to the decoder + if (!this.objectMode && !chunk.length) { + const ret = this.flowing + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + return ret + } + + // fast-path writing strings of same encoding to a stream with + // an empty buffer, skipping the buffer/decoder dance + if (typeof chunk === 'string' && !this[OBJECTMODE] && + // unless it is a string already ready for us to use + !(encoding === this[ENCODING] && !this[DECODER].lastNeed)) { + chunk = Buffer.from(chunk, encoding) + } + + if (Buffer.isBuffer(chunk) && this[ENCODING]) + chunk = this[DECODER].write(chunk) + + try { + return this.flowing + ? (this.emit('data', chunk), this.flowing) + : (this[BUFFERPUSH](chunk), false) + } finally { + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + } + } + + read (n) { + if (this[DESTROYED]) + return null + + try { + if (this[BUFFERLENGTH] === 0 || n === 0 || n > this[BUFFERLENGTH]) + return null + + if (this[OBJECTMODE]) + n = null + + if (this.buffer.length > 1 && !this[OBJECTMODE]) { + if (this.encoding) + this.buffer = new Yallist([ + Array.from(this.buffer).join('') + ]) + else + this.buffer = new Yallist([ + Buffer.concat(Array.from(this.buffer), this[BUFFERLENGTH]) + ]) + } + + return this[READ](n || null, this.buffer.head.value) + } finally { + this[MAYBE_EMIT_END]() + } + } + + [READ] (n, chunk) { + if (n === chunk.length || n === null) + this[BUFFERSHIFT]() + else { + this.buffer.head.value = chunk.slice(n) + chunk = chunk.slice(0, n) + this[BUFFERLENGTH] -= n + } + + this.emit('data', chunk) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + + return chunk + } + + end (chunk, encoding, cb) { + if (typeof chunk === 'function') + cb = chunk, chunk = null + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + if (chunk) + this.write(chunk, encoding) + if (cb) + this.once('end', cb) + this[EOF] = true + this.writable = false + + // if we haven't written anything, then go ahead and emit, + // even if we're not reading. + // we'll re-emit if a new 'end' listener is added anyway. + // This makes MP more suitable to write-only use cases. + if (this.flowing || !this[PAUSED]) + this[MAYBE_EMIT_END]() + return this + } + + // don't let the internal resume be overwritten + [RESUME] () { + if (this[DESTROYED]) + return + + this[PAUSED] = false + this[FLOWING] = true + this.emit('resume') + if (this.buffer.length) + this[FLUSH]() + else if (this[EOF]) + this[MAYBE_EMIT_END]() + else + this.emit('drain') + } + + resume () { + return this[RESUME]() + } + + pause () { + this[FLOWING] = false + this[PAUSED] = true + } + + get destroyed () { + return this[DESTROYED] + } + + get flowing () { + return this[FLOWING] + } + + get paused () { + return this[PAUSED] + } + + [BUFFERPUSH] (chunk) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] += 1 + else + this[BUFFERLENGTH] += chunk.length + return this.buffer.push(chunk) + } + + [BUFFERSHIFT] () { + if (this.buffer.length) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] -= 1 + else + this[BUFFERLENGTH] -= this.buffer.head.value.length + } + return this.buffer.shift() + } + + [FLUSH] () { + do {} while (this[FLUSHCHUNK](this[BUFFERSHIFT]())) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + } + + [FLUSHCHUNK] (chunk) { + return chunk ? (this.emit('data', chunk), this.flowing) : false + } + + pipe (dest, opts) { + if (this[DESTROYED]) + return + + const ended = this[EMITTED_END] + opts = opts || {} + if (dest === process.stdout || dest === process.stderr) + opts.end = false + else + opts.end = opts.end !== false + + const p = { dest: dest, opts: opts, ondrain: _ => this[RESUME]() } + this.pipes.push(p) + + dest.on('drain', p.ondrain) + this[RESUME]() + // piping an ended stream ends immediately + if (ended && p.opts.end) + p.dest.end() + return dest + } + + addListener (ev, fn) { + return this.on(ev, fn) + } + + on (ev, fn) { + try { + return super.on(ev, fn) + } finally { + if (ev === 'data' && !this.pipes.length && !this.flowing) + this[RESUME]() + else if (isEndish(ev) && this[EMITTED_END]) { + super.emit(ev) + this.removeAllListeners(ev) + } + } + } + + get emittedEnd () { + return this[EMITTED_END] + } + + [MAYBE_EMIT_END] () { + if (!this[EMITTING_END] && + !this[EMITTED_END] && + !this[DESTROYED] && + this.buffer.length === 0 && + this[EOF]) { + this[EMITTING_END] = true + this.emit('end') + this.emit('prefinish') + this.emit('finish') + if (this[CLOSED]) + this.emit('close') + this[EMITTING_END] = false + } + } + + emit (ev, data) { + // error and close are only events allowed after calling destroy() + if (ev !== 'error' && ev !== 'close' && ev !== DESTROYED && this[DESTROYED]) + return + else if (ev === 'data') { + if (!data) + return + + if (this.pipes.length) + this.pipes.forEach(p => + p.dest.write(data) === false && this.pause()) + } else if (ev === 'end') { + // only actual end gets this treatment + if (this[EMITTED_END] === true) + return + + this[EMITTED_END] = true + this.readable = false + + if (this[DECODER]) { + data = this[DECODER].end() + if (data) { + this.pipes.forEach(p => p.dest.write(data)) + super.emit('data', data) + } + } + + this.pipes.forEach(p => { + p.dest.removeListener('drain', p.ondrain) + if (p.opts.end) + p.dest.end() + }) + } else if (ev === 'close') { + this[CLOSED] = true + // don't emit close before 'end' and 'finish' + if (!this[EMITTED_END] && !this[DESTROYED]) + return + } + + // TODO: replace with a spread operator when Node v4 support drops + const args = new Array(arguments.length) + args[0] = ev + args[1] = data + if (arguments.length > 2) { + for (let i = 2; i < arguments.length; i++) { + args[i] = arguments[i] + } + } + + try { + return super.emit.apply(this, args) + } finally { + if (!isEndish(ev)) + this[MAYBE_EMIT_END]() + else + this.removeAllListeners(ev) + } + } + + // const all = await stream.collect() + collect () { + const buf = [] + if (!this[OBJECTMODE]) + buf.dataLength = 0 + // set the promise first, in case an error is raised + // by triggering the flow here. + const p = this.promise() + this.on('data', c => { + buf.push(c) + if (!this[OBJECTMODE]) + buf.dataLength += c.length + }) + return p.then(() => buf) + } + + // const data = await stream.concat() + concat () { + return this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this.collect().then(buf => + this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this[ENCODING] ? buf.join('') : Buffer.concat(buf, buf.dataLength)) + } + + // stream.promise().then(() => done, er => emitted error) + promise () { + return new Promise((resolve, reject) => { + this.on(DESTROYED, () => reject(new Error('stream destroyed'))) + this.on('end', () => resolve()) + this.on('error', er => reject(er)) + }) + } + + // for await (let chunk of stream) + [ASYNCITERATOR] () { + const next = () => { + const res = this.read() + if (res !== null) + return Promise.resolve({ done: false, value: res }) + + if (this[EOF]) + return Promise.resolve({ done: true }) + + let resolve = null + let reject = null + const onerr = er => { + this.removeListener('data', ondata) + this.removeListener('end', onend) + reject(er) + } + const ondata = value => { + this.removeListener('error', onerr) + this.removeListener('end', onend) + this.pause() + resolve({ value: value, done: !!this[EOF] }) + } + const onend = () => { + this.removeListener('error', onerr) + this.removeListener('data', ondata) + resolve({ done: true }) + } + const ondestroy = () => onerr(new Error('stream destroyed')) + return new Promise((res, rej) => { + reject = rej + resolve = res + this.once(DESTROYED, ondestroy) + this.once('error', onerr) + this.once('end', onend) + this.once('data', ondata) + }) + } + + return { next } + } + + // for (let chunk of stream) + [ITERATOR] () { + const next = () => { + const value = this.read() + const done = value === null + return { value, done } + } + return { next } + } + + destroy (er) { + if (this[DESTROYED]) { + if (er) + this.emit('error', er) + else + this.emit(DESTROYED) + return this + } + + this[DESTROYED] = true + + // throw away all buffered data, it's never coming out + this.buffer = new Yallist() + this[BUFFERLENGTH] = 0 + + if (typeof this.close === 'function' && !this[CLOSED]) + this.close() + + if (er) + this.emit('error', er) + else // if no error to emit, still reject pending promises + this.emit(DESTROYED) + + return this + } + + static isStream (s) { + return !!s && (s instanceof Minipass || s instanceof Stream || + s instanceof EE && ( + typeof s.pipe === 'function' || // readable + (typeof s.write === 'function' && typeof s.end === 'function') // writable + )) + } +} diff --git a/node_modules/minipass-flush/node_modules/minipass/package.json b/node_modules/minipass-flush/node_modules/minipass/package.json new file mode 100644 index 000000000..be84838b6 --- /dev/null +++ b/node_modules/minipass-flush/node_modules/minipass/package.json @@ -0,0 +1,72 @@ +{ + "_from": "minipass@^3.0.0", + "_id": "minipass@3.1.1", + "_inBundle": false, + "_integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "_location": "/minipass-flush/minipass", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass@^3.0.0", + "name": "minipass", + "escapedName": "minipass", + "rawSpec": "^3.0.0", + "saveSpec": null, + "fetchSpec": "^3.0.0" + }, + "_requiredBy": [ + "/minipass-flush" + ], + "_resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "_shasum": "7607ce778472a185ad6d89082aa2070f79cedcd5", + "_spec": "minipass@^3.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-flush", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/minipass/issues" + }, + "bundleDependencies": false, + "dependencies": { + "yallist": "^4.0.0" + }, + "deprecated": false, + "description": "minimal implementation of a PassThrough stream", + "devDependencies": { + "end-of-stream": "^1.4.0", + "tap": "^14.6.5", + "through2": "^2.0.3" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/isaacs/minipass#readme", + "keywords": [ + "passthrough", + "stream" + ], + "license": "ISC", + "main": "index.js", + "name": "minipass", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/minipass.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish --tag=next", + "preversion": "npm test", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "3.1.1" +} diff --git a/node_modules/minipass-flush/node_modules/yallist/LICENSE b/node_modules/minipass-flush/node_modules/yallist/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/minipass-flush/node_modules/yallist/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-flush/node_modules/yallist/README.md b/node_modules/minipass-flush/node_modules/yallist/README.md new file mode 100644 index 000000000..f58610186 --- /dev/null +++ b/node_modules/minipass-flush/node_modules/yallist/README.md @@ -0,0 +1,204 @@ +# yallist + +Yet Another Linked List + +There are many doubly-linked list implementations like it, but this +one is mine. + +For when an array would be too big, and a Map can't be iterated in +reverse order. + + +[](https://travis-ci.org/isaacs/yallist) [](https://coveralls.io/github/isaacs/yallist) + +## basic usage + +```javascript +var yallist = require('yallist') +var myList = yallist.create([1, 2, 3]) +myList.push('foo') +myList.unshift('bar') +// of course pop() and shift() are there, too +console.log(myList.toArray()) // ['bar', 1, 2, 3, 'foo'] +myList.forEach(function (k) { + // walk the list head to tail +}) +myList.forEachReverse(function (k, index, list) { + // walk the list tail to head +}) +var myDoubledList = myList.map(function (k) { + return k + k +}) +// now myDoubledList contains ['barbar', 2, 4, 6, 'foofoo'] +// mapReverse is also a thing +var myDoubledListReverse = myList.mapReverse(function (k) { + return k + k +}) // ['foofoo', 6, 4, 2, 'barbar'] + +var reduced = myList.reduce(function (set, entry) { + set += entry + return set +}, 'start') +console.log(reduced) // 'startfoo123bar' +``` + +## api + +The whole API is considered "public". + +Functions with the same name as an Array method work more or less the +same way. + +There's reverse versions of most things because that's the point. + +### Yallist + +Default export, the class that holds and manages a list. + +Call it with either a forEach-able (like an array) or a set of +arguments, to initialize the list. + +The Array-ish methods all act like you'd expect. No magic length, +though, so if you change that it won't automatically prune or add +empty spots. + +### Yallist.create(..) + +Alias for Yallist function. Some people like factories. + +#### yallist.head + +The first node in the list + +#### yallist.tail + +The last node in the list + +#### yallist.length + +The number of nodes in the list. (Change this at your peril. It is +not magic like Array length.) + +#### yallist.toArray() + +Convert the list to an array. + +#### yallist.forEach(fn, [thisp]) + +Call a function on each item in the list. + +#### yallist.forEachReverse(fn, [thisp]) + +Call a function on each item in the list, in reverse order. + +#### yallist.get(n) + +Get the data at position `n` in the list. If you use this a lot, +probably better off just using an Array. + +#### yallist.getReverse(n) + +Get the data at position `n`, counting from the tail. + +#### yallist.map(fn, thisp) + +Create a new Yallist with the result of calling the function on each +item. + +#### yallist.mapReverse(fn, thisp) + +Same as `map`, but in reverse. + +#### yallist.pop() + +Get the data from the list tail, and remove the tail from the list. + +#### yallist.push(item, ...) + +Insert one or more items to the tail of the list. + +#### yallist.reduce(fn, initialValue) + +Like Array.reduce. + +#### yallist.reduceReverse + +Like Array.reduce, but in reverse. + +#### yallist.reverse + +Reverse the list in place. + +#### yallist.shift() + +Get the data from the list head, and remove the head from the list. + +#### yallist.slice([from], [to]) + +Just like Array.slice, but returns a new Yallist. + +#### yallist.sliceReverse([from], [to]) + +Just like yallist.slice, but the result is returned in reverse. + +#### yallist.toArray() + +Create an array representation of the list. + +#### yallist.toArrayReverse() + +Create a reversed array representation of the list. + +#### yallist.unshift(item, ...) + +Insert one or more items to the head of the list. + +#### yallist.unshiftNode(node) + +Move a Node object to the front of the list. (That is, pull it out of +wherever it lives, and make it the new head.) + +If the node belongs to a different list, then that list will remove it +first. + +#### yallist.pushNode(node) + +Move a Node object to the end of the list. (That is, pull it out of +wherever it lives, and make it the new tail.) + +If the node belongs to a list already, then that list will remove it +first. + +#### yallist.removeNode(node) + +Remove a node from the list, preserving referential integrity of head +and tail and other nodes. + +Will throw an error if you try to have a list remove a node that +doesn't belong to it. + +### Yallist.Node + +The class that holds the data and is actually the list. + +Call with `var n = new Node(value, previousNode, nextNode)` + +Note that if you do direct operations on Nodes themselves, it's very +easy to get into weird states where the list is broken. Be careful :) + +#### node.next + +The next node in the list. + +#### node.prev + +The previous node in the list. + +#### node.value + +The data the node contains. + +#### node.list + +The list to which this node belongs. (Null if it does not belong to +any list.) diff --git a/node_modules/minipass-flush/node_modules/yallist/iterator.js b/node_modules/minipass-flush/node_modules/yallist/iterator.js new file mode 100644 index 000000000..d41c97a19 --- /dev/null +++ b/node_modules/minipass-flush/node_modules/yallist/iterator.js @@ -0,0 +1,8 @@ +'use strict' +module.exports = function (Yallist) { + Yallist.prototype[Symbol.iterator] = function* () { + for (let walker = this.head; walker; walker = walker.next) { + yield walker.value + } + } +} diff --git a/node_modules/minipass-flush/node_modules/yallist/package.json b/node_modules/minipass-flush/node_modules/yallist/package.json new file mode 100644 index 000000000..5bd77baa1 --- /dev/null +++ b/node_modules/minipass-flush/node_modules/yallist/package.json @@ -0,0 +1,62 @@ +{ + "_from": "yallist@^4.0.0", + "_id": "yallist@4.0.0", + "_inBundle": false, + "_integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "_location": "/minipass-flush/yallist", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "yallist@^4.0.0", + "name": "yallist", + "escapedName": "yallist", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/minipass-flush/minipass" + ], + "_resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "_shasum": "9bb92790d9c0effec63be73519e11a35019a3a72", + "_spec": "yallist@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-flush/node_modules/minipass", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/yallist/issues" + }, + "bundleDependencies": false, + "dependencies": {}, + "deprecated": false, + "description": "Yet Another Linked List", + "devDependencies": { + "tap": "^12.1.0" + }, + "directories": { + "test": "test" + }, + "files": [ + "yallist.js", + "iterator.js" + ], + "homepage": "https://github.com/isaacs/yallist#readme", + "license": "ISC", + "main": "yallist.js", + "name": "yallist", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/yallist.git" + }, + "scripts": { + "postpublish": "git push origin --all; git push origin --tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap test/*.js --100" + }, + "version": "4.0.0" +} diff --git a/node_modules/minipass-flush/node_modules/yallist/yallist.js b/node_modules/minipass-flush/node_modules/yallist/yallist.js new file mode 100644 index 000000000..4e83ab1c5 --- /dev/null +++ b/node_modules/minipass-flush/node_modules/yallist/yallist.js @@ -0,0 +1,426 @@ +'use strict' +module.exports = Yallist + +Yallist.Node = Node +Yallist.create = Yallist + +function Yallist (list) { + var self = this + if (!(self instanceof Yallist)) { + self = new Yallist() + } + + self.tail = null + self.head = null + self.length = 0 + + if (list && typeof list.forEach === 'function') { + list.forEach(function (item) { + self.push(item) + }) + } else if (arguments.length > 0) { + for (var i = 0, l = arguments.length; i < l; i++) { + self.push(arguments[i]) + } + } + + return self +} + +Yallist.prototype.removeNode = function (node) { + if (node.list !== this) { + throw new Error('removing node which does not belong to this list') + } + + var next = node.next + var prev = node.prev + + if (next) { + next.prev = prev + } + + if (prev) { + prev.next = next + } + + if (node === this.head) { + this.head = next + } + if (node === this.tail) { + this.tail = prev + } + + node.list.length-- + node.next = null + node.prev = null + node.list = null + + return next +} + +Yallist.prototype.unshiftNode = function (node) { + if (node === this.head) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var head = this.head + node.list = this + node.next = head + if (head) { + head.prev = node + } + + this.head = node + if (!this.tail) { + this.tail = node + } + this.length++ +} + +Yallist.prototype.pushNode = function (node) { + if (node === this.tail) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var tail = this.tail + node.list = this + node.prev = tail + if (tail) { + tail.next = node + } + + this.tail = node + if (!this.head) { + this.head = node + } + this.length++ +} + +Yallist.prototype.push = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + push(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.unshift = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + unshift(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.pop = function () { + if (!this.tail) { + return undefined + } + + var res = this.tail.value + this.tail = this.tail.prev + if (this.tail) { + this.tail.next = null + } else { + this.head = null + } + this.length-- + return res +} + +Yallist.prototype.shift = function () { + if (!this.head) { + return undefined + } + + var res = this.head.value + this.head = this.head.next + if (this.head) { + this.head.prev = null + } else { + this.tail = null + } + this.length-- + return res +} + +Yallist.prototype.forEach = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.head, i = 0; walker !== null; i++) { + fn.call(thisp, walker.value, i, this) + walker = walker.next + } +} + +Yallist.prototype.forEachReverse = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.tail, i = this.length - 1; walker !== null; i--) { + fn.call(thisp, walker.value, i, this) + walker = walker.prev + } +} + +Yallist.prototype.get = function (n) { + for (var i = 0, walker = this.head; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.next + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.getReverse = function (n) { + for (var i = 0, walker = this.tail; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.prev + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.map = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.head; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.next + } + return res +} + +Yallist.prototype.mapReverse = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.tail; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.prev + } + return res +} + +Yallist.prototype.reduce = function (fn, initial) { + var acc + var walker = this.head + if (arguments.length > 1) { + acc = initial + } else if (this.head) { + walker = this.head.next + acc = this.head.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = 0; walker !== null; i++) { + acc = fn(acc, walker.value, i) + walker = walker.next + } + + return acc +} + +Yallist.prototype.reduceReverse = function (fn, initial) { + var acc + var walker = this.tail + if (arguments.length > 1) { + acc = initial + } else if (this.tail) { + walker = this.tail.prev + acc = this.tail.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = this.length - 1; walker !== null; i--) { + acc = fn(acc, walker.value, i) + walker = walker.prev + } + + return acc +} + +Yallist.prototype.toArray = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.head; walker !== null; i++) { + arr[i] = walker.value + walker = walker.next + } + return arr +} + +Yallist.prototype.toArrayReverse = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.tail; walker !== null; i++) { + arr[i] = walker.value + walker = walker.prev + } + return arr +} + +Yallist.prototype.slice = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = 0, walker = this.head; walker !== null && i < from; i++) { + walker = walker.next + } + for (; walker !== null && i < to; i++, walker = walker.next) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.sliceReverse = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = this.length, walker = this.tail; walker !== null && i > to; i--) { + walker = walker.prev + } + for (; walker !== null && i > from; i--, walker = walker.prev) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.splice = function (start, deleteCount, ...nodes) { + if (start > this.length) { + start = this.length - 1 + } + if (start < 0) { + start = this.length + start; + } + + for (var i = 0, walker = this.head; walker !== null && i < start; i++) { + walker = walker.next + } + + var ret = [] + for (var i = 0; walker && i < deleteCount; i++) { + ret.push(walker.value) + walker = this.removeNode(walker) + } + if (walker === null) { + walker = this.tail + } + + if (walker !== this.head && walker !== this.tail) { + walker = walker.prev + } + + for (var i = 0; i < nodes.length; i++) { + walker = insert(this, walker, nodes[i]) + } + return ret; +} + +Yallist.prototype.reverse = function () { + var head = this.head + var tail = this.tail + for (var walker = head; walker !== null; walker = walker.prev) { + var p = walker.prev + walker.prev = walker.next + walker.next = p + } + this.head = tail + this.tail = head + return this +} + +function insert (self, node, value) { + var inserted = node === self.head ? + new Node(value, null, node, self) : + new Node(value, node, node.next, self) + + if (inserted.next === null) { + self.tail = inserted + } + if (inserted.prev === null) { + self.head = inserted + } + + self.length++ + + return inserted +} + +function push (self, item) { + self.tail = new Node(item, self.tail, null, self) + if (!self.head) { + self.head = self.tail + } + self.length++ +} + +function unshift (self, item) { + self.head = new Node(item, null, self.head, self) + if (!self.tail) { + self.tail = self.head + } + self.length++ +} + +function Node (value, prev, next, list) { + if (!(this instanceof Node)) { + return new Node(value, prev, next, list) + } + + this.list = list + this.value = value + + if (prev) { + prev.next = this + this.prev = prev + } else { + this.prev = null + } + + if (next) { + next.prev = this + this.next = next + } else { + this.next = null + } +} + +try { + // add if support for Symbol.iterator is present + require('./iterator.js')(Yallist) +} catch (er) {} diff --git a/node_modules/minipass-flush/package.json b/node_modules/minipass-flush/package.json new file mode 100644 index 000000000..aa471f49e --- /dev/null +++ b/node_modules/minipass-flush/package.json @@ -0,0 +1,73 @@ +{ + "_from": "minipass-flush@^1.0.5", + "_id": "minipass-flush@1.0.5", + "_inBundle": false, + "_integrity": "sha512-JmQSYYpPUqX5Jyn1mXaRwOda1uQ8HP5KAT/oDSLCzt1BYRhQU0/hDtsB1ufZfEEzMZ9aAVmsBw8+FWsIXlClWw==", + "_location": "/minipass-flush", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass-flush@^1.0.5", + "name": "minipass-flush", + "escapedName": "minipass-flush", + "rawSpec": "^1.0.5", + "saveSpec": null, + "fetchSpec": "^1.0.5" + }, + "_requiredBy": [ + "/npm-registry-fetch/cacache", + "/npm-registry-fetch/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/minipass-flush/-/minipass-flush-1.0.5.tgz", + "_shasum": "82e7135d7e89a50ffe64610a787953c4c4cbb373", + "_spec": "minipass-flush@^1.0.5", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/make-fetch-happen", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "https://izs.me" + }, + "bugs": { + "url": "https://github.com/isaacs/minipass-flush/issues" + }, + "bundleDependencies": false, + "dependencies": { + "minipass": "^3.0.0" + }, + "deprecated": false, + "description": "A Minipass stream that calls a flush function before emitting 'end'", + "devDependencies": { + "tap": "^14.6.9" + }, + "engines": { + "node": ">= 8" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/isaacs/minipass-flush#readme", + "keywords": [ + "minipass", + "flush", + "stream" + ], + "license": "ISC", + "main": "index.js", + "name": "minipass-flush", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/minipass-flush.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "snap": "tap", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "1.0.5" +} diff --git a/node_modules/minipass-json-stream/LICENSE b/node_modules/minipass-json-stream/LICENSE new file mode 100644 index 000000000..2781a897b --- /dev/null +++ b/node_modules/minipass-json-stream/LICENSE @@ -0,0 +1,27 @@ +The MIT License + +Copyright (c) Isaac Z. Schlueter and Contributors +Copyright (c) 2011 Dominic Tarr + +Permission is hereby granted, free of charge, to any person obtaining a +copy of this software and associated documentation files (the "Software"), +to deal in the Software without restriction, including without limitation +the rights to use, copy, modify, merge, publish, distribute, sublicense, +and/or sell copies of the Software, and to permit persons to whom the +Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. + +---- +This is a derivative work based on JSONStream by Dominic Tarr, modified and +redistributed according to the terms of the MIT license above. +https://github.com/dominictarr/JSONStream diff --git a/node_modules/minipass-json-stream/README.md b/node_modules/minipass-json-stream/README.md new file mode 100644 index 000000000..79864a778 --- /dev/null +++ b/node_modules/minipass-json-stream/README.md @@ -0,0 +1,189 @@ +# minipass-json-stream + +Like [JSONStream](http://npm.im/JSONStream), but using Minipass streams + +## install + +``` +npm install minipass-json-stream +``` + +## example + +```js + +const request = require('request') +const JSONStream = require('minipass-json-stream') +const es = require('event-stream') + +request({url: 'http://isaacs.couchone.com/registry/_all_docs'}) + .pipe(JSONStream.parse('rows.*')) + .pipe(es.mapSync(function (data) { + console.error(data) + return data + })) +``` + +## new JSONStream(options) + +Create a new stream. This is a [minipass](http://npm.im/minipass) stream +that is always set in `objectMode`. It emits objects parsed out of +string/buffer JSON input that match the supplied `path` option. + +## JSONStream.parse(path) + +Return a new JSONStream object to stream values that match a path. + +(Equivalent to `new JSONStream({path})`.) + +``` js +JSONStream.parse('rows.*.doc') +``` + +The `..` operator is the recursive descent operator from +[JSONPath](http://goessner.net/articles/JsonPath/), which will match a +child at any depth (see examples below). + +If your keys have keys that include `.` or `*` etc, use an array instead. +`['row', true, /^doc/]`. + +If you use an array, `RegExp`s, booleans, and/or functions. The `..` +operator is also available in array representation, using `{recurse: +true}`. any object that matches the path will be emitted as 'data' (and +`pipe`d down stream) + +If `path` is empty or null, no 'data' events are emitted. + +If you want to have keys emitted, you can prefix your `*` operator with +`$`: `obj.$*` - in this case the data passed to the stream is an object +with a `key` holding the key and a `value` property holding the data. + +### Examples + +query a couchdb view: + +``` bash +curl -sS localhost:5984/tests/_all_docs&include_docs=true +``` +you will get something like this: + +``` js +{"total_rows":129,"offset":0,"rows":[ + { "id":"change1_0.6995461115147918" + , "key":"change1_0.6995461115147918" + , "value":{"rev":"1-e240bae28c7bb3667f02760f6398d508"} + , "doc":{ + "_id": "change1_0.6995461115147918" + , "_rev": "1-e240bae28c7bb3667f02760f6398d508","hello":1} + }, + { "id":"change2_0.6995461115147918" + , "key":"change2_0.6995461115147918" + , "value":{"rev":"1-13677d36b98c0c075145bb8975105153"} + , "doc":{ + "_id":"change2_0.6995461115147918" + , "_rev":"1-13677d36b98c0c075145bb8975105153" + , "hello":2 + } + }, +]} +``` + +we are probably most interested in the `rows.*.doc` + +create a `JSONStream` that parses the documents from the feed like this: + +``` js +var stream = JSONStream.parse(['rows', true, 'doc']) //rows, ANYTHING, doc + +stream.on('data', function(data) { + console.log('received:', data); +}); + +//emits anything from _before_ the first match +stream.on('header', function (data) { + console.log('header:', data) // => {"total_rows":129,"offset":0} +}) +``` + +awesome! + +In case you wanted the contents the doc emitted: + +``` js +// equivalent to: 'rows.*.doc.$*' +var stream = JSONStream.parse([ + 'rows', + true, + 'doc', + {emitKey: true} +]) //rows, ANYTHING, doc, items in docs with keys + +stream.on('data', function(data) { + console.log('key:', data.key); + console.log('value:', data.value); +}); +``` + +You can also emit the path: + +``` js +var stream = JSONStream.parse([ + 'rows', + true, + 'doc', + {emitPath: true} +]) //rows, ANYTHING, doc, items in docs with keys + +stream.on('data', function(data) { + console.log('path:', data.path); + console.log('value:', data.value); +}); +``` + +### recursive patterns (..) + +`JSONStream.parse('docs..value')` +(or `JSONStream.parse(['docs', {recurse: true}, 'value'])` using an array) +will emit every `value` object that is a child, grand-child, etc. of the +`docs` object. In this example, it will match exactly 5 times at various depth +levels, emitting 0, 1, 2, 3 and 4 as results. + +```js +{ + "total": 5, + "docs": [ + { + "key": { + "value": 0, + "some": "property" + } + }, + {"value": 1}, + {"value": 2}, + {"blbl": [{}, {"a":0, "b":1, "value":3}, 10]}, + {"value": 4} + ] +} +``` + +## JSONStream.parse(pattern, map) + +(Equivalent to `new JSONStream({ pattern, map })`) + +provide a function that can be used to map or filter +the json output. `map` is passed the value at that node of the pattern, +if `map` return non-nullish (anything but `null` or `undefined`) +that value will be emitted in the stream. If it returns a nullish value, +nothing will be emitted. + +`JSONStream` also emits `'header'` and `'footer'` events, +the `'header'` event contains anything in the output that was before +the first match, and the `'footer'`, is anything after the last match. + +## Acknowlegements + +This module is a fork of [JSONStream](http://npm.im/JSONStream) by Dominic +Tarr, modified and redistributed under the terms of the MIT license. + +this module depends on https://github.com/creationix/jsonparse +by Tim Caswell diff --git a/node_modules/minipass-json-stream/index.js b/node_modules/minipass-json-stream/index.js new file mode 100644 index 000000000..5168d1322 --- /dev/null +++ b/node_modules/minipass-json-stream/index.js @@ -0,0 +1,227 @@ +// put javascript in here +'use strict' + +const Parser = require('jsonparse') +const Minipass = require('minipass') + +class JSONStreamError extends Error { + constructor (err, caller) { + super(err.message) + Error.captureStackTrace(this, caller || this.constructor) + } + get name () { + return 'JSONStreamError' + } + set name (n) {} +} + +const check = (x, y) => + typeof x === 'string' ? String(y) === x + : x && typeof x.test === 'function' ? x.test(y) + : typeof x === 'boolean' || typeof x === 'object' ? x + : typeof x === 'function' ? x(y) + : false + +const _parser = Symbol('_parser') +const _onValue = Symbol('_onValue') +const _onTokenOriginal = Symbol('_onTokenOriginal') +const _onToken = Symbol('_onToken') +const _onError = Symbol('_onError') +const _count = Symbol('_count') +const _path = Symbol('_path') +const _map = Symbol('_map') +const _root = Symbol('_root') +const _header = Symbol('_header') +const _footer = Symbol('_footer') +const _setHeaderFooter = Symbol('_setHeaderFooter') +const _ending = Symbol('_ending') + +class JSONStream extends Minipass { + constructor (opts = {}) { + super({ + ...opts, + objectMode: true, + }) + + this[_ending] = false + const parser = this[_parser] = new Parser() + parser.onValue = value => this[_onValue](value) + this[_onTokenOriginal] = parser.onToken + parser.onToken = (token, value) => this[_onToken](token, value) + parser.onError = er => this[_onError](er) + + this[_count] = 0 + this[_path] = typeof opts.path === 'string' + ? opts.path.split('.').map(e => + e === '$*' ? { emitKey: true } + : e === '*' ? true + : e === '' ? { recurse: true } + : e) + : Array.isArray(opts.path) && opts.path.length ? opts.path + : null + + this[_map] = typeof opts.map === 'function' ? opts.map : null + this[_root] = null + this[_header] = null + this[_footer] = null + this[_count] = 0 + } + + [_setHeaderFooter] (key, value) { + // header has not been emitted yet + if (this[_header] !== false) { + this[_header] = this[_header] || {} + this[_header][key] = value + } + + // footer has not been emitted yet but header has + if (this[_footer] !== false && this[_header] === false) { + this[_footer] = this[_footer] || {} + this[_footer][key] = value + } + } + + [_onError] (er) { + // error will always happen during a write() call. + const caller = this[_ending] ? this.end : this.write + this[_ending] = false + return this.emit('error', new JSONStreamError(er, caller)) + } + + [_onToken] (token, value) { + const parser = this[_parser] + this[_onTokenOriginal].call(parser, token, value) + if (parser.stack.length === 0) { + if (this[_root]) { + const root = this[_root] + if (!this[_path]) + super.write(root) + this[_root] = null + this[_count] = 0 + } + } + } + + [_onValue] (value) { + const parser = this[_parser] + // the LAST onValue encountered is the root object. + // just overwrite it each time. + this[_root] = value + + if(!this[_path]) return + + let i = 0 // iterates on path + let j = 0 // iterates on stack + let emitKey = false + let emitPath = false + while (i < this[_path].length) { + const key = this[_path][i] + j++ + + if (key && !key.recurse) { + const c = (j === parser.stack.length) ? parser : parser.stack[j] + if (!c) return + if (!check(key, c.key)) { + this[_setHeaderFooter](c.key, value) + return + } + emitKey = !!key.emitKey; + emitPath = !!key.emitPath; + i++ + } else { + i++ + if (i >= this[_path].length) + return + const nextKey = this[_path][i] + if (!nextKey) + return + while (true) { + const c = (j === parser.stack.length) ? parser : parser.stack[j] + if (!c) return + if (check(nextKey, c.key)) { + i++ + if (!Object.isFrozen(parser.stack[j])) + parser.stack[j].value = null + break + } else { + this[_setHeaderFooter](c.key, value) + } + j++ + } + } + } + + // emit header + if (this[_header]) { + const header = this[_header] + this[_header] = false + this.emit('header', header) + } + if (j !== parser.stack.length) return + + this[_count] ++ + const actualPath = parser.stack.slice(1) + .map(e => e.key).concat([parser.key]) + if (value !== null && value !== undefined) { + const data = this[_map] ? this[_map](value, actualPath) : value + if (data !== null && data !== undefined) { + const emit = emitKey || emitPath ? { value: data } : data + if (emitKey) + emit.key = parser.key + if (emitPath) + emit.path = actualPath + super.write(emit) + } + } + + if (parser.value) + delete parser.value[parser.key] + + for (const k of parser.stack) { + k.value = null + } + } + + write (chunk, encoding, cb) { + if (typeof encoding === 'function') + cb = encoding, encoding = null + if (typeof chunk === 'string') + chunk = Buffer.from(chunk, encoding) + else if (!Buffer.isBuffer(chunk)) + return this.emit('error', new TypeError( + 'Can only parse JSON from string or buffer input')) + this[_parser].write(chunk) + if (cb) + cb() + return this.flowing + } + + end (chunk, encoding, cb) { + this[_ending] = true + if (typeof encoding === 'function') + cb = encoding, encoding = null + if (typeof chunk === 'function') + cb = chunk, chunk = null + if (chunk) + this.write(chunk, encoding) + if (cb) + this.once('end', cb) + + const h = this[_header] + this[_header] = null + const f = this[_footer] + this[_footer] = null + if (h) + this.emit('header', h) + if (f) + this.emit('footer', f) + return super.end() + } + + static get JSONStreamError () { return JSONStreamError } + static parse (path, map) { + return new JSONStream({path, map}) + } +} + +module.exports = JSONStream diff --git a/node_modules/minipass-json-stream/node_modules/minipass/LICENSE b/node_modules/minipass-json-stream/node_modules/minipass/LICENSE new file mode 100644 index 000000000..20a476254 --- /dev/null +++ b/node_modules/minipass-json-stream/node_modules/minipass/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) npm, Inc. and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-json-stream/node_modules/minipass/README.md b/node_modules/minipass-json-stream/node_modules/minipass/README.md new file mode 100644 index 000000000..32ace2fb9 --- /dev/null +++ b/node_modules/minipass-json-stream/node_modules/minipass/README.md @@ -0,0 +1,606 @@ +# minipass + +A _very_ minimal implementation of a [PassThrough +stream](https://nodejs.org/api/stream.html#stream_class_stream_passthrough) + +[It's very +fast](https://docs.google.com/spreadsheets/d/1oObKSrVwLX_7Ut4Z6g3fZW-AX1j1-k6w-cDsrkaSbHM/edit#gid=0) +for objects, strings, and buffers. + +Supports pipe()ing (including multi-pipe() and backpressure transmission), +buffering data until either a `data` event handler or `pipe()` is added (so +you don't lose the first chunk), and most other cases where PassThrough is +a good idea. + +There is a `read()` method, but it's much more efficient to consume data +from this stream via `'data'` events or by calling `pipe()` into some other +stream. Calling `read()` requires the buffer to be flattened in some +cases, which requires copying memory. + +There is also no `unpipe()` method. Once you start piping, there is no +stopping it! + +If you set `objectMode: true` in the options, then whatever is written will +be emitted. Otherwise, it'll do a minimal amount of Buffer copying to +ensure proper Streams semantics when `read(n)` is called. + +`objectMode` can also be set by doing `stream.objectMode = true`, or by +writing any non-string/non-buffer data. `objectMode` cannot be set to +false once it is set. + +This is not a `through` or `through2` stream. It doesn't transform the +data, it just passes it right through. If you want to transform the data, +extend the class, and override the `write()` method. Once you're done +transforming the data however you want, call `super.write()` with the +transform output. + +For some examples of streams that extend Minipass in various ways, check +out: + +- [minizlib](http://npm.im/minizlib) +- [fs-minipass](http://npm.im/fs-minipass) +- [tar](http://npm.im/tar) +- [minipass-collect](http://npm.im/minipass-collect) +- [minipass-flush](http://npm.im/minipass-flush) +- [minipass-pipeline](http://npm.im/minipass-pipeline) +- [tap](http://npm.im/tap) +- [tap-parser](http://npm.im/tap) +- [treport](http://npm.im/tap) +- [minipass-fetch](http://npm.im/minipass-fetch) + +## Differences from Node.js Streams + +There are several things that make Minipass streams different from (and in +some ways superior to) Node.js core streams. + +Please read these caveats if you are familiar with noode-core streams and +intend to use Minipass streams in your programs. + +### Timing + +Minipass streams are designed to support synchronous use-cases. Thus, data +is emitted as soon as it is available, always. It is buffered until read, +but no longer. Another way to look at it is that Minipass streams are +exactly as synchronous as the logic that writes into them. + +This can be surprising if your code relies on `PassThrough.write()` always +providing data on the next tick rather than the current one, or being able +to call `resume()` and not have the entire buffer disappear immediately. + +However, without this synchronicity guarantee, there would be no way for +Minipass to achieve the speeds it does, or support the synchronous use +cases that it does. Simply put, waiting takes time. + +This non-deferring approach makes Minipass streams much easier to reason +about, especially in the context of Promises and other flow-control +mechanisms. + +### No High/Low Water Marks + +Node.js core streams will optimistically fill up a buffer, returning `true` +on all writes until the limit is hit, even if the data has nowhere to go. +Then, they will not attempt to draw more data in until the buffer size dips +below a minimum value. + +Minipass streams are much simpler. The `write()` method will return `true` +if the data has somewhere to go (which is to say, given the timing +guarantees, that the data is already there by the time `write()` returns). + +If the data has nowhere to go, then `write()` returns false, and the data +sits in a buffer, to be drained out immediately as soon as anyone consumes +it. + +### Hazards of Buffering (or: Why Minipass Is So Fast) + +Since data written to a Minipass stream is immediately written all the way +through the pipeline, and `write()` always returns true/false based on +whether the data was fully flushed, backpressure is communicated +immediately to the upstream caller. This minimizes buffering. + +Consider this case: + +```js +const {PassThrough} = require('stream') +const p1 = new PassThrough({ highWaterMark: 1024 }) +const p2 = new PassThrough({ highWaterMark: 1024 }) +const p3 = new PassThrough({ highWaterMark: 1024 }) +const p4 = new PassThrough({ highWaterMark: 1024 }) + +p1.pipe(p2).pipe(p3).pipe(p4) +p4.on('data', () => console.log('made it through')) + +// this returns false and buffers, then writes to p2 on next tick (1) +// p2 returns false and buffers, pausing p1, then writes to p3 on next tick (2) +// p3 returns false and buffers, pausing p2, then writes to p4 on next tick (3) +// p4 returns false and buffers, pausing p3, then emits 'data' and 'drain' +// on next tick (4) +// p3 sees p4's 'drain' event, and calls resume(), emitting 'resume' and +// 'drain' on next tick (5) +// p2 sees p3's 'drain', calls resume(), emits 'resume' and 'drain' on next tick (6) +// p1 sees p2's 'drain', calls resume(), emits 'resume' and 'drain' on next +// tick (7) + +p1.write(Buffer.alloc(2048)) // returns false +``` + +Along the way, the data was buffered and deferred at each stage, and +multiple event deferrals happened, for an unblocked pipeline where it was +perfectly safe to write all the way through! + +Furthermore, setting a `highWaterMark` of `1024` might lead someone reading +the code to think an advisory maximum of 1KiB is being set for the +pipeline. However, the actual advisory buffering level is the _sum_ of +`highWaterMark` values, since each one has its own bucket. + +Consider the Minipass case: + +```js +const m1 = new Minipass() +const m2 = new Minipass() +const m3 = new Minipass() +const m4 = new Minipass() + +m1.pipe(m2).pipe(m3).pipe(m4) +m4.on('data', () => console.log('made it through')) + +// m1 is flowing, so it writes the data to m2 immediately +// m2 is flowing, so it writes the data to m3 immediately +// m3 is flowing, so it writes the data to m4 immediately +// m4 is flowing, so it fires the 'data' event immediately, returns true +// m4's write returned true, so m3 is still flowing, returns true +// m3's write returned true, so m2 is still flowing, returns true +// m2's write returned true, so m1 is still flowing, returns true +// No event deferrals or buffering along the way! + +m1.write(Buffer.alloc(2048)) // returns true +``` + +It is extremely unlikely that you _don't_ want to buffer any data written, +or _ever_ buffer data that can be flushed all the way through. Neither +node-core streams nor Minipass ever fail to buffer written data, but +node-core streams do a lot of unnecessary buffering and pausing. + +As always, the faster implementation is the one that does less stuff and +waits less time to do it. + +### Immediately emit `end` for empty streams (when not paused) + +If a stream is not paused, and `end()` is called before writing any data +into it, then it will emit `end` immediately. + +If you have logic that occurs on the `end` event which you don't want to +potentially happen immediately (for example, closing file descriptors, +moving on to the next entry in an archive parse stream, etc.) then be sure +to call `stream.pause()` on creation, and then `stream.resume()` once you +are ready to respond to the `end` event. + +### Emit `end` When Asked + +One hazard of immediately emitting `'end'` is that you may not yet have had +a chance to add a listener. In order to avoid this hazard, Minipass +streams safely re-emit the `'end'` event if a new listener is added after +`'end'` has been emitted. + +Ie, if you do `stream.on('end', someFunction)`, and the stream has already +emitted `end`, then it will call the handler right away. (You can think of +this somewhat like attaching a new `.then(fn)` to a previously-resolved +Promise.) + +To prevent calling handlers multiple times who would not expect multiple +ends to occur, all listeners are removed from the `'end'` event whenever it +is emitted. + +### Impact of "immediate flow" on Tee-streams + +A "tee stream" is a stream piping to multiple destinations: + +```js +const tee = new Minipass() +t.pipe(dest1) +t.pipe(dest2) +t.write('foo') // goes to both destinations +``` + +Since Minipass streams _immediately_ process any pending data through the +pipeline when a new pipe destination is added, this can have surprising +effects, especially when a stream comes in from some other function and may +or may not have data in its buffer. + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.pipe(dest1) // 'foo' chunk flows to dest1 immediately, and is gone +src.pipe(dest2) // gets nothing! +``` + +The solution is to create a dedicated tee-stream junction that pipes to +both locations, and then pipe to _that_ instead. + +```js +// Safe example: tee to both places +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.pipe(dest1) +tee.pipe(dest2) +stream.pipe(tee) // tee gets 'foo', pipes to both locations +``` + +The same caveat applies to `on('data')` event listeners. The first one +added will _immediately_ receive all of the data, leaving nothing for the +second: + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.on('data', handler1) // receives 'foo' right away +src.on('data', handler2) // nothing to see here! +``` + +Using a dedicated tee-stream can be used in this case as well: + +```js +// Safe example: tee to both data handlers +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.on('data', handler1) +tee.on('data', handler2) +src.pipe(tee) +``` + +## USAGE + +It's a stream! Use it like a stream and it'll most likely do what you +want. + +```js +const Minipass = require('minipass') +const mp = new Minipass(options) // optional: { encoding, objectMode } +mp.write('foo') +mp.pipe(someOtherStream) +mp.end('bar') +``` + +### OPTIONS + +* `encoding` How would you like the data coming _out_ of the stream to be + encoded? Accepts any values that can be passed to `Buffer.toString()`. +* `objectMode` Emit data exactly as it comes in. This will be flipped on + by default if you write() something other than a string or Buffer at any + point. Setting `objectMode: true` will prevent setting any encoding + value. + +### API + +Implements the user-facing portions of Node.js's `Readable` and `Writable` +streams. + +### Methods + +* `write(chunk, [encoding], [callback])` - Put data in. (Note that, in the + base Minipass class, the same data will come out.) Returns `false` if + the stream will buffer the next write, or true if it's still in "flowing" + mode. +* `end([chunk, [encoding]], [callback])` - Signal that you have no more + data to write. This will queue an `end` event to be fired when all the + data has been consumed. +* `setEncoding(encoding)` - Set the encoding for data coming of the stream. + This can only be done once. +* `pause()` - No more data for a while, please. This also prevents `end` + from being emitted for empty streams until the stream is resumed. +* `resume()` - Resume the stream. If there's data in the buffer, it is all + discarded. Any buffered events are immediately emitted. +* `pipe(dest)` - Send all output to the stream provided. There is no way + to unpipe. When data is emitted, it is immediately written to any and + all pipe destinations. +* `on(ev, fn)`, `emit(ev, fn)` - Minipass streams are EventEmitters. Some + events are given special treatment, however. (See below under "events".) +* `promise()` - Returns a Promise that resolves when the stream emits + `end`, or rejects if the stream emits `error`. +* `collect()` - Return a Promise that resolves on `end` with an array + containing each chunk of data that was emitted, or rejects if the stream + emits `error`. Note that this consumes the stream data. +* `concat()` - Same as `collect()`, but concatenates the data into a single + Buffer object. Will reject the returned promise if the stream is in + objectMode, or if it goes into objectMode by the end of the data. +* `read(n)` - Consume `n` bytes of data out of the buffer. If `n` is not + provided, then consume all of it. If `n` bytes are not available, then + it returns null. **Note** consuming streams in this way is less + efficient, and can lead to unnecessary Buffer copying. +* `destroy([er])` - Destroy the stream. If an error is provided, then an + `'error'` event is emitted. If the stream has a `close()` method, and + has not emitted a `'close'` event yet, then `stream.close()` will be + called. Any Promises returned by `.promise()`, `.collect()` or + `.concat()` will be rejected. After being destroyed, writing to the + stream will emit an error. No more data will be emitted if the stream is + destroyed, even if it was previously buffered. + +### Properties + +* `bufferLength` Read-only. Total number of bytes buffered, or in the case + of objectMode, the total number of objects. +* `encoding` The encoding that has been set. (Setting this is equivalent + to calling `setEncoding(enc)` and has the same prohibition against + setting multiple times.) +* `flowing` Read-only. Boolean indicating whether a chunk written to the + stream will be immediately emitted. +* `emittedEnd` Read-only. Boolean indicating whether the end-ish events + (ie, `end`, `prefinish`, `finish`) have been emitted. Note that + listening on any end-ish event will immediateyl re-emit it if it has + already been emitted. +* `writable` Whether the stream is writable. Default `true`. Set to + `false` when `end()` +* `readable` Whether the stream is readable. Default `true`. +* `buffer` A [yallist](http://npm.im/yallist) linked list of chunks written + to the stream that have not yet been emitted. (It's probably a bad idea + to mess with this.) +* `pipes` A [yallist](http://npm.im/yallist) linked list of streams that + this stream is piping into. (It's probably a bad idea to mess with + this.) +* `destroyed` A getter that indicates whether the stream was destroyed. +* `paused` True if the stream has been explicitly paused, otherwise false. +* `objectMode` Indicates whether the stream is in `objectMode`. Once set + to `true`, it cannot be set to `false`. + +### Events + +* `data` Emitted when there's data to read. Argument is the data to read. + This is never emitted while not flowing. If a listener is attached, that + will resume the stream. +* `end` Emitted when there's no more data to read. This will be emitted + immediately for empty streams when `end()` is called. If a listener is + attached, and `end` was already emitted, then it will be emitted again. + All listeners are removed when `end` is emitted. +* `prefinish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'end'`. +* `finish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'prefinish'`. +* `close` An indication that an underlying resource has been released. + Minipass does not emit this event, but will defer it until after `end` + has been emitted, since it throws off some stream libraries otherwise. +* `drain` Emitted when the internal buffer empties, and it is again + suitable to `write()` into the stream. +* `readable` Emitted when data is buffered and ready to be read by a + consumer. +* `resume` Emitted when stream changes state from buffering to flowing + mode. (Ie, when `resume` is called, `pipe` is called, or a `data` event + listener is added.) + +### Static Methods + +* `Minipass.isStream(stream)` Returns `true` if the argument is a stream, + and false otherwise. To be considered a stream, the object must be + either an instance of Minipass, or an EventEmitter that has either a + `pipe()` method, or both `write()` and `end()` methods. (Pretty much any + stream in node-land will return `true` for this.) + +## EXAMPLES + +Here are some examples of things you can do with Minipass streams. + +### simple "are you done yet" promise + +```js +mp.promise().then(() => { + // stream is finished +}, er => { + // stream emitted an error +}) +``` + +### collecting + +```js +mp.collect().then(all => { + // all is an array of all the data emitted + // encoding is supported in this case, so + // so the result will be a collection of strings if + // an encoding is specified, or buffers/objects if not. + // + // In an async function, you may do + // const data = await stream.collect() +}) +``` + +### collecting into a single blob + +This is a bit slower because it concatenates the data into one chunk for +you, but if you're going to do it yourself anyway, it's convenient this +way: + +```js +mp.concat().then(onebigchunk => { + // onebigchunk is a string if the stream + // had an encoding set, or a buffer otherwise. +}) +``` + +### iteration + +You can iterate over streams synchronously or asynchronously in platforms +that support it. + +Synchronous iteration will end when the currently available data is +consumed, even if the `end` event has not been reached. In string and +buffer mode, the data is concatenated, so unless multiple writes are +occurring in the same tick as the `read()`, sync iteration loops will +generally only have a single iteration. + +To consume chunks in this way exactly as they have been written, with no +flattening, create the stream with the `{ objectMode: true }` option. + +```js +const mp = new Minipass({ objectMode: true }) +mp.write('a') +mp.write('b') +for (let letter of mp) { + console.log(letter) // a, b +} +mp.write('c') +mp.write('d') +for (let letter of mp) { + console.log(letter) // c, d +} +mp.write('e') +mp.end() +for (let letter of mp) { + console.log(letter) // e +} +for (let letter of mp) { + console.log(letter) // nothing +} +``` + +Asynchronous iteration will continue until the end event is reached, +consuming all of the data. + +```js +const mp = new Minipass({ encoding: 'utf8' }) + +// some source of some data +let i = 5 +const inter = setInterval(() => { + if (i --> 0) + mp.write(Buffer.from('foo\n', 'utf8')) + else { + mp.end() + clearInterval(inter) + } +}, 100) + +// consume the data with asynchronous iteration +async function consume () { + for await (let chunk of mp) { + console.log(chunk) + } + return 'ok' +} + +consume().then(res => console.log(res)) +// logs `foo\n` 5 times, and then `ok` +``` + +### subclass that `console.log()`s everything written into it + +```js +class Logger extends Minipass { + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } +} + +someSource.pipe(new Logger()).pipe(someDest) +``` + +### same thing, but using an inline anonymous class + +```js +// js classes are fun +someSource + .pipe(new (class extends Minipass { + emit (ev, ...data) { + // let's also log events, because debugging some weird thing + console.log('EMIT', ev) + return super.emit(ev, ...data) + } + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } + })) + .pipe(someDest) +``` + +### subclass that defers 'end' for some reason + +```js +class SlowEnd extends Minipass { + emit (ev, ...args) { + if (ev === 'end') { + console.log('going to end, hold on a sec') + setTimeout(() => { + console.log('ok, ready to end now') + super.emit('end', ...args) + }, 100) + } else { + return super.emit(ev, ...args) + } + } +} +``` + +### transform that creates newline-delimited JSON + +```js +class NDJSONEncode extends Minipass { + write (obj, cb) { + try { + // JSON.stringify can throw, emit an error on that + return super.write(JSON.stringify(obj) + '\n', 'utf8', cb) + } catch (er) { + this.emit('error', er) + } + } + end (obj, cb) { + if (typeof obj === 'function') { + cb = obj + obj = undefined + } + if (obj !== undefined) { + this.write(obj) + } + return super.end(cb) + } +} +``` + +### transform that parses newline-delimited JSON + +```js +class NDJSONDecode extends Minipass { + constructor (options) { + // always be in object mode, as far as Minipass is concerned + super({ objectMode: true }) + this._jsonBuffer = '' + } + write (chunk, encoding, cb) { + if (typeof chunk === 'string' && + typeof encoding === 'string' && + encoding !== 'utf8') { + chunk = Buffer.from(chunk, encoding).toString() + } else if (Buffer.isBuffer(chunk)) + chunk = chunk.toString() + } + if (typeof encoding === 'function') { + cb = encoding + } + const jsonData = (this._jsonBuffer + chunk).split('\n') + this._jsonBuffer = jsonData.pop() + for (let i = 0; i < jsonData.length; i++) { + let parsed + try { + super.write(parsed) + } catch (er) { + this.emit('error', er) + continue + } + } + if (cb) + cb() + } +} +``` diff --git a/node_modules/minipass-json-stream/node_modules/minipass/index.js b/node_modules/minipass-json-stream/node_modules/minipass/index.js new file mode 100644 index 000000000..55ea0f3dd --- /dev/null +++ b/node_modules/minipass-json-stream/node_modules/minipass/index.js @@ -0,0 +1,538 @@ +'use strict' +const EE = require('events') +const Stream = require('stream') +const Yallist = require('yallist') +const SD = require('string_decoder').StringDecoder + +const EOF = Symbol('EOF') +const MAYBE_EMIT_END = Symbol('maybeEmitEnd') +const EMITTED_END = Symbol('emittedEnd') +const EMITTING_END = Symbol('emittingEnd') +const CLOSED = Symbol('closed') +const READ = Symbol('read') +const FLUSH = Symbol('flush') +const FLUSHCHUNK = Symbol('flushChunk') +const ENCODING = Symbol('encoding') +const DECODER = Symbol('decoder') +const FLOWING = Symbol('flowing') +const PAUSED = Symbol('paused') +const RESUME = Symbol('resume') +const BUFFERLENGTH = Symbol('bufferLength') +const BUFFERPUSH = Symbol('bufferPush') +const BUFFERSHIFT = Symbol('bufferShift') +const OBJECTMODE = Symbol('objectMode') +const DESTROYED = Symbol('destroyed') + +// TODO remove when Node v8 support drops +const doIter = global._MP_NO_ITERATOR_SYMBOLS_ !== '1' +const ASYNCITERATOR = doIter && Symbol.asyncIterator + || Symbol('asyncIterator not implemented') +const ITERATOR = doIter && Symbol.iterator + || Symbol('iterator not implemented') + +// events that mean 'the stream is over' +// these are treated specially, and re-emitted +// if they are listened for after emitting. +const isEndish = ev => + ev === 'end' || + ev === 'finish' || + ev === 'prefinish' + +const isArrayBuffer = b => b instanceof ArrayBuffer || + typeof b === 'object' && + b.constructor && + b.constructor.name === 'ArrayBuffer' && + b.byteLength >= 0 + +const isArrayBufferView = b => !Buffer.isBuffer(b) && ArrayBuffer.isView(b) + +module.exports = class Minipass extends Stream { + constructor (options) { + super() + this[FLOWING] = false + // whether we're explicitly paused + this[PAUSED] = false + this.pipes = new Yallist() + this.buffer = new Yallist() + this[OBJECTMODE] = options && options.objectMode || false + if (this[OBJECTMODE]) + this[ENCODING] = null + else + this[ENCODING] = options && options.encoding || null + if (this[ENCODING] === 'buffer') + this[ENCODING] = null + this[DECODER] = this[ENCODING] ? new SD(this[ENCODING]) : null + this[EOF] = false + this[EMITTED_END] = false + this[EMITTING_END] = false + this[CLOSED] = false + this.writable = true + this.readable = true + this[BUFFERLENGTH] = 0 + this[DESTROYED] = false + } + + get bufferLength () { return this[BUFFERLENGTH] } + + get encoding () { return this[ENCODING] } + set encoding (enc) { + if (this[OBJECTMODE]) + throw new Error('cannot set encoding in objectMode') + + if (this[ENCODING] && enc !== this[ENCODING] && + (this[DECODER] && this[DECODER].lastNeed || this[BUFFERLENGTH])) + throw new Error('cannot change encoding') + + if (this[ENCODING] !== enc) { + this[DECODER] = enc ? new SD(enc) : null + if (this.buffer.length) + this.buffer = this.buffer.map(chunk => this[DECODER].write(chunk)) + } + + this[ENCODING] = enc + } + + setEncoding (enc) { + this.encoding = enc + } + + get objectMode () { return this[OBJECTMODE] } + set objectMode (ॐ ) { this[OBJECTMODE] = this[OBJECTMODE] || !!ॐ } + + write (chunk, encoding, cb) { + if (this[EOF]) + throw new Error('write after end') + + if (this[DESTROYED]) { + this.emit('error', Object.assign( + new Error('Cannot call write after a stream was destroyed'), + { code: 'ERR_STREAM_DESTROYED' } + )) + return true + } + + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + + if (!encoding) + encoding = 'utf8' + + // convert array buffers and typed array views into buffers + // at some point in the future, we may want to do the opposite! + // leave strings and buffers as-is + // anything else switches us into object mode + if (!this[OBJECTMODE] && !Buffer.isBuffer(chunk)) { + if (isArrayBufferView(chunk)) + chunk = Buffer.from(chunk.buffer, chunk.byteOffset, chunk.byteLength) + else if (isArrayBuffer(chunk)) + chunk = Buffer.from(chunk) + else if (typeof chunk !== 'string') + // use the setter so we throw if we have encoding set + this.objectMode = true + } + + // this ensures at this point that the chunk is a buffer or string + // don't buffer it up or send it to the decoder + if (!this.objectMode && !chunk.length) { + const ret = this.flowing + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + return ret + } + + // fast-path writing strings of same encoding to a stream with + // an empty buffer, skipping the buffer/decoder dance + if (typeof chunk === 'string' && !this[OBJECTMODE] && + // unless it is a string already ready for us to use + !(encoding === this[ENCODING] && !this[DECODER].lastNeed)) { + chunk = Buffer.from(chunk, encoding) + } + + if (Buffer.isBuffer(chunk) && this[ENCODING]) + chunk = this[DECODER].write(chunk) + + try { + return this.flowing + ? (this.emit('data', chunk), this.flowing) + : (this[BUFFERPUSH](chunk), false) + } finally { + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + } + } + + read (n) { + if (this[DESTROYED]) + return null + + try { + if (this[BUFFERLENGTH] === 0 || n === 0 || n > this[BUFFERLENGTH]) + return null + + if (this[OBJECTMODE]) + n = null + + if (this.buffer.length > 1 && !this[OBJECTMODE]) { + if (this.encoding) + this.buffer = new Yallist([ + Array.from(this.buffer).join('') + ]) + else + this.buffer = new Yallist([ + Buffer.concat(Array.from(this.buffer), this[BUFFERLENGTH]) + ]) + } + + return this[READ](n || null, this.buffer.head.value) + } finally { + this[MAYBE_EMIT_END]() + } + } + + [READ] (n, chunk) { + if (n === chunk.length || n === null) + this[BUFFERSHIFT]() + else { + this.buffer.head.value = chunk.slice(n) + chunk = chunk.slice(0, n) + this[BUFFERLENGTH] -= n + } + + this.emit('data', chunk) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + + return chunk + } + + end (chunk, encoding, cb) { + if (typeof chunk === 'function') + cb = chunk, chunk = null + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + if (chunk) + this.write(chunk, encoding) + if (cb) + this.once('end', cb) + this[EOF] = true + this.writable = false + + // if we haven't written anything, then go ahead and emit, + // even if we're not reading. + // we'll re-emit if a new 'end' listener is added anyway. + // This makes MP more suitable to write-only use cases. + if (this.flowing || !this[PAUSED]) + this[MAYBE_EMIT_END]() + return this + } + + // don't let the internal resume be overwritten + [RESUME] () { + if (this[DESTROYED]) + return + + this[PAUSED] = false + this[FLOWING] = true + this.emit('resume') + if (this.buffer.length) + this[FLUSH]() + else if (this[EOF]) + this[MAYBE_EMIT_END]() + else + this.emit('drain') + } + + resume () { + return this[RESUME]() + } + + pause () { + this[FLOWING] = false + this[PAUSED] = true + } + + get destroyed () { + return this[DESTROYED] + } + + get flowing () { + return this[FLOWING] + } + + get paused () { + return this[PAUSED] + } + + [BUFFERPUSH] (chunk) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] += 1 + else + this[BUFFERLENGTH] += chunk.length + return this.buffer.push(chunk) + } + + [BUFFERSHIFT] () { + if (this.buffer.length) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] -= 1 + else + this[BUFFERLENGTH] -= this.buffer.head.value.length + } + return this.buffer.shift() + } + + [FLUSH] () { + do {} while (this[FLUSHCHUNK](this[BUFFERSHIFT]())) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + } + + [FLUSHCHUNK] (chunk) { + return chunk ? (this.emit('data', chunk), this.flowing) : false + } + + pipe (dest, opts) { + if (this[DESTROYED]) + return + + const ended = this[EMITTED_END] + opts = opts || {} + if (dest === process.stdout || dest === process.stderr) + opts.end = false + else + opts.end = opts.end !== false + + const p = { dest: dest, opts: opts, ondrain: _ => this[RESUME]() } + this.pipes.push(p) + + dest.on('drain', p.ondrain) + this[RESUME]() + // piping an ended stream ends immediately + if (ended && p.opts.end) + p.dest.end() + return dest + } + + addListener (ev, fn) { + return this.on(ev, fn) + } + + on (ev, fn) { + try { + return super.on(ev, fn) + } finally { + if (ev === 'data' && !this.pipes.length && !this.flowing) + this[RESUME]() + else if (isEndish(ev) && this[EMITTED_END]) { + super.emit(ev) + this.removeAllListeners(ev) + } + } + } + + get emittedEnd () { + return this[EMITTED_END] + } + + [MAYBE_EMIT_END] () { + if (!this[EMITTING_END] && + !this[EMITTED_END] && + !this[DESTROYED] && + this.buffer.length === 0 && + this[EOF]) { + this[EMITTING_END] = true + this.emit('end') + this.emit('prefinish') + this.emit('finish') + if (this[CLOSED]) + this.emit('close') + this[EMITTING_END] = false + } + } + + emit (ev, data) { + // error and close are only events allowed after calling destroy() + if (ev !== 'error' && ev !== 'close' && ev !== DESTROYED && this[DESTROYED]) + return + else if (ev === 'data') { + if (!data) + return + + if (this.pipes.length) + this.pipes.forEach(p => + p.dest.write(data) === false && this.pause()) + } else if (ev === 'end') { + // only actual end gets this treatment + if (this[EMITTED_END] === true) + return + + this[EMITTED_END] = true + this.readable = false + + if (this[DECODER]) { + data = this[DECODER].end() + if (data) { + this.pipes.forEach(p => p.dest.write(data)) + super.emit('data', data) + } + } + + this.pipes.forEach(p => { + p.dest.removeListener('drain', p.ondrain) + if (p.opts.end) + p.dest.end() + }) + } else if (ev === 'close') { + this[CLOSED] = true + // don't emit close before 'end' and 'finish' + if (!this[EMITTED_END] && !this[DESTROYED]) + return + } + + // TODO: replace with a spread operator when Node v4 support drops + const args = new Array(arguments.length) + args[0] = ev + args[1] = data + if (arguments.length > 2) { + for (let i = 2; i < arguments.length; i++) { + args[i] = arguments[i] + } + } + + try { + return super.emit.apply(this, args) + } finally { + if (!isEndish(ev)) + this[MAYBE_EMIT_END]() + else + this.removeAllListeners(ev) + } + } + + // const all = await stream.collect() + collect () { + const buf = [] + if (!this[OBJECTMODE]) + buf.dataLength = 0 + // set the promise first, in case an error is raised + // by triggering the flow here. + const p = this.promise() + this.on('data', c => { + buf.push(c) + if (!this[OBJECTMODE]) + buf.dataLength += c.length + }) + return p.then(() => buf) + } + + // const data = await stream.concat() + concat () { + return this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this.collect().then(buf => + this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this[ENCODING] ? buf.join('') : Buffer.concat(buf, buf.dataLength)) + } + + // stream.promise().then(() => done, er => emitted error) + promise () { + return new Promise((resolve, reject) => { + this.on(DESTROYED, () => reject(new Error('stream destroyed'))) + this.on('end', () => resolve()) + this.on('error', er => reject(er)) + }) + } + + // for await (let chunk of stream) + [ASYNCITERATOR] () { + const next = () => { + const res = this.read() + if (res !== null) + return Promise.resolve({ done: false, value: res }) + + if (this[EOF]) + return Promise.resolve({ done: true }) + + let resolve = null + let reject = null + const onerr = er => { + this.removeListener('data', ondata) + this.removeListener('end', onend) + reject(er) + } + const ondata = value => { + this.removeListener('error', onerr) + this.removeListener('end', onend) + this.pause() + resolve({ value: value, done: !!this[EOF] }) + } + const onend = () => { + this.removeListener('error', onerr) + this.removeListener('data', ondata) + resolve({ done: true }) + } + const ondestroy = () => onerr(new Error('stream destroyed')) + return new Promise((res, rej) => { + reject = rej + resolve = res + this.once(DESTROYED, ondestroy) + this.once('error', onerr) + this.once('end', onend) + this.once('data', ondata) + }) + } + + return { next } + } + + // for (let chunk of stream) + [ITERATOR] () { + const next = () => { + const value = this.read() + const done = value === null + return { value, done } + } + return { next } + } + + destroy (er) { + if (this[DESTROYED]) { + if (er) + this.emit('error', er) + else + this.emit(DESTROYED) + return this + } + + this[DESTROYED] = true + + // throw away all buffered data, it's never coming out + this.buffer = new Yallist() + this[BUFFERLENGTH] = 0 + + if (typeof this.close === 'function' && !this[CLOSED]) + this.close() + + if (er) + this.emit('error', er) + else // if no error to emit, still reject pending promises + this.emit(DESTROYED) + + return this + } + + static isStream (s) { + return !!s && (s instanceof Minipass || s instanceof Stream || + s instanceof EE && ( + typeof s.pipe === 'function' || // readable + (typeof s.write === 'function' && typeof s.end === 'function') // writable + )) + } +} diff --git a/node_modules/minipass-json-stream/node_modules/minipass/package.json b/node_modules/minipass-json-stream/node_modules/minipass/package.json new file mode 100644 index 000000000..c0d9eef3e --- /dev/null +++ b/node_modules/minipass-json-stream/node_modules/minipass/package.json @@ -0,0 +1,72 @@ +{ + "_from": "minipass@^3.0.0", + "_id": "minipass@3.1.1", + "_inBundle": false, + "_integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "_location": "/minipass-json-stream/minipass", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass@^3.0.0", + "name": "minipass", + "escapedName": "minipass", + "rawSpec": "^3.0.0", + "saveSpec": null, + "fetchSpec": "^3.0.0" + }, + "_requiredBy": [ + "/minipass-json-stream" + ], + "_resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "_shasum": "7607ce778472a185ad6d89082aa2070f79cedcd5", + "_spec": "minipass@^3.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-json-stream", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/minipass/issues" + }, + "bundleDependencies": false, + "dependencies": { + "yallist": "^4.0.0" + }, + "deprecated": false, + "description": "minimal implementation of a PassThrough stream", + "devDependencies": { + "end-of-stream": "^1.4.0", + "tap": "^14.6.5", + "through2": "^2.0.3" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/isaacs/minipass#readme", + "keywords": [ + "passthrough", + "stream" + ], + "license": "ISC", + "main": "index.js", + "name": "minipass", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/minipass.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish --tag=next", + "preversion": "npm test", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "3.1.1" +} diff --git a/node_modules/minipass-json-stream/node_modules/yallist/LICENSE b/node_modules/minipass-json-stream/node_modules/yallist/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/minipass-json-stream/node_modules/yallist/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-json-stream/node_modules/yallist/README.md b/node_modules/minipass-json-stream/node_modules/yallist/README.md new file mode 100644 index 000000000..f58610186 --- /dev/null +++ b/node_modules/minipass-json-stream/node_modules/yallist/README.md @@ -0,0 +1,204 @@ +# yallist + +Yet Another Linked List + +There are many doubly-linked list implementations like it, but this +one is mine. + +For when an array would be too big, and a Map can't be iterated in +reverse order. + + +[](https://travis-ci.org/isaacs/yallist) [](https://coveralls.io/github/isaacs/yallist) + +## basic usage + +```javascript +var yallist = require('yallist') +var myList = yallist.create([1, 2, 3]) +myList.push('foo') +myList.unshift('bar') +// of course pop() and shift() are there, too +console.log(myList.toArray()) // ['bar', 1, 2, 3, 'foo'] +myList.forEach(function (k) { + // walk the list head to tail +}) +myList.forEachReverse(function (k, index, list) { + // walk the list tail to head +}) +var myDoubledList = myList.map(function (k) { + return k + k +}) +// now myDoubledList contains ['barbar', 2, 4, 6, 'foofoo'] +// mapReverse is also a thing +var myDoubledListReverse = myList.mapReverse(function (k) { + return k + k +}) // ['foofoo', 6, 4, 2, 'barbar'] + +var reduced = myList.reduce(function (set, entry) { + set += entry + return set +}, 'start') +console.log(reduced) // 'startfoo123bar' +``` + +## api + +The whole API is considered "public". + +Functions with the same name as an Array method work more or less the +same way. + +There's reverse versions of most things because that's the point. + +### Yallist + +Default export, the class that holds and manages a list. + +Call it with either a forEach-able (like an array) or a set of +arguments, to initialize the list. + +The Array-ish methods all act like you'd expect. No magic length, +though, so if you change that it won't automatically prune or add +empty spots. + +### Yallist.create(..) + +Alias for Yallist function. Some people like factories. + +#### yallist.head + +The first node in the list + +#### yallist.tail + +The last node in the list + +#### yallist.length + +The number of nodes in the list. (Change this at your peril. It is +not magic like Array length.) + +#### yallist.toArray() + +Convert the list to an array. + +#### yallist.forEach(fn, [thisp]) + +Call a function on each item in the list. + +#### yallist.forEachReverse(fn, [thisp]) + +Call a function on each item in the list, in reverse order. + +#### yallist.get(n) + +Get the data at position `n` in the list. If you use this a lot, +probably better off just using an Array. + +#### yallist.getReverse(n) + +Get the data at position `n`, counting from the tail. + +#### yallist.map(fn, thisp) + +Create a new Yallist with the result of calling the function on each +item. + +#### yallist.mapReverse(fn, thisp) + +Same as `map`, but in reverse. + +#### yallist.pop() + +Get the data from the list tail, and remove the tail from the list. + +#### yallist.push(item, ...) + +Insert one or more items to the tail of the list. + +#### yallist.reduce(fn, initialValue) + +Like Array.reduce. + +#### yallist.reduceReverse + +Like Array.reduce, but in reverse. + +#### yallist.reverse + +Reverse the list in place. + +#### yallist.shift() + +Get the data from the list head, and remove the head from the list. + +#### yallist.slice([from], [to]) + +Just like Array.slice, but returns a new Yallist. + +#### yallist.sliceReverse([from], [to]) + +Just like yallist.slice, but the result is returned in reverse. + +#### yallist.toArray() + +Create an array representation of the list. + +#### yallist.toArrayReverse() + +Create a reversed array representation of the list. + +#### yallist.unshift(item, ...) + +Insert one or more items to the head of the list. + +#### yallist.unshiftNode(node) + +Move a Node object to the front of the list. (That is, pull it out of +wherever it lives, and make it the new head.) + +If the node belongs to a different list, then that list will remove it +first. + +#### yallist.pushNode(node) + +Move a Node object to the end of the list. (That is, pull it out of +wherever it lives, and make it the new tail.) + +If the node belongs to a list already, then that list will remove it +first. + +#### yallist.removeNode(node) + +Remove a node from the list, preserving referential integrity of head +and tail and other nodes. + +Will throw an error if you try to have a list remove a node that +doesn't belong to it. + +### Yallist.Node + +The class that holds the data and is actually the list. + +Call with `var n = new Node(value, previousNode, nextNode)` + +Note that if you do direct operations on Nodes themselves, it's very +easy to get into weird states where the list is broken. Be careful :) + +#### node.next + +The next node in the list. + +#### node.prev + +The previous node in the list. + +#### node.value + +The data the node contains. + +#### node.list + +The list to which this node belongs. (Null if it does not belong to +any list.) diff --git a/node_modules/minipass-json-stream/node_modules/yallist/iterator.js b/node_modules/minipass-json-stream/node_modules/yallist/iterator.js new file mode 100644 index 000000000..d41c97a19 --- /dev/null +++ b/node_modules/minipass-json-stream/node_modules/yallist/iterator.js @@ -0,0 +1,8 @@ +'use strict' +module.exports = function (Yallist) { + Yallist.prototype[Symbol.iterator] = function* () { + for (let walker = this.head; walker; walker = walker.next) { + yield walker.value + } + } +} diff --git a/node_modules/minipass-json-stream/node_modules/yallist/package.json b/node_modules/minipass-json-stream/node_modules/yallist/package.json new file mode 100644 index 000000000..89c942f9d --- /dev/null +++ b/node_modules/minipass-json-stream/node_modules/yallist/package.json @@ -0,0 +1,62 @@ +{ + "_from": "yallist@^4.0.0", + "_id": "yallist@4.0.0", + "_inBundle": false, + "_integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "_location": "/minipass-json-stream/yallist", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "yallist@^4.0.0", + "name": "yallist", + "escapedName": "yallist", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/minipass-json-stream/minipass" + ], + "_resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "_shasum": "9bb92790d9c0effec63be73519e11a35019a3a72", + "_spec": "yallist@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-json-stream/node_modules/minipass", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/yallist/issues" + }, + "bundleDependencies": false, + "dependencies": {}, + "deprecated": false, + "description": "Yet Another Linked List", + "devDependencies": { + "tap": "^12.1.0" + }, + "directories": { + "test": "test" + }, + "files": [ + "yallist.js", + "iterator.js" + ], + "homepage": "https://github.com/isaacs/yallist#readme", + "license": "ISC", + "main": "yallist.js", + "name": "yallist", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/yallist.git" + }, + "scripts": { + "postpublish": "git push origin --all; git push origin --tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap test/*.js --100" + }, + "version": "4.0.0" +} diff --git a/node_modules/minipass-json-stream/node_modules/yallist/yallist.js b/node_modules/minipass-json-stream/node_modules/yallist/yallist.js new file mode 100644 index 000000000..4e83ab1c5 --- /dev/null +++ b/node_modules/minipass-json-stream/node_modules/yallist/yallist.js @@ -0,0 +1,426 @@ +'use strict' +module.exports = Yallist + +Yallist.Node = Node +Yallist.create = Yallist + +function Yallist (list) { + var self = this + if (!(self instanceof Yallist)) { + self = new Yallist() + } + + self.tail = null + self.head = null + self.length = 0 + + if (list && typeof list.forEach === 'function') { + list.forEach(function (item) { + self.push(item) + }) + } else if (arguments.length > 0) { + for (var i = 0, l = arguments.length; i < l; i++) { + self.push(arguments[i]) + } + } + + return self +} + +Yallist.prototype.removeNode = function (node) { + if (node.list !== this) { + throw new Error('removing node which does not belong to this list') + } + + var next = node.next + var prev = node.prev + + if (next) { + next.prev = prev + } + + if (prev) { + prev.next = next + } + + if (node === this.head) { + this.head = next + } + if (node === this.tail) { + this.tail = prev + } + + node.list.length-- + node.next = null + node.prev = null + node.list = null + + return next +} + +Yallist.prototype.unshiftNode = function (node) { + if (node === this.head) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var head = this.head + node.list = this + node.next = head + if (head) { + head.prev = node + } + + this.head = node + if (!this.tail) { + this.tail = node + } + this.length++ +} + +Yallist.prototype.pushNode = function (node) { + if (node === this.tail) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var tail = this.tail + node.list = this + node.prev = tail + if (tail) { + tail.next = node + } + + this.tail = node + if (!this.head) { + this.head = node + } + this.length++ +} + +Yallist.prototype.push = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + push(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.unshift = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + unshift(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.pop = function () { + if (!this.tail) { + return undefined + } + + var res = this.tail.value + this.tail = this.tail.prev + if (this.tail) { + this.tail.next = null + } else { + this.head = null + } + this.length-- + return res +} + +Yallist.prototype.shift = function () { + if (!this.head) { + return undefined + } + + var res = this.head.value + this.head = this.head.next + if (this.head) { + this.head.prev = null + } else { + this.tail = null + } + this.length-- + return res +} + +Yallist.prototype.forEach = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.head, i = 0; walker !== null; i++) { + fn.call(thisp, walker.value, i, this) + walker = walker.next + } +} + +Yallist.prototype.forEachReverse = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.tail, i = this.length - 1; walker !== null; i--) { + fn.call(thisp, walker.value, i, this) + walker = walker.prev + } +} + +Yallist.prototype.get = function (n) { + for (var i = 0, walker = this.head; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.next + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.getReverse = function (n) { + for (var i = 0, walker = this.tail; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.prev + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.map = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.head; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.next + } + return res +} + +Yallist.prototype.mapReverse = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.tail; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.prev + } + return res +} + +Yallist.prototype.reduce = function (fn, initial) { + var acc + var walker = this.head + if (arguments.length > 1) { + acc = initial + } else if (this.head) { + walker = this.head.next + acc = this.head.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = 0; walker !== null; i++) { + acc = fn(acc, walker.value, i) + walker = walker.next + } + + return acc +} + +Yallist.prototype.reduceReverse = function (fn, initial) { + var acc + var walker = this.tail + if (arguments.length > 1) { + acc = initial + } else if (this.tail) { + walker = this.tail.prev + acc = this.tail.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = this.length - 1; walker !== null; i--) { + acc = fn(acc, walker.value, i) + walker = walker.prev + } + + return acc +} + +Yallist.prototype.toArray = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.head; walker !== null; i++) { + arr[i] = walker.value + walker = walker.next + } + return arr +} + +Yallist.prototype.toArrayReverse = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.tail; walker !== null; i++) { + arr[i] = walker.value + walker = walker.prev + } + return arr +} + +Yallist.prototype.slice = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = 0, walker = this.head; walker !== null && i < from; i++) { + walker = walker.next + } + for (; walker !== null && i < to; i++, walker = walker.next) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.sliceReverse = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = this.length, walker = this.tail; walker !== null && i > to; i--) { + walker = walker.prev + } + for (; walker !== null && i > from; i--, walker = walker.prev) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.splice = function (start, deleteCount, ...nodes) { + if (start > this.length) { + start = this.length - 1 + } + if (start < 0) { + start = this.length + start; + } + + for (var i = 0, walker = this.head; walker !== null && i < start; i++) { + walker = walker.next + } + + var ret = [] + for (var i = 0; walker && i < deleteCount; i++) { + ret.push(walker.value) + walker = this.removeNode(walker) + } + if (walker === null) { + walker = this.tail + } + + if (walker !== this.head && walker !== this.tail) { + walker = walker.prev + } + + for (var i = 0; i < nodes.length; i++) { + walker = insert(this, walker, nodes[i]) + } + return ret; +} + +Yallist.prototype.reverse = function () { + var head = this.head + var tail = this.tail + for (var walker = head; walker !== null; walker = walker.prev) { + var p = walker.prev + walker.prev = walker.next + walker.next = p + } + this.head = tail + this.tail = head + return this +} + +function insert (self, node, value) { + var inserted = node === self.head ? + new Node(value, null, node, self) : + new Node(value, node, node.next, self) + + if (inserted.next === null) { + self.tail = inserted + } + if (inserted.prev === null) { + self.head = inserted + } + + self.length++ + + return inserted +} + +function push (self, item) { + self.tail = new Node(item, self.tail, null, self) + if (!self.head) { + self.head = self.tail + } + self.length++ +} + +function unshift (self, item) { + self.head = new Node(item, null, self.head, self) + if (!self.tail) { + self.tail = self.head + } + self.length++ +} + +function Node (value, prev, next, list) { + if (!(this instanceof Node)) { + return new Node(value, prev, next, list) + } + + this.list = list + this.value = value + + if (prev) { + prev.next = this + this.prev = prev + } else { + this.prev = null + } + + if (next) { + next.prev = this + this.next = next + } else { + this.next = null + } +} + +try { + // add if support for Symbol.iterator is present + require('./iterator.js')(Yallist) +} catch (er) {} diff --git a/node_modules/minipass-json-stream/package.json b/node_modules/minipass-json-stream/package.json new file mode 100644 index 000000000..91a1e70c1 --- /dev/null +++ b/node_modules/minipass-json-stream/package.json @@ -0,0 +1,72 @@ +{ + "_from": "minipass-json-stream@^1.0.1", + "_id": "minipass-json-stream@1.0.1", + "_inBundle": false, + "_integrity": "sha512-ODqY18UZt/I8k+b7rl2AENgbWE8IDYam+undIJONvigAz8KR5GWblsFTEfQs0WODsjbSXWlm+JHEv8Gr6Tfdbg==", + "_location": "/minipass-json-stream", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass-json-stream@^1.0.1", + "name": "minipass-json-stream", + "escapedName": "minipass-json-stream", + "rawSpec": "^1.0.1", + "saveSpec": null, + "fetchSpec": "^1.0.1" + }, + "_requiredBy": [ + "/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/minipass-json-stream/-/minipass-json-stream-1.0.1.tgz", + "_shasum": "7edbb92588fbfc2ff1db2fc10397acb7b6b44aa7", + "_spec": "minipass-json-stream@^1.0.1", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "https://izs.me" + }, + "bugs": { + "url": "https://github.com/npm/minipass-json-stream/issues" + }, + "bundleDependencies": false, + "dependencies": { + "jsonparse": "^1.3.1", + "minipass": "^3.0.0" + }, + "deprecated": false, + "description": "Like JSONStream, but using Minipass streams", + "devDependencies": { + "JSONStream": "^1.3.5", + "tap": "^14.6.9" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/npm/minipass-json-stream#readme", + "keywords": [ + "stream", + "json", + "parse", + "minipass", + "JSONStream" + ], + "license": "MIT", + "name": "minipass-json-stream", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/minipass-json-stream.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "snap": "tap", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "1.0.1" +} diff --git a/node_modules/minipass-pipeline/LICENSE b/node_modules/minipass-pipeline/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/minipass-pipeline/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-pipeline/README.md b/node_modules/minipass-pipeline/README.md new file mode 100644 index 000000000..12daa99f0 --- /dev/null +++ b/node_modules/minipass-pipeline/README.md @@ -0,0 +1,69 @@ +# minipass-pipeline + +Create a pipeline of streams using Minipass. + +Calls `.pipe()` on all the streams in the list. Returns a stream where +writes got to the first pipe in the chain, and reads are from the last. + +Errors are proxied along the chain and emitted on the Pipeline stream. + +## USAGE + +```js +const Pipeline = require('minipass-pipeline') + +// the list of streams to pipeline together, +// a bit like `input | transform | output` in bash +const p = new Pipeline(input, transform, output) + +p.write('foo') // writes to input +p.on('data', chunk => doSomething()) // reads from output stream + +// less contrived example (but still pretty contrived)... +const decode = new bunzipDecoder() +const unpack = tar.extract({ cwd: 'target-dir' }) +const tbz = new Pipeline(decode, unpack) + +fs.createReadStream('archive.tbz').pipe(tbz) + +// specify any minipass options if you like, as the first argument +// it'll only try to pipeline event emitters with a .pipe() method +const p = new Pipeline({ objectMode: true }, input, transform, output) + +// If you don't know the things to pipe in right away, that's fine. +// use p.push(stream) to add to the end, or p.unshift(stream) to the front +const databaseDecoderStreamDoohickey = (connectionInfo) => { + const p = new Pipeline() + logIntoDatabase(connectionInfo).then(connection => { + initializeDecoderRing(connectionInfo).then(decoderRing => { + p.push(connection, decoderRing) + getUpstreamSource(upstream => { + p.unshift(upstream) + }) + }) + }) + // return to caller right away + // emitted data will be upstream -> connection -> decoderRing pipeline + return p +} +``` + +Pipeline is a [minipass](http://npm.im/minipass) stream, so it's as +synchronous as the streams it wraps. It will buffer data until there is a +reader, but no longer, so make sure to attach your listeners before you +pipe it somewhere else. + +## `new Pipeline(opts = {}, ...streams)` + +Create a new Pipeline with the specified Minipass options and any streams +provided. + +## `pipeline.push(stream, ...)` + +Attach one or more streams to the pipeline at the end (read) side of the +pipe chain. + +## `pipeline.unshift(stream, ...)` + +Attach one or more streams to the pipeline at the start (write) side of the +pipe chain. diff --git a/node_modules/minipass-pipeline/index.js b/node_modules/minipass-pipeline/index.js new file mode 100644 index 000000000..019362196 --- /dev/null +++ b/node_modules/minipass-pipeline/index.js @@ -0,0 +1,127 @@ +const Minipass = require('minipass') +const EE = require('events') +const isStream = s => s && s instanceof EE && ( + typeof s.pipe === 'function' || // readable + (typeof s.write === 'function' && typeof s.end === 'function') // writable +) + +const _head = Symbol('_head') +const _tail = Symbol('_tail') +const _linkStreams = Symbol('_linkStreams') +const _setHead = Symbol('_setHead') +const _setTail = Symbol('_setTail') +const _onError = Symbol('_onError') +const _onData = Symbol('_onData') +const _onEnd = Symbol('_onEnd') +const _onDrain = Symbol('_onDrain') +const _streams = Symbol('_streams') +class Pipeline extends Minipass { + constructor (opts, ...streams) { + if (isStream(opts)) { + streams.unshift(opts) + opts = {} + } + + super(opts) + this[_streams] = [] + if (streams.length) + this.push(...streams) + } + + [_linkStreams] (streams) { + // reduce takes (left,right), and we return right to make it the + // new left value. + return streams.reduce((src, dest) => { + src.on('error', er => dest.emit('error', er)) + src.pipe(dest) + return dest + }) + } + + push (...streams) { + this[_streams].push(...streams) + if (this[_tail]) + streams.unshift(this[_tail]) + + const linkRet = this[_linkStreams](streams) + + this[_setTail](linkRet) + if (!this[_head]) + this[_setHead](streams[0]) + } + + unshift (...streams) { + this[_streams].unshift(...streams) + if (this[_head]) + streams.push(this[_head]) + + const linkRet = this[_linkStreams](streams) + this[_setHead](streams[0]) + if (!this[_tail]) + this[_setTail](linkRet) + } + + destroy (er) { + // set fire to the whole thing. + this[_streams].forEach(s => + typeof s.destroy === 'function' && s.destroy()) + return super.destroy(er) + } + + // readable interface -> tail + [_setTail] (stream) { + this[_tail] = stream + stream.on('error', er => this[_onError](stream, er)) + stream.on('data', chunk => this[_onData](stream, chunk)) + stream.on('end', () => this[_onEnd](stream)) + stream.on('finish', () => this[_onEnd](stream)) + } + + // errors proxied down the pipeline + // they're considered part of the "read" interface + [_onError] (stream, er) { + if (stream === this[_tail]) + this.emit('error', er) + } + [_onData] (stream, chunk) { + if (stream === this[_tail]) + super.write(chunk) + } + [_onEnd] (stream) { + if (stream === this[_tail]) + super.end() + } + pause () { + super.pause() + return this[_tail] && this[_tail].pause && this[_tail].pause() + } + + // NB: Minipass calls its internal private [RESUME] method during + // pipe drains, to avoid hazards where stream.resume() is overridden. + // Thus, we need to listen to the resume *event*, not override the + // resume() method, and proxy *that* to the tail. + emit (ev, ...args) { + if (ev === 'resume' && this[_tail] && this[_tail].resume) + this[_tail].resume() + return super.emit(ev, ...args) + } + + // writable interface -> head + [_setHead] (stream) { + this[_head] = stream + stream.on('drain', () => this[_onDrain](stream)) + } + [_onDrain] (stream) { + if (stream === this[_head]) + this.emit('drain') + } + write (chunk, enc, cb) { + return this[_head].write(chunk, enc, cb) + } + end (chunk, enc, cb) { + this[_head].end(chunk, enc, cb) + return this + } +} + +module.exports = Pipeline diff --git a/node_modules/minipass-pipeline/node_modules/minipass/LICENSE b/node_modules/minipass-pipeline/node_modules/minipass/LICENSE new file mode 100644 index 000000000..20a476254 --- /dev/null +++ b/node_modules/minipass-pipeline/node_modules/minipass/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) npm, Inc. and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-pipeline/node_modules/minipass/README.md b/node_modules/minipass-pipeline/node_modules/minipass/README.md new file mode 100644 index 000000000..32ace2fb9 --- /dev/null +++ b/node_modules/minipass-pipeline/node_modules/minipass/README.md @@ -0,0 +1,606 @@ +# minipass + +A _very_ minimal implementation of a [PassThrough +stream](https://nodejs.org/api/stream.html#stream_class_stream_passthrough) + +[It's very +fast](https://docs.google.com/spreadsheets/d/1oObKSrVwLX_7Ut4Z6g3fZW-AX1j1-k6w-cDsrkaSbHM/edit#gid=0) +for objects, strings, and buffers. + +Supports pipe()ing (including multi-pipe() and backpressure transmission), +buffering data until either a `data` event handler or `pipe()` is added (so +you don't lose the first chunk), and most other cases where PassThrough is +a good idea. + +There is a `read()` method, but it's much more efficient to consume data +from this stream via `'data'` events or by calling `pipe()` into some other +stream. Calling `read()` requires the buffer to be flattened in some +cases, which requires copying memory. + +There is also no `unpipe()` method. Once you start piping, there is no +stopping it! + +If you set `objectMode: true` in the options, then whatever is written will +be emitted. Otherwise, it'll do a minimal amount of Buffer copying to +ensure proper Streams semantics when `read(n)` is called. + +`objectMode` can also be set by doing `stream.objectMode = true`, or by +writing any non-string/non-buffer data. `objectMode` cannot be set to +false once it is set. + +This is not a `through` or `through2` stream. It doesn't transform the +data, it just passes it right through. If you want to transform the data, +extend the class, and override the `write()` method. Once you're done +transforming the data however you want, call `super.write()` with the +transform output. + +For some examples of streams that extend Minipass in various ways, check +out: + +- [minizlib](http://npm.im/minizlib) +- [fs-minipass](http://npm.im/fs-minipass) +- [tar](http://npm.im/tar) +- [minipass-collect](http://npm.im/minipass-collect) +- [minipass-flush](http://npm.im/minipass-flush) +- [minipass-pipeline](http://npm.im/minipass-pipeline) +- [tap](http://npm.im/tap) +- [tap-parser](http://npm.im/tap) +- [treport](http://npm.im/tap) +- [minipass-fetch](http://npm.im/minipass-fetch) + +## Differences from Node.js Streams + +There are several things that make Minipass streams different from (and in +some ways superior to) Node.js core streams. + +Please read these caveats if you are familiar with noode-core streams and +intend to use Minipass streams in your programs. + +### Timing + +Minipass streams are designed to support synchronous use-cases. Thus, data +is emitted as soon as it is available, always. It is buffered until read, +but no longer. Another way to look at it is that Minipass streams are +exactly as synchronous as the logic that writes into them. + +This can be surprising if your code relies on `PassThrough.write()` always +providing data on the next tick rather than the current one, or being able +to call `resume()` and not have the entire buffer disappear immediately. + +However, without this synchronicity guarantee, there would be no way for +Minipass to achieve the speeds it does, or support the synchronous use +cases that it does. Simply put, waiting takes time. + +This non-deferring approach makes Minipass streams much easier to reason +about, especially in the context of Promises and other flow-control +mechanisms. + +### No High/Low Water Marks + +Node.js core streams will optimistically fill up a buffer, returning `true` +on all writes until the limit is hit, even if the data has nowhere to go. +Then, they will not attempt to draw more data in until the buffer size dips +below a minimum value. + +Minipass streams are much simpler. The `write()` method will return `true` +if the data has somewhere to go (which is to say, given the timing +guarantees, that the data is already there by the time `write()` returns). + +If the data has nowhere to go, then `write()` returns false, and the data +sits in a buffer, to be drained out immediately as soon as anyone consumes +it. + +### Hazards of Buffering (or: Why Minipass Is So Fast) + +Since data written to a Minipass stream is immediately written all the way +through the pipeline, and `write()` always returns true/false based on +whether the data was fully flushed, backpressure is communicated +immediately to the upstream caller. This minimizes buffering. + +Consider this case: + +```js +const {PassThrough} = require('stream') +const p1 = new PassThrough({ highWaterMark: 1024 }) +const p2 = new PassThrough({ highWaterMark: 1024 }) +const p3 = new PassThrough({ highWaterMark: 1024 }) +const p4 = new PassThrough({ highWaterMark: 1024 }) + +p1.pipe(p2).pipe(p3).pipe(p4) +p4.on('data', () => console.log('made it through')) + +// this returns false and buffers, then writes to p2 on next tick (1) +// p2 returns false and buffers, pausing p1, then writes to p3 on next tick (2) +// p3 returns false and buffers, pausing p2, then writes to p4 on next tick (3) +// p4 returns false and buffers, pausing p3, then emits 'data' and 'drain' +// on next tick (4) +// p3 sees p4's 'drain' event, and calls resume(), emitting 'resume' and +// 'drain' on next tick (5) +// p2 sees p3's 'drain', calls resume(), emits 'resume' and 'drain' on next tick (6) +// p1 sees p2's 'drain', calls resume(), emits 'resume' and 'drain' on next +// tick (7) + +p1.write(Buffer.alloc(2048)) // returns false +``` + +Along the way, the data was buffered and deferred at each stage, and +multiple event deferrals happened, for an unblocked pipeline where it was +perfectly safe to write all the way through! + +Furthermore, setting a `highWaterMark` of `1024` might lead someone reading +the code to think an advisory maximum of 1KiB is being set for the +pipeline. However, the actual advisory buffering level is the _sum_ of +`highWaterMark` values, since each one has its own bucket. + +Consider the Minipass case: + +```js +const m1 = new Minipass() +const m2 = new Minipass() +const m3 = new Minipass() +const m4 = new Minipass() + +m1.pipe(m2).pipe(m3).pipe(m4) +m4.on('data', () => console.log('made it through')) + +// m1 is flowing, so it writes the data to m2 immediately +// m2 is flowing, so it writes the data to m3 immediately +// m3 is flowing, so it writes the data to m4 immediately +// m4 is flowing, so it fires the 'data' event immediately, returns true +// m4's write returned true, so m3 is still flowing, returns true +// m3's write returned true, so m2 is still flowing, returns true +// m2's write returned true, so m1 is still flowing, returns true +// No event deferrals or buffering along the way! + +m1.write(Buffer.alloc(2048)) // returns true +``` + +It is extremely unlikely that you _don't_ want to buffer any data written, +or _ever_ buffer data that can be flushed all the way through. Neither +node-core streams nor Minipass ever fail to buffer written data, but +node-core streams do a lot of unnecessary buffering and pausing. + +As always, the faster implementation is the one that does less stuff and +waits less time to do it. + +### Immediately emit `end` for empty streams (when not paused) + +If a stream is not paused, and `end()` is called before writing any data +into it, then it will emit `end` immediately. + +If you have logic that occurs on the `end` event which you don't want to +potentially happen immediately (for example, closing file descriptors, +moving on to the next entry in an archive parse stream, etc.) then be sure +to call `stream.pause()` on creation, and then `stream.resume()` once you +are ready to respond to the `end` event. + +### Emit `end` When Asked + +One hazard of immediately emitting `'end'` is that you may not yet have had +a chance to add a listener. In order to avoid this hazard, Minipass +streams safely re-emit the `'end'` event if a new listener is added after +`'end'` has been emitted. + +Ie, if you do `stream.on('end', someFunction)`, and the stream has already +emitted `end`, then it will call the handler right away. (You can think of +this somewhat like attaching a new `.then(fn)` to a previously-resolved +Promise.) + +To prevent calling handlers multiple times who would not expect multiple +ends to occur, all listeners are removed from the `'end'` event whenever it +is emitted. + +### Impact of "immediate flow" on Tee-streams + +A "tee stream" is a stream piping to multiple destinations: + +```js +const tee = new Minipass() +t.pipe(dest1) +t.pipe(dest2) +t.write('foo') // goes to both destinations +``` + +Since Minipass streams _immediately_ process any pending data through the +pipeline when a new pipe destination is added, this can have surprising +effects, especially when a stream comes in from some other function and may +or may not have data in its buffer. + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.pipe(dest1) // 'foo' chunk flows to dest1 immediately, and is gone +src.pipe(dest2) // gets nothing! +``` + +The solution is to create a dedicated tee-stream junction that pipes to +both locations, and then pipe to _that_ instead. + +```js +// Safe example: tee to both places +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.pipe(dest1) +tee.pipe(dest2) +stream.pipe(tee) // tee gets 'foo', pipes to both locations +``` + +The same caveat applies to `on('data')` event listeners. The first one +added will _immediately_ receive all of the data, leaving nothing for the +second: + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.on('data', handler1) // receives 'foo' right away +src.on('data', handler2) // nothing to see here! +``` + +Using a dedicated tee-stream can be used in this case as well: + +```js +// Safe example: tee to both data handlers +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.on('data', handler1) +tee.on('data', handler2) +src.pipe(tee) +``` + +## USAGE + +It's a stream! Use it like a stream and it'll most likely do what you +want. + +```js +const Minipass = require('minipass') +const mp = new Minipass(options) // optional: { encoding, objectMode } +mp.write('foo') +mp.pipe(someOtherStream) +mp.end('bar') +``` + +### OPTIONS + +* `encoding` How would you like the data coming _out_ of the stream to be + encoded? Accepts any values that can be passed to `Buffer.toString()`. +* `objectMode` Emit data exactly as it comes in. This will be flipped on + by default if you write() something other than a string or Buffer at any + point. Setting `objectMode: true` will prevent setting any encoding + value. + +### API + +Implements the user-facing portions of Node.js's `Readable` and `Writable` +streams. + +### Methods + +* `write(chunk, [encoding], [callback])` - Put data in. (Note that, in the + base Minipass class, the same data will come out.) Returns `false` if + the stream will buffer the next write, or true if it's still in "flowing" + mode. +* `end([chunk, [encoding]], [callback])` - Signal that you have no more + data to write. This will queue an `end` event to be fired when all the + data has been consumed. +* `setEncoding(encoding)` - Set the encoding for data coming of the stream. + This can only be done once. +* `pause()` - No more data for a while, please. This also prevents `end` + from being emitted for empty streams until the stream is resumed. +* `resume()` - Resume the stream. If there's data in the buffer, it is all + discarded. Any buffered events are immediately emitted. +* `pipe(dest)` - Send all output to the stream provided. There is no way + to unpipe. When data is emitted, it is immediately written to any and + all pipe destinations. +* `on(ev, fn)`, `emit(ev, fn)` - Minipass streams are EventEmitters. Some + events are given special treatment, however. (See below under "events".) +* `promise()` - Returns a Promise that resolves when the stream emits + `end`, or rejects if the stream emits `error`. +* `collect()` - Return a Promise that resolves on `end` with an array + containing each chunk of data that was emitted, or rejects if the stream + emits `error`. Note that this consumes the stream data. +* `concat()` - Same as `collect()`, but concatenates the data into a single + Buffer object. Will reject the returned promise if the stream is in + objectMode, or if it goes into objectMode by the end of the data. +* `read(n)` - Consume `n` bytes of data out of the buffer. If `n` is not + provided, then consume all of it. If `n` bytes are not available, then + it returns null. **Note** consuming streams in this way is less + efficient, and can lead to unnecessary Buffer copying. +* `destroy([er])` - Destroy the stream. If an error is provided, then an + `'error'` event is emitted. If the stream has a `close()` method, and + has not emitted a `'close'` event yet, then `stream.close()` will be + called. Any Promises returned by `.promise()`, `.collect()` or + `.concat()` will be rejected. After being destroyed, writing to the + stream will emit an error. No more data will be emitted if the stream is + destroyed, even if it was previously buffered. + +### Properties + +* `bufferLength` Read-only. Total number of bytes buffered, or in the case + of objectMode, the total number of objects. +* `encoding` The encoding that has been set. (Setting this is equivalent + to calling `setEncoding(enc)` and has the same prohibition against + setting multiple times.) +* `flowing` Read-only. Boolean indicating whether a chunk written to the + stream will be immediately emitted. +* `emittedEnd` Read-only. Boolean indicating whether the end-ish events + (ie, `end`, `prefinish`, `finish`) have been emitted. Note that + listening on any end-ish event will immediateyl re-emit it if it has + already been emitted. +* `writable` Whether the stream is writable. Default `true`. Set to + `false` when `end()` +* `readable` Whether the stream is readable. Default `true`. +* `buffer` A [yallist](http://npm.im/yallist) linked list of chunks written + to the stream that have not yet been emitted. (It's probably a bad idea + to mess with this.) +* `pipes` A [yallist](http://npm.im/yallist) linked list of streams that + this stream is piping into. (It's probably a bad idea to mess with + this.) +* `destroyed` A getter that indicates whether the stream was destroyed. +* `paused` True if the stream has been explicitly paused, otherwise false. +* `objectMode` Indicates whether the stream is in `objectMode`. Once set + to `true`, it cannot be set to `false`. + +### Events + +* `data` Emitted when there's data to read. Argument is the data to read. + This is never emitted while not flowing. If a listener is attached, that + will resume the stream. +* `end` Emitted when there's no more data to read. This will be emitted + immediately for empty streams when `end()` is called. If a listener is + attached, and `end` was already emitted, then it will be emitted again. + All listeners are removed when `end` is emitted. +* `prefinish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'end'`. +* `finish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'prefinish'`. +* `close` An indication that an underlying resource has been released. + Minipass does not emit this event, but will defer it until after `end` + has been emitted, since it throws off some stream libraries otherwise. +* `drain` Emitted when the internal buffer empties, and it is again + suitable to `write()` into the stream. +* `readable` Emitted when data is buffered and ready to be read by a + consumer. +* `resume` Emitted when stream changes state from buffering to flowing + mode. (Ie, when `resume` is called, `pipe` is called, or a `data` event + listener is added.) + +### Static Methods + +* `Minipass.isStream(stream)` Returns `true` if the argument is a stream, + and false otherwise. To be considered a stream, the object must be + either an instance of Minipass, or an EventEmitter that has either a + `pipe()` method, or both `write()` and `end()` methods. (Pretty much any + stream in node-land will return `true` for this.) + +## EXAMPLES + +Here are some examples of things you can do with Minipass streams. + +### simple "are you done yet" promise + +```js +mp.promise().then(() => { + // stream is finished +}, er => { + // stream emitted an error +}) +``` + +### collecting + +```js +mp.collect().then(all => { + // all is an array of all the data emitted + // encoding is supported in this case, so + // so the result will be a collection of strings if + // an encoding is specified, or buffers/objects if not. + // + // In an async function, you may do + // const data = await stream.collect() +}) +``` + +### collecting into a single blob + +This is a bit slower because it concatenates the data into one chunk for +you, but if you're going to do it yourself anyway, it's convenient this +way: + +```js +mp.concat().then(onebigchunk => { + // onebigchunk is a string if the stream + // had an encoding set, or a buffer otherwise. +}) +``` + +### iteration + +You can iterate over streams synchronously or asynchronously in platforms +that support it. + +Synchronous iteration will end when the currently available data is +consumed, even if the `end` event has not been reached. In string and +buffer mode, the data is concatenated, so unless multiple writes are +occurring in the same tick as the `read()`, sync iteration loops will +generally only have a single iteration. + +To consume chunks in this way exactly as they have been written, with no +flattening, create the stream with the `{ objectMode: true }` option. + +```js +const mp = new Minipass({ objectMode: true }) +mp.write('a') +mp.write('b') +for (let letter of mp) { + console.log(letter) // a, b +} +mp.write('c') +mp.write('d') +for (let letter of mp) { + console.log(letter) // c, d +} +mp.write('e') +mp.end() +for (let letter of mp) { + console.log(letter) // e +} +for (let letter of mp) { + console.log(letter) // nothing +} +``` + +Asynchronous iteration will continue until the end event is reached, +consuming all of the data. + +```js +const mp = new Minipass({ encoding: 'utf8' }) + +// some source of some data +let i = 5 +const inter = setInterval(() => { + if (i --> 0) + mp.write(Buffer.from('foo\n', 'utf8')) + else { + mp.end() + clearInterval(inter) + } +}, 100) + +// consume the data with asynchronous iteration +async function consume () { + for await (let chunk of mp) { + console.log(chunk) + } + return 'ok' +} + +consume().then(res => console.log(res)) +// logs `foo\n` 5 times, and then `ok` +``` + +### subclass that `console.log()`s everything written into it + +```js +class Logger extends Minipass { + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } +} + +someSource.pipe(new Logger()).pipe(someDest) +``` + +### same thing, but using an inline anonymous class + +```js +// js classes are fun +someSource + .pipe(new (class extends Minipass { + emit (ev, ...data) { + // let's also log events, because debugging some weird thing + console.log('EMIT', ev) + return super.emit(ev, ...data) + } + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } + })) + .pipe(someDest) +``` + +### subclass that defers 'end' for some reason + +```js +class SlowEnd extends Minipass { + emit (ev, ...args) { + if (ev === 'end') { + console.log('going to end, hold on a sec') + setTimeout(() => { + console.log('ok, ready to end now') + super.emit('end', ...args) + }, 100) + } else { + return super.emit(ev, ...args) + } + } +} +``` + +### transform that creates newline-delimited JSON + +```js +class NDJSONEncode extends Minipass { + write (obj, cb) { + try { + // JSON.stringify can throw, emit an error on that + return super.write(JSON.stringify(obj) + '\n', 'utf8', cb) + } catch (er) { + this.emit('error', er) + } + } + end (obj, cb) { + if (typeof obj === 'function') { + cb = obj + obj = undefined + } + if (obj !== undefined) { + this.write(obj) + } + return super.end(cb) + } +} +``` + +### transform that parses newline-delimited JSON + +```js +class NDJSONDecode extends Minipass { + constructor (options) { + // always be in object mode, as far as Minipass is concerned + super({ objectMode: true }) + this._jsonBuffer = '' + } + write (chunk, encoding, cb) { + if (typeof chunk === 'string' && + typeof encoding === 'string' && + encoding !== 'utf8') { + chunk = Buffer.from(chunk, encoding).toString() + } else if (Buffer.isBuffer(chunk)) + chunk = chunk.toString() + } + if (typeof encoding === 'function') { + cb = encoding + } + const jsonData = (this._jsonBuffer + chunk).split('\n') + this._jsonBuffer = jsonData.pop() + for (let i = 0; i < jsonData.length; i++) { + let parsed + try { + super.write(parsed) + } catch (er) { + this.emit('error', er) + continue + } + } + if (cb) + cb() + } +} +``` diff --git a/node_modules/minipass-pipeline/node_modules/minipass/index.js b/node_modules/minipass-pipeline/node_modules/minipass/index.js new file mode 100644 index 000000000..55ea0f3dd --- /dev/null +++ b/node_modules/minipass-pipeline/node_modules/minipass/index.js @@ -0,0 +1,538 @@ +'use strict' +const EE = require('events') +const Stream = require('stream') +const Yallist = require('yallist') +const SD = require('string_decoder').StringDecoder + +const EOF = Symbol('EOF') +const MAYBE_EMIT_END = Symbol('maybeEmitEnd') +const EMITTED_END = Symbol('emittedEnd') +const EMITTING_END = Symbol('emittingEnd') +const CLOSED = Symbol('closed') +const READ = Symbol('read') +const FLUSH = Symbol('flush') +const FLUSHCHUNK = Symbol('flushChunk') +const ENCODING = Symbol('encoding') +const DECODER = Symbol('decoder') +const FLOWING = Symbol('flowing') +const PAUSED = Symbol('paused') +const RESUME = Symbol('resume') +const BUFFERLENGTH = Symbol('bufferLength') +const BUFFERPUSH = Symbol('bufferPush') +const BUFFERSHIFT = Symbol('bufferShift') +const OBJECTMODE = Symbol('objectMode') +const DESTROYED = Symbol('destroyed') + +// TODO remove when Node v8 support drops +const doIter = global._MP_NO_ITERATOR_SYMBOLS_ !== '1' +const ASYNCITERATOR = doIter && Symbol.asyncIterator + || Symbol('asyncIterator not implemented') +const ITERATOR = doIter && Symbol.iterator + || Symbol('iterator not implemented') + +// events that mean 'the stream is over' +// these are treated specially, and re-emitted +// if they are listened for after emitting. +const isEndish = ev => + ev === 'end' || + ev === 'finish' || + ev === 'prefinish' + +const isArrayBuffer = b => b instanceof ArrayBuffer || + typeof b === 'object' && + b.constructor && + b.constructor.name === 'ArrayBuffer' && + b.byteLength >= 0 + +const isArrayBufferView = b => !Buffer.isBuffer(b) && ArrayBuffer.isView(b) + +module.exports = class Minipass extends Stream { + constructor (options) { + super() + this[FLOWING] = false + // whether we're explicitly paused + this[PAUSED] = false + this.pipes = new Yallist() + this.buffer = new Yallist() + this[OBJECTMODE] = options && options.objectMode || false + if (this[OBJECTMODE]) + this[ENCODING] = null + else + this[ENCODING] = options && options.encoding || null + if (this[ENCODING] === 'buffer') + this[ENCODING] = null + this[DECODER] = this[ENCODING] ? new SD(this[ENCODING]) : null + this[EOF] = false + this[EMITTED_END] = false + this[EMITTING_END] = false + this[CLOSED] = false + this.writable = true + this.readable = true + this[BUFFERLENGTH] = 0 + this[DESTROYED] = false + } + + get bufferLength () { return this[BUFFERLENGTH] } + + get encoding () { return this[ENCODING] } + set encoding (enc) { + if (this[OBJECTMODE]) + throw new Error('cannot set encoding in objectMode') + + if (this[ENCODING] && enc !== this[ENCODING] && + (this[DECODER] && this[DECODER].lastNeed || this[BUFFERLENGTH])) + throw new Error('cannot change encoding') + + if (this[ENCODING] !== enc) { + this[DECODER] = enc ? new SD(enc) : null + if (this.buffer.length) + this.buffer = this.buffer.map(chunk => this[DECODER].write(chunk)) + } + + this[ENCODING] = enc + } + + setEncoding (enc) { + this.encoding = enc + } + + get objectMode () { return this[OBJECTMODE] } + set objectMode (ॐ ) { this[OBJECTMODE] = this[OBJECTMODE] || !!ॐ } + + write (chunk, encoding, cb) { + if (this[EOF]) + throw new Error('write after end') + + if (this[DESTROYED]) { + this.emit('error', Object.assign( + new Error('Cannot call write after a stream was destroyed'), + { code: 'ERR_STREAM_DESTROYED' } + )) + return true + } + + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + + if (!encoding) + encoding = 'utf8' + + // convert array buffers and typed array views into buffers + // at some point in the future, we may want to do the opposite! + // leave strings and buffers as-is + // anything else switches us into object mode + if (!this[OBJECTMODE] && !Buffer.isBuffer(chunk)) { + if (isArrayBufferView(chunk)) + chunk = Buffer.from(chunk.buffer, chunk.byteOffset, chunk.byteLength) + else if (isArrayBuffer(chunk)) + chunk = Buffer.from(chunk) + else if (typeof chunk !== 'string') + // use the setter so we throw if we have encoding set + this.objectMode = true + } + + // this ensures at this point that the chunk is a buffer or string + // don't buffer it up or send it to the decoder + if (!this.objectMode && !chunk.length) { + const ret = this.flowing + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + return ret + } + + // fast-path writing strings of same encoding to a stream with + // an empty buffer, skipping the buffer/decoder dance + if (typeof chunk === 'string' && !this[OBJECTMODE] && + // unless it is a string already ready for us to use + !(encoding === this[ENCODING] && !this[DECODER].lastNeed)) { + chunk = Buffer.from(chunk, encoding) + } + + if (Buffer.isBuffer(chunk) && this[ENCODING]) + chunk = this[DECODER].write(chunk) + + try { + return this.flowing + ? (this.emit('data', chunk), this.flowing) + : (this[BUFFERPUSH](chunk), false) + } finally { + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + } + } + + read (n) { + if (this[DESTROYED]) + return null + + try { + if (this[BUFFERLENGTH] === 0 || n === 0 || n > this[BUFFERLENGTH]) + return null + + if (this[OBJECTMODE]) + n = null + + if (this.buffer.length > 1 && !this[OBJECTMODE]) { + if (this.encoding) + this.buffer = new Yallist([ + Array.from(this.buffer).join('') + ]) + else + this.buffer = new Yallist([ + Buffer.concat(Array.from(this.buffer), this[BUFFERLENGTH]) + ]) + } + + return this[READ](n || null, this.buffer.head.value) + } finally { + this[MAYBE_EMIT_END]() + } + } + + [READ] (n, chunk) { + if (n === chunk.length || n === null) + this[BUFFERSHIFT]() + else { + this.buffer.head.value = chunk.slice(n) + chunk = chunk.slice(0, n) + this[BUFFERLENGTH] -= n + } + + this.emit('data', chunk) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + + return chunk + } + + end (chunk, encoding, cb) { + if (typeof chunk === 'function') + cb = chunk, chunk = null + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + if (chunk) + this.write(chunk, encoding) + if (cb) + this.once('end', cb) + this[EOF] = true + this.writable = false + + // if we haven't written anything, then go ahead and emit, + // even if we're not reading. + // we'll re-emit if a new 'end' listener is added anyway. + // This makes MP more suitable to write-only use cases. + if (this.flowing || !this[PAUSED]) + this[MAYBE_EMIT_END]() + return this + } + + // don't let the internal resume be overwritten + [RESUME] () { + if (this[DESTROYED]) + return + + this[PAUSED] = false + this[FLOWING] = true + this.emit('resume') + if (this.buffer.length) + this[FLUSH]() + else if (this[EOF]) + this[MAYBE_EMIT_END]() + else + this.emit('drain') + } + + resume () { + return this[RESUME]() + } + + pause () { + this[FLOWING] = false + this[PAUSED] = true + } + + get destroyed () { + return this[DESTROYED] + } + + get flowing () { + return this[FLOWING] + } + + get paused () { + return this[PAUSED] + } + + [BUFFERPUSH] (chunk) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] += 1 + else + this[BUFFERLENGTH] += chunk.length + return this.buffer.push(chunk) + } + + [BUFFERSHIFT] () { + if (this.buffer.length) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] -= 1 + else + this[BUFFERLENGTH] -= this.buffer.head.value.length + } + return this.buffer.shift() + } + + [FLUSH] () { + do {} while (this[FLUSHCHUNK](this[BUFFERSHIFT]())) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + } + + [FLUSHCHUNK] (chunk) { + return chunk ? (this.emit('data', chunk), this.flowing) : false + } + + pipe (dest, opts) { + if (this[DESTROYED]) + return + + const ended = this[EMITTED_END] + opts = opts || {} + if (dest === process.stdout || dest === process.stderr) + opts.end = false + else + opts.end = opts.end !== false + + const p = { dest: dest, opts: opts, ondrain: _ => this[RESUME]() } + this.pipes.push(p) + + dest.on('drain', p.ondrain) + this[RESUME]() + // piping an ended stream ends immediately + if (ended && p.opts.end) + p.dest.end() + return dest + } + + addListener (ev, fn) { + return this.on(ev, fn) + } + + on (ev, fn) { + try { + return super.on(ev, fn) + } finally { + if (ev === 'data' && !this.pipes.length && !this.flowing) + this[RESUME]() + else if (isEndish(ev) && this[EMITTED_END]) { + super.emit(ev) + this.removeAllListeners(ev) + } + } + } + + get emittedEnd () { + return this[EMITTED_END] + } + + [MAYBE_EMIT_END] () { + if (!this[EMITTING_END] && + !this[EMITTED_END] && + !this[DESTROYED] && + this.buffer.length === 0 && + this[EOF]) { + this[EMITTING_END] = true + this.emit('end') + this.emit('prefinish') + this.emit('finish') + if (this[CLOSED]) + this.emit('close') + this[EMITTING_END] = false + } + } + + emit (ev, data) { + // error and close are only events allowed after calling destroy() + if (ev !== 'error' && ev !== 'close' && ev !== DESTROYED && this[DESTROYED]) + return + else if (ev === 'data') { + if (!data) + return + + if (this.pipes.length) + this.pipes.forEach(p => + p.dest.write(data) === false && this.pause()) + } else if (ev === 'end') { + // only actual end gets this treatment + if (this[EMITTED_END] === true) + return + + this[EMITTED_END] = true + this.readable = false + + if (this[DECODER]) { + data = this[DECODER].end() + if (data) { + this.pipes.forEach(p => p.dest.write(data)) + super.emit('data', data) + } + } + + this.pipes.forEach(p => { + p.dest.removeListener('drain', p.ondrain) + if (p.opts.end) + p.dest.end() + }) + } else if (ev === 'close') { + this[CLOSED] = true + // don't emit close before 'end' and 'finish' + if (!this[EMITTED_END] && !this[DESTROYED]) + return + } + + // TODO: replace with a spread operator when Node v4 support drops + const args = new Array(arguments.length) + args[0] = ev + args[1] = data + if (arguments.length > 2) { + for (let i = 2; i < arguments.length; i++) { + args[i] = arguments[i] + } + } + + try { + return super.emit.apply(this, args) + } finally { + if (!isEndish(ev)) + this[MAYBE_EMIT_END]() + else + this.removeAllListeners(ev) + } + } + + // const all = await stream.collect() + collect () { + const buf = [] + if (!this[OBJECTMODE]) + buf.dataLength = 0 + // set the promise first, in case an error is raised + // by triggering the flow here. + const p = this.promise() + this.on('data', c => { + buf.push(c) + if (!this[OBJECTMODE]) + buf.dataLength += c.length + }) + return p.then(() => buf) + } + + // const data = await stream.concat() + concat () { + return this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this.collect().then(buf => + this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this[ENCODING] ? buf.join('') : Buffer.concat(buf, buf.dataLength)) + } + + // stream.promise().then(() => done, er => emitted error) + promise () { + return new Promise((resolve, reject) => { + this.on(DESTROYED, () => reject(new Error('stream destroyed'))) + this.on('end', () => resolve()) + this.on('error', er => reject(er)) + }) + } + + // for await (let chunk of stream) + [ASYNCITERATOR] () { + const next = () => { + const res = this.read() + if (res !== null) + return Promise.resolve({ done: false, value: res }) + + if (this[EOF]) + return Promise.resolve({ done: true }) + + let resolve = null + let reject = null + const onerr = er => { + this.removeListener('data', ondata) + this.removeListener('end', onend) + reject(er) + } + const ondata = value => { + this.removeListener('error', onerr) + this.removeListener('end', onend) + this.pause() + resolve({ value: value, done: !!this[EOF] }) + } + const onend = () => { + this.removeListener('error', onerr) + this.removeListener('data', ondata) + resolve({ done: true }) + } + const ondestroy = () => onerr(new Error('stream destroyed')) + return new Promise((res, rej) => { + reject = rej + resolve = res + this.once(DESTROYED, ondestroy) + this.once('error', onerr) + this.once('end', onend) + this.once('data', ondata) + }) + } + + return { next } + } + + // for (let chunk of stream) + [ITERATOR] () { + const next = () => { + const value = this.read() + const done = value === null + return { value, done } + } + return { next } + } + + destroy (er) { + if (this[DESTROYED]) { + if (er) + this.emit('error', er) + else + this.emit(DESTROYED) + return this + } + + this[DESTROYED] = true + + // throw away all buffered data, it's never coming out + this.buffer = new Yallist() + this[BUFFERLENGTH] = 0 + + if (typeof this.close === 'function' && !this[CLOSED]) + this.close() + + if (er) + this.emit('error', er) + else // if no error to emit, still reject pending promises + this.emit(DESTROYED) + + return this + } + + static isStream (s) { + return !!s && (s instanceof Minipass || s instanceof Stream || + s instanceof EE && ( + typeof s.pipe === 'function' || // readable + (typeof s.write === 'function' && typeof s.end === 'function') // writable + )) + } +} diff --git a/node_modules/minipass-pipeline/node_modules/minipass/package.json b/node_modules/minipass-pipeline/node_modules/minipass/package.json new file mode 100644 index 000000000..1caf25b19 --- /dev/null +++ b/node_modules/minipass-pipeline/node_modules/minipass/package.json @@ -0,0 +1,72 @@ +{ + "_from": "minipass@^3.0.0", + "_id": "minipass@3.1.1", + "_inBundle": false, + "_integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "_location": "/minipass-pipeline/minipass", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass@^3.0.0", + "name": "minipass", + "escapedName": "minipass", + "rawSpec": "^3.0.0", + "saveSpec": null, + "fetchSpec": "^3.0.0" + }, + "_requiredBy": [ + "/minipass-pipeline" + ], + "_resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "_shasum": "7607ce778472a185ad6d89082aa2070f79cedcd5", + "_spec": "minipass@^3.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-pipeline", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/minipass/issues" + }, + "bundleDependencies": false, + "dependencies": { + "yallist": "^4.0.0" + }, + "deprecated": false, + "description": "minimal implementation of a PassThrough stream", + "devDependencies": { + "end-of-stream": "^1.4.0", + "tap": "^14.6.5", + "through2": "^2.0.3" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/isaacs/minipass#readme", + "keywords": [ + "passthrough", + "stream" + ], + "license": "ISC", + "main": "index.js", + "name": "minipass", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/minipass.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish --tag=next", + "preversion": "npm test", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "3.1.1" +} diff --git a/node_modules/minipass-pipeline/node_modules/yallist/LICENSE b/node_modules/minipass-pipeline/node_modules/yallist/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/minipass-pipeline/node_modules/yallist/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-pipeline/node_modules/yallist/README.md b/node_modules/minipass-pipeline/node_modules/yallist/README.md new file mode 100644 index 000000000..f58610186 --- /dev/null +++ b/node_modules/minipass-pipeline/node_modules/yallist/README.md @@ -0,0 +1,204 @@ +# yallist + +Yet Another Linked List + +There are many doubly-linked list implementations like it, but this +one is mine. + +For when an array would be too big, and a Map can't be iterated in +reverse order. + + +[](https://travis-ci.org/isaacs/yallist) [](https://coveralls.io/github/isaacs/yallist) + +## basic usage + +```javascript +var yallist = require('yallist') +var myList = yallist.create([1, 2, 3]) +myList.push('foo') +myList.unshift('bar') +// of course pop() and shift() are there, too +console.log(myList.toArray()) // ['bar', 1, 2, 3, 'foo'] +myList.forEach(function (k) { + // walk the list head to tail +}) +myList.forEachReverse(function (k, index, list) { + // walk the list tail to head +}) +var myDoubledList = myList.map(function (k) { + return k + k +}) +// now myDoubledList contains ['barbar', 2, 4, 6, 'foofoo'] +// mapReverse is also a thing +var myDoubledListReverse = myList.mapReverse(function (k) { + return k + k +}) // ['foofoo', 6, 4, 2, 'barbar'] + +var reduced = myList.reduce(function (set, entry) { + set += entry + return set +}, 'start') +console.log(reduced) // 'startfoo123bar' +``` + +## api + +The whole API is considered "public". + +Functions with the same name as an Array method work more or less the +same way. + +There's reverse versions of most things because that's the point. + +### Yallist + +Default export, the class that holds and manages a list. + +Call it with either a forEach-able (like an array) or a set of +arguments, to initialize the list. + +The Array-ish methods all act like you'd expect. No magic length, +though, so if you change that it won't automatically prune or add +empty spots. + +### Yallist.create(..) + +Alias for Yallist function. Some people like factories. + +#### yallist.head + +The first node in the list + +#### yallist.tail + +The last node in the list + +#### yallist.length + +The number of nodes in the list. (Change this at your peril. It is +not magic like Array length.) + +#### yallist.toArray() + +Convert the list to an array. + +#### yallist.forEach(fn, [thisp]) + +Call a function on each item in the list. + +#### yallist.forEachReverse(fn, [thisp]) + +Call a function on each item in the list, in reverse order. + +#### yallist.get(n) + +Get the data at position `n` in the list. If you use this a lot, +probably better off just using an Array. + +#### yallist.getReverse(n) + +Get the data at position `n`, counting from the tail. + +#### yallist.map(fn, thisp) + +Create a new Yallist with the result of calling the function on each +item. + +#### yallist.mapReverse(fn, thisp) + +Same as `map`, but in reverse. + +#### yallist.pop() + +Get the data from the list tail, and remove the tail from the list. + +#### yallist.push(item, ...) + +Insert one or more items to the tail of the list. + +#### yallist.reduce(fn, initialValue) + +Like Array.reduce. + +#### yallist.reduceReverse + +Like Array.reduce, but in reverse. + +#### yallist.reverse + +Reverse the list in place. + +#### yallist.shift() + +Get the data from the list head, and remove the head from the list. + +#### yallist.slice([from], [to]) + +Just like Array.slice, but returns a new Yallist. + +#### yallist.sliceReverse([from], [to]) + +Just like yallist.slice, but the result is returned in reverse. + +#### yallist.toArray() + +Create an array representation of the list. + +#### yallist.toArrayReverse() + +Create a reversed array representation of the list. + +#### yallist.unshift(item, ...) + +Insert one or more items to the head of the list. + +#### yallist.unshiftNode(node) + +Move a Node object to the front of the list. (That is, pull it out of +wherever it lives, and make it the new head.) + +If the node belongs to a different list, then that list will remove it +first. + +#### yallist.pushNode(node) + +Move a Node object to the end of the list. (That is, pull it out of +wherever it lives, and make it the new tail.) + +If the node belongs to a list already, then that list will remove it +first. + +#### yallist.removeNode(node) + +Remove a node from the list, preserving referential integrity of head +and tail and other nodes. + +Will throw an error if you try to have a list remove a node that +doesn't belong to it. + +### Yallist.Node + +The class that holds the data and is actually the list. + +Call with `var n = new Node(value, previousNode, nextNode)` + +Note that if you do direct operations on Nodes themselves, it's very +easy to get into weird states where the list is broken. Be careful :) + +#### node.next + +The next node in the list. + +#### node.prev + +The previous node in the list. + +#### node.value + +The data the node contains. + +#### node.list + +The list to which this node belongs. (Null if it does not belong to +any list.) diff --git a/node_modules/minipass-pipeline/node_modules/yallist/iterator.js b/node_modules/minipass-pipeline/node_modules/yallist/iterator.js new file mode 100644 index 000000000..d41c97a19 --- /dev/null +++ b/node_modules/minipass-pipeline/node_modules/yallist/iterator.js @@ -0,0 +1,8 @@ +'use strict' +module.exports = function (Yallist) { + Yallist.prototype[Symbol.iterator] = function* () { + for (let walker = this.head; walker; walker = walker.next) { + yield walker.value + } + } +} diff --git a/node_modules/minipass-pipeline/node_modules/yallist/package.json b/node_modules/minipass-pipeline/node_modules/yallist/package.json new file mode 100644 index 000000000..eb13e087f --- /dev/null +++ b/node_modules/minipass-pipeline/node_modules/yallist/package.json @@ -0,0 +1,62 @@ +{ + "_from": "yallist@^4.0.0", + "_id": "yallist@4.0.0", + "_inBundle": false, + "_integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "_location": "/minipass-pipeline/yallist", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "yallist@^4.0.0", + "name": "yallist", + "escapedName": "yallist", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/minipass-pipeline/minipass" + ], + "_resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "_shasum": "9bb92790d9c0effec63be73519e11a35019a3a72", + "_spec": "yallist@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-pipeline/node_modules/minipass", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/yallist/issues" + }, + "bundleDependencies": false, + "dependencies": {}, + "deprecated": false, + "description": "Yet Another Linked List", + "devDependencies": { + "tap": "^12.1.0" + }, + "directories": { + "test": "test" + }, + "files": [ + "yallist.js", + "iterator.js" + ], + "homepage": "https://github.com/isaacs/yallist#readme", + "license": "ISC", + "main": "yallist.js", + "name": "yallist", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/yallist.git" + }, + "scripts": { + "postpublish": "git push origin --all; git push origin --tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap test/*.js --100" + }, + "version": "4.0.0" +} diff --git a/node_modules/minipass-pipeline/node_modules/yallist/yallist.js b/node_modules/minipass-pipeline/node_modules/yallist/yallist.js new file mode 100644 index 000000000..4e83ab1c5 --- /dev/null +++ b/node_modules/minipass-pipeline/node_modules/yallist/yallist.js @@ -0,0 +1,426 @@ +'use strict' +module.exports = Yallist + +Yallist.Node = Node +Yallist.create = Yallist + +function Yallist (list) { + var self = this + if (!(self instanceof Yallist)) { + self = new Yallist() + } + + self.tail = null + self.head = null + self.length = 0 + + if (list && typeof list.forEach === 'function') { + list.forEach(function (item) { + self.push(item) + }) + } else if (arguments.length > 0) { + for (var i = 0, l = arguments.length; i < l; i++) { + self.push(arguments[i]) + } + } + + return self +} + +Yallist.prototype.removeNode = function (node) { + if (node.list !== this) { + throw new Error('removing node which does not belong to this list') + } + + var next = node.next + var prev = node.prev + + if (next) { + next.prev = prev + } + + if (prev) { + prev.next = next + } + + if (node === this.head) { + this.head = next + } + if (node === this.tail) { + this.tail = prev + } + + node.list.length-- + node.next = null + node.prev = null + node.list = null + + return next +} + +Yallist.prototype.unshiftNode = function (node) { + if (node === this.head) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var head = this.head + node.list = this + node.next = head + if (head) { + head.prev = node + } + + this.head = node + if (!this.tail) { + this.tail = node + } + this.length++ +} + +Yallist.prototype.pushNode = function (node) { + if (node === this.tail) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var tail = this.tail + node.list = this + node.prev = tail + if (tail) { + tail.next = node + } + + this.tail = node + if (!this.head) { + this.head = node + } + this.length++ +} + +Yallist.prototype.push = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + push(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.unshift = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + unshift(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.pop = function () { + if (!this.tail) { + return undefined + } + + var res = this.tail.value + this.tail = this.tail.prev + if (this.tail) { + this.tail.next = null + } else { + this.head = null + } + this.length-- + return res +} + +Yallist.prototype.shift = function () { + if (!this.head) { + return undefined + } + + var res = this.head.value + this.head = this.head.next + if (this.head) { + this.head.prev = null + } else { + this.tail = null + } + this.length-- + return res +} + +Yallist.prototype.forEach = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.head, i = 0; walker !== null; i++) { + fn.call(thisp, walker.value, i, this) + walker = walker.next + } +} + +Yallist.prototype.forEachReverse = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.tail, i = this.length - 1; walker !== null; i--) { + fn.call(thisp, walker.value, i, this) + walker = walker.prev + } +} + +Yallist.prototype.get = function (n) { + for (var i = 0, walker = this.head; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.next + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.getReverse = function (n) { + for (var i = 0, walker = this.tail; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.prev + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.map = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.head; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.next + } + return res +} + +Yallist.prototype.mapReverse = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.tail; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.prev + } + return res +} + +Yallist.prototype.reduce = function (fn, initial) { + var acc + var walker = this.head + if (arguments.length > 1) { + acc = initial + } else if (this.head) { + walker = this.head.next + acc = this.head.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = 0; walker !== null; i++) { + acc = fn(acc, walker.value, i) + walker = walker.next + } + + return acc +} + +Yallist.prototype.reduceReverse = function (fn, initial) { + var acc + var walker = this.tail + if (arguments.length > 1) { + acc = initial + } else if (this.tail) { + walker = this.tail.prev + acc = this.tail.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = this.length - 1; walker !== null; i--) { + acc = fn(acc, walker.value, i) + walker = walker.prev + } + + return acc +} + +Yallist.prototype.toArray = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.head; walker !== null; i++) { + arr[i] = walker.value + walker = walker.next + } + return arr +} + +Yallist.prototype.toArrayReverse = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.tail; walker !== null; i++) { + arr[i] = walker.value + walker = walker.prev + } + return arr +} + +Yallist.prototype.slice = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = 0, walker = this.head; walker !== null && i < from; i++) { + walker = walker.next + } + for (; walker !== null && i < to; i++, walker = walker.next) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.sliceReverse = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = this.length, walker = this.tail; walker !== null && i > to; i--) { + walker = walker.prev + } + for (; walker !== null && i > from; i--, walker = walker.prev) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.splice = function (start, deleteCount, ...nodes) { + if (start > this.length) { + start = this.length - 1 + } + if (start < 0) { + start = this.length + start; + } + + for (var i = 0, walker = this.head; walker !== null && i < start; i++) { + walker = walker.next + } + + var ret = [] + for (var i = 0; walker && i < deleteCount; i++) { + ret.push(walker.value) + walker = this.removeNode(walker) + } + if (walker === null) { + walker = this.tail + } + + if (walker !== this.head && walker !== this.tail) { + walker = walker.prev + } + + for (var i = 0; i < nodes.length; i++) { + walker = insert(this, walker, nodes[i]) + } + return ret; +} + +Yallist.prototype.reverse = function () { + var head = this.head + var tail = this.tail + for (var walker = head; walker !== null; walker = walker.prev) { + var p = walker.prev + walker.prev = walker.next + walker.next = p + } + this.head = tail + this.tail = head + return this +} + +function insert (self, node, value) { + var inserted = node === self.head ? + new Node(value, null, node, self) : + new Node(value, node, node.next, self) + + if (inserted.next === null) { + self.tail = inserted + } + if (inserted.prev === null) { + self.head = inserted + } + + self.length++ + + return inserted +} + +function push (self, item) { + self.tail = new Node(item, self.tail, null, self) + if (!self.head) { + self.head = self.tail + } + self.length++ +} + +function unshift (self, item) { + self.head = new Node(item, null, self.head, self) + if (!self.tail) { + self.tail = self.head + } + self.length++ +} + +function Node (value, prev, next, list) { + if (!(this instanceof Node)) { + return new Node(value, prev, next, list) + } + + this.list = list + this.value = value + + if (prev) { + prev.next = this + this.prev = prev + } else { + this.prev = null + } + + if (next) { + next.prev = this + this.next = next + } else { + this.next = null + } +} + +try { + // add if support for Symbol.iterator is present + require('./iterator.js')(Yallist) +} catch (er) {} diff --git a/node_modules/minipass-pipeline/package.json b/node_modules/minipass-pipeline/package.json new file mode 100644 index 000000000..1c4713130 --- /dev/null +++ b/node_modules/minipass-pipeline/package.json @@ -0,0 +1,60 @@ +{ + "_from": "minipass-pipeline@^1.2.2", + "_id": "minipass-pipeline@1.2.2", + "_inBundle": false, + "_integrity": "sha512-3JS5A2DKhD2g0Gg8x3yamO0pj7YeKGwVlDS90pF++kxptwx/F+B//roxf9SqYil5tQo65bijy+dAuAFZmYOouA==", + "_location": "/minipass-pipeline", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass-pipeline@^1.2.2", + "name": "minipass-pipeline", + "escapedName": "minipass-pipeline", + "rawSpec": "^1.2.2", + "saveSpec": null, + "fetchSpec": "^1.2.2" + }, + "_requiredBy": [ + "/minipass-fetch", + "/npm-registry-fetch/cacache", + "/npm-registry-fetch/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/minipass-pipeline/-/minipass-pipeline-1.2.2.tgz", + "_shasum": "3dcb6bb4a546e32969c7ad710f2c79a86abba93a", + "_spec": "minipass-pipeline@^1.2.2", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/make-fetch-happen", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "https://izs.me" + }, + "bundleDependencies": false, + "dependencies": { + "minipass": "^3.0.0" + }, + "deprecated": false, + "description": "create a pipeline of streams using Minipass", + "devDependencies": { + "tap": "^14.6.4" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js" + ], + "license": "ISC", + "name": "minipass-pipeline", + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "snap": "tap", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "1.2.2" +} diff --git a/node_modules/minipass-sized/.npmignore b/node_modules/minipass-sized/.npmignore new file mode 100644 index 000000000..2bec044be --- /dev/null +++ b/node_modules/minipass-sized/.npmignore @@ -0,0 +1,22 @@ +# ignore most things, include some others +/* +/.* + +!bin/ +!lib/ +!docs/ +!package.json +!package-lock.json +!README.md +!CONTRIBUTING.md +!LICENSE +!CHANGELOG.md +!example/ +!scripts/ +!tap-snapshots/ +!test/ +!.travis.yml +!.gitignore +!.gitattributes +!coverage-map.js +!index.js diff --git a/node_modules/minipass-sized/LICENSE b/node_modules/minipass-sized/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/minipass-sized/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-sized/README.md b/node_modules/minipass-sized/README.md new file mode 100644 index 000000000..6da403e6a --- /dev/null +++ b/node_modules/minipass-sized/README.md @@ -0,0 +1,28 @@ +# minipass-sized + +A Minipass stream that raises an error if you get a different number of +bytes than expected. + +## USAGE + +Use just like any old [minipass](http://npm.im/minipass) stream, but +provide a `size` option to the constructor. + +The `size` option must be a positive integer, smaller than +`Number.MAX_SAFE_INTEGER`. + +```js +const MinipassSized = require('minipass-sized') +// figure out how much data you expect to get +const expectedSize = +headers['content-length'] +const stream = new MinipassSized({ size: expectedSize }) +stream.on('error', er => { + // if it's the wrong size, then this will raise an error with + // { found: <number>, expect: <number>, code: 'EBADSIZE' } +}) +response.pipe(stream) +``` + +Caveats: this does not work with `objectMode` streams, and will throw a +`TypeError` from the constructor if the size argument is missing or +invalid. diff --git a/node_modules/minipass-sized/index.js b/node_modules/minipass-sized/index.js new file mode 100644 index 000000000..a0c8acde4 --- /dev/null +++ b/node_modules/minipass-sized/index.js @@ -0,0 +1,67 @@ +const Minipass = require('minipass') + +class SizeError extends Error { + constructor (found, expect) { + super(`Bad data size: expected ${expect} bytes, but got ${found}`) + this.expect = expect + this.found = found + this.code = 'EBADSIZE' + Error.captureStackTrace(this, this.constructor) + } + get name () { + return 'SizeError' + } +} + +class MinipassSized extends Minipass { + constructor (options = {}) { + super(options) + + if (options.objectMode) + throw new TypeError(`${ + this.constructor.name + } streams only work with string and buffer data`) + + this.found = 0 + this.expect = options.size + if (typeof this.expect !== 'number' || + this.expect > Number.MAX_SAFE_INTEGER || + isNaN(this.expect) || + this.expect < 0 || + !isFinite(this.expect) || + this.expect !== Math.floor(this.expect)) + throw new Error('invalid expected size: ' + this.expect) + } + + write (chunk, encoding, cb) { + const buffer = Buffer.isBuffer(chunk) ? chunk + : typeof chunk === 'string' ? + Buffer.from(chunk, typeof encoding === 'string' ? encoding : 'utf8') + : chunk + + if (!Buffer.isBuffer(buffer)) { + this.emit('error', new TypeError(`${ + this.constructor.name + } streams only work with string and buffer data`)) + return false + } + + this.found += buffer.length + if (this.found > this.expect) + this.emit('error', new SizeError(this.found, this.expect)) + + return super.write(chunk, encoding, cb) + } + + emit (ev, ...data) { + if (ev === 'end') { + if (this.found !== this.expect) + this.emit('error', new SizeError(this.found, this.expect)) + } + return super.emit(ev, ...data) + } +} + +MinipassSized.SizeError = SizeError + +module.exports = MinipassSized diff --git a/node_modules/minipass-sized/node_modules/minipass/LICENSE b/node_modules/minipass-sized/node_modules/minipass/LICENSE new file mode 100644 index 000000000..20a476254 --- /dev/null +++ b/node_modules/minipass-sized/node_modules/minipass/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) npm, Inc. and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-sized/node_modules/minipass/README.md b/node_modules/minipass-sized/node_modules/minipass/README.md new file mode 100644 index 000000000..32ace2fb9 --- /dev/null +++ b/node_modules/minipass-sized/node_modules/minipass/README.md @@ -0,0 +1,606 @@ +# minipass + +A _very_ minimal implementation of a [PassThrough +stream](https://nodejs.org/api/stream.html#stream_class_stream_passthrough) + +[It's very +fast](https://docs.google.com/spreadsheets/d/1oObKSrVwLX_7Ut4Z6g3fZW-AX1j1-k6w-cDsrkaSbHM/edit#gid=0) +for objects, strings, and buffers. + +Supports pipe()ing (including multi-pipe() and backpressure transmission), +buffering data until either a `data` event handler or `pipe()` is added (so +you don't lose the first chunk), and most other cases where PassThrough is +a good idea. + +There is a `read()` method, but it's much more efficient to consume data +from this stream via `'data'` events or by calling `pipe()` into some other +stream. Calling `read()` requires the buffer to be flattened in some +cases, which requires copying memory. + +There is also no `unpipe()` method. Once you start piping, there is no +stopping it! + +If you set `objectMode: true` in the options, then whatever is written will +be emitted. Otherwise, it'll do a minimal amount of Buffer copying to +ensure proper Streams semantics when `read(n)` is called. + +`objectMode` can also be set by doing `stream.objectMode = true`, or by +writing any non-string/non-buffer data. `objectMode` cannot be set to +false once it is set. + +This is not a `through` or `through2` stream. It doesn't transform the +data, it just passes it right through. If you want to transform the data, +extend the class, and override the `write()` method. Once you're done +transforming the data however you want, call `super.write()` with the +transform output. + +For some examples of streams that extend Minipass in various ways, check +out: + +- [minizlib](http://npm.im/minizlib) +- [fs-minipass](http://npm.im/fs-minipass) +- [tar](http://npm.im/tar) +- [minipass-collect](http://npm.im/minipass-collect) +- [minipass-flush](http://npm.im/minipass-flush) +- [minipass-pipeline](http://npm.im/minipass-pipeline) +- [tap](http://npm.im/tap) +- [tap-parser](http://npm.im/tap) +- [treport](http://npm.im/tap) +- [minipass-fetch](http://npm.im/minipass-fetch) + +## Differences from Node.js Streams + +There are several things that make Minipass streams different from (and in +some ways superior to) Node.js core streams. + +Please read these caveats if you are familiar with noode-core streams and +intend to use Minipass streams in your programs. + +### Timing + +Minipass streams are designed to support synchronous use-cases. Thus, data +is emitted as soon as it is available, always. It is buffered until read, +but no longer. Another way to look at it is that Minipass streams are +exactly as synchronous as the logic that writes into them. + +This can be surprising if your code relies on `PassThrough.write()` always +providing data on the next tick rather than the current one, or being able +to call `resume()` and not have the entire buffer disappear immediately. + +However, without this synchronicity guarantee, there would be no way for +Minipass to achieve the speeds it does, or support the synchronous use +cases that it does. Simply put, waiting takes time. + +This non-deferring approach makes Minipass streams much easier to reason +about, especially in the context of Promises and other flow-control +mechanisms. + +### No High/Low Water Marks + +Node.js core streams will optimistically fill up a buffer, returning `true` +on all writes until the limit is hit, even if the data has nowhere to go. +Then, they will not attempt to draw more data in until the buffer size dips +below a minimum value. + +Minipass streams are much simpler. The `write()` method will return `true` +if the data has somewhere to go (which is to say, given the timing +guarantees, that the data is already there by the time `write()` returns). + +If the data has nowhere to go, then `write()` returns false, and the data +sits in a buffer, to be drained out immediately as soon as anyone consumes +it. + +### Hazards of Buffering (or: Why Minipass Is So Fast) + +Since data written to a Minipass stream is immediately written all the way +through the pipeline, and `write()` always returns true/false based on +whether the data was fully flushed, backpressure is communicated +immediately to the upstream caller. This minimizes buffering. + +Consider this case: + +```js +const {PassThrough} = require('stream') +const p1 = new PassThrough({ highWaterMark: 1024 }) +const p2 = new PassThrough({ highWaterMark: 1024 }) +const p3 = new PassThrough({ highWaterMark: 1024 }) +const p4 = new PassThrough({ highWaterMark: 1024 }) + +p1.pipe(p2).pipe(p3).pipe(p4) +p4.on('data', () => console.log('made it through')) + +// this returns false and buffers, then writes to p2 on next tick (1) +// p2 returns false and buffers, pausing p1, then writes to p3 on next tick (2) +// p3 returns false and buffers, pausing p2, then writes to p4 on next tick (3) +// p4 returns false and buffers, pausing p3, then emits 'data' and 'drain' +// on next tick (4) +// p3 sees p4's 'drain' event, and calls resume(), emitting 'resume' and +// 'drain' on next tick (5) +// p2 sees p3's 'drain', calls resume(), emits 'resume' and 'drain' on next tick (6) +// p1 sees p2's 'drain', calls resume(), emits 'resume' and 'drain' on next +// tick (7) + +p1.write(Buffer.alloc(2048)) // returns false +``` + +Along the way, the data was buffered and deferred at each stage, and +multiple event deferrals happened, for an unblocked pipeline where it was +perfectly safe to write all the way through! + +Furthermore, setting a `highWaterMark` of `1024` might lead someone reading +the code to think an advisory maximum of 1KiB is being set for the +pipeline. However, the actual advisory buffering level is the _sum_ of +`highWaterMark` values, since each one has its own bucket. + +Consider the Minipass case: + +```js +const m1 = new Minipass() +const m2 = new Minipass() +const m3 = new Minipass() +const m4 = new Minipass() + +m1.pipe(m2).pipe(m3).pipe(m4) +m4.on('data', () => console.log('made it through')) + +// m1 is flowing, so it writes the data to m2 immediately +// m2 is flowing, so it writes the data to m3 immediately +// m3 is flowing, so it writes the data to m4 immediately +// m4 is flowing, so it fires the 'data' event immediately, returns true +// m4's write returned true, so m3 is still flowing, returns true +// m3's write returned true, so m2 is still flowing, returns true +// m2's write returned true, so m1 is still flowing, returns true +// No event deferrals or buffering along the way! + +m1.write(Buffer.alloc(2048)) // returns true +``` + +It is extremely unlikely that you _don't_ want to buffer any data written, +or _ever_ buffer data that can be flushed all the way through. Neither +node-core streams nor Minipass ever fail to buffer written data, but +node-core streams do a lot of unnecessary buffering and pausing. + +As always, the faster implementation is the one that does less stuff and +waits less time to do it. + +### Immediately emit `end` for empty streams (when not paused) + +If a stream is not paused, and `end()` is called before writing any data +into it, then it will emit `end` immediately. + +If you have logic that occurs on the `end` event which you don't want to +potentially happen immediately (for example, closing file descriptors, +moving on to the next entry in an archive parse stream, etc.) then be sure +to call `stream.pause()` on creation, and then `stream.resume()` once you +are ready to respond to the `end` event. + +### Emit `end` When Asked + +One hazard of immediately emitting `'end'` is that you may not yet have had +a chance to add a listener. In order to avoid this hazard, Minipass +streams safely re-emit the `'end'` event if a new listener is added after +`'end'` has been emitted. + +Ie, if you do `stream.on('end', someFunction)`, and the stream has already +emitted `end`, then it will call the handler right away. (You can think of +this somewhat like attaching a new `.then(fn)` to a previously-resolved +Promise.) + +To prevent calling handlers multiple times who would not expect multiple +ends to occur, all listeners are removed from the `'end'` event whenever it +is emitted. + +### Impact of "immediate flow" on Tee-streams + +A "tee stream" is a stream piping to multiple destinations: + +```js +const tee = new Minipass() +t.pipe(dest1) +t.pipe(dest2) +t.write('foo') // goes to both destinations +``` + +Since Minipass streams _immediately_ process any pending data through the +pipeline when a new pipe destination is added, this can have surprising +effects, especially when a stream comes in from some other function and may +or may not have data in its buffer. + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.pipe(dest1) // 'foo' chunk flows to dest1 immediately, and is gone +src.pipe(dest2) // gets nothing! +``` + +The solution is to create a dedicated tee-stream junction that pipes to +both locations, and then pipe to _that_ instead. + +```js +// Safe example: tee to both places +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.pipe(dest1) +tee.pipe(dest2) +stream.pipe(tee) // tee gets 'foo', pipes to both locations +``` + +The same caveat applies to `on('data')` event listeners. The first one +added will _immediately_ receive all of the data, leaving nothing for the +second: + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.on('data', handler1) // receives 'foo' right away +src.on('data', handler2) // nothing to see here! +``` + +Using a dedicated tee-stream can be used in this case as well: + +```js +// Safe example: tee to both data handlers +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.on('data', handler1) +tee.on('data', handler2) +src.pipe(tee) +``` + +## USAGE + +It's a stream! Use it like a stream and it'll most likely do what you +want. + +```js +const Minipass = require('minipass') +const mp = new Minipass(options) // optional: { encoding, objectMode } +mp.write('foo') +mp.pipe(someOtherStream) +mp.end('bar') +``` + +### OPTIONS + +* `encoding` How would you like the data coming _out_ of the stream to be + encoded? Accepts any values that can be passed to `Buffer.toString()`. +* `objectMode` Emit data exactly as it comes in. This will be flipped on + by default if you write() something other than a string or Buffer at any + point. Setting `objectMode: true` will prevent setting any encoding + value. + +### API + +Implements the user-facing portions of Node.js's `Readable` and `Writable` +streams. + +### Methods + +* `write(chunk, [encoding], [callback])` - Put data in. (Note that, in the + base Minipass class, the same data will come out.) Returns `false` if + the stream will buffer the next write, or true if it's still in "flowing" + mode. +* `end([chunk, [encoding]], [callback])` - Signal that you have no more + data to write. This will queue an `end` event to be fired when all the + data has been consumed. +* `setEncoding(encoding)` - Set the encoding for data coming of the stream. + This can only be done once. +* `pause()` - No more data for a while, please. This also prevents `end` + from being emitted for empty streams until the stream is resumed. +* `resume()` - Resume the stream. If there's data in the buffer, it is all + discarded. Any buffered events are immediately emitted. +* `pipe(dest)` - Send all output to the stream provided. There is no way + to unpipe. When data is emitted, it is immediately written to any and + all pipe destinations. +* `on(ev, fn)`, `emit(ev, fn)` - Minipass streams are EventEmitters. Some + events are given special treatment, however. (See below under "events".) +* `promise()` - Returns a Promise that resolves when the stream emits + `end`, or rejects if the stream emits `error`. +* `collect()` - Return a Promise that resolves on `end` with an array + containing each chunk of data that was emitted, or rejects if the stream + emits `error`. Note that this consumes the stream data. +* `concat()` - Same as `collect()`, but concatenates the data into a single + Buffer object. Will reject the returned promise if the stream is in + objectMode, or if it goes into objectMode by the end of the data. +* `read(n)` - Consume `n` bytes of data out of the buffer. If `n` is not + provided, then consume all of it. If `n` bytes are not available, then + it returns null. **Note** consuming streams in this way is less + efficient, and can lead to unnecessary Buffer copying. +* `destroy([er])` - Destroy the stream. If an error is provided, then an + `'error'` event is emitted. If the stream has a `close()` method, and + has not emitted a `'close'` event yet, then `stream.close()` will be + called. Any Promises returned by `.promise()`, `.collect()` or + `.concat()` will be rejected. After being destroyed, writing to the + stream will emit an error. No more data will be emitted if the stream is + destroyed, even if it was previously buffered. + +### Properties + +* `bufferLength` Read-only. Total number of bytes buffered, or in the case + of objectMode, the total number of objects. +* `encoding` The encoding that has been set. (Setting this is equivalent + to calling `setEncoding(enc)` and has the same prohibition against + setting multiple times.) +* `flowing` Read-only. Boolean indicating whether a chunk written to the + stream will be immediately emitted. +* `emittedEnd` Read-only. Boolean indicating whether the end-ish events + (ie, `end`, `prefinish`, `finish`) have been emitted. Note that + listening on any end-ish event will immediateyl re-emit it if it has + already been emitted. +* `writable` Whether the stream is writable. Default `true`. Set to + `false` when `end()` +* `readable` Whether the stream is readable. Default `true`. +* `buffer` A [yallist](http://npm.im/yallist) linked list of chunks written + to the stream that have not yet been emitted. (It's probably a bad idea + to mess with this.) +* `pipes` A [yallist](http://npm.im/yallist) linked list of streams that + this stream is piping into. (It's probably a bad idea to mess with + this.) +* `destroyed` A getter that indicates whether the stream was destroyed. +* `paused` True if the stream has been explicitly paused, otherwise false. +* `objectMode` Indicates whether the stream is in `objectMode`. Once set + to `true`, it cannot be set to `false`. + +### Events + +* `data` Emitted when there's data to read. Argument is the data to read. + This is never emitted while not flowing. If a listener is attached, that + will resume the stream. +* `end` Emitted when there's no more data to read. This will be emitted + immediately for empty streams when `end()` is called. If a listener is + attached, and `end` was already emitted, then it will be emitted again. + All listeners are removed when `end` is emitted. +* `prefinish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'end'`. +* `finish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'prefinish'`. +* `close` An indication that an underlying resource has been released. + Minipass does not emit this event, but will defer it until after `end` + has been emitted, since it throws off some stream libraries otherwise. +* `drain` Emitted when the internal buffer empties, and it is again + suitable to `write()` into the stream. +* `readable` Emitted when data is buffered and ready to be read by a + consumer. +* `resume` Emitted when stream changes state from buffering to flowing + mode. (Ie, when `resume` is called, `pipe` is called, or a `data` event + listener is added.) + +### Static Methods + +* `Minipass.isStream(stream)` Returns `true` if the argument is a stream, + and false otherwise. To be considered a stream, the object must be + either an instance of Minipass, or an EventEmitter that has either a + `pipe()` method, or both `write()` and `end()` methods. (Pretty much any + stream in node-land will return `true` for this.) + +## EXAMPLES + +Here are some examples of things you can do with Minipass streams. + +### simple "are you done yet" promise + +```js +mp.promise().then(() => { + // stream is finished +}, er => { + // stream emitted an error +}) +``` + +### collecting + +```js +mp.collect().then(all => { + // all is an array of all the data emitted + // encoding is supported in this case, so + // so the result will be a collection of strings if + // an encoding is specified, or buffers/objects if not. + // + // In an async function, you may do + // const data = await stream.collect() +}) +``` + +### collecting into a single blob + +This is a bit slower because it concatenates the data into one chunk for +you, but if you're going to do it yourself anyway, it's convenient this +way: + +```js +mp.concat().then(onebigchunk => { + // onebigchunk is a string if the stream + // had an encoding set, or a buffer otherwise. +}) +``` + +### iteration + +You can iterate over streams synchronously or asynchronously in platforms +that support it. + +Synchronous iteration will end when the currently available data is +consumed, even if the `end` event has not been reached. In string and +buffer mode, the data is concatenated, so unless multiple writes are +occurring in the same tick as the `read()`, sync iteration loops will +generally only have a single iteration. + +To consume chunks in this way exactly as they have been written, with no +flattening, create the stream with the `{ objectMode: true }` option. + +```js +const mp = new Minipass({ objectMode: true }) +mp.write('a') +mp.write('b') +for (let letter of mp) { + console.log(letter) // a, b +} +mp.write('c') +mp.write('d') +for (let letter of mp) { + console.log(letter) // c, d +} +mp.write('e') +mp.end() +for (let letter of mp) { + console.log(letter) // e +} +for (let letter of mp) { + console.log(letter) // nothing +} +``` + +Asynchronous iteration will continue until the end event is reached, +consuming all of the data. + +```js +const mp = new Minipass({ encoding: 'utf8' }) + +// some source of some data +let i = 5 +const inter = setInterval(() => { + if (i --> 0) + mp.write(Buffer.from('foo\n', 'utf8')) + else { + mp.end() + clearInterval(inter) + } +}, 100) + +// consume the data with asynchronous iteration +async function consume () { + for await (let chunk of mp) { + console.log(chunk) + } + return 'ok' +} + +consume().then(res => console.log(res)) +// logs `foo\n` 5 times, and then `ok` +``` + +### subclass that `console.log()`s everything written into it + +```js +class Logger extends Minipass { + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } +} + +someSource.pipe(new Logger()).pipe(someDest) +``` + +### same thing, but using an inline anonymous class + +```js +// js classes are fun +someSource + .pipe(new (class extends Minipass { + emit (ev, ...data) { + // let's also log events, because debugging some weird thing + console.log('EMIT', ev) + return super.emit(ev, ...data) + } + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } + })) + .pipe(someDest) +``` + +### subclass that defers 'end' for some reason + +```js +class SlowEnd extends Minipass { + emit (ev, ...args) { + if (ev === 'end') { + console.log('going to end, hold on a sec') + setTimeout(() => { + console.log('ok, ready to end now') + super.emit('end', ...args) + }, 100) + } else { + return super.emit(ev, ...args) + } + } +} +``` + +### transform that creates newline-delimited JSON + +```js +class NDJSONEncode extends Minipass { + write (obj, cb) { + try { + // JSON.stringify can throw, emit an error on that + return super.write(JSON.stringify(obj) + '\n', 'utf8', cb) + } catch (er) { + this.emit('error', er) + } + } + end (obj, cb) { + if (typeof obj === 'function') { + cb = obj + obj = undefined + } + if (obj !== undefined) { + this.write(obj) + } + return super.end(cb) + } +} +``` + +### transform that parses newline-delimited JSON + +```js +class NDJSONDecode extends Minipass { + constructor (options) { + // always be in object mode, as far as Minipass is concerned + super({ objectMode: true }) + this._jsonBuffer = '' + } + write (chunk, encoding, cb) { + if (typeof chunk === 'string' && + typeof encoding === 'string' && + encoding !== 'utf8') { + chunk = Buffer.from(chunk, encoding).toString() + } else if (Buffer.isBuffer(chunk)) + chunk = chunk.toString() + } + if (typeof encoding === 'function') { + cb = encoding + } + const jsonData = (this._jsonBuffer + chunk).split('\n') + this._jsonBuffer = jsonData.pop() + for (let i = 0; i < jsonData.length; i++) { + let parsed + try { + super.write(parsed) + } catch (er) { + this.emit('error', er) + continue + } + } + if (cb) + cb() + } +} +``` diff --git a/node_modules/minipass-sized/node_modules/minipass/index.js b/node_modules/minipass-sized/node_modules/minipass/index.js new file mode 100644 index 000000000..55ea0f3dd --- /dev/null +++ b/node_modules/minipass-sized/node_modules/minipass/index.js @@ -0,0 +1,538 @@ +'use strict' +const EE = require('events') +const Stream = require('stream') +const Yallist = require('yallist') +const SD = require('string_decoder').StringDecoder + +const EOF = Symbol('EOF') +const MAYBE_EMIT_END = Symbol('maybeEmitEnd') +const EMITTED_END = Symbol('emittedEnd') +const EMITTING_END = Symbol('emittingEnd') +const CLOSED = Symbol('closed') +const READ = Symbol('read') +const FLUSH = Symbol('flush') +const FLUSHCHUNK = Symbol('flushChunk') +const ENCODING = Symbol('encoding') +const DECODER = Symbol('decoder') +const FLOWING = Symbol('flowing') +const PAUSED = Symbol('paused') +const RESUME = Symbol('resume') +const BUFFERLENGTH = Symbol('bufferLength') +const BUFFERPUSH = Symbol('bufferPush') +const BUFFERSHIFT = Symbol('bufferShift') +const OBJECTMODE = Symbol('objectMode') +const DESTROYED = Symbol('destroyed') + +// TODO remove when Node v8 support drops +const doIter = global._MP_NO_ITERATOR_SYMBOLS_ !== '1' +const ASYNCITERATOR = doIter && Symbol.asyncIterator + || Symbol('asyncIterator not implemented') +const ITERATOR = doIter && Symbol.iterator + || Symbol('iterator not implemented') + +// events that mean 'the stream is over' +// these are treated specially, and re-emitted +// if they are listened for after emitting. +const isEndish = ev => + ev === 'end' || + ev === 'finish' || + ev === 'prefinish' + +const isArrayBuffer = b => b instanceof ArrayBuffer || + typeof b === 'object' && + b.constructor && + b.constructor.name === 'ArrayBuffer' && + b.byteLength >= 0 + +const isArrayBufferView = b => !Buffer.isBuffer(b) && ArrayBuffer.isView(b) + +module.exports = class Minipass extends Stream { + constructor (options) { + super() + this[FLOWING] = false + // whether we're explicitly paused + this[PAUSED] = false + this.pipes = new Yallist() + this.buffer = new Yallist() + this[OBJECTMODE] = options && options.objectMode || false + if (this[OBJECTMODE]) + this[ENCODING] = null + else + this[ENCODING] = options && options.encoding || null + if (this[ENCODING] === 'buffer') + this[ENCODING] = null + this[DECODER] = this[ENCODING] ? new SD(this[ENCODING]) : null + this[EOF] = false + this[EMITTED_END] = false + this[EMITTING_END] = false + this[CLOSED] = false + this.writable = true + this.readable = true + this[BUFFERLENGTH] = 0 + this[DESTROYED] = false + } + + get bufferLength () { return this[BUFFERLENGTH] } + + get encoding () { return this[ENCODING] } + set encoding (enc) { + if (this[OBJECTMODE]) + throw new Error('cannot set encoding in objectMode') + + if (this[ENCODING] && enc !== this[ENCODING] && + (this[DECODER] && this[DECODER].lastNeed || this[BUFFERLENGTH])) + throw new Error('cannot change encoding') + + if (this[ENCODING] !== enc) { + this[DECODER] = enc ? new SD(enc) : null + if (this.buffer.length) + this.buffer = this.buffer.map(chunk => this[DECODER].write(chunk)) + } + + this[ENCODING] = enc + } + + setEncoding (enc) { + this.encoding = enc + } + + get objectMode () { return this[OBJECTMODE] } + set objectMode (ॐ ) { this[OBJECTMODE] = this[OBJECTMODE] || !!ॐ } + + write (chunk, encoding, cb) { + if (this[EOF]) + throw new Error('write after end') + + if (this[DESTROYED]) { + this.emit('error', Object.assign( + new Error('Cannot call write after a stream was destroyed'), + { code: 'ERR_STREAM_DESTROYED' } + )) + return true + } + + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + + if (!encoding) + encoding = 'utf8' + + // convert array buffers and typed array views into buffers + // at some point in the future, we may want to do the opposite! + // leave strings and buffers as-is + // anything else switches us into object mode + if (!this[OBJECTMODE] && !Buffer.isBuffer(chunk)) { + if (isArrayBufferView(chunk)) + chunk = Buffer.from(chunk.buffer, chunk.byteOffset, chunk.byteLength) + else if (isArrayBuffer(chunk)) + chunk = Buffer.from(chunk) + else if (typeof chunk !== 'string') + // use the setter so we throw if we have encoding set + this.objectMode = true + } + + // this ensures at this point that the chunk is a buffer or string + // don't buffer it up or send it to the decoder + if (!this.objectMode && !chunk.length) { + const ret = this.flowing + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + return ret + } + + // fast-path writing strings of same encoding to a stream with + // an empty buffer, skipping the buffer/decoder dance + if (typeof chunk === 'string' && !this[OBJECTMODE] && + // unless it is a string already ready for us to use + !(encoding === this[ENCODING] && !this[DECODER].lastNeed)) { + chunk = Buffer.from(chunk, encoding) + } + + if (Buffer.isBuffer(chunk) && this[ENCODING]) + chunk = this[DECODER].write(chunk) + + try { + return this.flowing + ? (this.emit('data', chunk), this.flowing) + : (this[BUFFERPUSH](chunk), false) + } finally { + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + } + } + + read (n) { + if (this[DESTROYED]) + return null + + try { + if (this[BUFFERLENGTH] === 0 || n === 0 || n > this[BUFFERLENGTH]) + return null + + if (this[OBJECTMODE]) + n = null + + if (this.buffer.length > 1 && !this[OBJECTMODE]) { + if (this.encoding) + this.buffer = new Yallist([ + Array.from(this.buffer).join('') + ]) + else + this.buffer = new Yallist([ + Buffer.concat(Array.from(this.buffer), this[BUFFERLENGTH]) + ]) + } + + return this[READ](n || null, this.buffer.head.value) + } finally { + this[MAYBE_EMIT_END]() + } + } + + [READ] (n, chunk) { + if (n === chunk.length || n === null) + this[BUFFERSHIFT]() + else { + this.buffer.head.value = chunk.slice(n) + chunk = chunk.slice(0, n) + this[BUFFERLENGTH] -= n + } + + this.emit('data', chunk) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + + return chunk + } + + end (chunk, encoding, cb) { + if (typeof chunk === 'function') + cb = chunk, chunk = null + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + if (chunk) + this.write(chunk, encoding) + if (cb) + this.once('end', cb) + this[EOF] = true + this.writable = false + + // if we haven't written anything, then go ahead and emit, + // even if we're not reading. + // we'll re-emit if a new 'end' listener is added anyway. + // This makes MP more suitable to write-only use cases. + if (this.flowing || !this[PAUSED]) + this[MAYBE_EMIT_END]() + return this + } + + // don't let the internal resume be overwritten + [RESUME] () { + if (this[DESTROYED]) + return + + this[PAUSED] = false + this[FLOWING] = true + this.emit('resume') + if (this.buffer.length) + this[FLUSH]() + else if (this[EOF]) + this[MAYBE_EMIT_END]() + else + this.emit('drain') + } + + resume () { + return this[RESUME]() + } + + pause () { + this[FLOWING] = false + this[PAUSED] = true + } + + get destroyed () { + return this[DESTROYED] + } + + get flowing () { + return this[FLOWING] + } + + get paused () { + return this[PAUSED] + } + + [BUFFERPUSH] (chunk) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] += 1 + else + this[BUFFERLENGTH] += chunk.length + return this.buffer.push(chunk) + } + + [BUFFERSHIFT] () { + if (this.buffer.length) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] -= 1 + else + this[BUFFERLENGTH] -= this.buffer.head.value.length + } + return this.buffer.shift() + } + + [FLUSH] () { + do {} while (this[FLUSHCHUNK](this[BUFFERSHIFT]())) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + } + + [FLUSHCHUNK] (chunk) { + return chunk ? (this.emit('data', chunk), this.flowing) : false + } + + pipe (dest, opts) { + if (this[DESTROYED]) + return + + const ended = this[EMITTED_END] + opts = opts || {} + if (dest === process.stdout || dest === process.stderr) + opts.end = false + else + opts.end = opts.end !== false + + const p = { dest: dest, opts: opts, ondrain: _ => this[RESUME]() } + this.pipes.push(p) + + dest.on('drain', p.ondrain) + this[RESUME]() + // piping an ended stream ends immediately + if (ended && p.opts.end) + p.dest.end() + return dest + } + + addListener (ev, fn) { + return this.on(ev, fn) + } + + on (ev, fn) { + try { + return super.on(ev, fn) + } finally { + if (ev === 'data' && !this.pipes.length && !this.flowing) + this[RESUME]() + else if (isEndish(ev) && this[EMITTED_END]) { + super.emit(ev) + this.removeAllListeners(ev) + } + } + } + + get emittedEnd () { + return this[EMITTED_END] + } + + [MAYBE_EMIT_END] () { + if (!this[EMITTING_END] && + !this[EMITTED_END] && + !this[DESTROYED] && + this.buffer.length === 0 && + this[EOF]) { + this[EMITTING_END] = true + this.emit('end') + this.emit('prefinish') + this.emit('finish') + if (this[CLOSED]) + this.emit('close') + this[EMITTING_END] = false + } + } + + emit (ev, data) { + // error and close are only events allowed after calling destroy() + if (ev !== 'error' && ev !== 'close' && ev !== DESTROYED && this[DESTROYED]) + return + else if (ev === 'data') { + if (!data) + return + + if (this.pipes.length) + this.pipes.forEach(p => + p.dest.write(data) === false && this.pause()) + } else if (ev === 'end') { + // only actual end gets this treatment + if (this[EMITTED_END] === true) + return + + this[EMITTED_END] = true + this.readable = false + + if (this[DECODER]) { + data = this[DECODER].end() + if (data) { + this.pipes.forEach(p => p.dest.write(data)) + super.emit('data', data) + } + } + + this.pipes.forEach(p => { + p.dest.removeListener('drain', p.ondrain) + if (p.opts.end) + p.dest.end() + }) + } else if (ev === 'close') { + this[CLOSED] = true + // don't emit close before 'end' and 'finish' + if (!this[EMITTED_END] && !this[DESTROYED]) + return + } + + // TODO: replace with a spread operator when Node v4 support drops + const args = new Array(arguments.length) + args[0] = ev + args[1] = data + if (arguments.length > 2) { + for (let i = 2; i < arguments.length; i++) { + args[i] = arguments[i] + } + } + + try { + return super.emit.apply(this, args) + } finally { + if (!isEndish(ev)) + this[MAYBE_EMIT_END]() + else + this.removeAllListeners(ev) + } + } + + // const all = await stream.collect() + collect () { + const buf = [] + if (!this[OBJECTMODE]) + buf.dataLength = 0 + // set the promise first, in case an error is raised + // by triggering the flow here. + const p = this.promise() + this.on('data', c => { + buf.push(c) + if (!this[OBJECTMODE]) + buf.dataLength += c.length + }) + return p.then(() => buf) + } + + // const data = await stream.concat() + concat () { + return this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this.collect().then(buf => + this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this[ENCODING] ? buf.join('') : Buffer.concat(buf, buf.dataLength)) + } + + // stream.promise().then(() => done, er => emitted error) + promise () { + return new Promise((resolve, reject) => { + this.on(DESTROYED, () => reject(new Error('stream destroyed'))) + this.on('end', () => resolve()) + this.on('error', er => reject(er)) + }) + } + + // for await (let chunk of stream) + [ASYNCITERATOR] () { + const next = () => { + const res = this.read() + if (res !== null) + return Promise.resolve({ done: false, value: res }) + + if (this[EOF]) + return Promise.resolve({ done: true }) + + let resolve = null + let reject = null + const onerr = er => { + this.removeListener('data', ondata) + this.removeListener('end', onend) + reject(er) + } + const ondata = value => { + this.removeListener('error', onerr) + this.removeListener('end', onend) + this.pause() + resolve({ value: value, done: !!this[EOF] }) + } + const onend = () => { + this.removeListener('error', onerr) + this.removeListener('data', ondata) + resolve({ done: true }) + } + const ondestroy = () => onerr(new Error('stream destroyed')) + return new Promise((res, rej) => { + reject = rej + resolve = res + this.once(DESTROYED, ondestroy) + this.once('error', onerr) + this.once('end', onend) + this.once('data', ondata) + }) + } + + return { next } + } + + // for (let chunk of stream) + [ITERATOR] () { + const next = () => { + const value = this.read() + const done = value === null + return { value, done } + } + return { next } + } + + destroy (er) { + if (this[DESTROYED]) { + if (er) + this.emit('error', er) + else + this.emit(DESTROYED) + return this + } + + this[DESTROYED] = true + + // throw away all buffered data, it's never coming out + this.buffer = new Yallist() + this[BUFFERLENGTH] = 0 + + if (typeof this.close === 'function' && !this[CLOSED]) + this.close() + + if (er) + this.emit('error', er) + else // if no error to emit, still reject pending promises + this.emit(DESTROYED) + + return this + } + + static isStream (s) { + return !!s && (s instanceof Minipass || s instanceof Stream || + s instanceof EE && ( + typeof s.pipe === 'function' || // readable + (typeof s.write === 'function' && typeof s.end === 'function') // writable + )) + } +} diff --git a/node_modules/minipass-sized/node_modules/minipass/package.json b/node_modules/minipass-sized/node_modules/minipass/package.json new file mode 100644 index 000000000..752b7a9cb --- /dev/null +++ b/node_modules/minipass-sized/node_modules/minipass/package.json @@ -0,0 +1,72 @@ +{ + "_from": "minipass@^3.0.0", + "_id": "minipass@3.1.1", + "_inBundle": false, + "_integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "_location": "/minipass-sized/minipass", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass@^3.0.0", + "name": "minipass", + "escapedName": "minipass", + "rawSpec": "^3.0.0", + "saveSpec": null, + "fetchSpec": "^3.0.0" + }, + "_requiredBy": [ + "/minipass-sized" + ], + "_resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "_shasum": "7607ce778472a185ad6d89082aa2070f79cedcd5", + "_spec": "minipass@^3.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-sized", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/minipass/issues" + }, + "bundleDependencies": false, + "dependencies": { + "yallist": "^4.0.0" + }, + "deprecated": false, + "description": "minimal implementation of a PassThrough stream", + "devDependencies": { + "end-of-stream": "^1.4.0", + "tap": "^14.6.5", + "through2": "^2.0.3" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/isaacs/minipass#readme", + "keywords": [ + "passthrough", + "stream" + ], + "license": "ISC", + "main": "index.js", + "name": "minipass", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/minipass.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish --tag=next", + "preversion": "npm test", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "3.1.1" +} diff --git a/node_modules/minipass-sized/node_modules/yallist/LICENSE b/node_modules/minipass-sized/node_modules/yallist/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/minipass-sized/node_modules/yallist/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/minipass-sized/node_modules/yallist/README.md b/node_modules/minipass-sized/node_modules/yallist/README.md new file mode 100644 index 000000000..f58610186 --- /dev/null +++ b/node_modules/minipass-sized/node_modules/yallist/README.md @@ -0,0 +1,204 @@ +# yallist + +Yet Another Linked List + +There are many doubly-linked list implementations like it, but this +one is mine. + +For when an array would be too big, and a Map can't be iterated in +reverse order. + + +[](https://travis-ci.org/isaacs/yallist) [](https://coveralls.io/github/isaacs/yallist) + +## basic usage + +```javascript +var yallist = require('yallist') +var myList = yallist.create([1, 2, 3]) +myList.push('foo') +myList.unshift('bar') +// of course pop() and shift() are there, too +console.log(myList.toArray()) // ['bar', 1, 2, 3, 'foo'] +myList.forEach(function (k) { + // walk the list head to tail +}) +myList.forEachReverse(function (k, index, list) { + // walk the list tail to head +}) +var myDoubledList = myList.map(function (k) { + return k + k +}) +// now myDoubledList contains ['barbar', 2, 4, 6, 'foofoo'] +// mapReverse is also a thing +var myDoubledListReverse = myList.mapReverse(function (k) { + return k + k +}) // ['foofoo', 6, 4, 2, 'barbar'] + +var reduced = myList.reduce(function (set, entry) { + set += entry + return set +}, 'start') +console.log(reduced) // 'startfoo123bar' +``` + +## api + +The whole API is considered "public". + +Functions with the same name as an Array method work more or less the +same way. + +There's reverse versions of most things because that's the point. + +### Yallist + +Default export, the class that holds and manages a list. + +Call it with either a forEach-able (like an array) or a set of +arguments, to initialize the list. + +The Array-ish methods all act like you'd expect. No magic length, +though, so if you change that it won't automatically prune or add +empty spots. + +### Yallist.create(..) + +Alias for Yallist function. Some people like factories. + +#### yallist.head + +The first node in the list + +#### yallist.tail + +The last node in the list + +#### yallist.length + +The number of nodes in the list. (Change this at your peril. It is +not magic like Array length.) + +#### yallist.toArray() + +Convert the list to an array. + +#### yallist.forEach(fn, [thisp]) + +Call a function on each item in the list. + +#### yallist.forEachReverse(fn, [thisp]) + +Call a function on each item in the list, in reverse order. + +#### yallist.get(n) + +Get the data at position `n` in the list. If you use this a lot, +probably better off just using an Array. + +#### yallist.getReverse(n) + +Get the data at position `n`, counting from the tail. + +#### yallist.map(fn, thisp) + +Create a new Yallist with the result of calling the function on each +item. + +#### yallist.mapReverse(fn, thisp) + +Same as `map`, but in reverse. + +#### yallist.pop() + +Get the data from the list tail, and remove the tail from the list. + +#### yallist.push(item, ...) + +Insert one or more items to the tail of the list. + +#### yallist.reduce(fn, initialValue) + +Like Array.reduce. + +#### yallist.reduceReverse + +Like Array.reduce, but in reverse. + +#### yallist.reverse + +Reverse the list in place. + +#### yallist.shift() + +Get the data from the list head, and remove the head from the list. + +#### yallist.slice([from], [to]) + +Just like Array.slice, but returns a new Yallist. + +#### yallist.sliceReverse([from], [to]) + +Just like yallist.slice, but the result is returned in reverse. + +#### yallist.toArray() + +Create an array representation of the list. + +#### yallist.toArrayReverse() + +Create a reversed array representation of the list. + +#### yallist.unshift(item, ...) + +Insert one or more items to the head of the list. + +#### yallist.unshiftNode(node) + +Move a Node object to the front of the list. (That is, pull it out of +wherever it lives, and make it the new head.) + +If the node belongs to a different list, then that list will remove it +first. + +#### yallist.pushNode(node) + +Move a Node object to the end of the list. (That is, pull it out of +wherever it lives, and make it the new tail.) + +If the node belongs to a list already, then that list will remove it +first. + +#### yallist.removeNode(node) + +Remove a node from the list, preserving referential integrity of head +and tail and other nodes. + +Will throw an error if you try to have a list remove a node that +doesn't belong to it. + +### Yallist.Node + +The class that holds the data and is actually the list. + +Call with `var n = new Node(value, previousNode, nextNode)` + +Note that if you do direct operations on Nodes themselves, it's very +easy to get into weird states where the list is broken. Be careful :) + +#### node.next + +The next node in the list. + +#### node.prev + +The previous node in the list. + +#### node.value + +The data the node contains. + +#### node.list + +The list to which this node belongs. (Null if it does not belong to +any list.) diff --git a/node_modules/minipass-sized/node_modules/yallist/iterator.js b/node_modules/minipass-sized/node_modules/yallist/iterator.js new file mode 100644 index 000000000..d41c97a19 --- /dev/null +++ b/node_modules/minipass-sized/node_modules/yallist/iterator.js @@ -0,0 +1,8 @@ +'use strict' +module.exports = function (Yallist) { + Yallist.prototype[Symbol.iterator] = function* () { + for (let walker = this.head; walker; walker = walker.next) { + yield walker.value + } + } +} diff --git a/node_modules/minipass-sized/node_modules/yallist/package.json b/node_modules/minipass-sized/node_modules/yallist/package.json new file mode 100644 index 000000000..f2b8b7ba8 --- /dev/null +++ b/node_modules/minipass-sized/node_modules/yallist/package.json @@ -0,0 +1,62 @@ +{ + "_from": "yallist@^4.0.0", + "_id": "yallist@4.0.0", + "_inBundle": false, + "_integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "_location": "/minipass-sized/yallist", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "yallist@^4.0.0", + "name": "yallist", + "escapedName": "yallist", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/minipass-sized/minipass" + ], + "_resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "_shasum": "9bb92790d9c0effec63be73519e11a35019a3a72", + "_spec": "yallist@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-sized/node_modules/minipass", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/yallist/issues" + }, + "bundleDependencies": false, + "dependencies": {}, + "deprecated": false, + "description": "Yet Another Linked List", + "devDependencies": { + "tap": "^12.1.0" + }, + "directories": { + "test": "test" + }, + "files": [ + "yallist.js", + "iterator.js" + ], + "homepage": "https://github.com/isaacs/yallist#readme", + "license": "ISC", + "main": "yallist.js", + "name": "yallist", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/yallist.git" + }, + "scripts": { + "postpublish": "git push origin --all; git push origin --tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap test/*.js --100" + }, + "version": "4.0.0" +} diff --git a/node_modules/minipass-sized/node_modules/yallist/yallist.js b/node_modules/minipass-sized/node_modules/yallist/yallist.js new file mode 100644 index 000000000..4e83ab1c5 --- /dev/null +++ b/node_modules/minipass-sized/node_modules/yallist/yallist.js @@ -0,0 +1,426 @@ +'use strict' +module.exports = Yallist + +Yallist.Node = Node +Yallist.create = Yallist + +function Yallist (list) { + var self = this + if (!(self instanceof Yallist)) { + self = new Yallist() + } + + self.tail = null + self.head = null + self.length = 0 + + if (list && typeof list.forEach === 'function') { + list.forEach(function (item) { + self.push(item) + }) + } else if (arguments.length > 0) { + for (var i = 0, l = arguments.length; i < l; i++) { + self.push(arguments[i]) + } + } + + return self +} + +Yallist.prototype.removeNode = function (node) { + if (node.list !== this) { + throw new Error('removing node which does not belong to this list') + } + + var next = node.next + var prev = node.prev + + if (next) { + next.prev = prev + } + + if (prev) { + prev.next = next + } + + if (node === this.head) { + this.head = next + } + if (node === this.tail) { + this.tail = prev + } + + node.list.length-- + node.next = null + node.prev = null + node.list = null + + return next +} + +Yallist.prototype.unshiftNode = function (node) { + if (node === this.head) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var head = this.head + node.list = this + node.next = head + if (head) { + head.prev = node + } + + this.head = node + if (!this.tail) { + this.tail = node + } + this.length++ +} + +Yallist.prototype.pushNode = function (node) { + if (node === this.tail) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var tail = this.tail + node.list = this + node.prev = tail + if (tail) { + tail.next = node + } + + this.tail = node + if (!this.head) { + this.head = node + } + this.length++ +} + +Yallist.prototype.push = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + push(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.unshift = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + unshift(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.pop = function () { + if (!this.tail) { + return undefined + } + + var res = this.tail.value + this.tail = this.tail.prev + if (this.tail) { + this.tail.next = null + } else { + this.head = null + } + this.length-- + return res +} + +Yallist.prototype.shift = function () { + if (!this.head) { + return undefined + } + + var res = this.head.value + this.head = this.head.next + if (this.head) { + this.head.prev = null + } else { + this.tail = null + } + this.length-- + return res +} + +Yallist.prototype.forEach = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.head, i = 0; walker !== null; i++) { + fn.call(thisp, walker.value, i, this) + walker = walker.next + } +} + +Yallist.prototype.forEachReverse = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.tail, i = this.length - 1; walker !== null; i--) { + fn.call(thisp, walker.value, i, this) + walker = walker.prev + } +} + +Yallist.prototype.get = function (n) { + for (var i = 0, walker = this.head; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.next + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.getReverse = function (n) { + for (var i = 0, walker = this.tail; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.prev + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.map = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.head; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.next + } + return res +} + +Yallist.prototype.mapReverse = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.tail; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.prev + } + return res +} + +Yallist.prototype.reduce = function (fn, initial) { + var acc + var walker = this.head + if (arguments.length > 1) { + acc = initial + } else if (this.head) { + walker = this.head.next + acc = this.head.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = 0; walker !== null; i++) { + acc = fn(acc, walker.value, i) + walker = walker.next + } + + return acc +} + +Yallist.prototype.reduceReverse = function (fn, initial) { + var acc + var walker = this.tail + if (arguments.length > 1) { + acc = initial + } else if (this.tail) { + walker = this.tail.prev + acc = this.tail.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = this.length - 1; walker !== null; i--) { + acc = fn(acc, walker.value, i) + walker = walker.prev + } + + return acc +} + +Yallist.prototype.toArray = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.head; walker !== null; i++) { + arr[i] = walker.value + walker = walker.next + } + return arr +} + +Yallist.prototype.toArrayReverse = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.tail; walker !== null; i++) { + arr[i] = walker.value + walker = walker.prev + } + return arr +} + +Yallist.prototype.slice = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = 0, walker = this.head; walker !== null && i < from; i++) { + walker = walker.next + } + for (; walker !== null && i < to; i++, walker = walker.next) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.sliceReverse = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = this.length, walker = this.tail; walker !== null && i > to; i--) { + walker = walker.prev + } + for (; walker !== null && i > from; i--, walker = walker.prev) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.splice = function (start, deleteCount, ...nodes) { + if (start > this.length) { + start = this.length - 1 + } + if (start < 0) { + start = this.length + start; + } + + for (var i = 0, walker = this.head; walker !== null && i < start; i++) { + walker = walker.next + } + + var ret = [] + for (var i = 0; walker && i < deleteCount; i++) { + ret.push(walker.value) + walker = this.removeNode(walker) + } + if (walker === null) { + walker = this.tail + } + + if (walker !== this.head && walker !== this.tail) { + walker = walker.prev + } + + for (var i = 0; i < nodes.length; i++) { + walker = insert(this, walker, nodes[i]) + } + return ret; +} + +Yallist.prototype.reverse = function () { + var head = this.head + var tail = this.tail + for (var walker = head; walker !== null; walker = walker.prev) { + var p = walker.prev + walker.prev = walker.next + walker.next = p + } + this.head = tail + this.tail = head + return this +} + +function insert (self, node, value) { + var inserted = node === self.head ? + new Node(value, null, node, self) : + new Node(value, node, node.next, self) + + if (inserted.next === null) { + self.tail = inserted + } + if (inserted.prev === null) { + self.head = inserted + } + + self.length++ + + return inserted +} + +function push (self, item) { + self.tail = new Node(item, self.tail, null, self) + if (!self.head) { + self.head = self.tail + } + self.length++ +} + +function unshift (self, item) { + self.head = new Node(item, null, self.head, self) + if (!self.tail) { + self.tail = self.head + } + self.length++ +} + +function Node (value, prev, next, list) { + if (!(this instanceof Node)) { + return new Node(value, prev, next, list) + } + + this.list = list + this.value = value + + if (prev) { + prev.next = this + this.prev = prev + } else { + this.prev = null + } + + if (next) { + next.prev = this + this.next = next + } else { + this.next = null + } +} + +try { + // add if support for Symbol.iterator is present + require('./iterator.js')(Yallist) +} catch (er) {} diff --git a/node_modules/minipass-sized/package-lock.json b/node_modules/minipass-sized/package-lock.json new file mode 100644 index 000000000..944b28525 --- /dev/null +++ b/node_modules/minipass-sized/package-lock.json @@ -0,0 +1,3464 @@ +{ + "name": "minipass-sized", + "version": "1.0.3", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@babel/code-frame": { + "version": "7.5.5", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.5.5.tgz", + "integrity": "sha512-27d4lZoomVyo51VegxI20xZPuSHusqbQag/ztrBC7wegWoQ1nLREPVSKSW8byhTlzTKyNE4ifaTA6lCp7JjpFw==", + "dev": true, + "requires": { + "@babel/highlight": "^7.0.0" + } + }, + "@babel/generator": { + "version": "7.6.0", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.6.0.tgz", + "integrity": "sha512-Ms8Mo7YBdMMn1BYuNtKuP/z0TgEIhbcyB8HVR6PPNYp4P61lMsABiS4A3VG1qznjXVCf3r+fVHhm4efTYVsySA==", + "dev": true, + "requires": { + "@babel/types": "^7.6.0", + "jsesc": "^2.5.1", + "lodash": "^4.17.13", + "source-map": "^0.5.0", + "trim-right": "^1.0.1" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "@babel/helper-function-name": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.1.0.tgz", + "integrity": "sha512-A95XEoCpb3TO+KZzJ4S/5uW5fNe26DjBGqf1o9ucyLyCmi1dXq/B3c8iaWTfBk3VvetUxl16e8tIrd5teOCfGw==", + "dev": true, + "requires": { + "@babel/helper-get-function-arity": "^7.0.0", + "@babel/template": "^7.1.0", + "@babel/types": "^7.0.0" + } + }, + "@babel/helper-get-function-arity": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.0.0.tgz", + "integrity": "sha512-r2DbJeg4svYvt3HOS74U4eWKsUAMRH01Z1ds1zx8KNTPtpTL5JAsdFv8BNyOpVqdFhHkkRDIg5B4AsxmkjAlmQ==", + "dev": true, + "requires": { + "@babel/types": "^7.0.0" + } + }, + "@babel/helper-split-export-declaration": { + "version": "7.4.4", + "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.4.4.tgz", + "integrity": "sha512-Ro/XkzLf3JFITkW6b+hNxzZ1n5OQ80NvIUdmHspih1XAhtN3vPTuUFT4eQnela+2MaZ5ulH+iyP513KJrxbN7Q==", + "dev": true, + "requires": { + "@babel/types": "^7.4.4" + } + }, + "@babel/highlight": { + "version": "7.5.0", + "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.5.0.tgz", + "integrity": "sha512-7dV4eu9gBxoM0dAnj/BCFDW9LFU0zvTrkq0ugM7pnHEgguOEeOz1so2ZghEdzviYzQEED0r4EAgpsBChKy1TRQ==", + "dev": true, + "requires": { + "chalk": "^2.0.0", + "esutils": "^2.0.2", + "js-tokens": "^4.0.0" + } + }, + "@babel/parser": { + "version": "7.6.0", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.6.0.tgz", + "integrity": "sha512-+o2q111WEx4srBs7L9eJmcwi655eD8sXniLqMB93TBK9GrNzGrxDWSjiqz2hLU0Ha8MTXFIP0yd9fNdP+m43ZQ==", + "dev": true + }, + "@babel/runtime": { + "version": "7.6.0", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.6.0.tgz", + "integrity": "sha512-89eSBLJsxNxOERC0Op4vd+0Bqm6wRMqMbFtV3i0/fbaWw/mJ8Q3eBvgX0G4SyrOOLCtbu98HspF8o09MRT+KzQ==", + "dev": true, + "requires": { + "regenerator-runtime": "^0.13.2" + } + }, + "@babel/template": { + "version": "7.6.0", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.6.0.tgz", + "integrity": "sha512-5AEH2EXD8euCk446b7edmgFdub/qfH1SN6Nii3+fyXP807QRx9Q73A2N5hNwRRslC2H9sNzaFhsPubkS4L8oNQ==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.0.0", + "@babel/parser": "^7.6.0", + "@babel/types": "^7.6.0" + } + }, + "@babel/traverse": { + "version": "7.6.0", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.6.0.tgz", + "integrity": "sha512-93t52SaOBgml/xY74lsmt7xOR4ufYvhb5c5qiM6lu4J/dWGMAfAh6eKw4PjLes6DI6nQgearoxnFJk60YchpvQ==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.5.5", + "@babel/generator": "^7.6.0", + "@babel/helper-function-name": "^7.1.0", + "@babel/helper-split-export-declaration": "^7.4.4", + "@babel/parser": "^7.6.0", + "@babel/types": "^7.6.0", + "debug": "^4.1.0", + "globals": "^11.1.0", + "lodash": "^4.17.13" + } + }, + "@babel/types": { + "version": "7.6.1", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.6.1.tgz", + "integrity": "sha512-X7gdiuaCmA0uRjCmRtYJNAVCc/q+5xSgsfKJHqMN4iNLILX39677fJE1O40arPMh0TTtS9ItH67yre6c7k6t0g==", + "dev": true, + "requires": { + "esutils": "^2.0.2", + "lodash": "^4.17.13", + "to-fast-properties": "^2.0.0" + } + }, + "ajv": { + "version": "6.10.2", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.2.tgz", + "integrity": "sha512-TXtUUEYHuaTEbLZWIKUr5pmBuhDLy+8KYtPYdcV8qC+pOZL+NKqYwvWSRrVXHn+ZmRRAu8vJTAznH7Oag6RVRw==", + "dev": true, + "requires": { + "fast-deep-equal": "^2.0.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + } + }, + "ansi-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz", + "integrity": "sha1-7QMXwyIGT3lGbAKWa922Bas32Zg=", + "dev": true + }, + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "dev": true, + "requires": { + "color-convert": "^1.9.0" + } + }, + "anymatch": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.0.tgz", + "integrity": "sha512-Ozz7l4ixzI7Oxj2+cw+p0tVUt27BpaJ+1+q1TCeANWxHpvyn2+Un+YamBdfKu0uh8xLodGhoa1v7595NhKDAuA==", + "dev": true, + "requires": { + "normalize-path": "^3.0.0", + "picomatch": "^2.0.4" + } + }, + "append-transform": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/append-transform/-/append-transform-1.0.0.tgz", + "integrity": "sha512-P009oYkeHyU742iSZJzZZywj4QRJdnTWffaKuJQLablCZ1uz6/cW4yaRgcDaoQ+uwOxxnt0gRUcwfsNP2ri0gw==", + "dev": true, + "requires": { + "default-require-extensions": "^2.0.0" + } + }, + "archy": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/archy/-/archy-1.0.0.tgz", + "integrity": "sha1-+cjBN1fMHde8N5rHeyxipcKGjEA=", + "dev": true + }, + "arg": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/arg/-/arg-4.1.1.tgz", + "integrity": "sha512-SlmP3fEA88MBv0PypnXZ8ZfJhwmDeIE3SP71j37AiXQBXYosPV0x6uISAaHYSlSVhmHOVkomen0tbGk6Anlebw==", + "dev": true + }, + "argparse": { + "version": "1.0.10", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "dev": true, + "requires": { + "sprintf-js": "~1.0.2" + } + }, + "asn1": { + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", + "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", + "dev": true, + "requires": { + "safer-buffer": "~2.1.0" + } + }, + "assert-plus": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", + "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", + "dev": true + }, + "async-hook-domain": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/async-hook-domain/-/async-hook-domain-1.1.0.tgz", + "integrity": "sha512-NH7V97d1yCbIanu2oDLyPT2GFNct0esPeJyRfkk8J5hTztHVSQp4UiNfL2O42sCA9XZPU8OgHvzOmt9ewBhVqA==", + "dev": true, + "requires": { + "source-map-support": "^0.5.11" + } + }, + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", + "dev": true + }, + "aws-sign2": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", + "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", + "dev": true + }, + "aws4": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.8.0.tgz", + "integrity": "sha512-ReZxvNHIOv88FlT7rxcXIIC0fPt4KZqZbOlivyWtXLt8ESx84zd3kMC6iK5jVeS2qt+g7ftS7ye4fi06X5rtRQ==", + "dev": true + }, + "balanced-match": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", + "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=", + "dev": true + }, + "bcrypt-pbkdf": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", + "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", + "dev": true, + "requires": { + "tweetnacl": "^0.14.3" + } + }, + "binary-extensions": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.0.0.tgz", + "integrity": "sha512-Phlt0plgpIIBOGTT/ehfFnbNlfsDEiqmzE2KRXoX1bLIlir4X/MR+zSyBEkL05ffWgnRSf/DXv+WrUAVr93/ow==", + "dev": true + }, + "bind-obj-methods": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/bind-obj-methods/-/bind-obj-methods-2.0.0.tgz", + "integrity": "sha512-3/qRXczDi2Cdbz6jE+W3IflJOutRVica8frpBn14de1mBOkzDo+6tY33kNhvkw54Kn3PzRRD2VnGbGPcTAk4sw==", + "dev": true + }, + "brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "dev": true, + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "braces": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "dev": true, + "requires": { + "fill-range": "^7.0.1" + } + }, + "browser-process-hrtime": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz", + "integrity": "sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==", + "dev": true + }, + "buffer-from": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", + "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==", + "dev": true + }, + "caching-transform": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/caching-transform/-/caching-transform-3.0.2.tgz", + "integrity": "sha512-Mtgcv3lh3U0zRii/6qVgQODdPA4G3zhG+jtbCWj39RXuUFTMzH0vcdMtaJS1jPowd+It2Pqr6y3NJMQqOqCE2w==", + "dev": true, + "requires": { + "hasha": "^3.0.0", + "make-dir": "^2.0.0", + "package-hash": "^3.0.0", + "write-file-atomic": "^2.4.2" + }, + "dependencies": { + "write-file-atomic": { + "version": "2.4.3", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-2.4.3.tgz", + "integrity": "sha512-GaETH5wwsX+GcnzhPgKcKjJ6M2Cq3/iZp1WyY/X1CSqrW+jVNM9Y7D8EC2sM4ZG/V8wZlSniJnCKWPmBYAucRQ==", + "dev": true, + "requires": { + "graceful-fs": "^4.1.11", + "imurmurhash": "^0.1.4", + "signal-exit": "^3.0.2" + } + } + } + }, + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "dev": true + }, + "capture-stack-trace": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/capture-stack-trace/-/capture-stack-trace-1.0.1.tgz", + "integrity": "sha512-mYQLZnx5Qt1JgB1WEiMCf2647plpGeQ2NMR/5L0HNZzGQo4fuSPnK+wjfPnKZV0aiJDgzmWqqkV/g7JD+DW0qw==", + "dev": true + }, + "caseless": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", + "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=", + "dev": true + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "dev": true, + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "chokidar": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.1.1.tgz", + "integrity": "sha512-df4o16uZmMHzVQwECZRHwfguOt5ixpuQVaZHjYMvYisgKhE+JXwcj/Tcr3+3bu/XeOJQ9ycYmzu7Mv8XrGxJDQ==", + "dev": true, + "requires": { + "anymatch": "^3.1.0", + "braces": "^3.0.2", + "fsevents": "^2.0.6", + "glob-parent": "^5.0.0", + "is-binary-path": "^2.1.0", + "is-glob": "^4.0.1", + "normalize-path": "^3.0.0", + "readdirp": "^3.1.1" + } + }, + "cliui": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-4.1.0.tgz", + "integrity": "sha512-4FG+RSG9DL7uEwRUZXZn3SS34DiDPfzP0VOiEwtUWlE+AR2EIg+hSyvrIgUUfhdgR/UkAeW2QHgeP+hWrXs7jQ==", + "dev": true, + "requires": { + "string-width": "^2.1.1", + "strip-ansi": "^4.0.0", + "wrap-ansi": "^2.0.0" + } + }, + "code-point-at": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz", + "integrity": "sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c=", + "dev": true + }, + "color-convert": { + "version": "1.9.3", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "dev": true, + "requires": { + "color-name": "1.1.3" + } + }, + "color-name": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", + "dev": true + }, + "color-support": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-support/-/color-support-1.1.3.tgz", + "integrity": "sha512-qiBjkpbMLO/HL68y+lh4q0/O1MZFj2RX6X/KmMa3+gJD3z+WwI1ZzDHysvqHGS3mP6mznPckpXmw1nI9cJjyRg==", + "dev": true + }, + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dev": true, + "requires": { + "delayed-stream": "~1.0.0" + } + }, + "commander": { + "version": "2.20.0", + "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.0.tgz", + "integrity": "sha512-7j2y+40w61zy6YC2iRNpUe/NwhNyoXrYpHMrSunaMG64nRnaf96zO/KMQR4OyN/UnE5KLyEBnKHd4aG3rskjpQ==", + "dev": true, + "optional": true + }, + "commondir": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/commondir/-/commondir-1.0.1.tgz", + "integrity": "sha1-3dgA2gxmEnOTzKWVDqloo6rxJTs=", + "dev": true + }, + "concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", + "dev": true + }, + "convert-source-map": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.6.0.tgz", + "integrity": "sha512-eFu7XigvxdZ1ETfbgPBohgyQ/Z++C0eEhTor0qRwBw9unw+L0/6V8wkSuGgzdThkiS5lSpdptOQPD8Ak40a+7A==", + "dev": true, + "requires": { + "safe-buffer": "~5.1.1" + }, + "dependencies": { + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", + "dev": true + } + } + }, + "core-util-is": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", + "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=", + "dev": true + }, + "coveralls": { + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/coveralls/-/coveralls-3.0.6.tgz", + "integrity": "sha512-Pgh4v3gCI4T/9VijVrm8Ym5v0OgjvGLKj3zTUwkvsCiwqae/p6VLzpsFNjQS2i6ewV7ef+DjFJ5TSKxYt/mCrA==", + "dev": true, + "requires": { + "growl": "~> 1.10.0", + "js-yaml": "^3.13.1", + "lcov-parse": "^0.0.10", + "log-driver": "^1.2.7", + "minimist": "^1.2.0", + "request": "^2.86.0" + } + }, + "cp-file": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/cp-file/-/cp-file-6.2.0.tgz", + "integrity": "sha512-fmvV4caBnofhPe8kOcitBwSn2f39QLjnAnGq3gO9dfd75mUytzKNZB1hde6QHunW2Rt+OwuBOMc3i1tNElbszA==", + "dev": true, + "requires": { + "graceful-fs": "^4.1.2", + "make-dir": "^2.0.0", + "nested-error-stacks": "^2.0.0", + "pify": "^4.0.1", + "safe-buffer": "^5.0.1" + } + }, + "cross-spawn": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-4.0.2.tgz", + "integrity": "sha1-e5JHYhwjrf3ThWAEqCPL45dCTUE=", + "dev": true, + "requires": { + "lru-cache": "^4.0.1", + "which": "^1.2.9" + } + }, + "dashdash": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", + "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0" + } + }, + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "dev": true, + "requires": { + "ms": "^2.1.1" + } + }, + "decamelize": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz", + "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=", + "dev": true + }, + "default-require-extensions": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/default-require-extensions/-/default-require-extensions-2.0.0.tgz", + "integrity": "sha1-9fj7sYp9bVCyH2QfZJ67Uiz+JPc=", + "dev": true, + "requires": { + "strip-bom": "^3.0.0" + } + }, + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", + "dev": true + }, + "diff": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/diff/-/diff-4.0.1.tgz", + "integrity": "sha512-s2+XdvhPCOF01LRQBC8hf4vhbVmI2CGS5aZnxLJlT5FtdhPCDFq80q++zK2KlrVorVDdL5BOGZ/VfLrVtYNF+Q==", + "dev": true + }, + "ecc-jsbn": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", + "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "dev": true, + "requires": { + "jsbn": "~0.1.0", + "safer-buffer": "^2.1.0" + } + }, + "emoji-regex": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-7.0.3.tgz", + "integrity": "sha512-CwBLREIQ7LvYFB0WyRvwhq5N5qPhc6PMjD6bYggFlI5YyDgl+0vxq5VHbMOFqLg7hfWzmu8T5Z1QofhmTIhItA==", + "dev": true + }, + "error-ex": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", + "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", + "dev": true, + "requires": { + "is-arrayish": "^0.2.1" + } + }, + "es6-error": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/es6-error/-/es6-error-4.1.1.tgz", + "integrity": "sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg==", + "dev": true + }, + "escape-string-regexp": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", + "dev": true + }, + "esm": { + "version": "3.2.25", + "resolved": "https://registry.npmjs.org/esm/-/esm-3.2.25.tgz", + "integrity": "sha512-U1suiZ2oDVWv4zPO56S0NcR5QriEahGtdN2OR6FiOG4WJvcjBVFB0qI4+eKoWFH483PKGuLuu6V8Z4T5g63UVA==", + "dev": true + }, + "esprima": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "dev": true + }, + "esutils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", + "dev": true + }, + "events-to-array": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/events-to-array/-/events-to-array-1.1.2.tgz", + "integrity": "sha1-LUH1Y+H+QA7Uli/hpNXGp1Od9/Y=", + "dev": true + }, + "extend": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", + "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", + "dev": true + }, + "extsprintf": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", + "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", + "dev": true + }, + "fast-deep-equal": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz", + "integrity": "sha1-ewUhjd+WZ79/Nwv3/bLLFf3Qqkk=", + "dev": true + }, + "fast-json-stable-stringify": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz", + "integrity": "sha1-1RQsDK7msRifh9OnYREGT4bIu/I=", + "dev": true + }, + "fill-range": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "dev": true, + "requires": { + "to-regex-range": "^5.0.1" + } + }, + "find-cache-dir": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/find-cache-dir/-/find-cache-dir-2.1.0.tgz", + "integrity": "sha512-Tq6PixE0w/VMFfCgbONnkiQIVol/JJL7nRMi20fqzA4NRs9AfeqMGeRdPi3wIhYkxjeBaWh2rxwapn5Tu3IqOQ==", + "dev": true, + "requires": { + "commondir": "^1.0.1", + "make-dir": "^2.0.0", + "pkg-dir": "^3.0.0" + } + }, + "find-up": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-3.0.0.tgz", + "integrity": "sha512-1yD6RmLI1XBfxugvORwlck6f75tYL+iR0jqwsOrOxMZyGYqUuDhJ0l4AXdO1iX/FTs9cBAMEk1gWSEx1kSbylg==", + "dev": true, + "requires": { + "locate-path": "^3.0.0" + } + }, + "findit": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/findit/-/findit-2.0.0.tgz", + "integrity": "sha1-ZQnwEmr0wXhVHPqZOU4DLhOk1W4=", + "dev": true + }, + "flow-parser": { + "version": "0.108.0", + "resolved": "https://registry.npmjs.org/flow-parser/-/flow-parser-0.108.0.tgz", + "integrity": "sha512-Ug8VuwlyDIZq5Xgrf+T7XLpKydhqYyNd8lmFtf7PZbu90T5LL+FeHjWzxyrBn35RCCZMw7pXrjCrHOSs+2zXyg==", + "dev": true + }, + "flow-remove-types": { + "version": "2.108.0", + "resolved": "https://registry.npmjs.org/flow-remove-types/-/flow-remove-types-2.108.0.tgz", + "integrity": "sha512-cbYe0AijNVlc6V1Xx99fNqQtRMJ+xbQwG5rQtcheFQiBPO6b6VwvhMs/OelJvpO+YUTz49IhFKzoZGj5xm74PA==", + "dev": true, + "requires": { + "flow-parser": "^0.108.0", + "pirates": "^3.0.2", + "vlq": "^0.2.1" + } + }, + "foreground-child": { + "version": "1.5.6", + "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-1.5.6.tgz", + "integrity": "sha1-T9ca0t/elnibmApcCilZN8svXOk=", + "dev": true, + "requires": { + "cross-spawn": "^4", + "signal-exit": "^3.0.0" + } + }, + "forever-agent": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", + "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", + "dev": true + }, + "form-data": { + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", + "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", + "dev": true, + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.6", + "mime-types": "^2.1.12" + } + }, + "fs-exists-cached": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs-exists-cached/-/fs-exists-cached-1.0.0.tgz", + "integrity": "sha1-zyVVTKBQ3EmuZla0HeQiWJidy84=", + "dev": true + }, + "fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", + "dev": true + }, + "fsevents": { + "version": "2.0.7", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.0.7.tgz", + "integrity": "sha512-a7YT0SV3RB+DjYcppwVDLtn13UQnmg0SWZS7ezZD0UjnLwXmy8Zm21GMVGLaFGimIqcvyMQaOJBrop8MyOp1kQ==", + "dev": true, + "optional": true + }, + "function-loop": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/function-loop/-/function-loop-1.0.2.tgz", + "integrity": "sha512-Iw4MzMfS3udk/rqxTiDDCllhGwlOrsr50zViTOO/W6lS/9y6B1J0BD2VZzrnWUYBJsl3aeqjgR5v7bWWhZSYbA==", + "dev": true + }, + "get-caller-file": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true + }, + "getpass": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", + "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0" + } + }, + "glob": { + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.4.tgz", + "integrity": "sha512-hkLPepehmnKk41pUGm3sYxoFs/umurYfYJCerbXEyFIWcAzvpipAgVkBqqT9RBKMGjnq6kMuyYwha6csxbiM1A==", + "dev": true, + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + } + }, + "glob-parent": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.0.0.tgz", + "integrity": "sha512-Z2RwiujPRGluePM6j699ktJYxmPpJKCfpGA13jz2hmFZC7gKetzrWvg5KN3+OsIFmydGyZ1AVwERCq1w/ZZwRg==", + "dev": true, + "requires": { + "is-glob": "^4.0.1" + } + }, + "globals": { + "version": "11.12.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true + }, + "graceful-fs": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.2.tgz", + "integrity": "sha512-IItsdsea19BoLC7ELy13q1iJFNmd7ofZH5+X/pJr90/nRoPEX0DJo1dHDbgtYWOhJhcCgMDTOw84RZ72q6lB+Q==", + "dev": true + }, + "growl": { + "version": "1.10.5", + "resolved": "https://registry.npmjs.org/growl/-/growl-1.10.5.tgz", + "integrity": "sha512-qBr4OuELkhPenW6goKVXiv47US3clb3/IbuWF9KNKEijAy9oeHxU9IgzjvJhHkUzhaj7rOUD7+YGWqUjLp5oSA==", + "dev": true + }, + "handlebars": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.2.1.tgz", + "integrity": "sha512-bqPIlDk06UWbVEIFoYj+LVo42WhK96J+b25l7hbFDpxrOXMphFM3fNIm+cluwg4Pk2jiLjWU5nHQY7igGE75NQ==", + "dev": true, + "requires": { + "neo-async": "^2.6.0", + "optimist": "^0.6.1", + "source-map": "^0.6.1", + "uglify-js": "^3.1.4" + } + }, + "har-schema": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", + "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", + "dev": true + }, + "har-validator": { + "version": "5.1.3", + "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz", + "integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==", + "dev": true, + "requires": { + "ajv": "^6.5.5", + "har-schema": "^2.0.0" + } + }, + "has-flag": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", + "dev": true + }, + "hasha": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/hasha/-/hasha-3.0.0.tgz", + "integrity": "sha1-UqMvq4Vp1BymmmH/GiFPjrfIvTk=", + "dev": true, + "requires": { + "is-stream": "^1.0.1" + } + }, + "hosted-git-info": { + "version": "2.8.4", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.4.tgz", + "integrity": "sha512-pzXIvANXEFrc5oFFXRMkbLPQ2rXRoDERwDLyrcUxGhaZhgP54BBSl9Oheh7Vv0T090cszWBxPjkQQ5Sq1PbBRQ==", + "dev": true + }, + "http-signature": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", + "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0", + "jsprim": "^1.2.2", + "sshpk": "^1.7.0" + } + }, + "imurmurhash": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", + "dev": true + }, + "inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "dev": true, + "requires": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "is-arrayish": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=", + "dev": true + }, + "is-binary-path": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz", + "integrity": "sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==", + "dev": true, + "requires": { + "binary-extensions": "^2.0.0" + } + }, + "is-extglob": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", + "integrity": "sha1-qIwCU1eR8C7TfHahueqXc8gz+MI=", + "dev": true + }, + "is-fullwidth-code-point": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", + "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=", + "dev": true + }, + "is-glob": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.1.tgz", + "integrity": "sha512-5G0tKtBTFImOqDnLB2hG6Bp2qcKEFduo4tZu9MT/H6NQv/ghhy30o55ufafxJ/LdH79LLs2Kfrn85TLKyA7BUg==", + "dev": true, + "requires": { + "is-extglob": "^2.1.1" + } + }, + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true + }, + "is-stream": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", + "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ=", + "dev": true + }, + "is-typedarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", + "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", + "dev": true + }, + "isarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", + "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=", + "dev": true, + "optional": true + }, + "isexe": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", + "dev": true + }, + "isstream": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", + "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=", + "dev": true + }, + "istanbul-lib-coverage": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.5.tgz", + "integrity": "sha512-8aXznuEPCJvGnMSRft4udDRDtb1V3pkQkMMI5LI+6HuQz5oQ4J2UFn1H82raA3qJtyOLkkwVqICBQkjnGtn5mA==", + "dev": true + }, + "istanbul-lib-hook": { + "version": "2.0.7", + "resolved": "https://registry.npmjs.org/istanbul-lib-hook/-/istanbul-lib-hook-2.0.7.tgz", + "integrity": "sha512-vrRztU9VRRFDyC+aklfLoeXyNdTfga2EI3udDGn4cZ6fpSXpHLV9X6CHvfoMCPtggg8zvDDmC4b9xfu0z6/llA==", + "dev": true, + "requires": { + "append-transform": "^1.0.0" + } + }, + "istanbul-lib-instrument": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-3.3.0.tgz", + "integrity": "sha512-5nnIN4vo5xQZHdXno/YDXJ0G+I3dAm4XgzfSVTPLQpj/zAV2dV6Juy0yaf10/zrJOJeHoN3fraFe+XRq2bFVZA==", + "dev": true, + "requires": { + "@babel/generator": "^7.4.0", + "@babel/parser": "^7.4.3", + "@babel/template": "^7.4.0", + "@babel/traverse": "^7.4.3", + "@babel/types": "^7.4.0", + "istanbul-lib-coverage": "^2.0.5", + "semver": "^6.0.0" + }, + "dependencies": { + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", + "dev": true + } + } + }, + "istanbul-lib-processinfo": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-processinfo/-/istanbul-lib-processinfo-1.0.0.tgz", + "integrity": "sha512-FY0cPmWa4WoQNlvB8VOcafiRoB5nB+l2Pz2xGuXHRSy1KM8QFOYfz/rN+bGMCAeejrY3mrpF5oJHcN0s/garCg==", + "dev": true, + "requires": { + "archy": "^1.0.0", + "cross-spawn": "^6.0.5", + "istanbul-lib-coverage": "^2.0.3", + "rimraf": "^2.6.3", + "uuid": "^3.3.2" + }, + "dependencies": { + "cross-spawn": { + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", + "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==", + "dev": true, + "requires": { + "nice-try": "^1.0.4", + "path-key": "^2.0.1", + "semver": "^5.5.0", + "shebang-command": "^1.2.0", + "which": "^1.2.9" + } + } + } + }, + "istanbul-lib-report": { + "version": "2.0.8", + "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-2.0.8.tgz", + "integrity": "sha512-fHBeG573EIihhAblwgxrSenp0Dby6tJMFR/HvlerBsrCTD5bkUuoNtn3gVh29ZCS824cGGBPn7Sg7cNk+2xUsQ==", + "dev": true, + "requires": { + "istanbul-lib-coverage": "^2.0.5", + "make-dir": "^2.1.0", + "supports-color": "^6.1.0" + }, + "dependencies": { + "supports-color": { + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-6.1.0.tgz", + "integrity": "sha512-qe1jfm1Mg7Nq/NSh6XE24gPXROEVsWHxC1LIx//XNlD9iw7YZQGjZNjYN7xGaEG6iKdA8EtNFW6R0gjnVXp+wQ==", + "dev": true, + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "istanbul-lib-source-maps": { + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-3.0.6.tgz", + "integrity": "sha512-R47KzMtDJH6X4/YW9XTx+jrLnZnscW4VpNN+1PViSYTejLVPWv7oov+Duf8YQSPyVRUvueQqz1TcsC6mooZTXw==", + "dev": true, + "requires": { + "debug": "^4.1.1", + "istanbul-lib-coverage": "^2.0.5", + "make-dir": "^2.1.0", + "rimraf": "^2.6.3", + "source-map": "^0.6.1" + } + }, + "istanbul-reports": { + "version": "2.2.6", + "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-2.2.6.tgz", + "integrity": "sha512-SKi4rnMyLBKe0Jy2uUdx28h8oG7ph2PPuQPvIAh31d+Ci+lSiEu4C+h3oBPuJ9+mPKhOyW0M8gY4U5NM1WLeXA==", + "dev": true, + "requires": { + "handlebars": "^4.1.2" + } + }, + "jackspeak": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-1.4.0.tgz", + "integrity": "sha512-VDcSunT+wcccoG46FtzuBAyQKlzhHjli4q31e1fIHGOsRspqNUFjVzGb+7eIFDlTvqLygxapDHPHS0ouT2o/tw==", + "dev": true, + "requires": { + "cliui": "^4.1.0" + } + }, + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true + }, + "js-yaml": { + "version": "3.13.1", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.13.1.tgz", + "integrity": "sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==", + "dev": true, + "requires": { + "argparse": "^1.0.7", + "esprima": "^4.0.0" + } + }, + "jsbn": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", + "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=", + "dev": true + }, + "jsesc": { + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", + "dev": true + }, + "json-parse-better-errors": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz", + "integrity": "sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw==", + "dev": true + }, + "json-schema": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", + "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=", + "dev": true + }, + "json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + }, + "json-stringify-safe": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=", + "dev": true + }, + "jsprim": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", + "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=", + "dev": true, + "requires": { + "assert-plus": "1.0.0", + "extsprintf": "1.3.0", + "json-schema": "0.2.3", + "verror": "1.10.0" + } + }, + "lcov-parse": { + "version": "0.0.10", + "resolved": "https://registry.npmjs.org/lcov-parse/-/lcov-parse-0.0.10.tgz", + "integrity": "sha1-GwuP+ayceIklBYK3C3ExXZ2m2aM=", + "dev": true + }, + "load-json-file": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-4.0.0.tgz", + "integrity": "sha1-L19Fq5HjMhYjT9U62rZo607AmTs=", + "dev": true, + "requires": { + "graceful-fs": "^4.1.2", + "parse-json": "^4.0.0", + "pify": "^3.0.0", + "strip-bom": "^3.0.0" + }, + "dependencies": { + "pify": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz", + "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=", + "dev": true + } + } + }, + "locate-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-3.0.0.tgz", + "integrity": "sha512-7AO748wWnIhNqAuaty2ZWHkQHRSNfPVIsPIfwEOWO22AmaoVrWavlOcMR5nzTLNYvp36X220/maaRsrec1G65A==", + "dev": true, + "requires": { + "p-locate": "^3.0.0", + "path-exists": "^3.0.0" + } + }, + "lodash": { + "version": "4.17.15", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", + "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==", + "dev": true + }, + "lodash.flattendeep": { + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/lodash.flattendeep/-/lodash.flattendeep-4.4.0.tgz", + "integrity": "sha1-+wMJF/hqMTTlvJvsDWngAT3f7bI=", + "dev": true + }, + "log-driver": { + "version": "1.2.7", + "resolved": "https://registry.npmjs.org/log-driver/-/log-driver-1.2.7.tgz", + "integrity": "sha512-U7KCmLdqsGHBLeWqYlFA0V0Sl6P08EE1ZrmA9cxjUE0WVqT9qnyVDPz1kzpFEP0jdJuFnasWIfSd7fsaNXkpbg==", + "dev": true + }, + "lru-cache": { + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.5.tgz", + "integrity": "sha512-sWZlbEP2OsHNkXrMl5GYk/jKk70MBng6UU4YI/qGDYbgf6YbP4EvmqISbXCoJiRKs+1bSpFHVgQxvJ17F2li5g==", + "dev": true, + "requires": { + "pseudomap": "^1.0.2", + "yallist": "^2.1.2" + } + }, + "make-dir": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-2.1.0.tgz", + "integrity": "sha512-LS9X+dc8KLxXCb8dni79fLIIUA5VyZoyjSMCwTluaXA0o27cCK0bhXkpgw+sTXVpPy/lSO57ilRixqk0vDmtRA==", + "dev": true, + "requires": { + "pify": "^4.0.1", + "semver": "^5.6.0" + } + }, + "make-error": { + "version": "1.3.5", + "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.5.tgz", + "integrity": "sha512-c3sIjNUow0+8swNwVpqoH4YCShKNFkMaw6oH1mNS2haDZQqkeZFlHS3dhoeEbKKmJB4vXpJucU6oH75aDYeE9g==", + "dev": true + }, + "merge-source-map": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/merge-source-map/-/merge-source-map-1.1.0.tgz", + "integrity": "sha512-Qkcp7P2ygktpMPh2mCQZaf3jhN6D3Z/qVZHSdWvQ+2Ef5HgRAPBO57A77+ENm0CPx2+1Ce/MYKi3ymqdfuqibw==", + "dev": true, + "requires": { + "source-map": "^0.6.1" + } + }, + "mime-db": { + "version": "1.40.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.40.0.tgz", + "integrity": "sha512-jYdeOMPy9vnxEqFRRo6ZvTZ8d9oPb+k18PKoYNYUe2stVEBPPwsln/qWzdbmaIvnhZ9v2P+CuecK+fpUfsV2mA==", + "dev": true + }, + "mime-types": { + "version": "2.1.24", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.24.tgz", + "integrity": "sha512-WaFHS3MCl5fapm3oLxU4eYDw77IQM2ACcxQ9RIxfaC3ooc6PFuBMGZZsYpvoXS5D5QTWPieo1jjLdAm3TBP3cQ==", + "dev": true, + "requires": { + "mime-db": "1.40.0" + } + }, + "minimatch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", + "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "dev": true, + "requires": { + "brace-expansion": "^1.1.7" + } + }, + "minimist": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz", + "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=", + "dev": true + }, + "minipass": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.0.0.tgz", + "integrity": "sha512-FKNU4XrAPDX0+ynwns7njVu4RolyG1mUKSlT6n6GwGXLtYSYh2Znc0S83Rl6zEr1zgFfXvAzIBabnmItm+n19g==", + "requires": { + "yallist": "^4.0.0" + }, + "dependencies": { + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + } + } + }, + "mkdirp": { + "version": "0.5.1", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz", + "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=", + "dev": true, + "requires": { + "minimist": "0.0.8" + }, + "dependencies": { + "minimist": { + "version": "0.0.8", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz", + "integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0=", + "dev": true + } + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true + }, + "neo-async": { + "version": "2.6.1", + "resolved": "https://registry.npmjs.org/neo-async/-/neo-async-2.6.1.tgz", + "integrity": "sha512-iyam8fBuCUpWeKPGpaNMetEocMt364qkCsfL9JuhjXX6dRnguRVOfk2GZaDpPjcOKiiXCPINZC1GczQ7iTq3Zw==", + "dev": true + }, + "nested-error-stacks": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/nested-error-stacks/-/nested-error-stacks-2.1.0.tgz", + "integrity": "sha512-AO81vsIO1k1sM4Zrd6Hu7regmJN1NSiAja10gc4bX3F0wd+9rQmcuHQaHVQCYIEC8iFXnE+mavh23GOt7wBgug==", + "dev": true + }, + "nice-try": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", + "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==", + "dev": true + }, + "node-modules-regexp": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/node-modules-regexp/-/node-modules-regexp-1.0.0.tgz", + "integrity": "sha1-jZ2+KJZKSsVxLpExZCEHxx6Q7EA=", + "dev": true + }, + "normalize-package-data": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", + "integrity": "sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==", + "dev": true, + "requires": { + "hosted-git-info": "^2.1.4", + "resolve": "^1.10.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + } + }, + "normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "dev": true + }, + "number-is-nan": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz", + "integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=", + "dev": true + }, + "nyc": { + "version": "14.1.1", + "resolved": "https://registry.npmjs.org/nyc/-/nyc-14.1.1.tgz", + "integrity": "sha512-OI0vm6ZGUnoGZv/tLdZ2esSVzDwUC88SNs+6JoSOMVxA+gKMB8Tk7jBwgemLx4O40lhhvZCVw1C+OYLOBOPXWw==", + "dev": true, + "requires": { + "archy": "^1.0.0", + "caching-transform": "^3.0.2", + "convert-source-map": "^1.6.0", + "cp-file": "^6.2.0", + "find-cache-dir": "^2.1.0", + "find-up": "^3.0.0", + "foreground-child": "^1.5.6", + "glob": "^7.1.3", + "istanbul-lib-coverage": "^2.0.5", + "istanbul-lib-hook": "^2.0.7", + "istanbul-lib-instrument": "^3.3.0", + "istanbul-lib-report": "^2.0.8", + "istanbul-lib-source-maps": "^3.0.6", + "istanbul-reports": "^2.2.4", + "js-yaml": "^3.13.1", + "make-dir": "^2.1.0", + "merge-source-map": "^1.1.0", + "resolve-from": "^4.0.0", + "rimraf": "^2.6.3", + "signal-exit": "^3.0.2", + "spawn-wrap": "^1.4.2", + "test-exclude": "^5.2.3", + "uuid": "^3.3.2", + "yargs": "^13.2.2", + "yargs-parser": "^13.0.0" + } + }, + "oauth-sign": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", + "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", + "dev": true + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "dev": true, + "requires": { + "wrappy": "1" + } + }, + "opener": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/opener/-/opener-1.5.1.tgz", + "integrity": "sha512-goYSy5c2UXE4Ra1xixabeVh1guIX/ZV/YokJksb6q2lubWu6UbvPQ20p542/sFIll1nl8JnCyK9oBaOcCWXwvA==", + "dev": true + }, + "optimist": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.6.1.tgz", + "integrity": "sha1-2j6nRob6IaGaERwybpDrFaAZZoY=", + "dev": true, + "requires": { + "minimist": "~0.0.1", + "wordwrap": "~0.0.2" + }, + "dependencies": { + "minimist": { + "version": "0.0.10", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.10.tgz", + "integrity": "sha1-3j+YVD2/lggr5IrRoMfNqDYwHc8=", + "dev": true + } + } + }, + "os-homedir": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/os-homedir/-/os-homedir-1.0.2.tgz", + "integrity": "sha1-/7xJiDNuDoM94MFox+8VISGqf7M=", + "dev": true + }, + "own-or": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/own-or/-/own-or-1.0.0.tgz", + "integrity": "sha1-Tod/vtqaLsgAD7wLyuOWRe6L+Nw=", + "dev": true + }, + "own-or-env": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/own-or-env/-/own-or-env-1.0.1.tgz", + "integrity": "sha512-y8qULRbRAlL6x2+M0vIe7jJbJx/kmUTzYonRAa2ayesR2qWLswninkVyeJe4x3IEXhdgoNodzjQRKAoEs6Fmrw==", + "dev": true, + "requires": { + "own-or": "^1.0.0" + } + }, + "p-limit": { + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.2.1.tgz", + "integrity": "sha512-85Tk+90UCVWvbDavCLKPOLC9vvY8OwEX/RtKF+/1OADJMVlFfEHOiMTPVyxg7mk/dKa+ipdHm0OUkTvCpMTuwg==", + "dev": true, + "requires": { + "p-try": "^2.0.0" + } + }, + "p-locate": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-3.0.0.tgz", + "integrity": "sha512-x+12w/To+4GFfgJhBEpiDcLozRJGegY+Ei7/z0tSLkMmxGZNybVMSfWj9aJn8Z5Fc7dBUNJOOVgPv2H7IwulSQ==", + "dev": true, + "requires": { + "p-limit": "^2.0.0" + } + }, + "p-try": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "dev": true + }, + "package-hash": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/package-hash/-/package-hash-3.0.0.tgz", + "integrity": "sha512-lOtmukMDVvtkL84rJHI7dpTYq+0rli8N2wlnqUcBuDWCfVhRUfOmnR9SsoHFMLpACvEV60dX7rd0rFaYDZI+FA==", + "dev": true, + "requires": { + "graceful-fs": "^4.1.15", + "hasha": "^3.0.0", + "lodash.flattendeep": "^4.4.0", + "release-zalgo": "^1.0.0" + } + }, + "parse-json": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-4.0.0.tgz", + "integrity": "sha1-vjX1Qlvh9/bHRxhPmKeIy5lHfuA=", + "dev": true, + "requires": { + "error-ex": "^1.3.1", + "json-parse-better-errors": "^1.0.1" + } + }, + "path-exists": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz", + "integrity": "sha1-zg6+ql94yxiSXqfYENe1mwEP1RU=", + "dev": true + }, + "path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", + "dev": true + }, + "path-key": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz", + "integrity": "sha1-QRyttXTFoUDTpLGRDUDYDMn0C0A=", + "dev": true + }, + "path-parse": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz", + "integrity": "sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==", + "dev": true + }, + "path-type": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/path-type/-/path-type-3.0.0.tgz", + "integrity": "sha512-T2ZUsdZFHgA3u4e5PfPbjd7HDDpxPnQb5jN0SrDsjNSuVXHJqtwTnWqG0B1jZrgmJ/7lj1EmVIByWt1gxGkWvg==", + "dev": true, + "requires": { + "pify": "^3.0.0" + }, + "dependencies": { + "pify": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz", + "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=", + "dev": true + } + } + }, + "performance-now": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", + "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=", + "dev": true + }, + "picomatch": { + "version": "2.0.7", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.0.7.tgz", + "integrity": "sha512-oLHIdio3tZ0qH76NybpeneBhYVj0QFTfXEFTc/B3zKQspYfYYkWYgFsmzo+4kvId/bQRcNkVeguI3y+CD22BtA==", + "dev": true + }, + "pify": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/pify/-/pify-4.0.1.tgz", + "integrity": "sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==", + "dev": true + }, + "pirates": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/pirates/-/pirates-3.0.2.tgz", + "integrity": "sha512-c5CgUJq6H2k6MJz72Ak1F5sN9n9wlSlJyEnwvpm9/y3WB4E3pHBDT2c6PEiS1vyJvq2bUxUAIu0EGf8Cx4Ic7Q==", + "dev": true, + "requires": { + "node-modules-regexp": "^1.0.0" + } + }, + "pkg-dir": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-3.0.0.tgz", + "integrity": "sha512-/E57AYkoeQ25qkxMj5PBOVgF8Kiu/h7cYS30Z5+R7WaiCCBfLq58ZI/dSeaEKb9WVJV5n/03QwrN3IeWIFllvw==", + "dev": true, + "requires": { + "find-up": "^3.0.0" + } + }, + "process-nextick-args": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", + "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==", + "dev": true, + "optional": true + }, + "pseudomap": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/pseudomap/-/pseudomap-1.0.2.tgz", + "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM=", + "dev": true + }, + "psl": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/psl/-/psl-1.4.0.tgz", + "integrity": "sha512-HZzqCGPecFLyoRj5HLfuDSKYTJkAfB5thKBIkRHtGjWwY7p1dAyveIbXIq4tO0KYfDF2tHqPUgY9SDnGm00uFw==", + "dev": true + }, + "punycode": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", + "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", + "dev": true + }, + "qs": { + "version": "6.5.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", + "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==", + "dev": true + }, + "read-pkg": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-3.0.0.tgz", + "integrity": "sha1-nLxoaXj+5l0WwA4rGcI3/Pbjg4k=", + "dev": true, + "requires": { + "load-json-file": "^4.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^3.0.0" + } + }, + "read-pkg-up": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-4.0.0.tgz", + "integrity": "sha512-6etQSH7nJGsK0RbG/2TeDzZFa8shjQ1um+SwQQ5cwKy0dhSXdOncEhb1CPpvQG4h7FyOV6EB6YlV0yJvZQNAkA==", + "dev": true, + "requires": { + "find-up": "^3.0.0", + "read-pkg": "^3.0.0" + } + }, + "readable-stream": { + "version": "2.3.6", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz", + "integrity": "sha512-tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw==", + "dev": true, + "optional": true, + "requires": { + "core-util-is": "~1.0.0", + "inherits": "~2.0.3", + "isarray": "~1.0.0", + "process-nextick-args": "~2.0.0", + "safe-buffer": "~5.1.1", + "string_decoder": "~1.1.1", + "util-deprecate": "~1.0.1" + }, + "dependencies": { + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", + "dev": true, + "optional": true + } + } + }, + "readdirp": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-3.1.2.tgz", + "integrity": "sha512-8rhl0xs2cxfVsqzreYCvs8EwBfn/DhVdqtoLmw19uI3SC5avYX9teCurlErfpPXGmYtMHReGaP2RsLnFvz/lnw==", + "dev": true, + "requires": { + "picomatch": "^2.0.4" + } + }, + "regenerator-runtime": { + "version": "0.13.3", + "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.3.tgz", + "integrity": "sha512-naKIZz2GQ8JWh///G7L3X6LaQUAMp2lvb1rvwwsURe/VXwD6VMfr+/1NuNw3ag8v2kY1aQ/go5SNn79O9JU7yw==", + "dev": true + }, + "release-zalgo": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/release-zalgo/-/release-zalgo-1.0.0.tgz", + "integrity": "sha1-CXALflB0Mpc5Mw5TXFqQ+2eFFzA=", + "dev": true, + "requires": { + "es6-error": "^4.0.1" + } + }, + "request": { + "version": "2.88.0", + "resolved": "https://registry.npmjs.org/request/-/request-2.88.0.tgz", + "integrity": "sha512-NAqBSrijGLZdM0WZNsInLJpkJokL72XYjUpnB0iwsRgxh7dB6COrHnTBNwN0E+lHDAJzu7kLAkDeY08z2/A0hg==", + "dev": true, + "requires": { + "aws-sign2": "~0.7.0", + "aws4": "^1.8.0", + "caseless": "~0.12.0", + "combined-stream": "~1.0.6", + "extend": "~3.0.2", + "forever-agent": "~0.6.1", + "form-data": "~2.3.2", + "har-validator": "~5.1.0", + "http-signature": "~1.2.0", + "is-typedarray": "~1.0.0", + "isstream": "~0.1.2", + "json-stringify-safe": "~5.0.1", + "mime-types": "~2.1.19", + "oauth-sign": "~0.9.0", + "performance-now": "^2.1.0", + "qs": "~6.5.2", + "safe-buffer": "^5.1.2", + "tough-cookie": "~2.4.3", + "tunnel-agent": "^0.6.0", + "uuid": "^3.3.2" + } + }, + "require-directory": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=", + "dev": true + }, + "require-main-filename": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-2.0.0.tgz", + "integrity": "sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==", + "dev": true + }, + "resolve": { + "version": "1.12.0", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.12.0.tgz", + "integrity": "sha512-B/dOmuoAik5bKcD6s6nXDCjzUKnaDvdkRyAk6rsmsKLipWj4797iothd7jmmUhWTfinVMU+wc56rYKsit2Qy4w==", + "dev": true, + "requires": { + "path-parse": "^1.0.6" + } + }, + "resolve-from": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", + "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==", + "dev": true + }, + "rimraf": { + "version": "2.7.1", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.7.1.tgz", + "integrity": "sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==", + "dev": true, + "requires": { + "glob": "^7.1.3" + } + }, + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==", + "dev": true + }, + "safer-buffer": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", + "dev": true + }, + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + }, + "set-blocking": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", + "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=", + "dev": true + }, + "shebang-command": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-1.2.0.tgz", + "integrity": "sha1-RKrGW2lbAzmJaMOfNj/uXer98eo=", + "dev": true, + "requires": { + "shebang-regex": "^1.0.0" + } + }, + "shebang-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz", + "integrity": "sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=", + "dev": true + }, + "signal-exit": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.2.tgz", + "integrity": "sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0=", + "dev": true + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true + }, + "source-map-support": { + "version": "0.5.13", + "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", + "integrity": "sha512-SHSKFHadjVA5oR4PPqhtAVdcBWwRYVd6g6cAXnIbRiIwc2EhPrTuKUBdSLvlEKyIP3GCf89fltvcZiP9MMFA1w==", + "dev": true, + "requires": { + "buffer-from": "^1.0.0", + "source-map": "^0.6.0" + } + }, + "spawn-wrap": { + "version": "1.4.3", + "resolved": "https://registry.npmjs.org/spawn-wrap/-/spawn-wrap-1.4.3.tgz", + "integrity": "sha512-IgB8md0QW/+tWqcavuFgKYR/qIRvJkRLPJDFaoXtLLUaVcCDK0+HeFTkmQHj3eprcYhc+gOl0aEA1w7qZlYezw==", + "dev": true, + "requires": { + "foreground-child": "^1.5.6", + "mkdirp": "^0.5.0", + "os-homedir": "^1.0.1", + "rimraf": "^2.6.2", + "signal-exit": "^3.0.2", + "which": "^1.3.0" + } + }, + "spdx-correct": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.0.tgz", + "integrity": "sha512-lr2EZCctC2BNR7j7WzJ2FpDznxky1sjfxvvYEyzxNyb6lZXHODmEoJeFu4JupYlkfha1KZpJyoqiJ7pgA1qq8Q==", + "dev": true, + "requires": { + "spdx-expression-parse": "^3.0.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-exceptions": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.2.0.tgz", + "integrity": "sha512-2XQACfElKi9SlVb1CYadKDXvoajPgBVPn/gOQLrTvHdElaVhr7ZEbqJaRnJLVNeaI4cMEAgVCeBMKF6MWRDCRA==", + "dev": true + }, + "spdx-expression-parse": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.0.tgz", + "integrity": "sha512-Yg6D3XpRD4kkOmTpdgbUiEJFKghJH03fiC1OPll5h/0sO6neh2jqRDVHOQ4o/LMea0tgCkbMgea5ip/e+MkWyg==", + "dev": true, + "requires": { + "spdx-exceptions": "^2.1.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-license-ids": { + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.5.tgz", + "integrity": "sha512-J+FWzZoynJEXGphVIS+XEh3kFSjZX/1i9gFBaWQcB+/tmpe2qUsSBABpcxqxnAxFdiUFEgAX1bjYGQvIZmoz9Q==", + "dev": true + }, + "sprintf-js": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", + "dev": true + }, + "sshpk": { + "version": "1.16.1", + "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", + "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "dev": true, + "requires": { + "asn1": "~0.2.3", + "assert-plus": "^1.0.0", + "bcrypt-pbkdf": "^1.0.0", + "dashdash": "^1.12.0", + "ecc-jsbn": "~0.1.1", + "getpass": "^0.1.1", + "jsbn": "~0.1.0", + "safer-buffer": "^2.0.2", + "tweetnacl": "~0.14.0" + } + }, + "stack-utils": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-1.0.2.tgz", + "integrity": "sha512-MTX+MeG5U994cazkjd/9KNAapsHnibjMLnfXodlkXw76JEea0UiNzrqidzo1emMwk7w5Qhc9jd4Bn9TBb1MFwA==", + "dev": true + }, + "string-width": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz", + "integrity": "sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==", + "dev": true, + "requires": { + "is-fullwidth-code-point": "^2.0.0", + "strip-ansi": "^4.0.0" + } + }, + "string_decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", + "dev": true, + "optional": true, + "requires": { + "safe-buffer": "~5.1.0" + }, + "dependencies": { + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", + "dev": true, + "optional": true + } + } + }, + "strip-ansi": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz", + "integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=", + "dev": true, + "requires": { + "ansi-regex": "^3.0.0" + } + }, + "strip-bom": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-3.0.0.tgz", + "integrity": "sha1-IzTBjpx1n3vdVv3vfprj1YjmjtM=", + "dev": true + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "dev": true, + "requires": { + "has-flag": "^3.0.0" + } + }, + "tap": { + "version": "14.6.4", + "resolved": "https://registry.npmjs.org/tap/-/tap-14.6.4.tgz", + "integrity": "sha512-qYO/ZlQumbYzibH+wCVfkrNAomtBhKcKvMHWAMaucHrTBzZGHCmLR/WmRhb1khOKN5gzxMbCpEct3GQIKYXRlw==", + "dev": true, + "requires": { + "async-hook-domain": "^1.1.0", + "bind-obj-methods": "^2.0.0", + "browser-process-hrtime": "^1.0.0", + "capture-stack-trace": "^1.0.0", + "chokidar": "^3.0.2", + "color-support": "^1.1.0", + "coveralls": "^3.0.6", + "diff": "^4.0.1", + "esm": "^3.2.25", + "findit": "^2.0.0", + "flow-remove-types": "^2.107.0", + "foreground-child": "^1.3.3", + "fs-exists-cached": "^1.0.0", + "function-loop": "^1.0.2", + "glob": "^7.1.4", + "import-jsx": "^2.0.0", + "ink": "^2.3.0", + "isexe": "^2.0.0", + "istanbul-lib-processinfo": "^1.0.0", + "jackspeak": "^1.4.0", + "minipass": "^2.5.1", + "mkdirp": "^0.5.1", + "nyc": "^14.1.1", + "opener": "^1.5.1", + "own-or": "^1.0.0", + "own-or-env": "^1.0.1", + "react": "^16.9.0", + "rimraf": "^2.7.1", + "signal-exit": "^3.0.0", + "source-map-support": "^0.5.13", + "stack-utils": "^1.0.2", + "tap-mocha-reporter": "^4.0.1", + "tap-parser": "^9.3.3", + "tap-yaml": "^1.0.0", + "tcompare": "^2.3.0", + "treport": "^0.4.0", + "trivial-deferred": "^1.0.1", + "ts-node": "^8.3.0", + "typescript": "^3.6.3", + "which": "^1.3.1", + "write-file-atomic": "^3.0.0", + "yaml": "^1.6.0", + "yapool": "^1.0.0" + }, + "dependencies": { + "@babel/runtime": { + "version": "7.4.5", + "bundled": true, + "dev": true, + "requires": { + "regenerator-runtime": "^0.13.2" + }, + "dependencies": { + "regenerator-runtime": { + "version": "0.13.2", + "bundled": true, + "dev": true + } + } + }, + "@types/prop-types": { + "version": "15.7.1", + "bundled": true, + "dev": true + }, + "@types/react": { + "version": "16.8.22", + "bundled": true, + "dev": true, + "requires": { + "@types/prop-types": "*", + "csstype": "^2.2.0" + } + }, + "ansi-escapes": { + "version": "3.2.0", + "bundled": true, + "dev": true + }, + "ansi-regex": { + "version": "2.1.1", + "bundled": true, + "dev": true + }, + "ansi-styles": { + "version": "2.2.1", + "bundled": true, + "dev": true + }, + "ansicolors": { + "version": "0.3.2", + "bundled": true, + "dev": true + }, + "arrify": { + "version": "1.0.1", + "bundled": true, + "dev": true + }, + "astral-regex": { + "version": "1.0.0", + "bundled": true, + "dev": true + }, + "auto-bind": { + "version": "2.1.0", + "bundled": true, + "dev": true, + "requires": { + "@types/react": "^16.8.12" + } + }, + "babel-code-frame": { + "version": "6.26.0", + "bundled": true, + "dev": true, + "requires": { + "chalk": "^1.1.3", + "esutils": "^2.0.2", + "js-tokens": "^3.0.2" + } + }, + "babel-core": { + "version": "6.26.3", + "bundled": true, + "dev": true, + "requires": { + "babel-code-frame": "^6.26.0", + "babel-generator": "^6.26.0", + "babel-helpers": "^6.24.1", + "babel-messages": "^6.23.0", + "babel-register": "^6.26.0", + "babel-runtime": "^6.26.0", + "babel-template": "^6.26.0", + "babel-traverse": "^6.26.0", + "babel-types": "^6.26.0", + "babylon": "^6.18.0", + "convert-source-map": "^1.5.1", + "debug": "^2.6.9", + "json5": "^0.5.1", + "lodash": "^4.17.4", + "minimatch": "^3.0.4", + "path-is-absolute": "^1.0.1", + "private": "^0.1.8", + "slash": "^1.0.0", + "source-map": "^0.5.7" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "bundled": true, + "dev": true + } + } + }, + "babel-generator": { + "version": "6.26.1", + "bundled": true, + "dev": true, + "requires": { + "babel-messages": "^6.23.0", + "babel-runtime": "^6.26.0", + "babel-types": "^6.26.0", + "detect-indent": "^4.0.0", + "jsesc": "^1.3.0", + "lodash": "^4.17.4", + "source-map": "^0.5.7", + "trim-right": "^1.0.1" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "bundled": true, + "dev": true + } + } + }, + "babel-helper-builder-react-jsx": { + "version": "6.26.0", + "bundled": true, + "dev": true, + "requires": { + "babel-runtime": "^6.26.0", + "babel-types": "^6.26.0", + "esutils": "^2.0.2" + } + }, + "babel-helpers": { + "version": "6.24.1", + "bundled": true, + "dev": true, + "requires": { + "babel-runtime": "^6.22.0", + "babel-template": "^6.24.1" + } + }, + "babel-messages": { + "version": "6.23.0", + "bundled": true, + "dev": true, + "requires": { + "babel-runtime": "^6.22.0" + } + }, + "babel-plugin-syntax-jsx": { + "version": "6.18.0", + "bundled": true, + "dev": true + }, + "babel-plugin-syntax-object-rest-spread": { + "version": "6.13.0", + "bundled": true, + "dev": true + }, + "babel-plugin-transform-es2015-destructuring": { + "version": "6.23.0", + "bundled": true, + "dev": true, + "requires": { + "babel-runtime": "^6.22.0" + } + }, + "babel-plugin-transform-object-rest-spread": { + "version": "6.26.0", + "bundled": true, + "dev": true, + "requires": { + "babel-plugin-syntax-object-rest-spread": "^6.8.0", + "babel-runtime": "^6.26.0" + } + }, + "babel-plugin-transform-react-jsx": { + "version": "6.24.1", + "bundled": true, + "dev": true, + "requires": { + "babel-helper-builder-react-jsx": "^6.24.1", + "babel-plugin-syntax-jsx": "^6.8.0", + "babel-runtime": "^6.22.0" + } + }, + "babel-register": { + "version": "6.26.0", + "bundled": true, + "dev": true, + "requires": { + "babel-core": "^6.26.0", + "babel-runtime": "^6.26.0", + "core-js": "^2.5.0", + "home-or-tmp": "^2.0.0", + "lodash": "^4.17.4", + "mkdirp": "^0.5.1", + "source-map-support": "^0.4.15" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "bundled": true, + "dev": true + }, + "source-map-support": { + "version": "0.4.18", + "bundled": true, + "dev": true, + "requires": { + "source-map": "^0.5.6" + } + } + } + }, + "babel-runtime": { + "version": "6.26.0", + "bundled": true, + "dev": true, + "requires": { + "core-js": "^2.4.0", + "regenerator-runtime": "^0.11.0" + } + }, + "babel-template": { + "version": "6.26.0", + "bundled": true, + "dev": true, + "requires": { + "babel-runtime": "^6.26.0", + "babel-traverse": "^6.26.0", + "babel-types": "^6.26.0", + "babylon": "^6.18.0", + "lodash": "^4.17.4" + } + }, + "babel-traverse": { + "version": "6.26.0", + "bundled": true, + "dev": true, + "requires": { + "babel-code-frame": "^6.26.0", + "babel-messages": "^6.23.0", + "babel-runtime": "^6.26.0", + "babel-types": "^6.26.0", + "babylon": "^6.18.0", + "debug": "^2.6.8", + "globals": "^9.18.0", + "invariant": "^2.2.2", + "lodash": "^4.17.4" + } + }, + "babel-types": { + "version": "6.26.0", + "bundled": true, + "dev": true, + "requires": { + "babel-runtime": "^6.26.0", + "esutils": "^2.0.2", + "lodash": "^4.17.4", + "to-fast-properties": "^1.0.3" + } + }, + "babylon": { + "version": "6.18.0", + "bundled": true, + "dev": true + }, + "balanced-match": { + "version": "1.0.0", + "bundled": true, + "dev": true + }, + "brace-expansion": { + "version": "1.1.11", + "bundled": true, + "dev": true, + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "caller-callsite": { + "version": "2.0.0", + "bundled": true, + "dev": true, + "requires": { + "callsites": "^2.0.0" + } + }, + "caller-path": { + "version": "2.0.0", + "bundled": true, + "dev": true, + "requires": { + "caller-callsite": "^2.0.0" + } + }, + "callsites": { + "version": "2.0.0", + "bundled": true, + "dev": true + }, + "cardinal": { + "version": "2.1.1", + "bundled": true, + "dev": true, + "requires": { + "ansicolors": "~0.3.2", + "redeyed": "~2.1.0" + } + }, + "chalk": { + "version": "1.1.3", + "bundled": true, + "dev": true, + "requires": { + "ansi-styles": "^2.2.1", + "escape-string-regexp": "^1.0.2", + "has-ansi": "^2.0.0", + "strip-ansi": "^3.0.0", + "supports-color": "^2.0.0" + } + }, + "ci-info": { + "version": "2.0.0", + "bundled": true, + "dev": true + }, + "cli-cursor": { + "version": "2.1.0", + "bundled": true, + "dev": true, + "requires": { + "restore-cursor": "^2.0.0" + } + }, + "cli-truncate": { + "version": "1.1.0", + "bundled": true, + "dev": true, + "requires": { + "slice-ansi": "^1.0.0", + "string-width": "^2.0.0" + } + }, + "color-convert": { + "version": "1.9.3", + "bundled": true, + "dev": true, + "requires": { + "color-name": "1.1.3" + } + }, + "color-name": { + "version": "1.1.3", + "bundled": true, + "dev": true + }, + "concat-map": { + "version": "0.0.1", + "bundled": true, + "dev": true + }, + "convert-source-map": { + "version": "1.6.0", + "bundled": true, + "dev": true, + "requires": { + "safe-buffer": "~5.1.1" + } + }, + "core-js": { + "version": "2.6.5", + "bundled": true, + "dev": true + }, + "csstype": { + "version": "2.6.5", + "bundled": true, + "dev": true + }, + "debug": { + "version": "2.6.9", + "bundled": true, + "dev": true, + "requires": { + "ms": "2.0.0" + } + }, + "detect-indent": { + "version": "4.0.0", + "bundled": true, + "dev": true, + "requires": { + "repeating": "^2.0.0" + } + }, + "emoji-regex": { + "version": "7.0.3", + "bundled": true, + "dev": true + }, + "escape-string-regexp": { + "version": "1.0.5", + "bundled": true, + "dev": true + }, + "esprima": { + "version": "4.0.1", + "bundled": true, + "dev": true + }, + "esutils": { + "version": "2.0.2", + "bundled": true, + "dev": true + }, + "events-to-array": { + "version": "1.1.2", + "bundled": true, + "dev": true + }, + "globals": { + "version": "9.18.0", + "bundled": true, + "dev": true + }, + "has-ansi": { + "version": "2.0.0", + "bundled": true, + "dev": true, + "requires": { + "ansi-regex": "^2.0.0" + } + }, + "has-flag": { + "version": "3.0.0", + "bundled": true, + "dev": true + }, + "home-or-tmp": { + "version": "2.0.0", + "bundled": true, + "dev": true, + "requires": { + "os-homedir": "^1.0.0", + "os-tmpdir": "^1.0.1" + } + }, + "import-jsx": { + "version": "2.0.0", + "bundled": true, + "dev": true, + "requires": { + "babel-core": "^6.25.0", + "babel-plugin-transform-es2015-destructuring": "^6.23.0", + "babel-plugin-transform-object-rest-spread": "^6.23.0", + "babel-plugin-transform-react-jsx": "^6.24.1", + "caller-path": "^2.0.0", + "resolve-from": "^3.0.0" + } + }, + "ink": { + "version": "2.3.0", + "bundled": true, + "dev": true, + "requires": { + "@types/react": "^16.8.6", + "arrify": "^1.0.1", + "auto-bind": "^2.0.0", + "chalk": "^2.4.1", + "cli-cursor": "^2.1.0", + "cli-truncate": "^1.1.0", + "is-ci": "^2.0.0", + "lodash.throttle": "^4.1.1", + "log-update": "^3.0.0", + "prop-types": "^15.6.2", + "react-reconciler": "^0.20.0", + "scheduler": "^0.13.2", + "signal-exit": "^3.0.2", + "slice-ansi": "^1.0.0", + "string-length": "^2.0.0", + "widest-line": "^2.0.0", + "wrap-ansi": "^5.0.0", + "yoga-layout-prebuilt": "^1.9.3" + }, + "dependencies": { + "ansi-regex": { + "version": "4.1.0", + "bundled": true, + "dev": true + }, + "ansi-styles": { + "version": "3.2.1", + "bundled": true, + "dev": true, + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "bundled": true, + "dev": true, + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "string-width": { + "version": "3.1.0", + "bundled": true, + "dev": true, + "requires": { + "emoji-regex": "^7.0.1", + "is-fullwidth-code-point": "^2.0.0", + "strip-ansi": "^5.1.0" + } + }, + "strip-ansi": { + "version": "5.2.0", + "bundled": true, + "dev": true, + "requires": { + "ansi-regex": "^4.1.0" + } + }, + "supports-color": { + "version": "5.5.0", + "bundled": true, + "dev": true, + "requires": { + "has-flag": "^3.0.0" + } + }, + "wrap-ansi": { + "version": "5.1.0", + "bundled": true, + "dev": true, + "requires": { + "ansi-styles": "^3.2.0", + "string-width": "^3.0.0", + "strip-ansi": "^5.0.0" + } + } + } + }, + "invariant": { + "version": "2.2.4", + "bundled": true, + "dev": true, + "requires": { + "loose-envify": "^1.0.0" + } + }, + "is-ci": { + "version": "2.0.0", + "bundled": true, + "dev": true, + "requires": { + "ci-info": "^2.0.0" + } + }, + "is-finite": { + "version": "1.0.2", + "bundled": true, + "dev": true, + "requires": { + "number-is-nan": "^1.0.0" + } + }, + "is-fullwidth-code-point": { + "version": "2.0.0", + "bundled": true, + "dev": true + }, + "js-tokens": { + "version": "3.0.2", + "bundled": true, + "dev": true + }, + "jsesc": { + "version": "1.3.0", + "bundled": true, + "dev": true + }, + "json5": { + "version": "0.5.1", + "bundled": true, + "dev": true + }, + "lodash": { + "version": "4.17.14", + "bundled": true, + "dev": true + }, + "lodash.throttle": { + "version": "4.1.1", + "bundled": true, + "dev": true + }, + "log-update": { + "version": "3.2.0", + "bundled": true, + "dev": true, + "requires": { + "ansi-escapes": "^3.2.0", + "cli-cursor": "^2.1.0", + "wrap-ansi": "^5.0.0" + }, + "dependencies": { + "ansi-regex": { + "version": "4.1.0", + "bundled": true, + "dev": true + }, + "ansi-styles": { + "version": "3.2.1", + "bundled": true, + "dev": true, + "requires": { + "color-convert": "^1.9.0" + } + }, + "string-width": { + "version": "3.1.0", + "bundled": true, + "dev": true, + "requires": { + "emoji-regex": "^7.0.1", + "is-fullwidth-code-point": "^2.0.0", + "strip-ansi": "^5.1.0" + } + }, + "strip-ansi": { + "version": "5.2.0", + "bundled": true, + "dev": true, + "requires": { + "ansi-regex": "^4.1.0" + } + }, + "wrap-ansi": { + "version": "5.1.0", + "bundled": true, + "dev": true, + "requires": { + "ansi-styles": "^3.2.0", + "string-width": "^3.0.0", + "strip-ansi": "^5.0.0" + } + } + } + }, + "loose-envify": { + "version": "1.4.0", + "bundled": true, + "dev": true, + "requires": { + "js-tokens": "^3.0.0 || ^4.0.0" + } + }, + "minimatch": { + "version": "3.0.4", + "bundled": true, + "dev": true, + "requires": { + "brace-expansion": "^1.1.7" + } + }, + "minipass": { + "version": "2.5.1", + "bundled": true, + "dev": true, + "requires": { + "safe-buffer": "^5.1.2", + "yallist": "^3.0.0" + }, + "dependencies": { + "yallist": { + "version": "3.0.3", + "bundled": true, + "dev": true + } + } + }, + "mkdirp": { + "version": "0.5.1", + "bundled": true, + "dev": true, + "requires": { + "minimist": "0.0.8" + }, + "dependencies": { + "minimist": { + "version": "0.0.8", + "bundled": true, + "dev": true + } + } + }, + "ms": { + "version": "2.0.0", + "bundled": true, + "dev": true + }, + "number-is-nan": { + "version": "1.0.1", + "bundled": true, + "dev": true + }, + "object-assign": { + "version": "4.1.1", + "bundled": true, + "dev": true + }, + "onetime": { + "version": "2.0.1", + "bundled": true, + "dev": true, + "requires": { + "mimic-fn": "^1.0.0" + }, + "dependencies": { + "mimic-fn": { + "version": "1.2.0", + "bundled": true, + "dev": true + } + } + }, + "os-homedir": { + "version": "1.0.2", + "bundled": true, + "dev": true + }, + "os-tmpdir": { + "version": "1.0.2", + "bundled": true, + "dev": true + }, + "path-is-absolute": { + "version": "1.0.1", + "bundled": true, + "dev": true + }, + "private": { + "version": "0.1.8", + "bundled": true, + "dev": true + }, + "prop-types": { + "version": "15.7.2", + "bundled": true, + "dev": true, + "requires": { + "loose-envify": "^1.4.0", + "object-assign": "^4.1.1", + "react-is": "^16.8.1" + } + }, + "punycode": { + "version": "2.1.1", + "bundled": true, + "dev": true + }, + "react": { + "version": "16.9.0", + "bundled": true, + "dev": true, + "requires": { + "loose-envify": "^1.1.0", + "object-assign": "^4.1.1", + "prop-types": "^15.6.2" + } + }, + "react-is": { + "version": "16.8.6", + "bundled": true, + "dev": true + }, + "react-reconciler": { + "version": "0.20.4", + "bundled": true, + "dev": true, + "requires": { + "loose-envify": "^1.1.0", + "object-assign": "^4.1.1", + "prop-types": "^15.6.2", + "scheduler": "^0.13.6" + } + }, + "redeyed": { + "version": "2.1.1", + "bundled": true, + "dev": true, + "requires": { + "esprima": "~4.0.0" + } + }, + "regenerator-runtime": { + "version": "0.11.1", + "bundled": true, + "dev": true + }, + "repeating": { + "version": "2.0.1", + "bundled": true, + "dev": true, + "requires": { + "is-finite": "^1.0.0" + } + }, + "resolve-from": { + "version": "3.0.0", + "bundled": true, + "dev": true + }, + "restore-cursor": { + "version": "2.0.0", + "bundled": true, + "dev": true, + "requires": { + "onetime": "^2.0.0", + "signal-exit": "^3.0.2" + } + }, + "safe-buffer": { + "version": "5.1.2", + "bundled": true, + "dev": true + }, + "scheduler": { + "version": "0.13.6", + "bundled": true, + "dev": true, + "requires": { + "loose-envify": "^1.1.0", + "object-assign": "^4.1.1" + } + }, + "signal-exit": { + "version": "3.0.2", + "bundled": true, + "dev": true + }, + "slash": { + "version": "1.0.0", + "bundled": true, + "dev": true + }, + "slice-ansi": { + "version": "1.0.0", + "bundled": true, + "dev": true, + "requires": { + "is-fullwidth-code-point": "^2.0.0" + } + }, + "string-length": { + "version": "2.0.0", + "bundled": true, + "dev": true, + "requires": { + "astral-regex": "^1.0.0", + "strip-ansi": "^4.0.0" + }, + "dependencies": { + "ansi-regex": { + "version": "3.0.0", + "bundled": true, + "dev": true + }, + "strip-ansi": { + "version": "4.0.0", + "bundled": true, + "dev": true, + "requires": { + "ansi-regex": "^3.0.0" + } + } + } + }, + "string-width": { + "version": "2.1.1", + "bundled": true, + "dev": true, + "requires": { + "is-fullwidth-code-point": "^2.0.0", + "strip-ansi": "^4.0.0" + }, + "dependencies": { + "ansi-regex": { + "version": "3.0.0", + "bundled": true, + "dev": true + }, + "strip-ansi": { + "version": "4.0.0", + "bundled": true, + "dev": true, + "requires": { + "ansi-regex": "^3.0.0" + } + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "bundled": true, + "dev": true, + "requires": { + "ansi-regex": "^2.0.0" + } + }, + "supports-color": { + "version": "2.0.0", + "bundled": true, + "dev": true + }, + "tap-parser": { + "version": "9.3.3", + "bundled": true, + "dev": true, + "requires": { + "events-to-array": "^1.0.1", + "minipass": "^2.2.0", + "tap-yaml": "^1.0.0" + } + }, + "tap-yaml": { + "version": "1.0.0", + "bundled": true, + "dev": true, + "requires": { + "yaml": "^1.5.0" + } + }, + "to-fast-properties": { + "version": "1.0.3", + "bundled": true, + "dev": true + }, + "treport": { + "version": "0.4.0", + "bundled": true, + "dev": true, + "requires": { + "cardinal": "^2.1.1", + "chalk": "^2.4.2", + "import-jsx": "^2.0.0", + "ink": "^2.1.1", + "ms": "^2.1.1", + "react": "^16.8.6", + "string-length": "^2.0.0", + "tap-parser": "^9.3.2", + "unicode-length": "^2.0.1" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "bundled": true, + "dev": true, + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "bundled": true, + "dev": true, + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "ms": { + "version": "2.1.2", + "bundled": true, + "dev": true + }, + "supports-color": { + "version": "5.5.0", + "bundled": true, + "dev": true, + "requires": { + "has-flag": "^3.0.0" + } + }, + "unicode-length": { + "version": "2.0.2", + "bundled": true, + "dev": true, + "requires": { + "punycode": "^2.0.0", + "strip-ansi": "^3.0.1" + } + } + } + }, + "trim-right": { + "version": "1.0.1", + "bundled": true, + "dev": true + }, + "widest-line": { + "version": "2.0.1", + "bundled": true, + "dev": true, + "requires": { + "string-width": "^2.1.1" + } + }, + "yaml": { + "version": "1.6.0", + "bundled": true, + "dev": true, + "requires": { + "@babel/runtime": "^7.4.5" + } + }, + "yoga-layout-prebuilt": { + "version": "1.9.3", + "bundled": true, + "dev": true + } + } + }, + "tap-mocha-reporter": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/tap-mocha-reporter/-/tap-mocha-reporter-4.0.1.tgz", + "integrity": "sha512-/KfXaaYeSPn8qBi5Be8WSIP3iKV83s2uj2vzImJAXmjNu22kzqZ+1Dv1riYWa53sPCiyo1R1w1jbJrftF8SpcQ==", + "dev": true, + "requires": { + "color-support": "^1.1.0", + "debug": "^2.1.3", + "diff": "^1.3.2", + "escape-string-regexp": "^1.0.3", + "glob": "^7.0.5", + "readable-stream": "^2.1.5", + "tap-parser": "^8.0.0", + "tap-yaml": "0 || 1", + "unicode-length": "^1.0.0" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "dev": true, + "requires": { + "ms": "2.0.0" + } + }, + "diff": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/diff/-/diff-1.4.0.tgz", + "integrity": "sha1-fyjS657nsVqX79ic5j3P2qPMur8=", + "dev": true + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true + } + } + }, + "tap-parser": { + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/tap-parser/-/tap-parser-8.1.0.tgz", + "integrity": "sha512-GgOzgDwThYLxhVR83RbS1JUR1TxcT+jfZsrETgPAvFdr12lUOnuvrHOBaUQgpkAp6ZyeW6r2Nwd91t88M0ru3w==", + "dev": true, + "requires": { + "events-to-array": "^1.0.1", + "minipass": "^2.2.0", + "tap-yaml": "0 || 1" + }, + "dependencies": { + "minipass": { + "version": "2.9.0", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-2.9.0.tgz", + "integrity": "sha512-wxfUjg9WebH+CUDX/CdbRlh5SmfZiy/hpkxaRI16Y9W56Pa75sWgd/rvFilSgrauD9NyFymP/+JFV3KwzIsJeg==", + "dev": true, + "requires": { + "safe-buffer": "^5.1.2", + "yallist": "^3.0.0" + } + }, + "yallist": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", + "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", + "dev": true + } + } + }, + "tap-yaml": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/tap-yaml/-/tap-yaml-1.0.0.tgz", + "integrity": "sha512-Rxbx4EnrWkYk0/ztcm5u3/VznbyFJpyXO12dDBHKWiDVxy7O2Qw6MRrwO5H6Ww0U5YhRY/4C/VzWmFPhBQc4qQ==", + "dev": true, + "requires": { + "yaml": "^1.5.0" + } + }, + "tcompare": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/tcompare/-/tcompare-2.3.0.tgz", + "integrity": "sha512-fAfA73uFtFGybWGt4+IYT6UPLYVZQ4NfsP+IXEZGY0vh8e2IF7LVKafcQNMRBLqP0wzEA65LM9Tqj+FSmO8GLw==", + "dev": true + }, + "test-exclude": { + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-5.2.3.tgz", + "integrity": "sha512-M+oxtseCFO3EDtAaGH7iiej3CBkzXqFMbzqYAACdzKui4eZA+pq3tZEwChvOdNfa7xxy8BfbmgJSIr43cC/+2g==", + "dev": true, + "requires": { + "glob": "^7.1.3", + "minimatch": "^3.0.4", + "read-pkg-up": "^4.0.0", + "require-main-filename": "^2.0.0" + } + }, + "to-fast-properties": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", + "dev": true + }, + "to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, + "requires": { + "is-number": "^7.0.0" + } + }, + "tough-cookie": { + "version": "2.4.3", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.4.3.tgz", + "integrity": "sha512-Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ==", + "dev": true, + "requires": { + "psl": "^1.1.24", + "punycode": "^1.4.1" + }, + "dependencies": { + "punycode": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz", + "integrity": "sha1-wNWmOycYgArY4esPpSachN1BhF4=", + "dev": true + } + } + }, + "trim-right": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/trim-right/-/trim-right-1.0.1.tgz", + "integrity": "sha1-yy4SAwZ+DI3h9hQJS5/kVwTqYAM=", + "dev": true + }, + "trivial-deferred": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/trivial-deferred/-/trivial-deferred-1.0.1.tgz", + "integrity": "sha1-N21NKdlR1jaKb3oK6FwvTV4GWPM=", + "dev": true + }, + "ts-node": { + "version": "8.4.1", + "resolved": "https://registry.npmjs.org/ts-node/-/ts-node-8.4.1.tgz", + "integrity": "sha512-5LpRN+mTiCs7lI5EtbXmF/HfMeCjzt7DH9CZwtkr6SywStrNQC723wG+aOWFiLNn7zT3kD/RnFqi3ZUfr4l5Qw==", + "dev": true, + "requires": { + "arg": "^4.1.0", + "diff": "^4.0.1", + "make-error": "^1.1.1", + "source-map-support": "^0.5.6", + "yn": "^3.0.0" + } + }, + "tunnel-agent": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "dev": true, + "requires": { + "safe-buffer": "^5.0.1" + } + }, + "tweetnacl": { + "version": "0.14.5", + "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", + "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=", + "dev": true + }, + "typedarray-to-buffer": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz", + "integrity": "sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==", + "dev": true, + "requires": { + "is-typedarray": "^1.0.0" + } + }, + "typescript": { + "version": "3.6.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-3.6.3.tgz", + "integrity": "sha512-N7bceJL1CtRQ2RiG0AQME13ksR7DiuQh/QehubYcghzv20tnh+MQnQIuJddTmsbqYj+dztchykemz0zFzlvdQw==", + "dev": true + }, + "uglify-js": { + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.6.0.tgz", + "integrity": "sha512-W+jrUHJr3DXKhrsS7NUVxn3zqMOFn0hL/Ei6v0anCIMoKC93TjcflTagwIHLW7SfMFfiQuktQyFVCFHGUE0+yg==", + "dev": true, + "optional": true, + "requires": { + "commander": "~2.20.0", + "source-map": "~0.6.1" + } + }, + "unicode-length": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/unicode-length/-/unicode-length-1.0.3.tgz", + "integrity": "sha1-Wtp6f+1RhBpBijKM8UlHisg1irs=", + "dev": true, + "requires": { + "punycode": "^1.3.2", + "strip-ansi": "^3.0.1" + }, + "dependencies": { + "ansi-regex": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz", + "integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8=", + "dev": true + }, + "punycode": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz", + "integrity": "sha1-wNWmOycYgArY4esPpSachN1BhF4=", + "dev": true + }, + "strip-ansi": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "integrity": "sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=", + "dev": true, + "requires": { + "ansi-regex": "^2.0.0" + } + } + } + }, + "uri-js": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz", + "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==", + "dev": true, + "requires": { + "punycode": "^2.1.0" + } + }, + "util-deprecate": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", + "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=", + "dev": true, + "optional": true + }, + "uuid": { + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.3.tgz", + "integrity": "sha512-pW0No1RGHgzlpHJO1nsVrHKpOEIxkGg1xB+v0ZmdNH5OAeAwzAVrCnI2/6Mtx+Uys6iaylxa+D3g4j63IKKjSQ==", + "dev": true + }, + "validate-npm-package-license": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==", + "dev": true, + "requires": { + "spdx-correct": "^3.0.0", + "spdx-expression-parse": "^3.0.0" + } + }, + "verror": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", + "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0", + "core-util-is": "1.0.2", + "extsprintf": "^1.2.0" + } + }, + "vlq": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/vlq/-/vlq-0.2.3.tgz", + "integrity": "sha512-DRibZL6DsNhIgYQ+wNdWDL2SL3bKPlVrRiBqV5yuMm++op8W4kGFtaQfCs4KEJn0wBZcHVHJ3eoywX8983k1ow==", + "dev": true + }, + "which": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", + "dev": true, + "requires": { + "isexe": "^2.0.0" + } + }, + "which-module": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/which-module/-/which-module-2.0.0.tgz", + "integrity": "sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho=", + "dev": true + }, + "wordwrap": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz", + "integrity": "sha1-o9XabNXAvAAI03I0u68b7WMFkQc=", + "dev": true + }, + "wrap-ansi": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-2.1.0.tgz", + "integrity": "sha1-2Pw9KE3QV5T+hJc8rs3Rz4JP3YU=", + "dev": true, + "requires": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.1" + }, + "dependencies": { + "ansi-regex": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz", + "integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8=", + "dev": true + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", + "integrity": "sha1-754xOG8DGn8NZDr4L95QxFfvAMs=", + "dev": true, + "requires": { + "number-is-nan": "^1.0.0" + } + }, + "string-width": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz", + "integrity": "sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=", + "dev": true, + "requires": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + } + }, + "strip-ansi": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "integrity": "sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=", + "dev": true, + "requires": { + "ansi-regex": "^2.0.0" + } + } + } + }, + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", + "dev": true + }, + "write-file-atomic": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-3.0.0.tgz", + "integrity": "sha512-EIgkf60l2oWsffja2Sf2AL384dx328c0B+cIYPTQq5q2rOYuDV00/iPFBOUiDKKwKMOhkymH8AidPaRvzfxY+Q==", + "dev": true, + "requires": { + "imurmurhash": "^0.1.4", + "is-typedarray": "^1.0.0", + "signal-exit": "^3.0.2", + "typedarray-to-buffer": "^3.1.5" + } + }, + "y18n": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.0.tgz", + "integrity": "sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w==", + "dev": true + }, + "yallist": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-2.1.2.tgz", + "integrity": "sha1-HBH5IY8HYImkfdUS+TxmmaaoHVI=", + "dev": true + }, + "yaml": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.6.0.tgz", + "integrity": "sha512-iZfse3lwrJRoSlfs/9KQ9iIXxs9++RvBFVzAqbbBiFT+giYtyanevreF9r61ZTbGMgWQBxAua3FzJiniiJXWWw==", + "dev": true, + "requires": { + "@babel/runtime": "^7.4.5" + } + }, + "yapool": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/yapool/-/yapool-1.0.0.tgz", + "integrity": "sha1-9pPymjFbUNmp2iZGp6ZkXJaYW2o=", + "dev": true + }, + "yargs": { + "version": "13.3.0", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-13.3.0.tgz", + "integrity": "sha512-2eehun/8ALW8TLoIl7MVaRUrg+yCnenu8B4kBlRxj3GJGDKU1Og7sMXPNm1BYyM1DOJmTZ4YeN/Nwxv+8XJsUA==", + "dev": true, + "requires": { + "cliui": "^5.0.0", + "find-up": "^3.0.0", + "get-caller-file": "^2.0.1", + "require-directory": "^2.1.1", + "require-main-filename": "^2.0.0", + "set-blocking": "^2.0.0", + "string-width": "^3.0.0", + "which-module": "^2.0.0", + "y18n": "^4.0.0", + "yargs-parser": "^13.1.1" + }, + "dependencies": { + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==", + "dev": true + }, + "cliui": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-5.0.0.tgz", + "integrity": "sha512-PYeGSEmmHM6zvoef2w8TPzlrnNpXIjTipYK780YswmIP9vjxmd6Y2a3CB2Ks6/AU8NHjZugXvo8w3oWM2qnwXA==", + "dev": true, + "requires": { + "string-width": "^3.1.0", + "strip-ansi": "^5.2.0", + "wrap-ansi": "^5.1.0" + } + }, + "string-width": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz", + "integrity": "sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==", + "dev": true, + "requires": { + "emoji-regex": "^7.0.1", + "is-fullwidth-code-point": "^2.0.0", + "strip-ansi": "^5.1.0" + } + }, + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "dev": true, + "requires": { + "ansi-regex": "^4.1.0" + } + }, + "wrap-ansi": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-5.1.0.tgz", + "integrity": "sha512-QC1/iN/2/RPVJ5jYK8BGttj5z83LmSKmvbvrXPNCLZSEb32KKVDJDl/MOt2N01qU2H/FkzEa9PKto1BqDjtd7Q==", + "dev": true, + "requires": { + "ansi-styles": "^3.2.0", + "string-width": "^3.0.0", + "strip-ansi": "^5.0.0" + } + } + } + }, + "yargs-parser": { + "version": "13.1.1", + "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-13.1.1.tgz", + "integrity": "sha512-oVAVsHz6uFrg3XQheFII8ESO2ssAf9luWuAd6Wexsu4F3OtIW0o8IribPXYrD4WC24LWtPrJlGy87y5udK+dxQ==", + "dev": true, + "requires": { + "camelcase": "^5.0.0", + "decamelize": "^1.2.0" + } + }, + "yn": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/yn/-/yn-3.1.1.tgz", + "integrity": "sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q==", + "dev": true + } + } +} diff --git a/node_modules/minipass-sized/package.json b/node_modules/minipass-sized/package.json new file mode 100644 index 000000000..b73c061e9 --- /dev/null +++ b/node_modules/minipass-sized/package.json @@ -0,0 +1,72 @@ +{ + "_from": "minipass-sized@^1.0.3", + "_id": "minipass-sized@1.0.3", + "_inBundle": false, + "_integrity": "sha512-MbkQQ2CTiBMlA2Dm/5cY+9SWFEN8pzzOXi6rlM5Xxq0Yqbda5ZQy9sU75a673FE9ZK0Zsbr6Y5iP6u9nktfg2g==", + "_location": "/minipass-sized", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass-sized@^1.0.3", + "name": "minipass-sized", + "escapedName": "minipass-sized", + "rawSpec": "^1.0.3", + "saveSpec": null, + "fetchSpec": "^1.0.3" + }, + "_requiredBy": [ + "/minipass-fetch" + ], + "_resolved": "https://registry.npmjs.org/minipass-sized/-/minipass-sized-1.0.3.tgz", + "_shasum": "70ee5a7c5052070afacfbc22977ea79def353b70", + "_spec": "minipass-sized@^1.0.3", + "_where": "/Users/mperrotte/npminc/cli/node_modules/minipass-fetch", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "https://izs.me" + }, + "bugs": { + "url": "https://github.com/isaacs/minipass-sized/issues" + }, + "bundleDependencies": false, + "dependencies": { + "minipass": "^3.0.0" + }, + "deprecated": false, + "description": "A Minipass stream that raises an error if you get a different number of bytes than expected", + "devDependencies": { + "tap": "^14.6.4" + }, + "directories": { + "test": "test" + }, + "engines": { + "node": ">=8" + }, + "homepage": "https://github.com/isaacs/minipass-sized#readme", + "keywords": [ + "minipass", + "size", + "length" + ], + "license": "ISC", + "main": "index.js", + "name": "minipass-sized", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/minipass-sized.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "snap": "tap", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "1.0.3" +} diff --git a/node_modules/minipass-sized/test/basic.js b/node_modules/minipass-sized/test/basic.js new file mode 100644 index 000000000..bbdcadaa8 --- /dev/null +++ b/node_modules/minipass-sized/test/basic.js @@ -0,0 +1,83 @@ +const t = require('tap') +const MPS = require('../') + +t.test('ok if size checks out', t => { + const mps = new MPS({ size: 4 }) + + mps.write(Buffer.from('a').toString('hex'), 'hex') + mps.write(Buffer.from('sd')) + mps.end('f') + return mps.concat().then(data => t.equal(data.toString(), 'asdf')) +}) + +t.test('error if size exceeded', t => { + const mps = new MPS({ size: 1 }) + mps.on('error', er => { + t.match(er, { + message: 'Bad data size: expected 1 bytes, but got 4', + found: 4, + expect: 1, + code: 'EBADSIZE', + name: 'SizeError', + }) + t.end() + }) + mps.write('asdf') +}) + +t.test('error if size is not met', t => { + const mps = new MPS({ size: 999 }) + t.throws(() => mps.end(), { + message: 'Bad data size: expected 999 bytes, but got 0', + found: 0, + name: 'SizeError', + expect: 999, + code: 'EBADSIZE', + }) + t.end() +}) + +t.test('error if non-string/buffer is written', t => { + const mps = new MPS({size:1}) + mps.on('error', er => { + t.match(er, { + message: 'MinipassSized streams only work with string and buffer data' + }) + t.end() + }) + mps.write({some:'object'}) +}) + +t.test('projectiles', t => { + t.throws(() => new MPS(), { + message: 'invalid expected size: undefined' + }, 'size is required') + t.throws(() => new MPS({size: true}), { + message: 'invalid expected size: true' + }, 'size must be number') + t.throws(() => new MPS({size: NaN}), { + message: 'invalid expected size: NaN' + }, 'size must not be NaN') + t.throws(() => new MPS({size:1.2}), { + message: 'invalid expected size: 1.2' + }, 'size must be integer') + t.throws(() => new MPS({size: Infinity}), { + message: 'invalid expected size: Infinity' + }, 'size must be finite') + t.throws(() => new MPS({size: -1}), { + message: 'invalid expected size: -1' + }, 'size must be positive') + t.throws(() => new MPS({objectMode: true}), { + message: 'MinipassSized streams only work with string and buffer data' + }, 'no objectMode') + t.throws(() => new MPS({size: Number.MAX_SAFE_INTEGER + 1000000}), { + message: 'invalid expected size: 9007199255740992' + }) + t.end() +}) + +t.test('exports SizeError class', t => { + t.isa(MPS.SizeError, 'function') + t.isa(MPS.SizeError.prototype, Error) + t.end() +}) diff --git a/node_modules/mkdirp/.travis.yml b/node_modules/mkdirp/.travis.yml new file mode 100644 index 000000000..74c57bf15 --- /dev/null +++ b/node_modules/mkdirp/.travis.yml @@ -0,0 +1,8 @@ +language: node_js +node_js: + - "0.8" + - "0.10" + - "0.12" + - "iojs" +before_install: + - npm install -g npm@~1.4.6 diff --git a/node_modules/mkdirp/README.markdown b/node_modules/mkdirp/README.markdown index fc314bfbd..3cc131538 100644 --- a/node_modules/mkdirp/README.markdown +++ b/node_modules/mkdirp/README.markdown @@ -37,7 +37,7 @@ Create a new directory and any necessary subdirectories at `dir` with octal permission string `opts.mode`. If `opts` is a non-object, it will be treated as the `opts.mode`. -If `opts.mode` isn't specified, it defaults to `0777`. +If `opts.mode` isn't specified, it defaults to `0777 & (~process.umask())`. `cb(err, made)` fires with the error or the first directory `made` that had to be created, if any. @@ -52,7 +52,7 @@ Synchronously create a new directory and any necessary subdirectories at `dir` with octal permission string `opts.mode`. If `opts` is a non-object, it will be treated as the `opts.mode`. -If `opts.mode` isn't specified, it defaults to `0777`. +If `opts.mode` isn't specified, it defaults to `0777 & (~process.umask())`. Returns the first directory that had to be created, if any. diff --git a/node_modules/mkdirp/examples/pow.js b/node_modules/mkdirp/examples/pow.js new file mode 100644 index 000000000..e6924212e --- /dev/null +++ b/node_modules/mkdirp/examples/pow.js @@ -0,0 +1,6 @@ +var mkdirp = require('mkdirp'); + +mkdirp('/tmp/foo/bar/baz', function (err) { + if (err) console.error(err) + else console.log('pow!') +}); diff --git a/node_modules/mkdirp/index.js b/node_modules/mkdirp/index.js index 468d7cd8d..6ce241b58 100644 --- a/node_modules/mkdirp/index.js +++ b/node_modules/mkdirp/index.js @@ -17,7 +17,7 @@ function mkdirP (p, opts, f, made) { var xfs = opts.fs || fs; if (mode === undefined) { - mode = _0777 + mode = _0777 & (~process.umask()); } if (!made) made = null; @@ -31,7 +31,6 @@ function mkdirP (p, opts, f, made) { } switch (er.code) { case 'ENOENT': - if (path.dirname(p) === p) return cb(er); mkdirP(path.dirname(p), opts, function (er, made) { if (er) cb(er, made); else mkdirP(p, opts, cb, made); @@ -62,7 +61,7 @@ mkdirP.sync = function sync (p, opts, made) { var xfs = opts.fs || fs; if (mode === undefined) { - mode = _0777 + mode = _0777 & (~process.umask()); } if (!made) made = null; diff --git a/node_modules/mkdirp/package.json b/node_modules/mkdirp/package.json index af775065f..aa7b90611 100644 --- a/node_modules/mkdirp/package.json +++ b/node_modules/mkdirp/package.json @@ -1,41 +1,47 @@ { - "_from": "mkdirp@0.5.5", - "_id": "mkdirp@0.5.5", + "_args": [ + [ + "mkdirp@0.5.1", + "/Users/rebecca/code/npm" + ] + ], + "_from": "mkdirp@0.5.1", + "_id": "mkdirp@0.5.1", "_inBundle": false, - "_integrity": "sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==", + "_integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=", "_location": "/mkdirp", "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "mkdirp@0.5.5", + "raw": "mkdirp@0.5.1", "name": "mkdirp", "escapedName": "mkdirp", - "rawSpec": "0.5.5", + "rawSpec": "0.5.1", "saveSpec": null, - "fetchSpec": "0.5.5" + "fetchSpec": "0.5.1" }, "_requiredBy": [ - "#USER", "/", "/cacache", "/cmd-shim", "/copy-concurrently", "/eslint", + "/fstream", "/gentle-fs", - "/libcipm", "/move-concurrently", "/node-gyp", + "/npm-profile/cacache", + "/npm-registry-fetch/cacache", "/pacote", - "/spawn-wrap", + "/tacks", "/tap", "/tar", "/write" ], - "_resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.5.tgz", - "_shasum": "d91cefd62d1436ca0f41620e251288d420099def", - "_spec": "mkdirp@0.5.5", - "_where": "/Users/ruyadorno/Documents/workspace/cli", + "_resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz", + "_spec": "0.5.1", + "_where": "/Users/rebecca/code/npm", "author": { "name": "James Halliday", "email": "mail@substack.net", @@ -47,20 +53,14 @@ "bugs": { "url": "https://github.com/substack/node-mkdirp/issues" }, - "bundleDependencies": false, "dependencies": { - "minimist": "^1.2.5" + "minimist": "0.0.8" }, - "deprecated": false, "description": "Recursively mkdir, like `mkdir -p`", "devDependencies": { - "mock-fs": "^3.7.0", - "tap": "^5.4.2" + "mock-fs": "2 >=2.7.0", + "tap": "1" }, - "files": [ - "bin", - "index.js" - ], "homepage": "https://github.com/substack/node-mkdirp#readme", "keywords": [ "mkdir", @@ -69,9 +69,6 @@ "license": "MIT", "main": "index.js", "name": "mkdirp", - "publishConfig": { - "tag": "legacy" - }, "repository": { "type": "git", "url": "git+https://github.com/substack/node-mkdirp.git" @@ -79,5 +76,5 @@ "scripts": { "test": "tap test/*.js" }, - "version": "0.5.5" + "version": "0.5.1" } diff --git a/node_modules/mkdirp/test/chmod.js b/node_modules/mkdirp/test/chmod.js new file mode 100644 index 000000000..6a404b932 --- /dev/null +++ b/node_modules/mkdirp/test/chmod.js @@ -0,0 +1,41 @@ +var mkdirp = require('../').mkdirp; +var path = require('path'); +var fs = require('fs'); +var test = require('tap').test; +var _0777 = parseInt('0777', 8); +var _0755 = parseInt('0755', 8); +var _0744 = parseInt('0744', 8); + +var ps = [ '', 'tmp' ]; + +for (var i = 0; i < 25; i++) { + var dir = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + ps.push(dir); +} + +var file = ps.join('/'); + +test('chmod-pre', function (t) { + var mode = _0744 + mkdirp(file, mode, function (er) { + t.ifError(er, 'should not error'); + fs.stat(file, function (er, stat) { + t.ifError(er, 'should exist'); + t.ok(stat && stat.isDirectory(), 'should be directory'); + t.equal(stat && stat.mode & _0777, mode, 'should be 0744'); + t.end(); + }); + }); +}); + +test('chmod', function (t) { + var mode = _0755 + mkdirp(file, mode, function (er) { + t.ifError(er, 'should not error'); + fs.stat(file, function (er, stat) { + t.ifError(er, 'should exist'); + t.ok(stat && stat.isDirectory(), 'should be directory'); + t.end(); + }); + }); +}); diff --git a/node_modules/mkdirp/test/clobber.js b/node_modules/mkdirp/test/clobber.js new file mode 100644 index 000000000..2433b9ad5 --- /dev/null +++ b/node_modules/mkdirp/test/clobber.js @@ -0,0 +1,38 @@ +var mkdirp = require('../').mkdirp; +var path = require('path'); +var fs = require('fs'); +var test = require('tap').test; +var _0755 = parseInt('0755', 8); + +var ps = [ '', 'tmp' ]; + +for (var i = 0; i < 25; i++) { + var dir = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + ps.push(dir); +} + +var file = ps.join('/'); + +// a file in the way +var itw = ps.slice(0, 3).join('/'); + + +test('clobber-pre', function (t) { + console.error("about to write to "+itw) + fs.writeFileSync(itw, 'I AM IN THE WAY, THE TRUTH, AND THE LIGHT.'); + + fs.stat(itw, function (er, stat) { + t.ifError(er) + t.ok(stat && stat.isFile(), 'should be file') + t.end() + }) +}) + +test('clobber', function (t) { + t.plan(2); + mkdirp(file, _0755, function (err) { + t.ok(err); + t.equal(err.code, 'ENOTDIR'); + t.end(); + }); +}); diff --git a/node_modules/mkdirp/test/mkdirp.js b/node_modules/mkdirp/test/mkdirp.js new file mode 100644 index 000000000..eaa8921c7 --- /dev/null +++ b/node_modules/mkdirp/test/mkdirp.js @@ -0,0 +1,28 @@ +var mkdirp = require('../'); +var path = require('path'); +var fs = require('fs'); +var exists = fs.exists || path.exists; +var test = require('tap').test; +var _0777 = parseInt('0777', 8); +var _0755 = parseInt('0755', 8); + +test('woo', function (t) { + t.plan(5); + var x = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var y = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var z = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + + var file = '/tmp/' + [x,y,z].join('/'); + + mkdirp(file, _0755, function (err) { + t.ifError(err); + exists(file, function (ex) { + t.ok(ex, 'file created'); + fs.stat(file, function (err, stat) { + t.ifError(err); + t.equal(stat.mode & _0777, _0755); + t.ok(stat.isDirectory(), 'target not a directory'); + }) + }) + }); +}); diff --git a/node_modules/mkdirp/test/opts_fs.js b/node_modules/mkdirp/test/opts_fs.js new file mode 100644 index 000000000..97186b62e --- /dev/null +++ b/node_modules/mkdirp/test/opts_fs.js @@ -0,0 +1,29 @@ +var mkdirp = require('../'); +var path = require('path'); +var test = require('tap').test; +var mockfs = require('mock-fs'); +var _0777 = parseInt('0777', 8); +var _0755 = parseInt('0755', 8); + +test('opts.fs', function (t) { + t.plan(5); + + var x = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var y = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var z = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + + var file = '/beep/boop/' + [x,y,z].join('/'); + var xfs = mockfs.fs(); + + mkdirp(file, { fs: xfs, mode: _0755 }, function (err) { + t.ifError(err); + xfs.exists(file, function (ex) { + t.ok(ex, 'created file'); + xfs.stat(file, function (err, stat) { + t.ifError(err); + t.equal(stat.mode & _0777, _0755); + t.ok(stat.isDirectory(), 'target not a directory'); + }); + }); + }); +}); diff --git a/node_modules/mkdirp/test/opts_fs_sync.js b/node_modules/mkdirp/test/opts_fs_sync.js new file mode 100644 index 000000000..6c370aa6e --- /dev/null +++ b/node_modules/mkdirp/test/opts_fs_sync.js @@ -0,0 +1,27 @@ +var mkdirp = require('../'); +var path = require('path'); +var test = require('tap').test; +var mockfs = require('mock-fs'); +var _0777 = parseInt('0777', 8); +var _0755 = parseInt('0755', 8); + +test('opts.fs sync', function (t) { + t.plan(4); + + var x = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var y = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var z = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + + var file = '/beep/boop/' + [x,y,z].join('/'); + var xfs = mockfs.fs(); + + mkdirp.sync(file, { fs: xfs, mode: _0755 }); + xfs.exists(file, function (ex) { + t.ok(ex, 'created file'); + xfs.stat(file, function (err, stat) { + t.ifError(err); + t.equal(stat.mode & _0777, _0755); + t.ok(stat.isDirectory(), 'target not a directory'); + }); + }); +}); diff --git a/node_modules/mkdirp/test/perm.js b/node_modules/mkdirp/test/perm.js new file mode 100644 index 000000000..fbce44b82 --- /dev/null +++ b/node_modules/mkdirp/test/perm.js @@ -0,0 +1,32 @@ +var mkdirp = require('../'); +var path = require('path'); +var fs = require('fs'); +var exists = fs.exists || path.exists; +var test = require('tap').test; +var _0777 = parseInt('0777', 8); +var _0755 = parseInt('0755', 8); + +test('async perm', function (t) { + t.plan(5); + var file = '/tmp/' + (Math.random() * (1<<30)).toString(16); + + mkdirp(file, _0755, function (err) { + t.ifError(err); + exists(file, function (ex) { + t.ok(ex, 'file created'); + fs.stat(file, function (err, stat) { + t.ifError(err); + t.equal(stat.mode & _0777, _0755); + t.ok(stat.isDirectory(), 'target not a directory'); + }) + }) + }); +}); + +test('async root perm', function (t) { + mkdirp('/tmp', _0755, function (err) { + if (err) t.fail(err); + t.end(); + }); + t.end(); +}); diff --git a/node_modules/mkdirp/test/perm_sync.js b/node_modules/mkdirp/test/perm_sync.js new file mode 100644 index 000000000..398229fe5 --- /dev/null +++ b/node_modules/mkdirp/test/perm_sync.js @@ -0,0 +1,36 @@ +var mkdirp = require('../'); +var path = require('path'); +var fs = require('fs'); +var exists = fs.exists || path.exists; +var test = require('tap').test; +var _0777 = parseInt('0777', 8); +var _0755 = parseInt('0755', 8); + +test('sync perm', function (t) { + t.plan(4); + var file = '/tmp/' + (Math.random() * (1<<30)).toString(16) + '.json'; + + mkdirp.sync(file, _0755); + exists(file, function (ex) { + t.ok(ex, 'file created'); + fs.stat(file, function (err, stat) { + t.ifError(err); + t.equal(stat.mode & _0777, _0755); + t.ok(stat.isDirectory(), 'target not a directory'); + }); + }); +}); + +test('sync root perm', function (t) { + t.plan(3); + + var file = '/tmp'; + mkdirp.sync(file, _0755); + exists(file, function (ex) { + t.ok(ex, 'file created'); + fs.stat(file, function (err, stat) { + t.ifError(err); + t.ok(stat.isDirectory(), 'target not a directory'); + }) + }); +}); diff --git a/node_modules/mkdirp/test/race.js b/node_modules/mkdirp/test/race.js new file mode 100644 index 000000000..b0b9e183c --- /dev/null +++ b/node_modules/mkdirp/test/race.js @@ -0,0 +1,37 @@ +var mkdirp = require('../').mkdirp; +var path = require('path'); +var fs = require('fs'); +var exists = fs.exists || path.exists; +var test = require('tap').test; +var _0777 = parseInt('0777', 8); +var _0755 = parseInt('0755', 8); + +test('race', function (t) { + t.plan(10); + var ps = [ '', 'tmp' ]; + + for (var i = 0; i < 25; i++) { + var dir = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + ps.push(dir); + } + var file = ps.join('/'); + + var res = 2; + mk(file); + + mk(file); + + function mk (file, cb) { + mkdirp(file, _0755, function (err) { + t.ifError(err); + exists(file, function (ex) { + t.ok(ex, 'file created'); + fs.stat(file, function (err, stat) { + t.ifError(err); + t.equal(stat.mode & _0777, _0755); + t.ok(stat.isDirectory(), 'target not a directory'); + }); + }) + }); + } +}); diff --git a/node_modules/mkdirp/test/rel.js b/node_modules/mkdirp/test/rel.js new file mode 100644 index 000000000..4ddb34276 --- /dev/null +++ b/node_modules/mkdirp/test/rel.js @@ -0,0 +1,32 @@ +var mkdirp = require('../'); +var path = require('path'); +var fs = require('fs'); +var exists = fs.exists || path.exists; +var test = require('tap').test; +var _0777 = parseInt('0777', 8); +var _0755 = parseInt('0755', 8); + +test('rel', function (t) { + t.plan(5); + var x = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var y = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var z = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + + var cwd = process.cwd(); + process.chdir('/tmp'); + + var file = [x,y,z].join('/'); + + mkdirp(file, _0755, function (err) { + t.ifError(err); + exists(file, function (ex) { + t.ok(ex, 'file created'); + fs.stat(file, function (err, stat) { + t.ifError(err); + process.chdir(cwd); + t.equal(stat.mode & _0777, _0755); + t.ok(stat.isDirectory(), 'target not a directory'); + }) + }) + }); +}); diff --git a/node_modules/mkdirp/test/return.js b/node_modules/mkdirp/test/return.js new file mode 100644 index 000000000..bce68e561 --- /dev/null +++ b/node_modules/mkdirp/test/return.js @@ -0,0 +1,25 @@ +var mkdirp = require('../'); +var path = require('path'); +var fs = require('fs'); +var test = require('tap').test; + +test('return value', function (t) { + t.plan(4); + var x = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var y = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var z = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + + var file = '/tmp/' + [x,y,z].join('/'); + + // should return the first dir created. + // By this point, it would be profoundly surprising if /tmp didn't + // already exist, since every other test makes things in there. + mkdirp(file, function (err, made) { + t.ifError(err); + t.equal(made, '/tmp/' + x); + mkdirp(file, function (err, made) { + t.ifError(err); + t.equal(made, null); + }); + }); +}); diff --git a/node_modules/mkdirp/test/return_sync.js b/node_modules/mkdirp/test/return_sync.js new file mode 100644 index 000000000..7c222d355 --- /dev/null +++ b/node_modules/mkdirp/test/return_sync.js @@ -0,0 +1,24 @@ +var mkdirp = require('../'); +var path = require('path'); +var fs = require('fs'); +var test = require('tap').test; + +test('return value', function (t) { + t.plan(2); + var x = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var y = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var z = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + + var file = '/tmp/' + [x,y,z].join('/'); + + // should return the first dir created. + // By this point, it would be profoundly surprising if /tmp didn't + // already exist, since every other test makes things in there. + // Note that this will throw on failure, which will fail the test. + var made = mkdirp.sync(file); + t.equal(made, '/tmp/' + x); + + // making the same file again should have no effect. + made = mkdirp.sync(file); + t.equal(made, null); +}); diff --git a/node_modules/mkdirp/test/root.js b/node_modules/mkdirp/test/root.js new file mode 100644 index 000000000..9e7d079d9 --- /dev/null +++ b/node_modules/mkdirp/test/root.js @@ -0,0 +1,19 @@ +var mkdirp = require('../'); +var path = require('path'); +var fs = require('fs'); +var test = require('tap').test; +var _0755 = parseInt('0755', 8); + +test('root', function (t) { + // '/' on unix, 'c:/' on windows. + var file = path.resolve('/'); + + mkdirp(file, _0755, function (err) { + if (err) throw err + fs.stat(file, function (er, stat) { + if (er) throw er + t.ok(stat.isDirectory(), 'target is a directory'); + t.end(); + }) + }); +}); diff --git a/node_modules/mkdirp/test/sync.js b/node_modules/mkdirp/test/sync.js new file mode 100644 index 000000000..8c8dc938c --- /dev/null +++ b/node_modules/mkdirp/test/sync.js @@ -0,0 +1,32 @@ +var mkdirp = require('../'); +var path = require('path'); +var fs = require('fs'); +var exists = fs.exists || path.exists; +var test = require('tap').test; +var _0777 = parseInt('0777', 8); +var _0755 = parseInt('0755', 8); + +test('sync', function (t) { + t.plan(4); + var x = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var y = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var z = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + + var file = '/tmp/' + [x,y,z].join('/'); + + try { + mkdirp.sync(file, _0755); + } catch (err) { + t.fail(err); + return t.end(); + } + + exists(file, function (ex) { + t.ok(ex, 'file created'); + fs.stat(file, function (err, stat) { + t.ifError(err); + t.equal(stat.mode & _0777, _0755); + t.ok(stat.isDirectory(), 'target not a directory'); + }); + }); +}); diff --git a/node_modules/mkdirp/test/umask.js b/node_modules/mkdirp/test/umask.js new file mode 100644 index 000000000..2033c63a4 --- /dev/null +++ b/node_modules/mkdirp/test/umask.js @@ -0,0 +1,28 @@ +var mkdirp = require('../'); +var path = require('path'); +var fs = require('fs'); +var exists = fs.exists || path.exists; +var test = require('tap').test; +var _0777 = parseInt('0777', 8); +var _0755 = parseInt('0755', 8); + +test('implicit mode from umask', function (t) { + t.plan(5); + var x = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var y = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var z = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + + var file = '/tmp/' + [x,y,z].join('/'); + + mkdirp(file, function (err) { + t.ifError(err); + exists(file, function (ex) { + t.ok(ex, 'file created'); + fs.stat(file, function (err, stat) { + t.ifError(err); + t.equal(stat.mode & _0777, _0777 & (~process.umask())); + t.ok(stat.isDirectory(), 'target not a directory'); + }); + }) + }); +}); diff --git a/node_modules/mkdirp/test/umask_sync.js b/node_modules/mkdirp/test/umask_sync.js new file mode 100644 index 000000000..11a761474 --- /dev/null +++ b/node_modules/mkdirp/test/umask_sync.js @@ -0,0 +1,32 @@ +var mkdirp = require('../'); +var path = require('path'); +var fs = require('fs'); +var exists = fs.exists || path.exists; +var test = require('tap').test; +var _0777 = parseInt('0777', 8); +var _0755 = parseInt('0755', 8); + +test('umask sync modes', function (t) { + t.plan(4); + var x = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var y = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + var z = Math.floor(Math.random() * Math.pow(16,4)).toString(16); + + var file = '/tmp/' + [x,y,z].join('/'); + + try { + mkdirp.sync(file); + } catch (err) { + t.fail(err); + return t.end(); + } + + exists(file, function (ex) { + t.ok(ex, 'file created'); + fs.stat(file, function (err, stat) { + t.ifError(err); + t.equal(stat.mode & _0777, (_0777 & (~process.umask()))); + t.ok(stat.isDirectory(), 'target not a directory'); + }); + }); +}); diff --git a/node_modules/node-gyp/.travis.yml b/node_modules/node-gyp/.travis.yml index 22f7bc12f..e43ba548f 100644 --- a/node_modules/node-gyp/.travis.yml +++ b/node_modules/node-gyp/.travis.yml @@ -1,17 +1,33 @@ dist: xenial language: python cache: pip -addons: - homebrew: - update: true - packages: - - npm - - pyenv -jobs: +matrix: include: - name: "Python 2.7 on Linux" env: NODE_GYP_FORCE_PYTHON=python2 python: 2.7 + - name: "Python 2.7 on macOS" + os: osx + osx_image: xcode11.2 + language: shell # 'language: python' is not yet supported on macOS + env: NODE_GYP_FORCE_PYTHON=python2 + before_install: HOMEBREW_NO_AUTO_UPDATE=1 brew install npm + - name: "Node.js 6 & Python 2.7 on Windows" + os: windows + language: node_js + node_js: 6 # node + env: >- + PATH=/c/Python27:/c/Python27/Scripts:$PATH + NODE_GYP_FORCE_PYTHON=/c/Python27/python.exe + before_install: choco install python2 + - name: "Node.js 12 & Python 2.7 on Windows" + os: windows + language: node_js + node_js: 12 # node + env: >- + PATH=/c/Python27:/c/Python27/Scripts:$PATH + NODE_GYP_FORCE_PYTHON=/c/Python27/python.exe + before_install: choco install python2 - name: "Node.js 6 & Python 3.8 on Linux" python: 3.8 @@ -42,36 +58,12 @@ jobs: env: NODE_GYP_FORCE_PYTHON=python3 before_install: nvm install 12 - - name: "Python 2.7 on macOS" + - name: "Python 3.7 on macOS" os: osx osx_image: xcode11.2 language: shell # 'language: python' is not yet supported on macOS - env: NODE_GYP_FORCE_PYTHON=python2 PATH=$HOME/.pyenv/shims:$PATH PYENV_VERSION=2.7.17 - before_install: pyenv install $PYENV_VERSION - - name: "Python 3.8 on macOS" - os: osx - osx_image: xcode11.2 - language: shell # 'language: python' is not yet supported on macOS - env: NODE_GYP_FORCE_PYTHON=python3 PATH=$HOME/.pyenv/shims:$PATH PYENV_VERSION=3.8.0 - before_install: pyenv install $PYENV_VERSION - - - name: "Node.js 6 & Python 2.7 on Windows" - os: windows - language: node_js - node_js: 6 # node - env: >- - PATH=/c/Python27:/c/Python27/Scripts:$PATH - NODE_GYP_FORCE_PYTHON=/c/Python27/python.exe - before_install: choco install python2 - - name: "Node.js 12 & Python 2.7 on Windows" - os: windows - language: node_js - node_js: 12 # node - env: >- - PATH=/c/Python27:/c/Python27/Scripts:$PATH - NODE_GYP_FORCE_PYTHON=/c/Python27/python.exe - before_install: choco install python2 - + env: NODE_GYP_FORCE_PYTHON=python3 + before_install: HOMEBREW_NO_AUTO_UPDATE=1 brew upgrade npm || true - name: "Node.js 12 & Python 3.7 on Windows" os: windows language: node_js @@ -90,19 +82,20 @@ jobs: before_install: choco install python install: - - python -m pip install --upgrade flake8 pytest==4.6.6 # pytest 5 no longer supports legacy Python + #- pip install -r requirements.txt + - pip install --upgrade flake8 pytest==4.6.6 # pytest 5 no longer supports legacy Python before_script: - - python -m flake8 --version + - flake8 --version # stop the build if there are Python syntax errors or undefined names - - python -m flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics + - flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics # exit-zero treats all errors as warnings. Two space indentation is OK. The GitHub editor is 127 chars wide - - python -m flake8 . --count --exit-zero --ignore=E111,E114,W503 --max-complexity=10 --max-line-length=127 --statistics + - flake8 . --count --exit-zero --ignore=E111,E114,W503 --max-complexity=10 --max-line-length=127 --statistics - npm install - npm list script: - node -e 'require("npmlog").level="verbose"; require("./lib/find-python")(null,()=>{})' - npm test - - GYP_MSVS_VERSION=2015 GYP_MSVS_OVERRIDE_PATH="C:\\Dummy" python -m pytest + - GYP_MSVS_VERSION=2015 GYP_MSVS_OVERRIDE_PATH="C:\\Dummy" pytest notifications: on_success: change on_failure: change # `always` will be the setting once code changes slow down diff --git a/node_modules/node-gyp/CHANGELOG.md b/node_modules/node-gyp/CHANGELOG.md index 5dc6bb4d4..28f523779 100644 --- a/node_modules/node-gyp/CHANGELOG.md +++ b/node_modules/node-gyp/CHANGELOG.md @@ -1,21 +1,3 @@ -v5.1.0 2020-02-05 -================= - -* [[`f37a8b40d0`](https://github.com/nodejs/node-gyp/commit/f37a8b40d0)] - **doc**: add GitHub Actions badge (#1994) (Rod Vagg) [#1994](https://github.com/nodejs/node-gyp/pull/1994) -* [[`cb3f6aae5e`](https://github.com/nodejs/node-gyp/commit/cb3f6aae5e)] - **doc**: update macOS\_Catalina.md (#1992) (James Home) [#1992](https://github.com/nodejs/node-gyp/pull/1992) -* [[`0607596a4c`](https://github.com/nodejs/node-gyp/commit/0607596a4c)] - **doc**: fix typo in README.md (#1985) (Suraneti Rodsuwan) [#1985](https://github.com/nodejs/node-gyp/pull/1985) -* [[`0d5a415a14`](https://github.com/nodejs/node-gyp/commit/0d5a415a14)] - **doc**: add travis badge (Rod Vagg) [#1971](https://github.com/nodejs/node-gyp/pull/1971) -* [[`103740cd95`](https://github.com/nodejs/node-gyp/commit/103740cd95)] - **gyp**: list(dict) so we can del dict(key) while iterating (Christian Clauss) [#2009](https://github.com/nodejs/node-gyp/pull/2009) -* [[`278dcddbdd`](https://github.com/nodejs/node-gyp/commit/278dcddbdd)] - **lib**: ignore VS instances that cause COMExceptions (Andrew Casey) [#2018](https://github.com/nodejs/node-gyp/pull/2018) -* [[`1694907bbf`](https://github.com/nodejs/node-gyp/commit/1694907bbf)] - **lib**: compatibility with semver ≥ 7 (`new` for semver.Range) (Xavier Guimard) [#2006](https://github.com/nodejs/node-gyp/pull/2006) -* [[`a3f1143514`](https://github.com/nodejs/node-gyp/commit/a3f1143514)] - **(SEMVER-MINOR)** **lib**: noproxy support, match proxy detection to `request` (Matias Lopez) [#1978](https://github.com/nodejs/node-gyp/pull/1978) -* [[`52365819c7`](https://github.com/nodejs/node-gyp/commit/52365819c7)] - **test**: remove old docker test harness (#1993) (Rod Vagg) [#1993](https://github.com/nodejs/node-gyp/pull/1993) -* [[`bc509c511d`](https://github.com/nodejs/node-gyp/commit/bc509c511d)] - **test**: add Windows to GitHub Actions testing (#1996) (Christian Clauss) [#1996](https://github.com/nodejs/node-gyp/pull/1996) -* [[`91ee26dd48`](https://github.com/nodejs/node-gyp/commit/91ee26dd48)] - **test**: fix typo in header download test (#2001) (Richard Lau) [#2001](https://github.com/nodejs/node-gyp/pull/2001) -* [[`0923f344c9`](https://github.com/nodejs/node-gyp/commit/0923f344c9)] - **test**: direct python invocation & simpler pyenv (Matias Lopez) [#1979](https://github.com/nodejs/node-gyp/pull/1979) -* [[`32c8744b34`](https://github.com/nodejs/node-gyp/commit/32c8744b34)] - **test**: fix macOS Travis on Python 2.7 & 3.7 (Christian Clauss) [#1979](https://github.com/nodejs/node-gyp/pull/1979) -* [[`fd4b1351e4`](https://github.com/nodejs/node-gyp/commit/fd4b1351e4)] - **test**: initial Github Actions with Ubuntu & macOS (Christian Clauss) [#1985](https://github.com/nodejs/node-gyp/pull/1985) - v5.0.7 2019-12-16 ================= diff --git a/node_modules/node-gyp/CONTRIBUTING.md b/node_modules/node-gyp/CONTRIBUTING.md new file mode 100644 index 000000000..f48786bd8 --- /dev/null +++ b/node_modules/node-gyp/CONTRIBUTING.md @@ -0,0 +1,34 @@ +# Contributing to node-gyp + +## Code of Conduct + +Please read the +[Code of Conduct](https://github.com/nodejs/TSC/blob/master/CODE_OF_CONDUCT.md) +which explains the minimum behavior expectations for node-gyp contributors. + +<a id="developers-certificate-of-origin"></a> +## Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. diff --git a/node_modules/node-gyp/README.md b/node_modules/node-gyp/README.md index 79abf4ba7..e39c5de8e 100644 --- a/node_modules/node-gyp/README.md +++ b/node_modules/node-gyp/README.md @@ -1,8 +1,5 @@ # `node-gyp` - Node.js native addon build tool -[](https://travis-ci.com/nodejs/node-gyp) -[](https://github.com/nodejs/node-gyp/actions?workflow=Python_tests) - `node-gyp` is a cross-platform command-line tool written in Node.js for compiling native addon modules for Node.js. It contains a fork of the [gyp](https://gyp.gsrc.io) project that was previously used by the Chromium @@ -17,7 +14,7 @@ etc.), regardless of what version of Node.js is actually installed on your syste ## Features * The same build commands work on any of the supported platforms - * Supports the targeting of different versions of Node.js + * Supports the targetting of different versions of Node.js ## Installation @@ -194,8 +191,7 @@ Some additional resources for Node.js native addons and writing `gyp` configurat | `--devdir=$path` | SDK download directory (default is OS cache directory) | `--ensure` | Don't reinstall headers if already present | `--dist-url=$url` | Download header tarball from custom URL -| `--proxy=$url` | Set HTTP(S) proxy for downloading header tarball -| `--noproxy=$urls` | Set urls to ignore proxies when downloading header tarball +| `--proxy=$url` | Set HTTP proxy for downloading header tarball | `--cafile=$cafile` | Override default CA chain (to download tarball) | `--nodedir=$path` | Set the path to the node source code | `--python=$path` | Set path to the Python binary diff --git a/node_modules/node-gyp/gyp/pylib/gyp/input.py b/node_modules/node-gyp/gyp/pylib/gyp/input.py index d1742800a..2973c078f 100644 --- a/node_modules/node-gyp/gyp/pylib/gyp/input.py +++ b/node_modules/node-gyp/gyp/pylib/gyp/input.py @@ -2286,7 +2286,7 @@ def SetUpConfigurations(target, target_dict): merged_configurations[configuration]) # Now drop all the abstract ones. - for configuration in list(target_dict['configurations']): + for configuration in target_dict['configurations'].keys(): old_configuration_dict = target_dict['configurations'][configuration] if old_configuration_dict.get('abstract'): del target_dict['configurations'][configuration] diff --git a/node_modules/node-gyp/lib/Find-VisualStudio.cs b/node_modules/node-gyp/lib/Find-VisualStudio.cs index d2e45a762..0a533f42d 100644 --- a/node_modules/node-gyp/lib/Find-VisualStudio.cs +++ b/node_modules/node-gyp/lib/Find-VisualStudio.cs @@ -205,14 +205,7 @@ namespace VisualStudioConfiguration return; } - try - { - instances.Add(InstanceJson(rgelt[0])); - } - catch (COMException) - { - // Ignore instances that can't be queried. - } + instances.Add(InstanceJson(rgelt[0])); } } diff --git a/node_modules/node-gyp/lib/find-python.js b/node_modules/node-gyp/lib/find-python.js index fabc4630f..e79bc50d5 100644 --- a/node_modules/node-gyp/lib/find-python.js +++ b/node_modules/node-gyp/lib/find-python.js @@ -226,7 +226,7 @@ PythonFinder.prototype = { } this.addLog(`- version is "${version}"`) - const range = new semver.Range(this.semverRange) + const range = semver.Range(this.semverRange) var valid = false try { valid = range.test(version) diff --git a/node_modules/node-gyp/lib/install.js b/node_modules/node-gyp/lib/install.js index c919c1058..f68cd7fd6 100644 --- a/node_modules/node-gyp/lib/install.js +++ b/node_modules/node-gyp/lib/install.js @@ -11,7 +11,6 @@ const request = require('request') const mkdir = require('mkdirp') const processRelease = require('./process-release') const win = process.platform === 'win32' -const getProxyFromURI = require('./proxy') function install (fs, gyp, argv, callback) { var release = processRelease(argv, gyp, process.version, process.release) @@ -411,7 +410,10 @@ function download (gyp, env, url) { } // basic support for a proxy server - var proxyUrl = getProxyFromURI(gyp, env, url) + var proxyUrl = gyp.opts.proxy || + env.http_proxy || + env.HTTP_PROXY || + env.npm_config_proxy if (proxyUrl) { if (/^https?:\/\//i.test(proxyUrl)) { log.verbose('download', 'using proxy url: "%s"', proxyUrl) diff --git a/node_modules/node-gyp/lib/node-gyp.js b/node_modules/node-gyp/lib/node-gyp.js index 81fc59091..9d2410390 100644 --- a/node_modules/node-gyp/lib/node-gyp.js +++ b/node_modules/node-gyp/lib/node-gyp.js @@ -67,7 +67,6 @@ proto.configDefs = { ensure: Boolean, // 'install' solution: String, // 'build' (windows only) proxy: String, // 'install' - noproxy: String, // 'install' devdir: String, // everywhere nodedir: String, // 'configure' loglevel: String, // everywhere diff --git a/node_modules/node-gyp/macOS_Catalina.md b/node_modules/node-gyp/macOS_Catalina.md index 530cbf25c..5f02face5 100644 --- a/node_modules/node-gyp/macOS_Catalina.md +++ b/node_modules/node-gyp/macOS_Catalina.md @@ -1,37 +1,39 @@ # Installation notes for macOS Catalina (v10.15) -_This document specifically refers to upgrades from previous versions of macOS to Catalina (10.15). It should be removed from the source repository when Catalina ceases to be the latest macOS version or when future Catalina versions no longer raise these issues._ +_This document specifically refers to upgrades from previous versions of macOS to Catalina (10.15). It should be removed from the source repository when Catalina ceases to be the latest macOS version or updated to deal with challenges involved in upgrades to the next version of macOS._ -**Upgrading to macOS Catalina may cause normal `node-gyp` installations to fail.** +Lessons learned from: +* https://github.com/nodejs/node-gyp/issues/1779 +* https://github.com/nodejs/node-gyp/issues/1861 +* https://github.com/nodejs/node-gyp/issues/1927 and elsewhere + +Installing `node-gyp` on macOS can be found at https://github.com/nodejs/node-gyp#on-macos + +However, upgrading to macOS Catalina changes some settings that may cause normal `node-gyp` installations to fail. ### Is my Mac running macOS Catalina? -Let's first make sure that your Mac is running Catalina: -``` -% sw_vers +Let's make first make sure that your Mac is currently running Catalina: +% `sw_vers` ProductName: Mac OS X ProductVersion: 10.15 BuildVersion: 19A602 -``` -If `ProductVersion` is less then `10.15` then this document is not for you. Normal install docs for `node-gyp` on macOS can be found at https://github.com/nodejs/node-gyp#on-macos +If `ProductVersion` is less then `10.15` then this document is not really for you. ### The acid test -To see if `Xcode Command Line Tools` is installed in a way that will work with `node-gyp`, run: +Next, lets see if `Xcode Command Line Tools` are installed: 1. `/usr/sbin/pkgutil --packages | grep CL` - * `com.apple.pkg.CLTools_Executables` should be listed. If it isn't, this test failed. + * If nothing is listed, then [skip to the next section](#Two-roads). + * If `com.apple.pkg.CLTools_Executables` is listed then try: 2. `/usr/sbin/pkgutil --pkg-info com.apple.pkg.CLTools_Executables` - * `version: 11.0.0` (or later) should be listed. If it isn't, this test failed. - -If both tests succeeded, _you are done_! You should be ready to install `node-gyp`. - -If either test failed, there is a problem with your Xcode Command Line Tools installation. [Continue to Solutions](#Solutions). + * If `version: 11.0.0` or later is listed then _you are done_! Your Mac should be ready to install `node-gyp`. Doing `clang -v` should show `Apple clang version 11.0.0` or later. -### Solutions -There are three ways to install the Xcode libraries `node-gyp` needs on macOS. People running Catalina have had success with some but not others in a way that has been unpredictable. +As you go through the remainder of this document, at anytime you can try these `acid test` commands. If they pass then your Mac should be ready to install `node-gyp`. +### Two roads +There are two main ways to install `node-gyp` on macOS: 1. With the full Xcode (~7.6 GB download) from the `App Store` app. 2. With the _much_ smaller Xcode Command Line Tools via `xcode-select --install` -3. With the _much_ smaller Xcode Command Line Tools via manual download. **For people running the latest version of Catalina (10.15.2 at the time of this writing), this has worked when the other two solutions haven't.** ### Installing `node-gyp` using the full Xcode 1. `xcodebuild -version` should show `Xcode 11.1` or later. @@ -50,7 +52,7 @@ There are three ways to install the Xcode libraries `node-gyp` needs on macOS. P 10. `sudo xcode-select --reset` # Enter root password. No output is normal. 11. Repeat step 7 above. Is the path different this time? Repeat the _acid test_. -### Installing `node-gyp` using the Xcode Command Line Tools via `xcode-select --install` +### Installing `node-gyp` using the Xcode Command Line Tools 1. If the _acid test_ has not succeeded, then try `xcode-select --install` 2. Wait until the install process is _complete_. 3. `softwareupdate -l` # No listing is a good sign. @@ -62,11 +64,6 @@ There are three ways to install the Xcode libraries `node-gyp` needs on macOS. P 8. `sudo xcode-select --reset` # Enter root password. No output is normal. 9. Repeat step 5 above. Is the path different this time? Repeat the _acid test_. -### Installing `node-gyp` using the Xcode Command Line Tools via manual download -1. Download the appropriate version of the "Command Line Tools for Xcode" for your version of Catalina from developer.apple.com/download. As of MacOS 10.15.2, that's Command_Line_Tools_for_Xcode_11.3.dmg -2. Install the package. -3. Run the _acid test_. - ### I did all that and the acid test still does not pass :-( 1. `sudo rm -rf $(xcode-select -print-path)` # Enter root password. No output is normal. 2. `xcode-select --install` @@ -75,9 +72,3 @@ There are three ways to install the Xcode libraries `node-gyp` needs on macOS. P 5. `npm explore npm -g -- npm explore npm-lifecycle -- npm install node-gyp@latest` 6. If the _acid test_ still does _not_ pass then... 7. Add a comment to https://github.com/nodejs/node-gyp/issues/1927 so we can improve. - -Lessons learned from: -* https://github.com/nodejs/node-gyp/issues/1779 -* https://github.com/nodejs/node-gyp/issues/1861 -* https://github.com/nodejs/node-gyp/issues/1927 and elsewhere -* Thanks to @rrrix for discovering Solution 3 diff --git a/node_modules/node-gyp/package.json b/node_modules/node-gyp/package.json index 4638db5a3..afa45f396 100644 --- a/node_modules/node-gyp/package.json +++ b/node_modules/node-gyp/package.json @@ -1,29 +1,29 @@ { - "_from": "node-gyp@5.1.0", - "_id": "node-gyp@5.1.0", + "_from": "node-gyp@5.0.7", + "_id": "node-gyp@5.0.7", "_inBundle": false, - "_integrity": "sha512-OUTryc5bt/P8zVgNUmC6xdXiDJxLMAW8cF5tLQOT9E5sOQj+UeQxnnPy74K3CLCa/SOjjBlbuzDLR8ANwA+wmw==", + "_integrity": "sha512-K8aByl8OJD51V0VbUURTKsmdswkQQusIvlvmTyhHlIT1hBvaSxzdxpSle857XuXa7uc02UEZx9OR5aDxSWS5Qw==", "_location": "/node-gyp", "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "node-gyp@5.1.0", + "raw": "node-gyp@5.0.7", "name": "node-gyp", "escapedName": "node-gyp", - "rawSpec": "5.1.0", + "rawSpec": "5.0.7", "saveSpec": null, - "fetchSpec": "5.1.0" + "fetchSpec": "5.0.7" }, "_requiredBy": [ "#USER", "/", "/npm-lifecycle" ], - "_resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-5.1.0.tgz", - "_shasum": "8e31260a7af4a2e2f994b0673d4e0b3866156332", - "_spec": "node-gyp@5.1.0", - "_where": "/Users/darcyclarke/Documents/Repos/npm/cli", + "_resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-5.0.7.tgz", + "_shasum": "dd4225e735e840cf2870e4037c2ed9c28a31719e", + "_spec": "node-gyp@5.0.7", + "_where": "/Users/mperrotte/npminc/cli", "author": { "name": "Nathan Rajlich", "email": "nathan@tootallnate.net", @@ -84,5 +84,5 @@ "lint": "standard */*.js test/**/*.js", "test": "npm run lint && tap --timeout=120 test/test-*" }, - "version": "5.1.0" + "version": "5.0.7" } diff --git a/node_modules/node-gyp/test/docker.sh b/node_modules/node-gyp/test/docker.sh new file mode 100755 index 000000000..67014209d --- /dev/null +++ b/node_modules/node-gyp/test/docker.sh @@ -0,0 +1,112 @@ +#!/bin/bash + +#set -e + +test_node_versions="6.17.0 8.15.1 10.15.3 11.12.0" + +myuid=$(id -u) +mygid=$(id -g) +__dirname="$(CDPATH= cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +dot_node_gyp=${__dirname}/.node-gyp/ + +# borrows from https://github.com/rvagg/dnt/ + +# Simple setup function for a container: +# setup_container(image id, base image, commands to run to set up) +setup_container() { + local container_id="$1" + local base_container="$2" + local run_cmd="$3" + + # Does this image exist? If yes, ignore + docker inspect "$container_id" &> /dev/null + if [[ $? -eq 0 ]]; then + echo "Found existing container [$container_id]" + else + # No such image, so make it + echo "Did not find container [$container_id], creating..." + docker run -i $base_container /bin/bash -c "$run_cmd" + sleep 2 + docker commit $(docker ps -l -q) $container_id + fi +} + +# Run tests inside each of the versioned containers, copy cwd into npm's copy of node-gyp +# so it'll be invoked by npm when a compile is needed +# run_tests(version, test-commands) +run_tests() { + local version="$1" + local run_cmd="$2" + + run_cmd="rsync -aAXx --delete --exclude .git --exclude build /node-gyp-src/ /usr/lib/node_modules/npm/node_modules/node-gyp/; + /bin/su -s /bin/bash node-gyp -c 'cd && ${run_cmd}'" + + rm -rf $dot_node_gyp + mkdir $dot_node_gyp + + docker run \ + --rm -i \ + -v ~/.npm/:/node-gyp/.npm/ \ + -v ${dot_node_gyp}:/node-gyp/.node-gyp/ \ + -v $(pwd):/node-gyp-src/:ro \ + node-gyp-test/${version} /bin/bash -c "${run_cmd}" +} + +# A base image with build tools and a user account +setup_container "node-gyp-test/base" "ubuntu:14.04" " + adduser --gecos node-gyp --home /node-gyp/ --disabled-login node-gyp --uid $myuid && + echo "node-gyp:node-gyp" | chpasswd && + apt-get update && + apt-get install -y build-essential python git rsync curl +" + +# An image on top of the base containing clones of repos we want to use for testing +setup_container "node-gyp-test/clones" "node-gyp-test/base" " + cd /node-gyp/ && git clone https://github.com/justmoon/node-bignum.git && + cd /node-gyp/ && git clone https://github.com/bnoordhuis/node-buffertools.git && + chown -R node-gyp.node-gyp /node-gyp/ +" + +# An image for each of the node versions we want to test with that version installed and the latest npm +for v in $test_node_versions; do + setup_container "node-gyp-test/${v}" "node-gyp-test/clones" " + curl -sL https://nodejs.org/dist/v${v}/node-v${v}-linux-x64.tar.gz | tar -zxv --strip-components=1 -C /usr/ && + npm install npm@latest -g && + node -v && npm -v + " +done + +# Test use of --target=x.y.z to compile against alternate versions +test_download_node_version() { + local run_with_ver="$1" + local expected_dir="$2" + local expected_ver="$3" + run_tests $run_with_ver "cd node-buffertools && npm install --loglevel=info --target=${expected_ver}" + local node_ver=$(cat "${dot_node_gyp}${expected_dir}/node_version.h" | grep '#define NODE_\w*_VERSION [0-9]*$') + node_ver=$(echo $node_ver | sed 's/#define NODE_[A-Z]*_VERSION //g' | sed 's/ /./g') + if [ "X$(echo $node_ver)" != "X${expected_ver}" ]; then + echo "Did not download v${expected_ver} using --target, instead got: $(echo $node_ver)" + exit 1 + fi + echo "Verified correct download of [v${node_ver}]" +} + +test_download_node_version "0.12.7" "0.10.30/src" "0.10.30" +# should download the headers file +test_download_node_version "4.3.0" "4.3.0/include/node" "4.3.0" +test_download_node_version "5.6.0" "5.6.0/include/node" "5.6.0" + +# TODO: test --dist-url by starting up a localhost server and serving up tarballs + +# testing --dist-url, using simple-proxy.js to make localhost work as a distribution +# point for tarballs +# we can test whether it uses the proxy because after 2 connections the proxy will +# die and therefore should not be running at the end of the test, `nc` can tell us this +run_tests "0.12.7" " + (node /node-gyp-src/test/simple-proxy.js 8080 /boombar/ https://nodejs.org/dist/ &) && + cd node-buffertools && + NODEJS_ORG_MIRROR=http://localhost:8080/boombar/ /node-gyp-src/bin/node-gyp.js --loglevel=info rebuild && + nc -z localhost 8080 && echo -e \"\\n\\n\\033[31mFAILED TO USE LOCAL PROXY\\033[39m\\n\\n\" +" + +rm -rf $dot_node_gyp diff --git a/node_modules/node-gyp/test/test-download.js b/node_modules/node-gyp/test/test-download.js index fe373e328..738a43f27 100644 --- a/node_modules/node-gyp/test/test-download.js +++ b/node_modules/node-gyp/test/test-download.js @@ -90,101 +90,6 @@ test('download over https with custom ca', function (t) { }) }) -test('download over http with proxy', function (t) { - t.plan(2) - - var server = http.createServer(function (req, res) { - t.strictEqual(req.headers['user-agent'], - 'node-gyp v42 (node ' + process.version + ')') - res.end('ok') - pserver.close(function () { - server.close() - }) - }) - - var pserver = http.createServer(function (req, res) { - t.strictEqual(req.headers['user-agent'], - 'node-gyp v42 (node ' + process.version + ')') - res.end('proxy ok') - server.close(function () { - pserver.close() - }) - }) - - var host = 'localhost' - server.listen(0, host, function () { - var port = this.address().port - pserver.listen(port + 1, host, function () { - var gyp = { - opts: { - proxy: 'http://' + host + ':' + (port + 1) - }, - version: '42' - } - var url = 'http://' + host + ':' + port - var req = install.test.download(gyp, {}, url) - req.on('response', function (res) { - var body = '' - res.setEncoding('utf8') - res.on('data', function (data) { - body += data - }) - res.on('end', function () { - t.strictEqual(body, 'proxy ok') - }) - }) - }) - }) -}) - -test('download over http with noproxy', function (t) { - t.plan(2) - - var server = http.createServer(function (req, res) { - t.strictEqual(req.headers['user-agent'], - 'node-gyp v42 (node ' + process.version + ')') - res.end('ok') - pserver.close(function () { - server.close() - }) - }) - - var pserver = http.createServer(function (req, res) { - t.strictEqual(req.headers['user-agent'], - 'node-gyp v42 (node ' + process.version + ')') - res.end('proxy ok') - server.close(function () { - pserver.close() - }) - }) - - var host = 'localhost' - server.listen(0, host, function () { - var port = this.address().port - pserver.listen(port + 1, host, function () { - var gyp = { - opts: { - proxy: 'http://' + host + ':' + (port + 1), - noproxy: 'localhost' - }, - version: '42' - } - var url = 'http://' + host + ':' + port - var req = install.test.download(gyp, {}, url) - req.on('response', function (res) { - var body = '' - res.setEncoding('utf8') - res.on('data', function (data) { - body += data - }) - res.on('end', function () { - t.strictEqual(body, 'ok') - }) - }) - }) - }) -}) - test('download with missing cafile', function (t) { t.plan(1) var gyp = { @@ -211,7 +116,7 @@ test('download headers (actual)', function (t) { process.release.name !== 'node' || semver.prerelease(process.version) !== null || semver.satisfies(process.version, '<10')) { - return t.skip('Skipping actual download of headers due to test environment configuration') + return t.skip('Skipping acutal download of headers due to test environment configuration') } t.plan(17) diff --git a/node_modules/nopt/.npmignore b/node_modules/nopt/.npmignore new file mode 100644 index 000000000..3c3629e64 --- /dev/null +++ b/node_modules/nopt/.npmignore @@ -0,0 +1 @@ +node_modules diff --git a/node_modules/nopt/.travis.yml b/node_modules/nopt/.travis.yml new file mode 100644 index 000000000..a1cef591c --- /dev/null +++ b/node_modules/nopt/.travis.yml @@ -0,0 +1,8 @@ +language: node_js +node_js: + - '0.12' + - '4' + - '6' + - '7' +before_install: + - npm install -g npm@latest diff --git a/node_modules/nopt/examples/my-program.js b/node_modules/nopt/examples/my-program.js new file mode 100755 index 000000000..142447e18 --- /dev/null +++ b/node_modules/nopt/examples/my-program.js @@ -0,0 +1,30 @@ +#!/usr/bin/env node + +//process.env.DEBUG_NOPT = 1 + +// my-program.js +var nopt = require("../lib/nopt") + , Stream = require("stream").Stream + , path = require("path") + , knownOpts = { "foo" : [String, null] + , "bar" : [Stream, Number] + , "baz" : path + , "bloo" : [ "big", "medium", "small" ] + , "flag" : Boolean + , "pick" : Boolean + } + , shortHands = { "foofoo" : ["--foo", "Mr. Foo"] + , "b7" : ["--bar", "7"] + , "m" : ["--bloo", "medium"] + , "p" : ["--pick"] + , "f" : ["--flag", "true"] + , "g" : ["--flag"] + , "s" : "--flag" + } + // everything is optional. + // knownOpts and shorthands default to {} + // arg list defaults to process.argv + // slice defaults to 2 + , parsed = nopt(knownOpts, shortHands, process.argv, 2) + +console.log("parsed =\n"+ require("util").inspect(parsed)) diff --git a/node_modules/nopt/lib/nopt.js b/node_modules/nopt/lib/nopt.js index 0ec5753d0..1fb113514 100644 --- a/node_modules/nopt/lib/nopt.js +++ b/node_modules/nopt/lib/nopt.js @@ -113,12 +113,7 @@ function clean (data, types, typeDefs) { return d[k] }).filter(function (val) { return val !== remove }) - // if we allow Array specifically, then an empty array is how we - // express 'no value here', not null. Allow it. - if (!val.length && type.indexOf(Array) === -1) { - debug('VAL HAS NO LENGTH, DELETE IT', val, k, type.indexOf(Array)) - delete data[k] - } + if (!val.length) delete data[k] else if (isArray) { debug(isArray, data[k], val) data[k] = val diff --git a/node_modules/nopt/package.json b/node_modules/nopt/package.json index 1490f6d25..cea3624f4 100644 --- a/node_modules/nopt/package.json +++ b/node_modules/nopt/package.json @@ -1,54 +1,51 @@ { - "_from": "nopt@4.0.3", - "_id": "nopt@4.0.3", + "_args": [ + [ + "nopt@4.0.1", + "/Users/rebecca/code/npm" + ] + ], + "_from": "nopt@4.0.1", + "_id": "nopt@4.0.1", "_inBundle": false, - "_integrity": "sha512-CvaGwVMztSMJLOeXPrez7fyfObdZqNUK1cPAEzLHrTybIua9pMdmmPR5YwtfNftIOMv3DPUhFaxsZMNTQO20Kg==", + "_integrity": "sha1-0NRoWv1UFRk8jHUFYC0NF81kR00=", "_location": "/nopt", "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "nopt@4.0.3", + "raw": "nopt@4.0.1", "name": "nopt", "escapedName": "nopt", - "rawSpec": "4.0.3", + "rawSpec": "4.0.1", "saveSpec": null, - "fetchSpec": "4.0.3" + "fetchSpec": "4.0.1" }, "_requiredBy": [ - "#USER", - "/", - "/node-gyp" + "/" ], - "_resolved": "https://registry.npmjs.org/nopt/-/nopt-4.0.3.tgz", - "_shasum": "a375cad9d02fd921278d954c2254d5aa57e15e48", - "_spec": "nopt@4.0.3", - "_where": "/Users/ruyadorno/Documents/workspace/cli", + "_resolved": "https://registry.npmjs.org/nopt/-/nopt-4.0.1.tgz", + "_spec": "4.0.1", + "_where": "/Users/rebecca/code/npm", "author": { "name": "Isaac Z. Schlueter", "email": "i@izs.me", "url": "http://blog.izs.me/" }, "bin": { - "nopt": "bin/nopt.js" + "nopt": "./bin/nopt.js" }, "bugs": { "url": "https://github.com/npm/nopt/issues" }, - "bundleDependencies": false, "dependencies": { "abbrev": "1", "osenv": "^0.1.4" }, - "deprecated": false, "description": "Option parsing for Node, supporting types, shorthands, etc. Used by npm.", "devDependencies": { - "tap": "^14.10.6" + "tap": "^8.0.1" }, - "files": [ - "bin", - "lib" - ], "homepage": "https://github.com/npm/nopt#readme", "license": "ISC", "main": "lib/nopt.js", @@ -58,10 +55,7 @@ "url": "git+https://github.com/npm/nopt.git" }, "scripts": { - "postversion": "npm publish", - "prepublishOnly": "git push origin --follow-tags", - "preversion": "npm test", "test": "tap test/*.js" }, - "version": "4.0.3" + "version": "4.0.1" } diff --git a/node_modules/nopt/test/basic.js b/node_modules/nopt/test/basic.js new file mode 100644 index 000000000..5c18ac0fc --- /dev/null +++ b/node_modules/nopt/test/basic.js @@ -0,0 +1,303 @@ +var nopt = require("../") + , test = require('tap').test + , isWin = process.platform === 'win32' + +test("passing a string results in a string", function (t) { + var parsed = nopt({ key: String }, {}, ["--key", "myvalue"], 0) + t.same(parsed.key, "myvalue") + t.end() +}) + +// https://github.com/npm/nopt/issues/31 +test("Empty String results in empty string, not true", function (t) { + var parsed = nopt({ empty: String }, {}, ["--empty"], 0) + t.same(parsed.empty, "") + t.end() +}) + +// https://github.com/npm/nopt/issues/65 +test("Empty String should not swallow next flag", function (t) { + var parsed = nopt({ empty: String, foo: String }, {}, ["--empty", "--foo"], 0) + t.same(parsed.empty, "") + t.same(parsed.foo, "") + t.end() +}) + +// https://github.com/npm/nopt/issues/66 +test("Empty String should not be true when type is single item Array", function (t) { + var parsed = nopt({ 'foo': [String] }, {}, ["--foo"], 0) + t.same(parsed.foo, "") + t.end() +}) + +test("~ path is resolved to " + (isWin ? '%USERPROFILE%' : '$HOME'), function (t) { + var path = require("path") + , the + + if (isWin) { + the = { + key: 'USERPROFILE', + dir: 'C:\\temp', + val: '~\\val' + } + } else { + the = { + key: 'HOME', + dir: '/tmp', + val: '~/val' + } + } + if (!process.env[the.key]) process.env[the.key] = v.dir + var parsed = nopt({key: path}, {}, ["--key=" + the.val], 0) + t.same(parsed.key, path.resolve(process.env[the.key], "val")) + t.end() +}) + +// https://github.com/npm/nopt/issues/24 +test("Unknown options are not parsed as numbers", function (t) { + var parsed = nopt({"parse-me": Number}, null, ['--leave-as-is=1.20', '--parse-me=1.20'], 0) + t.equal(parsed['leave-as-is'], '1.20') + t.equal(parsed['parse-me'], 1.2) + t.end() +}); + +// https://github.com/npm/nopt/issues/48 +test("Check types based on name of type", function (t) { + var parsed = nopt({"parse-me": {name: "Number"}}, null, ['--parse-me=1.20'], 0) + t.equal(parsed['parse-me'], 1.2) + t.end() +}) + + +test("Missing types are not parsed", function (t) { + var parsed = nopt({"parse-me": {}}, null, ['--parse-me=1.20'], 0) + //should only contain argv + t.equal(Object.keys(parsed).length, 1) + t.end() +}) + +test("Types passed without a name are not parsed", function (t) { + var parsed = nopt({"parse-me": {}}, {}, ['--parse-me=1.20'], 0) + //should only contain argv + t.equal(Object.keys(parsed).length, 1) + t.end() +}) + +test("other tests", function (t) { + + var util = require("util") + , Stream = require("stream") + , path = require("path") + , url = require("url") + + , shorthands = + { s : ["--loglevel", "silent"] + , d : ["--loglevel", "info"] + , dd : ["--loglevel", "verbose"] + , ddd : ["--loglevel", "silly"] + , noreg : ["--no-registry"] + , reg : ["--registry"] + , "no-reg" : ["--no-registry"] + , silent : ["--loglevel", "silent"] + , verbose : ["--loglevel", "verbose"] + , h : ["--usage"] + , H : ["--usage"] + , "?" : ["--usage"] + , help : ["--usage"] + , v : ["--version"] + , f : ["--force"] + , desc : ["--description"] + , "no-desc" : ["--no-description"] + , "local" : ["--no-global"] + , l : ["--long"] + , p : ["--parseable"] + , porcelain : ["--parseable"] + , g : ["--global"] + } + + , types = + { aoa: Array + , nullstream: [null, Stream] + , date: Date + , str: String + , browser : String + , cache : path + , color : ["always", Boolean] + , depth : Number + , description : Boolean + , dev : Boolean + , editor : path + , force : Boolean + , global : Boolean + , globalconfig : path + , group : [String, Number] + , gzipbin : String + , logfd : [Number, Stream] + , loglevel : ["silent","win","error","warn","info","verbose","silly"] + , long : Boolean + , "node-version" : [false, String] + , npaturl : url + , npat : Boolean + , "onload-script" : [false, String] + , outfd : [Number, Stream] + , parseable : Boolean + , pre: Boolean + , prefix: path + , proxy : url + , "rebuild-bundle" : Boolean + , registry : url + , searchopts : String + , searchexclude: [null, String] + , shell : path + , t: [Array, String] + , tag : String + , tar : String + , tmp : path + , "unsafe-perm" : Boolean + , usage : Boolean + , user : String + , username : String + , userconfig : path + , version : Boolean + , viewer: path + , _exit : Boolean + , path: path + } + + ; [["-v", {version:true}, []] + ,["---v", {version:true}, []] + ,["ls -s --no-reg connect -d", + {loglevel:"info",registry:null},["ls","connect"]] + ,["ls ---s foo",{loglevel:"silent"},["ls","foo"]] + ,["ls --registry blargle", {}, ["ls"]] + ,["--no-registry", {registry:null}, []] + ,["--no-color true", {color:false}, []] + ,["--no-color false", {color:true}, []] + ,["--no-color", {color:false}, []] + ,["--color false", {color:false}, []] + ,["--color --logfd 7", {logfd:7,color:true}, []] + ,["--color=true", {color:true}, []] + ,["--logfd=10", {logfd:10}, []] + ,["--tmp=/tmp -tar=gtar", {tmp: isWin ? "C:\\tmp" : "/tmp",tar:"gtar"},[]] + ,["--tmp=tmp -tar=gtar", + {tmp:path.resolve(process.cwd(), "tmp"),tar:"gtar"},[]] + ,["--logfd x", {}, []] + ,["a -true -- -no-false", {true:true},["a","-no-false"]] + ,["a -no-false", {false:false},["a"]] + ,["a -no-no-true", {true:true}, ["a"]] + ,["a -no-no-no-false", {false:false}, ["a"]] + ,["---NO-no-No-no-no-no-nO-no-no"+ + "-No-no-no-no-no-no-no-no-no"+ + "-no-no-no-no-NO-NO-no-no-no-no-no-no"+ + "-no-body-can-do-the-boogaloo-like-I-do" + ,{"body-can-do-the-boogaloo-like-I-do":false}, []] + ,["we are -no-strangers-to-love "+ + "--you-know=the-rules --and=so-do-i "+ + "---im-thinking-of=a-full-commitment "+ + "--no-you-would-get-this-from-any-other-guy "+ + "--no-gonna-give-you-up "+ + "-no-gonna-let-you-down=true "+ + "--no-no-gonna-run-around false "+ + "--desert-you=false "+ + "--make-you-cry false "+ + "--no-tell-a-lie "+ + "--no-no-and-hurt-you false" + ,{"strangers-to-love":false + ,"you-know":"the-rules" + ,"and":"so-do-i" + ,"you-would-get-this-from-any-other-guy":false + ,"gonna-give-you-up":false + ,"gonna-let-you-down":false + ,"gonna-run-around":false + ,"desert-you":false + ,"make-you-cry":false + ,"tell-a-lie":false + ,"and-hurt-you":false + },["we", "are"]] + ,["-t one -t two -t three" + ,{t: ["one", "two", "three"]} + ,[]] + ,["-t one -t null -t three four five null" + ,{t: ["one", "null", "three"]} + ,["four", "five", "null"]] + ,["-t foo" + ,{t:["foo"]} + ,[]] + ,["--no-t" + ,{t:["false"]} + ,[]] + ,["-no-no-t" + ,{t:["true"]} + ,[]] + ,["-aoa one -aoa null -aoa 100" + ,{aoa:["one", null, '100']} + ,[]] + ,["-str 100" + ,{str:"100"} + ,[]] + ,["--color always" + ,{color:"always"} + ,[]] + ,["--no-nullstream" + ,{nullstream:null} + ,[]] + ,["--nullstream false" + ,{nullstream:null} + ,[]] + ,["--notadate=2011-01-25" + ,{notadate: "2011-01-25"} + ,[]] + ,["--date 2011-01-25" + ,{date: new Date("2011-01-25")} + ,[]] + ,["-cl 1" + ,{config: true, length: 1} + ,[] + ,{config: Boolean, length: Number, clear: Boolean} + ,{c: "--config", l: "--length"}] + ,["--acount bla" + ,{"acount":true} + ,["bla"] + ,{account: Boolean, credentials: Boolean, options: String} + ,{a:"--account", c:"--credentials",o:"--options"}] + ,["--clear" + ,{clear:true} + ,[] + ,{clear:Boolean,con:Boolean,len:Boolean,exp:Boolean,add:Boolean,rep:Boolean} + ,{c:"--con",l:"--len",e:"--exp",a:"--add",r:"--rep"}] + ,["--file -" + ,{"file":"-"} + ,[] + ,{file:String} + ,{}] + ,["--file -" + ,{"file":true} + ,["-"] + ,{file:Boolean} + ,{}] + ,["--path" + ,{"path":null} + ,[]] + ,["--path ." + ,{"path":process.cwd()} + ,[]] + ].forEach(function (test) { + var argv = test[0].split(/\s+/) + , opts = test[1] + , rem = test[2] + , actual = nopt(test[3] || types, test[4] || shorthands, argv, 0) + , parsed = actual.argv + delete actual.argv + for (var i in opts) { + var e = JSON.stringify(opts[i]) + , a = JSON.stringify(actual[i] === undefined ? null : actual[i]) + if (e && typeof e === "object") { + t.deepEqual(e, a) + } else { + t.equal(e, a) + } + } + t.deepEqual(rem, parsed.remain) + }) + t.end() +}) diff --git a/node_modules/npm-packlist/package.json b/node_modules/npm-packlist/package.json index 693c51b96..c022dcef6 100644 --- a/node_modules/npm-packlist/package.json +++ b/node_modules/npm-packlist/package.json @@ -1,29 +1,29 @@ { - "_from": "npm-packlist@1.4.8", - "_id": "npm-packlist@1.4.8", + "_from": "npm-packlist@1.4.7", + "_id": "npm-packlist@1.4.7", "_inBundle": false, - "_integrity": "sha512-5+AZgwru5IevF5ZdnFglB5wNlHG1AOOuw28WhUq8/8emhBmLv6jX5by4WJCh7lW0uSYZYS6DXqIsyZVIXRZU9A==", + "_integrity": "sha512-vAj7dIkp5NhieaGZxBJB8fF4R0078rqsmhJcAfXZ6O7JJhjhPK96n5Ry1oZcfLXgfun0GWTZPOxaEyqv8GBykQ==", "_location": "/npm-packlist", "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "npm-packlist@1.4.8", + "raw": "npm-packlist@1.4.7", "name": "npm-packlist", "escapedName": "npm-packlist", - "rawSpec": "1.4.8", + "rawSpec": "1.4.7", "saveSpec": null, - "fetchSpec": "1.4.8" + "fetchSpec": "1.4.7" }, "_requiredBy": [ "#USER", "/", "/pacote" ], - "_resolved": "https://registry.npmjs.org/npm-packlist/-/npm-packlist-1.4.8.tgz", - "_shasum": "56ee6cc135b9f98ad3d51c1c95da22bbb9b2ef3e", - "_spec": "npm-packlist@1.4.8", - "_where": "/Users/darcyclarke/Documents/Repos/npm/cli", + "_resolved": "https://registry.npmjs.org/npm-packlist/-/npm-packlist-1.4.7.tgz", + "_shasum": "9e954365a06b80b18111ea900945af4f88ed4848", + "_spec": "npm-packlist@1.4.7", + "_where": "/Users/isaacs/dev/npm/cli", "author": { "name": "Isaac Z. Schlueter", "email": "i@izs.me", @@ -35,8 +35,7 @@ "bundleDependencies": false, "dependencies": { "ignore-walk": "^3.0.1", - "npm-bundled": "^1.0.1", - "npm-normalize-package-bin": "^1.0.1" + "npm-bundled": "^1.0.1" }, "deprecated": false, "description": "Get a list of the files to add from a folder into an npm package", @@ -72,5 +71,5 @@ "tap": { "jobs": 1 }, - "version": "1.4.8" + "version": "1.4.7" } diff --git a/node_modules/npm-pick-manifest/CHANGELOG.md b/node_modules/npm-pick-manifest/CHANGELOG.md index c594ba140..93a44f822 100644 --- a/node_modules/npm-pick-manifest/CHANGELOG.md +++ b/node_modules/npm-pick-manifest/CHANGELOG.md @@ -1,7 +1,51 @@ -# Change Log +# Changelog All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [6.0.0](https://github.com/npm/npm-pick-manifest/compare/v5.0.0...v6.0.0) (2020-02-18) + + +### ⚠ BREAKING CHANGES + +* 'enjoyBy' is no longer an acceptable alias. + +### Features + +* add GitHub Actions file for ci ([8985247](https://github.com/npm/npm-pick-manifest/commit/898524727fa157f46fdf4eb0c11148ae4808226b)) + + +### Bug Fixes + +* Handle edge cases around before:Date and filtering staged publishes ([ed2f92e](https://github.com/npm/npm-pick-manifest/commit/ed2f92e7fdc9cc7836b13ebc73e17d8fd296a07e)) +* remove figgy pudding ([c24fed2](https://github.com/npm/npm-pick-manifest/commit/c24fed25b8f77fbbcc3107030f2dfed55fa54222)) +* remove outdated cruft from docs ([aae7ef7](https://github.com/npm/npm-pick-manifest/commit/aae7ef7625ddddbac0548287e5d57b8f76593322)) +* update some missing {loose:true} semver configs ([4015424](https://github.com/npm/npm-pick-manifest/commit/40154244a3fe1af86462bc1d6165199fc3315c10)) +* Use canonical 'before' config name ([029de59](https://github.com/npm/npm-pick-manifest/commit/029de59bda6d3376f03760a00efe4ac9d997c623)) + +## [5.0.0](https://github.com/npm/npm-pick-manifest/compare/v4.0.0...v5.0.0) (2019-12-15) + + +### ⚠ BREAKING CHANGES + +* This drops support for node < 10. + +* normalize settings, drop old nodes, update deps ([dc2e61c](https://github.com/npm/npm-pick-manifest/commit/dc2e61cc06bd19e079128e77397df7593741da50)) + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/npm-pick-manifest/compare/v3.0.2...v4.0.0) (2019-11-11) + + +### deps + +* bump npm-package-arg to v7 ([42c76d8](https://github.com/npm/npm-pick-manifest/commit/42c76d8)), closes [/github.com/npm/hosted-git-info/pull/38#issuecomment-520243803](https://github.com//github.com/npm/hosted-git-info/pull/38/issues/issuecomment-520243803) + + +### BREAKING CHANGES + +* this drops support for ancient node versions. + + + <a name="3.0.2"></a> ## [3.0.2](https://github.com/npm/npm-pick-manifest/compare/v3.0.1...v3.0.2) (2019-08-30) diff --git a/node_modules/npm-pick-manifest/README.md b/node_modules/npm-pick-manifest/README.md index d32d47af1..fd177757a 100644 --- a/node_modules/npm-pick-manifest/README.md +++ b/node_modules/npm-pick-manifest/README.md @@ -1,4 +1,4 @@ -# npm-pick-manifest [](https://npm.im/npm-pick-manifest) [](https://npm.im/npm-pick-manifest) [](https://travis-ci.org/npm/npm-pick-manifest) [](https://ci.appveyor.com/project/npm/npm-pick-manifest) [](https://coveralls.io/github/npm/npm-pick-manifest?branch=latest) +# npm-pick-manifest [](https://npm.im/npm-pick-manifest) [](https://npm.im/npm-pick-manifest) [](https://travis-ci.org/npm/npm-pick-manifest) [](https://coveralls.io/github/npm/npm-pick-manifest?branch=latest) [`npm-pick-manifest`](https://github.com/npm/npm-pick-manifest) is a standalone implementation of [npm](https://npmjs.com)'s semver range resolution algorithm. @@ -11,7 +11,6 @@ implementation of [npm](https://npmjs.com)'s semver range resolution algorithm. * [Example](#example) * [Features](#features) -* [Contributing](#contributing) * [API](#api) * [`pickManifest()`](#pick-manifest) @@ -29,22 +28,17 @@ fetch('https://registry.npmjs.org/npm-pick-manifest').then(res => { ### Features -* Uses npm's exact semver resolution algorithm -* Supports ranges, tags, and versions - -### Contributing - -The npm-pick-manifest team enthusiastically welcomes contributions and project participation! -There's a bunch of things you can do if you want to contribute! The [Contributor -Guide](CONTRIBUTING.md) has all the information you need for everything from -reporting bugs to contributing entire new features. Please don't hesitate to -jump in if you'd like to, or even ask us questions if something isn't clear. +* Uses npm's exact [semver resolution algorithm](http://npm.im/semver). +* Supports ranges, tags, and versions. +* Prefers non-deprecated versions to deprecated versions. +* Prefers versions whose `engines` requirements are satisfied over those + that will raise a warning or error at install time. ### API #### <a name="pick-manifest"></a> `> pickManifest(packument, selector, [opts]) -> manifest` -Returns the manifest that matches `selector`, or throws an error. +Returns the manifest that best matches `selector`, or throws an error. Packuments are anything returned by metadata URLs from the npm registry. That is, they're objects with the following shape (only fields used by @@ -65,20 +59,73 @@ is, they're objects with the following shape (only fields used by } ``` -The algorithm will follow npm's algorithm for semver resolution, and only `tag`, -`range`, and `version` selectors are supported. +The algorithm will follow npm's algorithm for semver resolution, and only +`tag`, `range`, and `version` selectors are supported. The function will throw `ETARGET` if there was no matching manifest, and `ENOVERSIONS` if the packument object has no valid versions in `versions`. - -If `opts.defaultTag` is provided, it will be used instead of `latest`. That is, -if that tag matches the selector, it will be used, even if a higher available -version matches the range. - -If `opts.enjoyBy` is provided, it should be something that can be passed to `new -Date(x)`, such as a `Date` object or a timestamp string. It will be used to -filter the selected versions such that only versions less than or equal to -`enjoyBy` are considered. - -If `opts.includeDeprecated` passed in as true, deprecated versions will be -selected. By default, deprecated versions other than `defaultTag` are ignored. +If the only matching manifest is included in a `policyRestrictions` section +of the packument, then an `E403` is raised. + +#### <a name="pick-manifest-options"></a> Options + +All options are optional. + +* `includeStaged` - Boolean, default `false`. Include manifests in the + `stagedVersions.versions` set, to support installing [staged + packages](https://github.com/npm/rfcs/pull/92) when appropriate. Note + that staged packages are always treated as lower priority than actual + publishes, even when `includeStaged` is set. +* `defaultTag` - String, default `'latest'`. The default `dist-tag` to + install when no specifier is provided. Note that the version indicated + by this specifier will be given top priority if it matches a supplied + semver range. +* `before` - String, Date, or Number, default `null`. This is passed to + `new Date()`, so anything that works there will be valid. Do not + consider _any_ manifests that were published after the date indicated. + Note that this is only relevant when the packument includes a `time` + field listing the publish date of all the packages. +* `nodeVersion` - String, default `process.version`. The Node.js version + to use when checking manifests for `engines` requirement satisfaction. +* `npmVersion` - String, default `null`. The npm version to use when + checking manifest for `engines` requirement satisfaction. (If `null`, + then this particular check is skipped.) + +### Algorithm + +1. Create list of all versions in `versions`, + `policyRestrictions.versions`, and (if `includeStaged` is set) + `stagedVersions.versions`. +2. If a `dist-tag` is requested, + 1. If the manifest is not after the specified `before` date, then + select that from the set. + 2. If the manifest is after the specified `before` date, then re-start + the selection looking for the highest SemVer range that is equal to + or less than the `dist-tag` target. +3. If a specific version is requested, + 1. If the manifest is not after the specified `before` date, then + select the specified manifest. + 2. If the manifest is after the specified `before` date, then raise + `ETARGET` error. (NB: this is a breaking change from v5, where a + specified version would override the `before` setting.) +4. (At this point we know a range is requested.) +5. If the `defaultTag` refers to a `dist-tag` that satisfies the range (or + if the range is `'*'` or `''`), and the manifest is published before the + `before` setting, then select that manifest. +6. If nothing is yet selected, sort by the following heuristics in order, + and select the top item: + 1. Prioritize versions that are not in `policyRestrictions` over those + that are. + 2. Prioritize published versions over staged versions. + 3. Prioritize versions that are not deprecated, and which have a + satisfied engines requirement, over those that are either deprecated + or have an engines mismatch. + 4. Prioritize versions that have a satisfied engines requirement over + those that do not. + 5. Prioritize versions that are not are not deprecated (but have a + mismatched engines requirement) over those that are deprecated. + 6. Prioritize higher SemVer precedence over lower SemVer precedence. +7. If no manifest was selected, raise an `ETARGET` error. +8. If the selected item is in the `policyRestrictions.versions` list, raise + an `E403` error. +9. Return the selected manifest. diff --git a/node_modules/npm-pick-manifest/index.js b/node_modules/npm-pick-manifest/index.js index 9eb2d82d1..5fb1279d5 100644 --- a/node_modules/npm-pick-manifest/index.js +++ b/node_modules/npm-pick-manifest/index.js @@ -1,136 +1,155 @@ 'use strict' -const figgyPudding = require('figgy-pudding') const npa = require('npm-package-arg') const semver = require('semver') +const { checkEngine } = require('npm-install-checks') + +const engineOk = (manifest, npmVersion, nodeVersion) => { + try { + checkEngine(manifest, npmVersion, nodeVersion) + return true + } catch (_) { + return false + } +} -const PickerOpts = figgyPudding({ - defaultTag: { default: 'latest' }, - enjoyBy: {}, - includeDeprecated: { default: false } -}) - -module.exports = pickManifest -function pickManifest (packument, wanted, opts) { - opts = PickerOpts(opts) - const time = opts.enjoyBy && packument.time && +(new Date(opts.enjoyBy)) - const spec = npa.resolve(packument.name, wanted) +const isBefore = (verTimes, ver, time) => + !verTimes || !verTimes[ver] || Date.parse(verTimes[ver]) <= time + +const pickManifest = (packument, wanted, opts) => { + const { + defaultTag = 'latest', + before = null, + nodeVersion = process.version, + npmVersion = null, + includeStaged = false + } = opts + + const { name, time: verTimes } = packument + const versions = packument.versions || {} + const staged = (includeStaged && packument.stagedVersions && + packument.stagedVersions.versions) || {} + const restricted = (packument.policyRestrictions && + packument.policyRestrictions.versions) || {} + + const time = before && verTimes ? +(new Date(before)) : Infinity + const spec = npa.resolve(name, wanted || defaultTag) const type = spec.type - if (type === 'version' || type === 'range') { - wanted = semver.clean(wanted, true) || wanted - } const distTags = packument['dist-tags'] || {} - const versions = Object.keys(packument.versions || {}).filter(v => { - return semver.valid(v, true) - }) - const policyRestrictions = packument.policyRestrictions - const restrictedVersions = policyRestrictions - ? Object.keys(policyRestrictions.versions) : [] - function enjoyableBy (v) { - return !time || ( - packument.time[v] && time >= +(new Date(packument.time[v])) - ) + if (type !== 'tag' && type !== 'version' && type !== 'range') { + throw new Error('Only tag, version, and range are supported') } - let err - - if (!versions.length && !restrictedVersions.length) { - err = new Error(`No valid versions available for ${packument.name}`) - err.code = 'ENOVERSIONS' - err.name = packument.name - err.type = type - err.wanted = wanted - throw err + // if the type is 'tag', and not just the implicit default, then it must + // be that exactly, or nothing else will do. + if (wanted && type === 'tag') { + const ver = distTags[wanted] + // if the version in the dist-tags is before the before date, then + // we use that. Otherwise, we get the highest precedence version + // prior to the dist-tag. + if (isBefore(verTimes, ver, time)) { + return versions[ver] || staged[ver] || restricted[ver] + } else { + return pickManifest(packument, `<=${ver}`, opts) + } } - let target - - if (type === 'tag' && enjoyableBy(distTags[wanted])) { - target = distTags[wanted] - } else if (type === 'version') { - target = wanted - } else if (type !== 'range' && enjoyableBy(distTags[wanted])) { - throw new Error('Only tag, version, and range are supported') + // similarly, if a specific version, then only that version will do + if (wanted && type === 'version') { + const ver = semver.clean(wanted, { loose: true }) + const mani = versions[ver] || staged[ver] || restricted[ver] + return isBefore(verTimes, ver, time) ? mani : null } - const tagVersion = distTags[opts.defaultTag] + // ok, sort based on our heuristics, and pick the best fit + const range = type === 'range' ? wanted : '*' - if ( - !target && - tagVersion && - packument.versions[tagVersion] && - enjoyableBy(tagVersion) && - semver.satisfies(tagVersion, wanted, true) - ) { - target = tagVersion + // if the range is *, then we prefer the 'latest' if available + const defaultVer = distTags[defaultTag] + if (defaultVer && (range === '*' || semver.satisfies(defaultVer, range, { loose: true }))) { + const mani = versions[defaultVer] + if (mani && isBefore(verTimes, defaultVer, time)) { + return mani + } } - if (!target && !opts.includeDeprecated) { - const undeprecated = versions.filter(v => !packument.versions[v].deprecated && enjoyableBy(v) - ) - target = semver.maxSatisfying(undeprecated, wanted, true) - } - if (!target) { - const stillFresh = versions.filter(enjoyableBy) - target = semver.maxSatisfying(stillFresh, wanted, true) + // ok, actually have to sort the list and take the winner + const allEntries = Object.entries(versions) + .concat(Object.entries(staged)) + .concat(Object.entries(restricted)) + .filter(([ver, mani]) => isBefore(verTimes, ver, time)) + + if (!allEntries.length) { + throw Object.assign(new Error(`No valid versions available for ${name}`), { + code: 'ENOVERSIONS', + name, + type, + wanted, + versions: Object.keys(versions) + }) } - if (!target && wanted === '*' && enjoyableBy(tagVersion)) { - // This specific corner is meant for the case where - // someone is using `*` as a selector, but all versions - // are pre-releases, which don't match ranges at all. - target = tagVersion - } + const entries = allEntries.filter(([ver, mani]) => + semver.satisfies(ver, range, { loose: true })) + .sort((a, b) => { + const [vera, mania] = a + const [verb, manib] = b + const notrestra = !restricted[a] + const notrestrb = !restricted[b] + const notstagea = !staged[a] + const notstageb = !staged[b] + const notdepra = !mania.deprecated + const notdeprb = !manib.deprecated + const enginea = engineOk(mania, npmVersion, nodeVersion) + const engineb = engineOk(manib, npmVersion, nodeVersion) + // sort by: + // - not restricted + // - not staged + // - not deprecated and engine ok + // - engine ok + // - not deprecated + // - semver + return (notrestrb - notrestra) || + (notstageb - notstagea) || + ((notdeprb && engineb) - (notdepra && enginea)) || + (engineb - enginea) || + (notdeprb - notdepra) || + semver.rcompare(vera, verb, { loose: true }) + }) + + return entries[0] && entries[0][1] +} - if ( - !target && - time && - type === 'tag' && - distTags[wanted] && - !enjoyableBy(distTags[wanted]) - ) { - const stillFresh = versions.filter(v => - enjoyableBy(v) && semver.lte(v, distTags[wanted], true) - ).sort(semver.rcompare) - target = stillFresh[0] - } +module.exports = (packument, wanted, opts = {}) => { + const picked = pickManifest(packument, wanted, opts) + const policyRestrictions = packument.policyRestrictions + const restricted = (policyRestrictions && policyRestrictions.versions) || {} - if (!target && restrictedVersions) { - target = semver.maxSatisfying(restrictedVersions, wanted, true) + if (picked && !restricted[picked.version]) { + return picked } - const manifest = ( - target && - packument.versions[target] - ) - if (!manifest) { - // Check if target is forbidden - const isForbidden = target && policyRestrictions && policyRestrictions.versions[target] - const pckg = `${packument.name}@${wanted}${ - opts.enjoyBy - ? ` with an Enjoy By date of ${ - new Date(opts.enjoyBy).toLocaleString() - }. Maybe try a different date?` - : '' - }` - - if (isForbidden) { - err = new Error(`Could not download ${pckg} due to policy violations.\n${policyRestrictions.message}\n`) - err.code = 'E403' - } else { - err = new Error(`No matching version found for ${pckg}.`) - err.code = 'ETARGET' - } - - err.name = packument.name - err.type = type - err.wanted = wanted - err.versions = versions - err.distTags = distTags - err.defaultTag = opts.defaultTag - throw err - } else { - return manifest - } + const { before = null, defaultTag = 'latest' } = opts + const bstr = before ? new Date(before).toLocaleString() : '' + const { name } = packument + const pckg = `${name}@${wanted}` + + (before ? ` with a date before ${bstr}` : '') + + const isForbidden = picked && !!restricted[picked.version] + const polMsg = isForbidden ? policyRestrictions.message : '' + + const msg = !isForbidden ? `No matching version found for ${pckg}.` + : `Could not download ${pckg} due to policy violations:\n${polMsg}` + + const code = isForbidden ? 'E403' : 'ETARGET' + throw Object.assign(new Error(msg), { + code, + type: npa.resolve(packument.name, wanted).type, + wanted, + versions: Object.keys(packument.versions), + name, + distTags: packument['dist-tags'], + defaultTag + }) } diff --git a/node_modules/npm-pick-manifest/node_modules/.bin/semver b/node_modules/npm-pick-manifest/node_modules/.bin/semver new file mode 120000 index 000000000..5aaadf42c --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/.bin/semver @@ -0,0 +1 @@ +../semver/bin/semver.js
\ No newline at end of file diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/CHANGELOG.md b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/CHANGELOG.md new file mode 100644 index 000000000..9bc6cae2e --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/CHANGELOG.md @@ -0,0 +1,135 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="3.0.2"></a> +## [3.0.2](https://github.com/npm/hosted-git-info/compare/v3.0.1...v3.0.2) (2019-10-08) + + +### Bug Fixes + +* do not encodeURIComponent the domain ([3e5fbec](https://github.com/npm/hosted-git-info/commit/3e5fbec)), closes [#53](https://github.com/npm/hosted-git-info/issues/53) + + + +<a name="3.0.1"></a> +## [3.0.1](https://github.com/npm/hosted-git-info/compare/v3.0.0...v3.0.1) (2019-10-07) + + +### Bug Fixes + +* update pathmatch for gitlab ([e3e3054](https://github.com/npm/hosted-git-info/commit/e3e3054)), closes [#52](https://github.com/npm/hosted-git-info/issues/52) +* updated pathmatch for gitlab ([fa87af7](https://github.com/npm/hosted-git-info/commit/fa87af7)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/hosted-git-info/compare/v2.8.3...v3.0.0) (2019-08-12) + + +### Bug Fixes + +* **cache:** Switch to lru-cache to save ourselves from unlimited memory consumption ([37c2891](https://github.com/npm/hosted-git-info/commit/37c2891)), closes [#38](https://github.com/npm/hosted-git-info/issues/38) + + +### BREAKING CHANGES + +* **cache:** Drop support for node 0.x + + + +<a name="2.8.3"></a> +## [2.8.3](https://github.com/npm/hosted-git-info/compare/v2.8.2...v2.8.3) (2019-08-12) + + + +<a name="2.8.2"></a> +## [2.8.2](https://github.com/npm/hosted-git-info/compare/v2.8.1...v2.8.2) (2019-08-05) + + +### Bug Fixes + +* http protocol use sshurl by default ([3b1d629](https://github.com/npm/hosted-git-info/commit/3b1d629)), closes [#48](https://github.com/npm/hosted-git-info/issues/48) + + + +<a name="2.8.1"></a> +## [2.8.1](https://github.com/npm/hosted-git-info/compare/v2.8.0...v2.8.1) (2019-08-05) + + +### Bug Fixes + +* ignore noCommittish on tarball url generation ([5d4a8d7](https://github.com/npm/hosted-git-info/commit/5d4a8d7)) +* use gist tarball url that works for anonymous gists ([1692435](https://github.com/npm/hosted-git-info/commit/1692435)) + + + +<a name="2.8.0"></a> +# [2.8.0](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.0) (2019-08-05) + + +### Bug Fixes + +* Allow slashes in gitlab project section ([bbcf7b2](https://github.com/npm/hosted-git-info/commit/bbcf7b2)), closes [#46](https://github.com/npm/hosted-git-info/issues/46) [#43](https://github.com/npm/hosted-git-info/issues/43) +* **git-host:** disallow URI-encoded slash (%2F) in `path` ([3776fa5](https://github.com/npm/hosted-git-info/commit/3776fa5)), closes [#44](https://github.com/npm/hosted-git-info/issues/44) +* **gitlab:** Do not URL encode slashes in project name for GitLab https URL ([cbf04f9](https://github.com/npm/hosted-git-info/commit/cbf04f9)), closes [#47](https://github.com/npm/hosted-git-info/issues/47) +* do not allow invalid gist urls ([d5cf830](https://github.com/npm/hosted-git-info/commit/d5cf830)) +* **cache:** Switch to lru-cache to save ourselves from unlimited memory consumption ([e518222](https://github.com/npm/hosted-git-info/commit/e518222)), closes [#38](https://github.com/npm/hosted-git-info/issues/38) + + +### Features + +* give these objects a name ([60abaea](https://github.com/npm/hosted-git-info/commit/60abaea)) + + + +<a name="2.7.1"></a> +## [2.7.1](https://github.com/npm/hosted-git-info/compare/v2.7.0...v2.7.1) (2018-07-07) + + +### Bug Fixes + +* **index:** Guard against non-string types ([5bc580d](https://github.com/npm/hosted-git-info/commit/5bc580d)) +* **parse:** Crash on strings that parse to having no host ([c931482](https://github.com/npm/hosted-git-info/commit/c931482)), closes [#35](https://github.com/npm/hosted-git-info/issues/35) + + + +<a name="2.7.0"></a> +# [2.7.0](https://github.com/npm/hosted-git-info/compare/v2.6.1...v2.7.0) (2018-07-06) + + +### Bug Fixes + +* **github tarball:** update github tarballtemplate ([6efd582](https://github.com/npm/hosted-git-info/commit/6efd582)), closes [#34](https://github.com/npm/hosted-git-info/issues/34) +* **gitlab docs:** switched to lowercase anchors for readmes ([701bcd1](https://github.com/npm/hosted-git-info/commit/701bcd1)) + + +### Features + +* **all:** Support www. prefixes on hostnames ([3349575](https://github.com/npm/hosted-git-info/commit/3349575)), closes [#32](https://github.com/npm/hosted-git-info/issues/32) + + + +<a name="2.6.1"></a> +## [2.6.1](https://github.com/npm/hosted-git-info/compare/v2.6.0...v2.6.1) (2018-06-25) + +### Bug Fixes + +* **Revert:** "compat: remove Object.assign fallback ([#25](https://github.com/npm/hosted-git-info/issues/25))" ([cce5a62](https://github.com/npm/hosted-git-info/commit/cce5a62)) +* **Revert:** "git-host: fix forgotten extend()" ([a815ec9](https://github.com/npm/hosted-git-info/commit/a815ec9)) + + + +<a name="2.6.0"></a> +# [2.6.0](https://github.com/npm/hosted-git-info/compare/v2.5.0...v2.6.0) (2018-03-07) + + +### Bug Fixes + +* **compat:** remove Object.assign fallback ([#25](https://github.com/npm/hosted-git-info/issues/25)) ([627ab55](https://github.com/npm/hosted-git-info/commit/627ab55)) +* **git-host:** fix forgotten extend() ([eba1f7b](https://github.com/npm/hosted-git-info/commit/eba1f7b)) + + +### Features + +* **browse:** fragment support for browse() ([#28](https://github.com/npm/hosted-git-info/issues/28)) ([cd5e5bb](https://github.com/npm/hosted-git-info/commit/cd5e5bb)) diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/LICENSE b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/LICENSE new file mode 100644 index 000000000..45055763d --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/LICENSE @@ -0,0 +1,13 @@ +Copyright (c) 2015, Rebecca Turner + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH +REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, +INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR +OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/README.md b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/README.md new file mode 100644 index 000000000..7b723f6b9 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/README.md @@ -0,0 +1,133 @@ +# hosted-git-info + +This will let you identify and transform various git hosts URLs between +protocols. It also can tell you what the URL is for the raw path for +particular file for direct access without git. + +## Example + +```javascript +var hostedGitInfo = require("hosted-git-info") +var info = hostedGitInfo.fromUrl("git@github.com:npm/hosted-git-info.git", opts) +/* info looks like: +{ + type: "github", + domain: "github.com", + user: "npm", + project: "hosted-git-info" +} +*/ +``` + +If the URL can't be matched with a git host, `null` will be returned. We +can match git, ssh and https urls. Additionally, we can match ssh connect +strings (`git@github.com:npm/hosted-git-info`) and shortcuts (eg, +`github:npm/hosted-git-info`). Github specifically, is detected in the case +of a third, unprefixed, form: `npm/hosted-git-info`. + +If it does match, the returned object has properties of: + +* info.type -- The short name of the service +* info.domain -- The domain for git protocol use +* info.user -- The name of the user/org on the git host +* info.project -- The name of the project on the git host + +## Version Contract + +The major version will be bumped any time… + +* The constructor stops accepting URLs that it previously accepted. +* A method is removed. +* A method can no longer accept the number and type of arguments it previously accepted. +* A method can return a different type than it currently returns. + +Implications: + +* I do not consider the specific format of the urls returned from, say + `.https()` to be a part of the contract. The contract is that it will + return a string that can be used to fetch the repo via HTTPS. But what + that string looks like, specifically, can change. +* Dropping support for a hosted git provider would constitute a breaking + change. + +## Usage + +### var info = hostedGitInfo.fromUrl(gitSpecifier[, options]) + +* *gitSpecifer* is a URL of a git repository or a SCP-style specifier of one. +* *options* is an optional object. It can have the following properties: + * *noCommittish* — If true then committishes won't be included in generated URLs. + * *noGitPlus* — If true then `git+` won't be prefixed on URLs. + +## Methods + +All of the methods take the same options as the `fromUrl` factory. Options +provided to a method override those provided to the constructor. + +* info.file(path, opts) + +Given the path of a file relative to the repository, returns a URL for +directly fetching it from the githost. If no committish was set then +`master` will be used as the default. + +For example `hostedGitInfo.fromUrl("git@github.com:npm/hosted-git-info.git#v1.0.0").file("package.json")` +would return `https://raw.githubusercontent.com/npm/hosted-git-info/v1.0.0/package.json` + +* info.shortcut(opts) + +eg, `github:npm/hosted-git-info` + +* info.browse(path, fragment, opts) + +eg, `https://github.com/npm/hosted-git-info/tree/v1.2.0`, +`https://github.com/npm/hosted-git-info/tree/v1.2.0/package.json`, +`https://github.com/npm/hosted-git-info/tree/v1.2.0/REAMDE.md#supported-hosts` + +* info.bugs(opts) + +eg, `https://github.com/npm/hosted-git-info/issues` + +* info.docs(opts) + +eg, `https://github.com/npm/hosted-git-info/tree/v1.2.0#readme` + +* info.https(opts) + +eg, `git+https://github.com/npm/hosted-git-info.git` + +* info.sshurl(opts) + +eg, `git+ssh://git@github.com/npm/hosted-git-info.git` + +* info.ssh(opts) + +eg, `git@github.com:npm/hosted-git-info.git` + +* info.path(opts) + +eg, `npm/hosted-git-info` + +* info.tarball(opts) + +eg, `https://github.com/npm/hosted-git-info/archive/v1.2.0.tar.gz` + +* info.getDefaultRepresentation() + +Returns the default output type. The default output type is based on the +string you passed in to be parsed + +* info.toString(opts) + +Uses the getDefaultRepresentation to call one of the other methods to get a URL for +this resource. As such `hostedGitInfo.fromUrl(url).toString()` will give +you a normalized version of the URL that still uses the same protocol. + +Shortcuts will still be returned as shortcuts, but the special case github +form of `org/project` will be normalized to `github:org/project`. + +SSH connect strings will be normalized into `git+ssh` URLs. + +## Supported hosts + +Currently this supports Github, Bitbucket and Gitlab. Pull requests for +additional hosts welcome. diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/git-host-info.js b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/git-host-info.js new file mode 100644 index 000000000..8147e3348 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/git-host-info.js @@ -0,0 +1,79 @@ +'use strict' + +var gitHosts = module.exports = { + github: { + // First two are insecure and generally shouldn't be used any more, but + // they are still supported. + 'protocols': [ 'git', 'http', 'git+ssh', 'git+https', 'ssh', 'https' ], + 'domain': 'github.com', + 'treepath': 'tree', + 'filetemplate': 'https://{auth@}raw.githubusercontent.com/{user}/{project}/{committish}/{path}', + 'bugstemplate': 'https://{domain}/{user}/{project}/issues', + 'gittemplate': 'git://{auth@}{domain}/{user}/{project}.git{#committish}', + 'tarballtemplate': 'https://codeload.{domain}/{user}/{project}/tar.gz/{committish}' + }, + bitbucket: { + 'protocols': [ 'git+ssh', 'git+https', 'ssh', 'https' ], + 'domain': 'bitbucket.org', + 'treepath': 'src', + 'tarballtemplate': 'https://{domain}/{user}/{project}/get/{committish}.tar.gz' + }, + gitlab: { + 'protocols': [ 'git+ssh', 'git+https', 'ssh', 'https' ], + 'domain': 'gitlab.com', + 'treepath': 'tree', + 'bugstemplate': 'https://{domain}/{user}/{project}/issues', + 'httpstemplate': 'git+https://{auth@}{domain}/{user}/{projectPath}.git{#committish}', + 'tarballtemplate': 'https://{domain}/{user}/{project}/repository/archive.tar.gz?ref={committish}', + 'pathmatch': /^[/]([^/]+)[/]((?!.*(\/-\/|\/repository\/archive\.tar\.gz\?=.*|\/repository\/[^/]+\/archive.tar.gz$)).*?)(?:[.]git|[/])?$/ + }, + gist: { + 'protocols': [ 'git', 'git+ssh', 'git+https', 'ssh', 'https' ], + 'domain': 'gist.github.com', + 'pathmatch': /^[/](?:([^/]+)[/])?([a-z0-9]{32,})(?:[.]git)?$/, + 'filetemplate': 'https://gist.githubusercontent.com/{user}/{project}/raw{/committish}/{path}', + 'bugstemplate': 'https://{domain}/{project}', + 'gittemplate': 'git://{domain}/{project}.git{#committish}', + 'sshtemplate': 'git@{domain}:/{project}.git{#committish}', + 'sshurltemplate': 'git+ssh://git@{domain}/{project}.git{#committish}', + 'browsetemplate': 'https://{domain}/{project}{/committish}', + 'browsefiletemplate': 'https://{domain}/{project}{/committish}{#path}', + 'docstemplate': 'https://{domain}/{project}{/committish}', + 'httpstemplate': 'git+https://{domain}/{project}.git{#committish}', + 'shortcuttemplate': '{type}:{project}{#committish}', + 'pathtemplate': '{project}{#committish}', + 'tarballtemplate': 'https://codeload.github.com/gist/{project}/tar.gz/{committish}', + 'hashformat': function (fragment) { + return 'file-' + formatHashFragment(fragment) + } + } +} + +var gitHostDefaults = { + 'sshtemplate': 'git@{domain}:{user}/{project}.git{#committish}', + 'sshurltemplate': 'git+ssh://git@{domain}/{user}/{project}.git{#committish}', + 'browsetemplate': 'https://{domain}/{user}/{project}{/tree/committish}', + 'browsefiletemplate': 'https://{domain}/{user}/{project}/{treepath}/{committish}/{path}{#fragment}', + 'docstemplate': 'https://{domain}/{user}/{project}{/tree/committish}#readme', + 'httpstemplate': 'git+https://{auth@}{domain}/{user}/{project}.git{#committish}', + 'filetemplate': 'https://{domain}/{user}/{project}/raw/{committish}/{path}', + 'shortcuttemplate': '{type}:{user}/{project}{#committish}', + 'pathtemplate': '{user}/{project}{#committish}', + 'pathmatch': /^[/]([^/]+)[/]([^/]+?)(?:[.]git|[/])?$/, + 'hashformat': formatHashFragment +} + +Object.keys(gitHosts).forEach(function (name) { + Object.keys(gitHostDefaults).forEach(function (key) { + if (gitHosts[name][key]) return + gitHosts[name][key] = gitHostDefaults[key] + }) + gitHosts[name].protocols_re = RegExp('^(' + + gitHosts[name].protocols.map(function (protocol) { + return protocol.replace(/([\\+*{}()[\]$^|])/g, '\\$1') + }).join('|') + '):$') +}) + +function formatHashFragment (fragment) { + return fragment.toLowerCase().replace(/^\W+|\/|\W+$/g, '').replace(/\W+/g, '-') +} diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/git-host.js b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/git-host.js new file mode 100644 index 000000000..f9b1ec745 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/git-host.js @@ -0,0 +1,156 @@ +'use strict' +var gitHosts = require('./git-host-info.js') +/* eslint-disable node/no-deprecated-api */ + +// copy-pasta util._extend from node's source, to avoid pulling +// the whole util module into peoples' webpack bundles. +/* istanbul ignore next */ +var extend = Object.assign || function _extend (target, source) { + // Don't do anything if source isn't an object + if (source === null || typeof source !== 'object') return target + + const keys = Object.keys(source) + let i = keys.length + while (i--) { + target[keys[i]] = source[keys[i]] + } + return target +} + +module.exports = GitHost +function GitHost (type, user, auth, project, committish, defaultRepresentation, opts) { + var gitHostInfo = this + gitHostInfo.type = type + Object.keys(gitHosts[type]).forEach(function (key) { + gitHostInfo[key] = gitHosts[type][key] + }) + gitHostInfo.user = user + gitHostInfo.auth = auth + gitHostInfo.project = project + gitHostInfo.committish = committish + gitHostInfo.default = defaultRepresentation + gitHostInfo.opts = opts || {} +} + +GitHost.prototype.hash = function () { + return this.committish ? '#' + this.committish : '' +} + +GitHost.prototype._fill = function (template, opts) { + if (!template) return + var vars = extend({}, opts) + vars.path = vars.path ? vars.path.replace(/^[/]+/g, '') : '' + opts = extend(extend({}, this.opts), opts) + var self = this + Object.keys(this).forEach(function (key) { + if (self[key] != null && vars[key] == null) vars[key] = self[key] + }) + var rawAuth = vars.auth + var rawcommittish = vars.committish + var rawFragment = vars.fragment + var rawPath = vars.path + var rawProject = vars.project + Object.keys(vars).forEach(function (key) { + var value = vars[key] + if ((key === 'path' || key === 'project') && typeof value === 'string') { + vars[key] = value.split('/').map(function (pathComponent) { + return encodeURIComponent(pathComponent) + }).join('/') + } else if (key !== 'domain') { + vars[key] = encodeURIComponent(value) + } + }) + vars['auth@'] = rawAuth ? rawAuth + '@' : '' + vars['#fragment'] = rawFragment ? '#' + this.hashformat(rawFragment) : '' + vars.fragment = vars.fragment ? vars.fragment : '' + vars['#path'] = rawPath ? '#' + this.hashformat(rawPath) : '' + vars['/path'] = vars.path ? '/' + vars.path : '' + vars.projectPath = rawProject.split('/').map(encodeURIComponent).join('/') + if (opts.noCommittish) { + vars['#committish'] = '' + vars['/tree/committish'] = '' + vars['/committish'] = '' + vars.committish = '' + } else { + vars['#committish'] = rawcommittish ? '#' + rawcommittish : '' + vars['/tree/committish'] = vars.committish + ? '/' + vars.treepath + '/' + vars.committish + : '' + vars['/committish'] = vars.committish ? '/' + vars.committish : '' + vars.committish = vars.committish || 'master' + } + var res = template + Object.keys(vars).forEach(function (key) { + res = res.replace(new RegExp('[{]' + key + '[}]', 'g'), vars[key]) + }) + if (opts.noGitPlus) { + return res.replace(/^git[+]/, '') + } else { + return res + } +} + +GitHost.prototype.ssh = function (opts) { + return this._fill(this.sshtemplate, opts) +} + +GitHost.prototype.sshurl = function (opts) { + return this._fill(this.sshurltemplate, opts) +} + +GitHost.prototype.browse = function (P, F, opts) { + if (typeof P === 'string') { + if (typeof F !== 'string') { + opts = F + F = null + } + return this._fill(this.browsefiletemplate, extend({ + fragment: F, + path: P + }, opts)) + } else { + return this._fill(this.browsetemplate, P) + } +} + +GitHost.prototype.docs = function (opts) { + return this._fill(this.docstemplate, opts) +} + +GitHost.prototype.bugs = function (opts) { + return this._fill(this.bugstemplate, opts) +} + +GitHost.prototype.https = function (opts) { + return this._fill(this.httpstemplate, opts) +} + +GitHost.prototype.git = function (opts) { + return this._fill(this.gittemplate, opts) +} + +GitHost.prototype.shortcut = function (opts) { + return this._fill(this.shortcuttemplate, opts) +} + +GitHost.prototype.path = function (opts) { + return this._fill(this.pathtemplate, opts) +} + +GitHost.prototype.tarball = function (opts_) { + var opts = extend({}, opts_, { noCommittish: false }) + return this._fill(this.tarballtemplate, opts) +} + +GitHost.prototype.file = function (P, opts) { + return this._fill(this.filetemplate, extend({ path: P }, opts)) +} + +GitHost.prototype.getDefaultRepresentation = function () { + return this.default +} + +GitHost.prototype.toString = function (opts) { + if (this.default && typeof this[this.default] === 'function') return this[this.default](opts) + return this.sshurl(opts) +} diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/index.js b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/index.js new file mode 100644 index 000000000..2ccb1d69c --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/index.js @@ -0,0 +1,125 @@ +'use strict' +var url = require('url') +var gitHosts = require('./git-host-info.js') +var GitHost = module.exports = require('./git-host.js') +var LRU = require('lru-cache') +var cache = new LRU({max: 1000}) + +var protocolToRepresentationMap = { + 'git+ssh:': 'sshurl', + 'git+https:': 'https', + 'ssh:': 'sshurl', + 'git:': 'git' +} + +function protocolToRepresentation (protocol) { + return protocolToRepresentationMap[protocol] || protocol.slice(0, -1) +} + +var authProtocols = { + 'git:': true, + 'https:': true, + 'git+https:': true, + 'http:': true, + 'git+http:': true +} + +module.exports.fromUrl = function (giturl, opts) { + if (typeof giturl !== 'string') return + var key = giturl + JSON.stringify(opts || {}) + + if (!cache.has(key)) { + cache.set(key, fromUrl(giturl, opts)) + } + + return cache.get(key) +} + +function fromUrl (giturl, opts) { + if (giturl == null || giturl === '') return + var url = fixupUnqualifiedGist( + isGitHubShorthand(giturl) ? 'github:' + giturl : giturl + ) + var parsed = parseGitUrl(url) + var shortcutMatch = url.match(new RegExp('^([^:]+):(?:(?:[^@:]+(?:[^@]+)?@)?([^/]*))[/](.+?)(?:[.]git)?($|#)')) + var matches = Object.keys(gitHosts).map(function (gitHostName) { + try { + var gitHostInfo = gitHosts[gitHostName] + var auth = null + if (parsed.auth && authProtocols[parsed.protocol]) { + auth = decodeURIComponent(parsed.auth) + } + var committish = parsed.hash ? decodeURIComponent(parsed.hash.substr(1)) : null + var user = null + var project = null + var defaultRepresentation = null + if (shortcutMatch && shortcutMatch[1] === gitHostName) { + user = shortcutMatch[2] && decodeURIComponent(shortcutMatch[2]) + project = decodeURIComponent(shortcutMatch[3]) + defaultRepresentation = 'shortcut' + } else { + if (parsed.host && parsed.host !== gitHostInfo.domain && parsed.host.replace(/^www[.]/, '') !== gitHostInfo.domain) return + if (!gitHostInfo.protocols_re.test(parsed.protocol)) return + if (!parsed.path) return + var pathmatch = gitHostInfo.pathmatch + var matched = parsed.path.match(pathmatch) + if (!matched) return + /* istanbul ignore else */ + if (matched[1] !== null && matched[1] !== undefined) { + user = decodeURIComponent(matched[1].replace(/^:/, '')) + } + project = decodeURIComponent(matched[2]) + defaultRepresentation = protocolToRepresentation(parsed.protocol) + } + return new GitHost(gitHostName, user, auth, project, committish, defaultRepresentation, opts) + } catch (ex) { + /* istanbul ignore else */ + if (ex instanceof URIError) { + } else throw ex + } + }).filter(function (gitHostInfo) { return gitHostInfo }) + if (matches.length !== 1) return + return matches[0] +} + +function isGitHubShorthand (arg) { + // Note: This does not fully test the git ref format. + // See https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html + // + // The only way to do this properly would be to shell out to + // git-check-ref-format, and as this is a fast sync function, + // we don't want to do that. Just let git fail if it turns + // out that the commit-ish is invalid. + // GH usernames cannot start with . or - + return /^[^:@%/\s.-][^:@%/\s]*[/][^:@\s/%]+(?:#.*)?$/.test(arg) +} + +function fixupUnqualifiedGist (giturl) { + // necessary for round-tripping gists + var parsed = url.parse(giturl) + if (parsed.protocol === 'gist:' && parsed.host && !parsed.path) { + return parsed.protocol + '/' + parsed.host + } else { + return giturl + } +} + +function parseGitUrl (giturl) { + var matched = giturl.match(/^([^@]+)@([^:/]+):[/]?((?:[^/]+[/])?[^/]+?)(?:[.]git)?(#.*)?$/) + if (!matched) return url.parse(giturl) + return { + protocol: 'git+ssh:', + slashes: true, + auth: matched[1], + host: matched[2], + port: null, + hostname: matched[2], + hash: matched[4], + search: null, + query: null, + pathname: '/' + matched[3], + path: '/' + matched[3], + href: 'git+ssh://' + matched[1] + '@' + matched[2] + + '/' + matched[3] + (matched[4] || '') + } +} diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/package.json b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/package.json new file mode 100644 index 000000000..537d9bfe4 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/hosted-git-info/package.json @@ -0,0 +1,72 @@ +{ + "_from": "hosted-git-info@^3.0.2", + "_id": "hosted-git-info@3.0.2", + "_inBundle": false, + "_integrity": "sha512-ezZMWtHXm7Eb7Rq4Mwnx2vs79WUx2QmRg3+ZqeGroKzfDO+EprOcgRPYghsOP9JuYBfK18VojmRTGCg8Ma+ktw==", + "_location": "/npm-pick-manifest/hosted-git-info", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "hosted-git-info@^3.0.2", + "name": "hosted-git-info", + "escapedName": "hosted-git-info", + "rawSpec": "^3.0.2", + "saveSpec": null, + "fetchSpec": "^3.0.2" + }, + "_requiredBy": [ + "/npm-pick-manifest/npm-package-arg" + ], + "_resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-3.0.2.tgz", + "_shasum": "8b7e3bd114b59b51786f8bade0f39ddc80275a97", + "_spec": "hosted-git-info@^3.0.2", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-pick-manifest/node_modules/npm-package-arg", + "author": { + "name": "Rebecca Turner", + "email": "me@re-becca.org", + "url": "http://re-becca.org" + }, + "bugs": { + "url": "https://github.com/npm/hosted-git-info/issues" + }, + "bundleDependencies": false, + "dependencies": { + "lru-cache": "^5.1.1" + }, + "deprecated": false, + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "devDependencies": { + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.7.0" + }, + "files": [ + "index.js", + "git-host.js", + "git-host-info.js" + ], + "homepage": "https://github.com/npm/hosted-git-info", + "keywords": [ + "git", + "github", + "bitbucket", + "gitlab" + ], + "license": "ISC", + "main": "index.js", + "name": "hosted-git-info", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/hosted-git-info.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --100 --no-esm test/*.js", + "test:coverage": "tap --coverage-report=html -J --100 --no-esm test/*.js" + }, + "version": "3.0.2" +} diff --git a/node_modules/npm-pick-manifest/node_modules/npm-install-checks/CHANGELOG.md b/node_modules/npm-pick-manifest/node_modules/npm-install-checks/CHANGELOG.md new file mode 100644 index 000000000..ae4f22fcf --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/npm-install-checks/CHANGELOG.md @@ -0,0 +1,18 @@ +# Change Log + +## v4.0 + +* Remove `checkCycle` and `checkGit`, as they are no longer used in npm v7 +* Synchronous throw-or-return API instead of taking a callback needlessly +* Modernize code and drop support for node versions less than 10 + +## v3 2016-01-12 + +* Change error messages to be more informative. +* checkEngine, when not in strict mode, now calls back with the error + object as the second argument instead of warning. +* checkCycle no longer logs when cycle errors are found. + +## v2 2015-01-20 + +* Remove checking of engineStrict in the package.json diff --git a/node_modules/npm-pick-manifest/node_modules/npm-install-checks/LICENSE b/node_modules/npm-pick-manifest/node_modules/npm-install-checks/LICENSE new file mode 100644 index 000000000..3bed8320c --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/npm-install-checks/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) Robert Kowalski and Isaac Z. Schlueter ("Authors") +All rights reserved. + +The BSD License + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS +BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/node_modules/npm-pick-manifest/node_modules/npm-install-checks/README.md b/node_modules/npm-pick-manifest/node_modules/npm-install-checks/README.md new file mode 100644 index 000000000..e83356c1d --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/npm-install-checks/README.md @@ -0,0 +1,27 @@ +# npm-install-checks + +Check the engines and platform fields in package.json + +## API + +Both functions will throw an error if the check fails, or return +`undefined` if everything is ok. + +Errors have a `required` and `current` fields. + +### .checkEngine(pkg, npmVer, nodeVer, force = false) + +Check if node/npm version is supported by the package. If it isn't +supported, an error is thrown. + +`force` argument will override the node version check, but not the npm +version check, as this typically would indicate that the current version of +npm is unable to install the package properly for some reason. + +Error code: 'EBADENGINE' + +### .checkPlatform(pkg, force) + +Check if OS/Arch is supported by the package. + +Error code: 'EBADPLATFORM' diff --git a/node_modules/npm-pick-manifest/node_modules/npm-install-checks/index.js b/node_modules/npm-pick-manifest/node_modules/npm-install-checks/index.js new file mode 100644 index 000000000..732888ef5 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/npm-install-checks/index.js @@ -0,0 +1,79 @@ +const {format} = require('util') +const semver = require('semver') + +const checkEngine = (target, npmVer, nodeVer, force = false) => { + const nodev = force ? null : nodeVer + const eng = target.engines + const opt = { includePrerelease: true } + if (!eng) { + return + } + + const nodeFail = nodev && eng.node && !semver.satisfies(nodev, eng.node, opt) + const npmFail = npmVer && eng.npm && !semver.satisfies(npmVer, eng.npm, opt) + if (nodeFail || npmFail) { + throw Object.assign(new Error('Unsupported engine'), { + pkgid: target._id, + current: { node: nodeVer, npm: npmVer }, + required: eng, + code: 'EBADENGINE' + }) + } +} + +const checkPlatform = (target, force = false) => { + if (force) { + return + } + + const platform = process.platform + const arch = process.arch + const osOk = target.os ? checkList(platform, target.os) : true + const cpuOk = target.cpu ? checkList(arch, target.cpu) : true + + if (!osOk || !cpuOk) { + throw Object.assign(new Error('Unsupported platform'), { + pkgid: target._id, + current: { + os: platform, + cpu: arch + }, + required: { + os: target.os, + cpu: target.cpu + }, + code: 'EBADPLATFORM' + }) + } +} + +const checkList = (value, list) => { + if (typeof list === 'string') { + list = [list] + } + if (list.length === 1 && list[0] === 'any') { + return true + } + // match none of the negated values, and at least one of the + // non-negated values, if any are present. + let negated = 0 + let match = false + for (const entry of list) { + const negate = entry.charAt(0) === '!' + const test = negate ? entry.slice(1) : entry + if (negate) { + negated ++ + if (value === test) { + return false + } + } else { + match = match || value === test + } + } + return match || negated === list.length +} + +module.exports = { + checkEngine, + checkPlatform +} diff --git a/node_modules/npm-pick-manifest/node_modules/npm-install-checks/package.json b/node_modules/npm-pick-manifest/node_modules/npm-install-checks/package.json new file mode 100644 index 000000000..3b7b43f9c --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/npm-install-checks/package.json @@ -0,0 +1,62 @@ +{ + "_from": "npm-install-checks@^4.0.0", + "_id": "npm-install-checks@4.0.0", + "_inBundle": false, + "_integrity": "sha512-09OmyDkNLYwqKPOnbI8exiOZU2GVVmQp7tgez2BPi5OZC8M82elDAps7sxC4l//uSUtotWqoEIDwjRvWH4qz8w==", + "_location": "/npm-pick-manifest/npm-install-checks", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-install-checks@^4.0.0", + "name": "npm-install-checks", + "escapedName": "npm-install-checks", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/npm-pick-manifest" + ], + "_resolved": "https://registry.npmjs.org/npm-install-checks/-/npm-install-checks-4.0.0.tgz", + "_shasum": "a37facc763a2fde0497ef2c6d0ac7c3fbe00d7b4", + "_spec": "npm-install-checks@^4.0.0", + "_where": "/Users/claudiahdz/npm/cli/node_modules/npm-pick-manifest", + "bugs": { + "url": "https://github.com/npm/npm-install-checks/issues" + }, + "bundleDependencies": false, + "dependencies": { + "semver": "^7.1.1" + }, + "deprecated": false, + "description": "Check the engines and platform fields in package.json", + "devDependencies": { + "tap": "^14.10.6" + }, + "engines": { + "node": ">=10" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/npm/npm-install-checks#readme", + "keywords": [ + "npm,", + "install" + ], + "license": "BSD-2-Clause", + "main": "index.js", + "name": "npm-install-checks", + "repository": { + "type": "git", + "url": "git://github.com/npm/npm-install-checks.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap" + }, + "version": "4.0.0" +} diff --git a/node_modules/npm-pick-manifest/node_modules/npm-package-arg/CHANGELOG.md b/node_modules/npm-pick-manifest/node_modules/npm-package-arg/CHANGELOG.md new file mode 100644 index 000000000..390a3a3c4 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/npm-package-arg/CHANGELOG.md @@ -0,0 +1,52 @@ +# Changelog + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +## [8.0.0](https://github.com/npm/npm-package-arg/compare/v7.0.0...v8.0.0) (2019-12-15) + + +### ⚠ BREAKING CHANGES + +* Dropping support for node 6 and 8. It'll probably +still work on those versions, but they are no longer supported or +tested, since npm v7 is moving away from them. + +* drop support for node 6 and 8 ([ba85e68](https://github.com/npm/npm-package-arg/commit/ba85e68555d6270f672c3d59da17672f744d0376)) + +<a name="7.0.0"></a> +# [7.0.0](https://github.com/npm/npm-package-arg/compare/v6.1.1...v7.0.0) (2019-11-11) + + +### deps + +* bump hosted-git-info to 3.0.2 ([68a4fc3](https://github.com/npm/npm-package-arg/commit/68a4fc3)), closes [/github.com/npm/hosted-git-info/pull/38#issuecomment-520243803](https://github.com//github.com/npm/hosted-git-info/pull/38/issues/issuecomment-520243803) + + +### BREAKING CHANGES + +* this drops support for ancient node versions. + + + +<a name="6.1.1"></a> +## [6.1.1](https://github.com/npm/npm-package-arg/compare/v6.1.0...v6.1.1) (2019-08-21) + + +### Bug Fixes + +* preserve drive letter on windows git file:// urls ([3909203](https://github.com/npm/npm-package-arg/commit/3909203)) + + + +<a name="6.1.0"></a> +# [6.1.0](https://github.com/npm/npm-package-arg/compare/v6.0.0...v6.1.0) (2018-04-10) + + +### Bug Fixes + +* **git:** Fix gitRange for git+ssh for private git ([#33](https://github.com/npm/npm-package-arg/issues/33)) ([647a0b3](https://github.com/npm/npm-package-arg/commit/647a0b3)) + + +### Features + +* **alias:** add `npm:` registry alias spec ([#34](https://github.com/npm/npm-package-arg/issues/34)) ([ab99f8e](https://github.com/npm/npm-package-arg/commit/ab99f8e)) diff --git a/node_modules/npm-pick-manifest/node_modules/npm-package-arg/LICENSE b/node_modules/npm-pick-manifest/node_modules/npm-package-arg/LICENSE new file mode 100644 index 000000000..19cec97b1 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/npm-package-arg/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-pick-manifest/node_modules/npm-package-arg/README.md b/node_modules/npm-pick-manifest/node_modules/npm-package-arg/README.md new file mode 100644 index 000000000..847341b21 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/npm-package-arg/README.md @@ -0,0 +1,83 @@ +# npm-package-arg + +[](https://travis-ci.org/npm/npm-package-arg) + +Parses package name and specifier passed to commands like `npm install` or +`npm cache add`, or as found in `package.json` dependency sections. + +## EXAMPLES + +```javascript +var assert = require("assert") +var npa = require("npm-package-arg") + +// Pass in the descriptor, and it'll return an object +try { + var parsed = npa("@bar/foo@1.2") +} catch (ex) { + … +} +``` + +## USING + +`var npa = require('npm-package-arg')` + +### var result = npa(*arg*[, *where*]) + +* *arg* - a string that you might pass to `npm install`, like: +`foo@1.2`, `@bar/foo@1.2`, `foo@user/foo`, `http://x.com/foo.tgz`, +`git+https://github.com/user/foo`, `bitbucket:user/foo`, `foo.tar.gz`, +`../foo/bar/` or `bar`. If the *arg* you provide doesn't have a specifier +part, eg `foo` then the specifier will default to `latest`. +* *where* - Optionally the path to resolve file paths relative to. Defaults to `process.cwd()` + +**Throws** if the package name is invalid, a dist-tag is invalid or a URL's protocol is not supported. + +### var result = npa.resolve(*name*, *spec*[, *where*]) + +* *name* - The name of the module you want to install. For example: `foo` or `@bar/foo`. +* *spec* - The specifier indicating where and how you can get this module. Something like: +`1.2`, `^1.7.17`, `http://x.com/foo.tgz`, `git+https://github.com/user/foo`, +`bitbucket:user/foo`, `file:foo.tar.gz` or `file:../foo/bar/`. If not +included then the default is `latest`. +* *where* - Optionally the path to resolve file paths relative to. Defaults to `process.cwd()` + +**Throws** if the package name is invalid, a dist-tag is invalid or a URL's protocol is not supported. + +## RESULT OBJECT + +The objects that are returned by npm-package-arg contain the following +keys: + +* `type` - One of the following strings: + * `git` - A git repo + * `tag` - A tagged version, like `"foo@latest"` + * `version` - A specific version number, like `"foo@1.2.3"` + * `range` - A version range, like `"foo@2.x"` + * `file` - A local `.tar.gz`, `.tar` or `.tgz` file. + * `directory` - A local directory. + * `remote` - An http url (presumably to a tgz) +* `registry` - If true this specifier refers to a resource hosted on a + registry. This is true for `tag`, `version` and `range` types. +* `name` - If known, the `name` field expected in the resulting pkg. +* `scope` - If a name is something like `@org/module` then the `scope` + field will be set to `@org`. If it doesn't have a scoped name, then + scope is `null`. +* `escapedName` - A version of `name` escaped to match the npm scoped packages + specification. Mostly used when making requests against a registry. When + `name` is `null`, `escapedName` will also be `null`. +* `rawSpec` - The specifier part that was parsed out in calls to `npa(arg)`, + or the value of `spec` in calls to `npa.resolve(name, spec). +* `saveSpec` - The normalized specifier, for saving to package.json files. + `null` for registry dependencies. +* `fetchSpec` - The version of the specifier to be used to fetch this + resource. `null` for shortcuts to hosted git dependencies as there isn't + just one URL to try with them. +* `gitRange` - If set, this is a semver specifier to match against git tags with +* `gitCommittish` - If set, this is the specific committish to use with a git dependency. +* `hosted` - If `from === 'hosted'` then this will be a `hosted-git-info` + object. This property is not included when serializing the object as + JSON. +* `raw` - The original un-modified string that was provided. If called as + `npa.resolve(name, spec)` then this will be `name + '@' + spec`. diff --git a/node_modules/npm-pick-manifest/node_modules/npm-package-arg/npa.js b/node_modules/npm-pick-manifest/node_modules/npm-package-arg/npa.js new file mode 100644 index 000000000..bf2c17cfd --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/npm-package-arg/npa.js @@ -0,0 +1,301 @@ +'use strict' +module.exports = npa +module.exports.resolve = resolve +module.exports.Result = Result + +let url +let HostedGit +let semver +let path_ +function path () { + if (!path_) path_ = require('path') + return path_ +} +let validatePackageName +let osenv + +const isWindows = process.platform === 'win32' || global.FAKE_WINDOWS +const hasSlashes = isWindows ? /\\|[/]/ : /[/]/ +const isURL = /^(?:git[+])?[a-z]+:/i +const isFilename = /[.](?:tgz|tar.gz|tar)$/i + +function npa (arg, where) { + let name + let spec + if (typeof arg === 'object') { + if (arg instanceof Result && (!where || where === arg.where)) { + return arg + } else if (arg.name && arg.rawSpec) { + return npa.resolve(arg.name, arg.rawSpec, where || arg.where) + } else { + return npa(arg.raw, where || arg.where) + } + } + const nameEndsAt = arg[0] === '@' ? arg.slice(1).indexOf('@') + 1 : arg.indexOf('@') + const namePart = nameEndsAt > 0 ? arg.slice(0, nameEndsAt) : arg + if (isURL.test(arg)) { + spec = arg + } else if (namePart[0] !== '@' && (hasSlashes.test(namePart) || isFilename.test(namePart))) { + spec = arg + } else if (nameEndsAt > 0) { + name = namePart + spec = arg.slice(nameEndsAt + 1) + } else { + if (!validatePackageName) validatePackageName = require('validate-npm-package-name') + const valid = validatePackageName(arg) + if (valid.validForOldPackages) { + name = arg + } else { + spec = arg + } + } + return resolve(name, spec, where, arg) +} + +const isFilespec = isWindows ? /^(?:[.]|~[/]|[/\\]|[a-zA-Z]:)/ : /^(?:[.]|~[/]|[/]|[a-zA-Z]:)/ + +function resolve (name, spec, where, arg) { + const res = new Result({ + raw: arg, + name: name, + rawSpec: spec, + fromArgument: arg != null + }) + + if (name) res.setName(name) + + if (spec && (isFilespec.test(spec) || /^file:/i.test(spec))) { + return fromFile(res, where) + } else if (spec && /^npm:/i.test(spec)) { + return fromAlias(res, where) + } + if (!HostedGit) HostedGit = require('hosted-git-info') + const hosted = HostedGit.fromUrl(spec, {noGitPlus: true, noCommittish: true}) + if (hosted) { + return fromHostedGit(res, hosted) + } else if (spec && isURL.test(spec)) { + return fromURL(res) + } else if (spec && (hasSlashes.test(spec) || isFilename.test(spec))) { + return fromFile(res, where) + } else { + return fromRegistry(res) + } +} + +function invalidPackageName (name, valid) { + const err = new Error(`Invalid package name "${name}": ${valid.errors.join('; ')}`) + err.code = 'EINVALIDPACKAGENAME' + return err +} +function invalidTagName (name) { + const err = new Error(`Invalid tag name "${name}": Tags may not have any characters that encodeURIComponent encodes.`) + err.code = 'EINVALIDTAGNAME' + return err +} + +function Result (opts) { + this.type = opts.type + this.registry = opts.registry + this.where = opts.where + if (opts.raw == null) { + this.raw = opts.name ? opts.name + '@' + opts.rawSpec : opts.rawSpec + } else { + this.raw = opts.raw + } + this.name = undefined + this.escapedName = undefined + this.scope = undefined + this.rawSpec = opts.rawSpec == null ? '' : opts.rawSpec + this.saveSpec = opts.saveSpec + this.fetchSpec = opts.fetchSpec + if (opts.name) this.setName(opts.name) + this.gitRange = opts.gitRange + this.gitCommittish = opts.gitCommittish + this.hosted = opts.hosted +} + +Result.prototype.setName = function (name) { + if (!validatePackageName) validatePackageName = require('validate-npm-package-name') + const valid = validatePackageName(name) + if (!valid.validForOldPackages) { + throw invalidPackageName(name, valid) + } + this.name = name + this.scope = name[0] === '@' ? name.slice(0, name.indexOf('/')) : undefined + // scoped packages in couch must have slash url-encoded, e.g. @foo%2Fbar + this.escapedName = name.replace('/', '%2f') + return this +} + +Result.prototype.toString = function () { + const full = [] + if (this.name != null && this.name !== '') full.push(this.name) + const spec = this.saveSpec || this.fetchSpec || this.rawSpec + if (spec != null && spec !== '') full.push(spec) + return full.length ? full.join('@') : this.raw +} + +Result.prototype.toJSON = function () { + const result = Object.assign({}, this) + delete result.hosted + return result +} + +function setGitCommittish (res, committish) { + if (committish != null && committish.length >= 7 && committish.slice(0, 7) === 'semver:') { + res.gitRange = decodeURIComponent(committish.slice(7)) + res.gitCommittish = null + } else { + res.gitCommittish = committish === '' ? null : committish + } + return res +} + +const isAbsolutePath = /^[/]|^[A-Za-z]:/ + +function resolvePath (where, spec) { + if (isAbsolutePath.test(spec)) return spec + return path().resolve(where, spec) +} + +function isAbsolute (dir) { + if (dir[0] === '/') return true + if (/^[A-Za-z]:/.test(dir)) return true + return false +} + +function fromFile (res, where) { + if (!where) where = process.cwd() + res.type = isFilename.test(res.rawSpec) ? 'file' : 'directory' + res.where = where + + const spec = res.rawSpec.replace(/\\/g, '/') + .replace(/^file:[/]*([A-Za-z]:)/, '$1') // drive name paths on windows + .replace(/^file:(?:[/]*([~./]))?/, '$1') + if (/^~[/]/.test(spec)) { + // this is needed for windows and for file:~/foo/bar + if (!osenv) osenv = require('osenv') + res.fetchSpec = resolvePath(osenv.home(), spec.slice(2)) + res.saveSpec = 'file:' + spec + } else { + res.fetchSpec = resolvePath(where, spec) + if (isAbsolute(spec)) { + res.saveSpec = 'file:' + spec + } else { + res.saveSpec = 'file:' + path().relative(where, res.fetchSpec) + } + } + return res +} + +function fromHostedGit (res, hosted) { + res.type = 'git' + res.hosted = hosted + res.saveSpec = hosted.toString({noGitPlus: false, noCommittish: false}) + res.fetchSpec = hosted.getDefaultRepresentation() === 'shortcut' ? null : hosted.toString() + return setGitCommittish(res, hosted.committish) +} + +function unsupportedURLType (protocol, spec) { + const err = new Error(`Unsupported URL Type "${protocol}": ${spec}`) + err.code = 'EUNSUPPORTEDPROTOCOL' + return err +} + +function matchGitScp (spec) { + // git ssh specifiers are overloaded to also use scp-style git + // specifiers, so we have to parse those out and treat them special. + // They are NOT true URIs, so we can't hand them to `url.parse`. + // + // This regex looks for things that look like: + // git+ssh://git@my.custom.git.com:username/project.git#deadbeef + // + // ...and various combinations. The username in the beginning is *required*. + const matched = spec.match(/^git\+ssh:\/\/([^:#]+:[^#]+(?:\.git)?)(?:#(.*))?$/i) + return matched && !matched[1].match(/:[0-9]+\/?.*$/i) && { + fetchSpec: matched[1], + gitCommittish: matched[2] == null ? null : matched[2] + } +} + +function fromURL (res) { + if (!url) url = require('url') + const urlparse = url.parse(res.rawSpec) + res.saveSpec = res.rawSpec + // check the protocol, and then see if it's git or not + switch (urlparse.protocol) { + case 'git:': + case 'git+http:': + case 'git+https:': + case 'git+rsync:': + case 'git+ftp:': + case 'git+file:': + case 'git+ssh:': + res.type = 'git' + const match = urlparse.protocol === 'git+ssh:' && matchGitScp(res.rawSpec) + if (match) { + setGitCommittish(res, match.gitCommittish) + res.fetchSpec = match.fetchSpec + } else { + setGitCommittish(res, urlparse.hash != null ? urlparse.hash.slice(1) : '') + urlparse.protocol = urlparse.protocol.replace(/^git[+]/, '') + if (urlparse.protocol === 'file:' && /^git\+file:\/\/[a-z]:/i.test(res.rawSpec)) { + // keep the drive letter : on windows file paths + urlparse.host += ':' + urlparse.hostname += ':' + } + delete urlparse.hash + res.fetchSpec = url.format(urlparse) + } + break + case 'http:': + case 'https:': + res.type = 'remote' + res.fetchSpec = res.saveSpec + break + + default: + throw unsupportedURLType(urlparse.protocol, res.rawSpec) + } + + return res +} + +function fromAlias (res, where) { + const subSpec = npa(res.rawSpec.substr(4), where) + if (subSpec.type === 'alias') { + throw new Error('nested aliases not supported') + } + if (!subSpec.registry) { + throw new Error('aliases only work for registry deps') + } + res.subSpec = subSpec + res.registry = true + res.type = 'alias' + res.saveSpec = null + res.fetchSpec = null + return res +} + +function fromRegistry (res) { + res.registry = true + const spec = res.rawSpec === '' ? 'latest' : res.rawSpec + // no save spec for registry components as we save based on the fetched + // version, not on the argument so this can't compute that. + res.saveSpec = null + res.fetchSpec = spec + if (!semver) semver = require('semver') + const version = semver.valid(spec, true) + const range = semver.validRange(spec, true) + if (version) { + res.type = 'version' + } else if (range) { + res.type = 'range' + } else { + if (encodeURIComponent(spec) !== spec) { + throw invalidTagName(spec) + } + res.type = 'tag' + } + return res +} diff --git a/node_modules/npm-pick-manifest/node_modules/npm-package-arg/package.json b/node_modules/npm-pick-manifest/node_modules/npm-package-arg/package.json new file mode 100644 index 000000000..92d8bca7f --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/npm-package-arg/package.json @@ -0,0 +1,72 @@ +{ + "_from": "npm-package-arg@^8.0.0", + "_id": "npm-package-arg@8.0.0", + "_inBundle": false, + "_integrity": "sha512-JgqZHCEUKvhX7EehLNdySiuB227a0QYra9wpZOkW+jvwsRYKkce7y5Rv2axkxScJU1EP+L32jT2PLhQz7IWHlw==", + "_location": "/npm-pick-manifest/npm-package-arg", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-package-arg@^8.0.0", + "name": "npm-package-arg", + "escapedName": "npm-package-arg", + "rawSpec": "^8.0.0", + "saveSpec": null, + "fetchSpec": "^8.0.0" + }, + "_requiredBy": [ + "/npm-pick-manifest" + ], + "_resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-8.0.0.tgz", + "_shasum": "b519989b569efffa1fa050fb22a3c3c322d4bcc5", + "_spec": "npm-package-arg@^8.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-pick-manifest", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/npm/npm-package-arg/issues" + }, + "bundleDependencies": false, + "dependencies": { + "hosted-git-info": "^3.0.2", + "osenv": "^0.1.5", + "semver": "^7.0.0", + "validate-npm-package-name": "^3.0.0" + }, + "deprecated": false, + "description": "Parse the things that can be arguments to `npm install`", + "devDependencies": { + "standard": "^11.0.1", + "standard-version": "^7.0.1", + "tap": "^14.10.2" + }, + "directories": { + "test": "test" + }, + "engines": { + "node": ">=10" + }, + "files": [ + "npa.js" + ], + "homepage": "https://github.com/npm/npm-package-arg", + "license": "ISC", + "main": "npa.js", + "name": "npm-package-arg", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/npm-package-arg.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "posttest": "standard", + "prerelease": "npm t", + "release": "standard-version -s", + "test": "tap --100 -J --coverage test/*.js" + }, + "version": "8.0.0" +} diff --git a/node_modules/npm-pick-manifest/node_modules/semver/CHANGELOG.md b/node_modules/npm-pick-manifest/node_modules/semver/CHANGELOG.md new file mode 100644 index 000000000..db6b6d4d5 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/CHANGELOG.md @@ -0,0 +1,85 @@ +# changes log + +## 7.1.0 + +* Add `require('semver/preload')` to load the entire module without using + lazy getter methods. + +## 7.0.0 + +* Refactor module into separate files for better tree-shaking +* Drop support for very old node versions, use const/let, `=>` functions, + and classes. + +## 6.3.0 + +* Expose the token enum on the exports + +## 6.2.0 + +* Coerce numbers to strings when passed to semver.coerce() +* Add `rtl` option to coerce from right to left + +## 6.1.3 + +* Handle X-ranges properly in includePrerelease mode + +## 6.1.2 + +* Do not throw when testing invalid version strings + +## 6.1.1 + +* Add options support for semver.coerce() +* Handle undefined version passed to Range.test + +## 6.1.0 + +* Add semver.compareBuild function +* Support `*` in semver.intersects + +## 6.0 + +* Fix `intersects` logic. + + This is technically a bug fix, but since it is also a change to behavior + that may require users updating their code, it is marked as a major + version increment. + +## 5.7 + +* Add `minVersion` method + +## 5.6 + +* Move boolean `loose` param to an options object, with + backwards-compatibility protection. +* Add ability to opt out of special prerelease version handling with + the `includePrerelease` option flag. + +## 5.5 + +* Add version coercion capabilities + +## 5.4 + +* Add intersection checking + +## 5.3 + +* Add `minSatisfying` method + +## 5.2 + +* Add `prerelease(v)` that returns prerelease components + +## 5.1 + +* Add Backus-Naur for ranges +* Remove excessively cute inspection methods + +## 5.0 + +* Remove AMD/Browserified build artifacts +* Fix ltr and gtr when using the `*` range +* Fix for range `*` with a prerelease identifier diff --git a/node_modules/npm-pick-manifest/node_modules/semver/LICENSE b/node_modules/npm-pick-manifest/node_modules/semver/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-pick-manifest/node_modules/semver/README.md b/node_modules/npm-pick-manifest/node_modules/semver/README.md new file mode 100644 index 000000000..9ba40454c --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/README.md @@ -0,0 +1,554 @@ +semver(1) -- The semantic versioner for npm +=========================================== + +## Install + +```bash +npm install semver +```` + +## Usage + +As a node module: + +```js +const semver = require('semver') + +semver.valid('1.2.3') // '1.2.3' +semver.valid('a.b.c') // null +semver.clean(' =v1.2.3 ') // '1.2.3' +semver.satisfies('1.2.3', '1.x || >=2.5.0 || 5.0.0 - 7.2.3') // true +semver.gt('1.2.3', '9.8.7') // false +semver.lt('1.2.3', '9.8.7') // true +semver.minVersion('>=1.0.0') // '1.0.0' +semver.valid(semver.coerce('v2')) // '2.0.0' +semver.valid(semver.coerce('42.6.7.9.3-alpha')) // '42.6.7' +``` + +You can also just load the module for the function that you care about, if +you'd like to minimize your footprint. + +```js +// load the whole API at once in a single object +const semver = require('semver') + +// or just load the bits you need +// all of them listed here, just pick and choose what you want + +// classes +const SemVer = require('semver/classes/semver') +const Comparator = require('semver/classes/comparator') +const Range = require('semver/classes/range') + +// functions for working with versions +const semverParse = require('semver/functions/parse') +const semverValid = require('semver/functions/valid') +const semverClean = require('semver/functions/clean') +const semverInc = require('semver/functions/inc') +const semverDiff = require('semver/functions/diff') +const semverMajor = require('semver/functions/major') +const semverMinor = require('semver/functions/minor') +const semverPatch = require('semver/functions/patch') +const semverPrerelease = require('semver/functions/prerelease') +const semverCompare = require('semver/functions/compare') +const semverRcompare = require('semver/functions/rcompare') +const semverCompareLoose = require('semver/functions/compare-loose') +const semverCompareBuild = require('semver/functions/compare-build') +const semverSort = require('semver/functions/sort') +const semverRsort = require('semver/functions/rsort') + +// low-level comparators between versions +const semverGt = require('semver/functions/gt') +const semverLt = require('semver/functions/lt') +const semverEq = require('semver/functions/eq') +const semverNeq = require('semver/functions/neq') +const semverGte = require('semver/functions/gte') +const semverLte = require('semver/functions/lte') +const semverCmp = require('semver/functions/cmp') +const semverCoerce = require('semver/functions/coerce') + +// working with ranges +const semverSatisfies = require('semver/functions/satisfies') +const semverMaxSatisfying = require('semver/ranges/max-satisfying') +const semverMinSatisfying = require('semver/ranges/min-satisfying') +const semverToComparators = require('semver/ranges/to-comparators') +const semverMinVersion = require('semver/ranges/min-version') +const semverValidRange = require('semver/ranges/valid') +const semverOutside = require('semver/ranges/outside') +const semverGtr = require('semver/ranges/gtr') +const semverLtr = require('semver/ranges/ltr') +const semverIntersects = require('semver/ranges/intersects') +``` + +As a command-line utility: + +``` +$ semver -h + +A JavaScript implementation of the https://semver.org/ specification +Copyright Isaac Z. Schlueter + +Usage: semver [options] <version> [<version> [...]] +Prints valid versions sorted by SemVer precedence + +Options: +-r --range <range> + Print versions that match the specified range. + +-i --increment [<level>] + Increment a version by the specified level. Level can + be one of: major, minor, patch, premajor, preminor, + prepatch, or prerelease. Default level is 'patch'. + Only one version may be specified. + +--preid <identifier> + Identifier to be used to prefix premajor, preminor, + prepatch or prerelease version increments. + +-l --loose + Interpret versions and ranges loosely + +-p --include-prerelease + Always include prerelease versions in range matching + +-c --coerce + Coerce a string into SemVer if possible + (does not imply --loose) + +--rtl + Coerce version strings right to left + +--ltr + Coerce version strings left to right (default) + +Program exits successfully if any valid version satisfies +all supplied ranges, and prints all satisfying versions. + +If no satisfying versions are found, then exits failure. + +Versions are printed in ascending order, so supplying +multiple versions to the utility will just sort them. +``` + +## Versions + +A "version" is described by the `v2.0.0` specification found at +<https://semver.org/>. + +A leading `"="` or `"v"` character is stripped off and ignored. + +## Ranges + +A `version range` is a set of `comparators` which specify versions +that satisfy the range. + +A `comparator` is composed of an `operator` and a `version`. The set +of primitive `operators` is: + +* `<` Less than +* `<=` Less than or equal to +* `>` Greater than +* `>=` Greater than or equal to +* `=` Equal. If no operator is specified, then equality is assumed, + so this operator is optional, but MAY be included. + +For example, the comparator `>=1.2.7` would match the versions +`1.2.7`, `1.2.8`, `2.5.3`, and `1.3.9`, but not the versions `1.2.6` +or `1.1.0`. + +Comparators can be joined by whitespace to form a `comparator set`, +which is satisfied by the **intersection** of all of the comparators +it includes. + +A range is composed of one or more comparator sets, joined by `||`. A +version matches a range if and only if every comparator in at least +one of the `||`-separated comparator sets is satisfied by the version. + +For example, the range `>=1.2.7 <1.3.0` would match the versions +`1.2.7`, `1.2.8`, and `1.2.99`, but not the versions `1.2.6`, `1.3.0`, +or `1.1.0`. + +The range `1.2.7 || >=1.2.9 <2.0.0` would match the versions `1.2.7`, +`1.2.9`, and `1.4.6`, but not the versions `1.2.8` or `2.0.0`. + +### Prerelease Tags + +If a version has a prerelease tag (for example, `1.2.3-alpha.3`) then +it will only be allowed to satisfy comparator sets if at least one +comparator with the same `[major, minor, patch]` tuple also has a +prerelease tag. + +For example, the range `>1.2.3-alpha.3` would be allowed to match the +version `1.2.3-alpha.7`, but it would *not* be satisfied by +`3.4.5-alpha.9`, even though `3.4.5-alpha.9` is technically "greater +than" `1.2.3-alpha.3` according to the SemVer sort rules. The version +range only accepts prerelease tags on the `1.2.3` version. The +version `3.4.5` *would* satisfy the range, because it does not have a +prerelease flag, and `3.4.5` is greater than `1.2.3-alpha.7`. + +The purpose for this behavior is twofold. First, prerelease versions +frequently are updated very quickly, and contain many breaking changes +that are (by the author's design) not yet fit for public consumption. +Therefore, by default, they are excluded from range matching +semantics. + +Second, a user who has opted into using a prerelease version has +clearly indicated the intent to use *that specific* set of +alpha/beta/rc versions. By including a prerelease tag in the range, +the user is indicating that they are aware of the risk. However, it +is still not appropriate to assume that they have opted into taking a +similar risk on the *next* set of prerelease versions. + +Note that this behavior can be suppressed (treating all prerelease +versions as if they were normal versions, for the purpose of range +matching) by setting the `includePrerelease` flag on the options +object to any +[functions](https://github.com/npm/node-semver#functions) that do +range matching. + +#### Prerelease Identifiers + +The method `.inc` takes an additional `identifier` string argument that +will append the value of the string as a prerelease identifier: + +```javascript +semver.inc('1.2.3', 'prerelease', 'beta') +// '1.2.4-beta.0' +``` + +command-line example: + +```bash +$ semver 1.2.3 -i prerelease --preid beta +1.2.4-beta.0 +``` + +Which then can be used to increment further: + +```bash +$ semver 1.2.4-beta.0 -i prerelease +1.2.4-beta.1 +``` + +### Advanced Range Syntax + +Advanced range syntax desugars to primitive comparators in +deterministic ways. + +Advanced ranges may be combined in the same way as primitive +comparators using white space or `||`. + +#### Hyphen Ranges `X.Y.Z - A.B.C` + +Specifies an inclusive set. + +* `1.2.3 - 2.3.4` := `>=1.2.3 <=2.3.4` + +If a partial version is provided as the first version in the inclusive +range, then the missing pieces are replaced with zeroes. + +* `1.2 - 2.3.4` := `>=1.2.0 <=2.3.4` + +If a partial version is provided as the second version in the +inclusive range, then all versions that start with the supplied parts +of the tuple are accepted, but nothing that would be greater than the +provided tuple parts. + +* `1.2.3 - 2.3` := `>=1.2.3 <2.4.0` +* `1.2.3 - 2` := `>=1.2.3 <3.0.0` + +#### X-Ranges `1.2.x` `1.X` `1.2.*` `*` + +Any of `X`, `x`, or `*` may be used to "stand in" for one of the +numeric values in the `[major, minor, patch]` tuple. + +* `*` := `>=0.0.0` (Any version satisfies) +* `1.x` := `>=1.0.0 <2.0.0` (Matching major version) +* `1.2.x` := `>=1.2.0 <1.3.0` (Matching major and minor versions) + +A partial version range is treated as an X-Range, so the special +character is in fact optional. + +* `""` (empty string) := `*` := `>=0.0.0` +* `1` := `1.x.x` := `>=1.0.0 <2.0.0` +* `1.2` := `1.2.x` := `>=1.2.0 <1.3.0` + +#### Tilde Ranges `~1.2.3` `~1.2` `~1` + +Allows patch-level changes if a minor version is specified on the +comparator. Allows minor-level changes if not. + +* `~1.2.3` := `>=1.2.3 <1.(2+1).0` := `>=1.2.3 <1.3.0` +* `~1.2` := `>=1.2.0 <1.(2+1).0` := `>=1.2.0 <1.3.0` (Same as `1.2.x`) +* `~1` := `>=1.0.0 <(1+1).0.0` := `>=1.0.0 <2.0.0` (Same as `1.x`) +* `~0.2.3` := `>=0.2.3 <0.(2+1).0` := `>=0.2.3 <0.3.0` +* `~0.2` := `>=0.2.0 <0.(2+1).0` := `>=0.2.0 <0.3.0` (Same as `0.2.x`) +* `~0` := `>=0.0.0 <(0+1).0.0` := `>=0.0.0 <1.0.0` (Same as `0.x`) +* `~1.2.3-beta.2` := `>=1.2.3-beta.2 <1.3.0` Note that prereleases in + the `1.2.3` version will be allowed, if they are greater than or + equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but + `1.2.4-beta.2` would not, because it is a prerelease of a + different `[major, minor, patch]` tuple. + +#### Caret Ranges `^1.2.3` `^0.2.5` `^0.0.4` + +Allows changes that do not modify the left-most non-zero element in the +`[major, minor, patch]` tuple. In other words, this allows patch and +minor updates for versions `1.0.0` and above, patch updates for +versions `0.X >=0.1.0`, and *no* updates for versions `0.0.X`. + +Many authors treat a `0.x` version as if the `x` were the major +"breaking-change" indicator. + +Caret ranges are ideal when an author may make breaking changes +between `0.2.4` and `0.3.0` releases, which is a common practice. +However, it presumes that there will *not* be breaking changes between +`0.2.4` and `0.2.5`. It allows for changes that are presumed to be +additive (but non-breaking), according to commonly observed practices. + +* `^1.2.3` := `>=1.2.3 <2.0.0` +* `^0.2.3` := `>=0.2.3 <0.3.0` +* `^0.0.3` := `>=0.0.3 <0.0.4` +* `^1.2.3-beta.2` := `>=1.2.3-beta.2 <2.0.0` Note that prereleases in + the `1.2.3` version will be allowed, if they are greater than or + equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but + `1.2.4-beta.2` would not, because it is a prerelease of a + different `[major, minor, patch]` tuple. +* `^0.0.3-beta` := `>=0.0.3-beta <0.0.4` Note that prereleases in the + `0.0.3` version *only* will be allowed, if they are greater than or + equal to `beta`. So, `0.0.3-pr.2` would be allowed. + +When parsing caret ranges, a missing `patch` value desugars to the +number `0`, but will allow flexibility within that value, even if the +major and minor versions are both `0`. + +* `^1.2.x` := `>=1.2.0 <2.0.0` +* `^0.0.x` := `>=0.0.0 <0.1.0` +* `^0.0` := `>=0.0.0 <0.1.0` + +A missing `minor` and `patch` values will desugar to zero, but also +allow flexibility within those values, even if the major version is +zero. + +* `^1.x` := `>=1.0.0 <2.0.0` +* `^0.x` := `>=0.0.0 <1.0.0` + +### Range Grammar + +Putting all this together, here is a Backus-Naur grammar for ranges, +for the benefit of parser authors: + +```bnf +range-set ::= range ( logical-or range ) * +logical-or ::= ( ' ' ) * '||' ( ' ' ) * +range ::= hyphen | simple ( ' ' simple ) * | '' +hyphen ::= partial ' - ' partial +simple ::= primitive | partial | tilde | caret +primitive ::= ( '<' | '>' | '>=' | '<=' | '=' ) partial +partial ::= xr ( '.' xr ( '.' xr qualifier ? )? )? +xr ::= 'x' | 'X' | '*' | nr +nr ::= '0' | ['1'-'9'] ( ['0'-'9'] ) * +tilde ::= '~' partial +caret ::= '^' partial +qualifier ::= ( '-' pre )? ( '+' build )? +pre ::= parts +build ::= parts +parts ::= part ( '.' part ) * +part ::= nr | [-0-9A-Za-z]+ +``` + +## Functions + +All methods and classes take a final `options` object argument. All +options in this object are `false` by default. The options supported +are: + +- `loose` Be more forgiving about not-quite-valid semver strings. + (Any resulting output will always be 100% strict compliant, of + course.) For backwards compatibility reasons, if the `options` + argument is a boolean value instead of an object, it is interpreted + to be the `loose` param. +- `includePrerelease` Set to suppress the [default + behavior](https://github.com/npm/node-semver#prerelease-tags) of + excluding prerelease tagged versions from ranges unless they are + explicitly opted into. + +Strict-mode Comparators and Ranges will be strict about the SemVer +strings that they parse. + +* `valid(v)`: Return the parsed version, or null if it's not valid. +* `inc(v, release)`: Return the version incremented by the release + type (`major`, `premajor`, `minor`, `preminor`, `patch`, + `prepatch`, or `prerelease`), or null if it's not valid + * `premajor` in one call will bump the version up to the next major + version and down to a prerelease of that major version. + `preminor`, and `prepatch` work the same way. + * If called from a non-prerelease version, the `prerelease` will work the + same as `prepatch`. It increments the patch version, then makes a + prerelease. If the input version is already a prerelease it simply + increments it. +* `prerelease(v)`: Returns an array of prerelease components, or null + if none exist. Example: `prerelease('1.2.3-alpha.1') -> ['alpha', 1]` +* `major(v)`: Return the major version number. +* `minor(v)`: Return the minor version number. +* `patch(v)`: Return the patch version number. +* `intersects(r1, r2, loose)`: Return true if the two supplied ranges + or comparators intersect. +* `parse(v)`: Attempt to parse a string as a semantic version, returning either + a `SemVer` object or `null`. + +### Comparison + +* `gt(v1, v2)`: `v1 > v2` +* `gte(v1, v2)`: `v1 >= v2` +* `lt(v1, v2)`: `v1 < v2` +* `lte(v1, v2)`: `v1 <= v2` +* `eq(v1, v2)`: `v1 == v2` This is true if they're logically equivalent, + even if they're not the exact same string. You already know how to + compare strings. +* `neq(v1, v2)`: `v1 != v2` The opposite of `eq`. +* `cmp(v1, comparator, v2)`: Pass in a comparison string, and it'll call + the corresponding function above. `"==="` and `"!=="` do simple + string comparison, but are included for completeness. Throws if an + invalid comparison string is provided. +* `compare(v1, v2)`: Return `0` if `v1 == v2`, or `1` if `v1` is greater, or `-1` if + `v2` is greater. Sorts in ascending order if passed to `Array.sort()`. +* `rcompare(v1, v2)`: The reverse of compare. Sorts an array of versions + in descending order when passed to `Array.sort()`. +* `compareBuild(v1, v2)`: The same as `compare` but considers `build` when two versions + are equal. Sorts in ascending order if passed to `Array.sort()`. + `v2` is greater. Sorts in ascending order if passed to `Array.sort()`. +* `diff(v1, v2)`: Returns difference between two versions by the release type + (`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`), + or null if the versions are the same. + +### Comparators + +* `intersects(comparator)`: Return true if the comparators intersect + +### Ranges + +* `validRange(range)`: Return the valid range or null if it's not valid +* `satisfies(version, range)`: Return true if the version satisfies the + range. +* `maxSatisfying(versions, range)`: Return the highest version in the list + that satisfies the range, or `null` if none of them do. +* `minSatisfying(versions, range)`: Return the lowest version in the list + that satisfies the range, or `null` if none of them do. +* `minVersion(range)`: Return the lowest version that can possibly match + the given range. +* `gtr(version, range)`: Return `true` if version is greater than all the + versions possible in the range. +* `ltr(version, range)`: Return `true` if version is less than all the + versions possible in the range. +* `outside(version, range, hilo)`: Return true if the version is outside + the bounds of the range in either the high or low direction. The + `hilo` argument must be either the string `'>'` or `'<'`. (This is + the function called by `gtr` and `ltr`.) +* `intersects(range)`: Return true if any of the ranges comparators intersect + +Note that, since ranges may be non-contiguous, a version might not be +greater than a range, less than a range, *or* satisfy a range! For +example, the range `1.2 <1.2.9 || >2.0.0` would have a hole from `1.2.9` +until `2.0.0`, so the version `1.2.10` would not be greater than the +range (because `2.0.1` satisfies, which is higher), nor less than the +range (since `1.2.8` satisfies, which is lower), and it also does not +satisfy the range. + +If you want to know if a version satisfies or does not satisfy a +range, use the `satisfies(version, range)` function. + +### Coercion + +* `coerce(version, options)`: Coerces a string to semver if possible + +This aims to provide a very forgiving translation of a non-semver string to +semver. It looks for the first digit in a string, and consumes all +remaining characters which satisfy at least a partial semver (e.g., `1`, +`1.2`, `1.2.3`) up to the max permitted length (256 characters). Longer +versions are simply truncated (`4.6.3.9.2-alpha2` becomes `4.6.3`). All +surrounding text is simply ignored (`v3.4 replaces v3.3.1` becomes +`3.4.0`). Only text which lacks digits will fail coercion (`version one` +is not valid). The maximum length for any semver component considered for +coercion is 16 characters; longer components will be ignored +(`10000000000000000.4.7.4` becomes `4.7.4`). The maximum value for any +semver component is `Number.MAX_SAFE_INTEGER || (2**53 - 1)`; higher value +components are invalid (`9999999999999999.4.7.4` is likely invalid). + +If the `options.rtl` flag is set, then `coerce` will return the right-most +coercible tuple that does not share an ending index with a longer coercible +tuple. For example, `1.2.3.4` will return `2.3.4` in rtl mode, not +`4.0.0`. `1.2.3/4` will return `4.0.0`, because the `4` is not a part of +any other overlapping SemVer tuple. + +### Clean + +* `clean(version)`: Clean a string to be a valid semver if possible + +This will return a cleaned and trimmed semver version. If the provided +version is not valid a null will be returned. This does not work for +ranges. + +ex. +* `s.clean(' = v 2.1.5foo')`: `null` +* `s.clean(' = v 2.1.5foo', { loose: true })`: `'2.1.5-foo'` +* `s.clean(' = v 2.1.5-foo')`: `null` +* `s.clean(' = v 2.1.5-foo', { loose: true })`: `'2.1.5-foo'` +* `s.clean('=v2.1.5')`: `'2.1.5'` +* `s.clean(' =v2.1.5')`: `2.1.5` +* `s.clean(' 2.1.5 ')`: `'2.1.5'` +* `s.clean('~1.0.0')`: `null` + +## Exported Modules + +<!-- +TODO: Make sure that all of these items are documented (classes aren't, +eg), and then pull the module name into the documentation for that specific +thing. +--> + +You may pull in just the part of this semver utility that you need, if you +are sensitive to packing and tree-shaking concerns. The main +`require('semver')` export uses getter functions to lazily load the parts +of the API that are used. + +The following modules are available: + +* `require('semver')` +* `require('semver/classes')` +* `require('semver/classes/comparator')` +* `require('semver/classes/range')` +* `require('semver/classes/semver')` +* `require('semver/functions/clean')` +* `require('semver/functions/cmp')` +* `require('semver/functions/coerce')` +* `require('semver/functions/compare')` +* `require('semver/functions/compare-build')` +* `require('semver/functions/compare-loose')` +* `require('semver/functions/diff')` +* `require('semver/functions/eq')` +* `require('semver/functions/gt')` +* `require('semver/functions/gte')` +* `require('semver/functions/inc')` +* `require('semver/functions/lt')` +* `require('semver/functions/lte')` +* `require('semver/functions/major')` +* `require('semver/functions/minor')` +* `require('semver/functions/neq')` +* `require('semver/functions/parse')` +* `require('semver/functions/patch')` +* `require('semver/functions/prerelease')` +* `require('semver/functions/rcompare')` +* `require('semver/functions/rsort')` +* `require('semver/functions/satisfies')` +* `require('semver/functions/sort')` +* `require('semver/functions/valid')` +* `require('semver/ranges/gtr')` +* `require('semver/ranges/intersects')` +* `require('semver/ranges/ltr')` +* `require('semver/ranges/max-satisfying')` +* `require('semver/ranges/min-satisfying')` +* `require('semver/ranges/min-version')` +* `require('semver/ranges/outside')` +* `require('semver/ranges/to-comparators')` +* `require('semver/ranges/valid')` diff --git a/node_modules/npm-pick-manifest/node_modules/semver/bin/semver.js b/node_modules/npm-pick-manifest/node_modules/semver/bin/semver.js new file mode 100755 index 000000000..73fe29538 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/bin/semver.js @@ -0,0 +1,173 @@ +#!/usr/bin/env node +// Standalone semver comparison program. +// Exits successfully and prints matching version(s) if +// any supplied version is valid and passes all tests. + +const argv = process.argv.slice(2) + +let versions = [] + +const range = [] + +let inc = null + +const version = require('../package.json').version + +let loose = false + +let includePrerelease = false + +let coerce = false + +let rtl = false + +let identifier + +const semver = require('../') + +let reverse = false + +const options = {} + +const main = () => { + if (!argv.length) return help() + while (argv.length) { + let a = argv.shift() + const indexOfEqualSign = a.indexOf('=') + if (indexOfEqualSign !== -1) { + a = a.slice(0, indexOfEqualSign) + argv.unshift(a.slice(indexOfEqualSign + 1)) + } + switch (a) { + case '-rv': case '-rev': case '--rev': case '--reverse': + reverse = true + break + case '-l': case '--loose': + loose = true + break + case '-p': case '--include-prerelease': + includePrerelease = true + break + case '-v': case '--version': + versions.push(argv.shift()) + break + case '-i': case '--inc': case '--increment': + switch (argv[0]) { + case 'major': case 'minor': case 'patch': case 'prerelease': + case 'premajor': case 'preminor': case 'prepatch': + inc = argv.shift() + break + default: + inc = 'patch' + break + } + break + case '--preid': + identifier = argv.shift() + break + case '-r': case '--range': + range.push(argv.shift()) + break + case '-c': case '--coerce': + coerce = true + break + case '--rtl': + rtl = true + break + case '--ltr': + rtl = false + break + case '-h': case '--help': case '-?': + return help() + default: + versions.push(a) + break + } + } + + const options = { loose: loose, includePrerelease: includePrerelease, rtl: rtl } + + versions = versions.map((v) => { + return coerce ? (semver.coerce(v, options) || { version: v }).version : v + }).filter((v) => { + return semver.valid(v) + }) + if (!versions.length) return fail() + if (inc && (versions.length !== 1 || range.length)) { return failInc() } + + for (let i = 0, l = range.length; i < l; i++) { + versions = versions.filter((v) => { + return semver.satisfies(v, range[i], options) + }) + if (!versions.length) return fail() + } + return success(versions) +} + + +const failInc = () => { + console.error('--inc can only be used on a single version with no range') + fail() +} + +const fail = () => process.exit(1) + +const success = () => { + const compare = reverse ? 'rcompare' : 'compare' + versions.sort((a, b) => { + return semver[compare](a, b, options) + }).map((v) => { + return semver.clean(v, options) + }).map((v) => { + return inc ? semver.inc(v, inc, options, identifier) : v + }).forEach((v, i, _) => { console.log(v) }) +} + +const help = () => console.log( +`SemVer ${version} + +A JavaScript implementation of the https://semver.org/ specification +Copyright Isaac Z. Schlueter + +Usage: semver [options] <version> [<version> [...]] +Prints valid versions sorted by SemVer precedence + +Options: +-r --range <range> + Print versions that match the specified range. + +-i --increment [<level>] + Increment a version by the specified level. Level can + be one of: major, minor, patch, premajor, preminor, + prepatch, or prerelease. Default level is 'patch'. + Only one version may be specified. + +--preid <identifier> + Identifier to be used to prefix premajor, preminor, + prepatch or prerelease version increments. + +-l --loose + Interpret versions and ranges loosely + +-p --include-prerelease + Always include prerelease versions in range matching + +-c --coerce + Coerce a string into SemVer if possible + (does not imply --loose) + +--rtl + Coerce version strings right to left + +--ltr + Coerce version strings left to right (default) + +Program exits successfully if any valid version satisfies +all supplied ranges, and prints all satisfying versions. + +If no satisfying versions are found, then exits failure. + +Versions are printed in ascending order, so supplying +multiple versions to the utility will just sort them.`) + +main() diff --git a/node_modules/npm-pick-manifest/node_modules/semver/classes/comparator.js b/node_modules/npm-pick-manifest/node_modules/semver/classes/comparator.js new file mode 100644 index 000000000..3595792d0 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/classes/comparator.js @@ -0,0 +1,139 @@ +const ANY = Symbol('SemVer ANY') +// hoisted class for cyclic dependency +class Comparator { + static get ANY () { + return ANY + } + constructor (comp, options) { + if (!options || typeof options !== 'object') { + options = { + loose: !!options, + includePrerelease: false + } + } + + if (comp instanceof Comparator) { + if (comp.loose === !!options.loose) { + return comp + } else { + comp = comp.value + } + } + + debug('comparator', comp, options) + this.options = options + this.loose = !!options.loose + this.parse(comp) + + if (this.semver === ANY) { + this.value = '' + } else { + this.value = this.operator + this.semver.version + } + + debug('comp', this) + } + + parse (comp) { + const r = this.options.loose ? re[t.COMPARATORLOOSE] : re[t.COMPARATOR] + const m = comp.match(r) + + if (!m) { + throw new TypeError(`Invalid comparator: ${comp}`) + } + + this.operator = m[1] !== undefined ? m[1] : '' + if (this.operator === '=') { + this.operator = '' + } + + // if it literally is just '>' or '' then allow anything. + if (!m[2]) { + this.semver = ANY + } else { + this.semver = new SemVer(m[2], this.options.loose) + } + } + + toString () { + return this.value + } + + test (version) { + debug('Comparator.test', version, this.options.loose) + + if (this.semver === ANY || version === ANY) { + return true + } + + if (typeof version === 'string') { + try { + version = new SemVer(version, this.options) + } catch (er) { + return false + } + } + + return cmp(version, this.operator, this.semver, this.options) + } + + intersects (comp, options) { + if (!(comp instanceof Comparator)) { + throw new TypeError('a Comparator is required') + } + + if (!options || typeof options !== 'object') { + options = { + loose: !!options, + includePrerelease: false + } + } + + if (this.operator === '') { + if (this.value === '') { + return true + } + return new Range(comp.value, options).test(this.value) + } else if (comp.operator === '') { + if (comp.value === '') { + return true + } + return new Range(this.value, options).test(comp.semver) + } + + const sameDirectionIncreasing = + (this.operator === '>=' || this.operator === '>') && + (comp.operator === '>=' || comp.operator === '>') + const sameDirectionDecreasing = + (this.operator === '<=' || this.operator === '<') && + (comp.operator === '<=' || comp.operator === '<') + const sameSemVer = this.semver.version === comp.semver.version + const differentDirectionsInclusive = + (this.operator === '>=' || this.operator === '<=') && + (comp.operator === '>=' || comp.operator === '<=') + const oppositeDirectionsLessThan = + cmp(this.semver, '<', comp.semver, options) && + (this.operator === '>=' || this.operator === '>') && + (comp.operator === '<=' || comp.operator === '<') + const oppositeDirectionsGreaterThan = + cmp(this.semver, '>', comp.semver, options) && + (this.operator === '<=' || this.operator === '<') && + (comp.operator === '>=' || comp.operator === '>') + + return ( + sameDirectionIncreasing || + sameDirectionDecreasing || + (sameSemVer && differentDirectionsInclusive) || + oppositeDirectionsLessThan || + oppositeDirectionsGreaterThan + ) + } +} + +module.exports = Comparator + +const {re, t} = require('../internal/re') +const cmp = require('../functions/cmp') +const debug = require('../internal/debug') +const SemVer = require('./semver') +const Range = require('./range') diff --git a/node_modules/npm-pick-manifest/node_modules/semver/classes/index.js b/node_modules/npm-pick-manifest/node_modules/semver/classes/index.js new file mode 100644 index 000000000..198b84d66 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/classes/index.js @@ -0,0 +1,5 @@ +module.exports = { + SemVer: require('./semver.js'), + Range: require('./range.js'), + Comparator: require('./comparator.js') +} diff --git a/node_modules/npm-pick-manifest/node_modules/semver/classes/range.js b/node_modules/npm-pick-manifest/node_modules/semver/classes/range.js new file mode 100644 index 000000000..90876c389 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/classes/range.js @@ -0,0 +1,448 @@ +// hoisted class for cyclic dependency +class Range { + constructor (range, options) { + if (!options || typeof options !== 'object') { + options = { + loose: !!options, + includePrerelease: false + } + } + + if (range instanceof Range) { + if ( + range.loose === !!options.loose && + range.includePrerelease === !!options.includePrerelease + ) { + return range + } else { + return new Range(range.raw, options) + } + } + + if (range instanceof Comparator) { + // just put it in the set and return + this.raw = range.value + this.set = [[range]] + this.format() + return this + } + + this.options = options + this.loose = !!options.loose + this.includePrerelease = !!options.includePrerelease + + // First, split based on boolean or || + this.raw = range + this.set = range + .split(/\s*\|\|\s*/) + // map the range to a 2d array of comparators + .map(range => this.parseRange(range.trim())) + // throw out any comparator lists that are empty + // this generally means that it was not a valid range, which is allowed + // in loose mode, but will still throw if the WHOLE range is invalid. + .filter(c => c.length) + + if (!this.set.length) { + throw new TypeError(`Invalid SemVer Range: ${range}`) + } + + this.format() + } + + format () { + this.range = this.set + .map((comps) => { + return comps.join(' ').trim() + }) + .join('||') + .trim() + return this.range + } + + toString () { + return this.range + } + + parseRange (range) { + const loose = this.options.loose + range = range.trim() + // `1.2.3 - 1.2.4` => `>=1.2.3 <=1.2.4` + const hr = loose ? re[t.HYPHENRANGELOOSE] : re[t.HYPHENRANGE] + range = range.replace(hr, hyphenReplace) + debug('hyphen replace', range) + // `> 1.2.3 < 1.2.5` => `>1.2.3 <1.2.5` + range = range.replace(re[t.COMPARATORTRIM], comparatorTrimReplace) + debug('comparator trim', range, re[t.COMPARATORTRIM]) + + // `~ 1.2.3` => `~1.2.3` + range = range.replace(re[t.TILDETRIM], tildeTrimReplace) + + // `^ 1.2.3` => `^1.2.3` + range = range.replace(re[t.CARETTRIM], caretTrimReplace) + + // normalize spaces + range = range.split(/\s+/).join(' ') + + // At this point, the range is completely trimmed and + // ready to be split into comparators. + + const compRe = loose ? re[t.COMPARATORLOOSE] : re[t.COMPARATOR] + return range + .split(' ') + .map(comp => parseComparator(comp, this.options)) + .join(' ') + .split(/\s+/) + // in loose mode, throw out any that are not valid comparators + .filter(this.options.loose ? comp => !!comp.match(compRe) : () => true) + .map(comp => new Comparator(comp, this.options)) + } + + intersects (range, options) { + if (!(range instanceof Range)) { + throw new TypeError('a Range is required') + } + + return this.set.some((thisComparators) => { + return ( + isSatisfiable(thisComparators, options) && + range.set.some((rangeComparators) => { + return ( + isSatisfiable(rangeComparators, options) && + thisComparators.every((thisComparator) => { + return rangeComparators.every((rangeComparator) => { + return thisComparator.intersects(rangeComparator, options) + }) + }) + ) + }) + ) + }) + } + + // if ANY of the sets match ALL of its comparators, then pass + test (version) { + if (!version) { + return false + } + + if (typeof version === 'string') { + try { + version = new SemVer(version, this.options) + } catch (er) { + return false + } + } + + for (let i = 0; i < this.set.length; i++) { + if (testSet(this.set[i], version, this.options)) { + return true + } + } + return false + } +} +module.exports = Range + +const Comparator = require('./comparator') +const debug = require('../internal/debug') +const SemVer = require('./semver') +const { + re, + t, + comparatorTrimReplace, + tildeTrimReplace, + caretTrimReplace +} = require('../internal/re') + +// take a set of comparators and determine whether there +// exists a version which can satisfy it +const isSatisfiable = (comparators, options) => { + let result = true + const remainingComparators = comparators.slice() + let testComparator = remainingComparators.pop() + + while (result && remainingComparators.length) { + result = remainingComparators.every((otherComparator) => { + return testComparator.intersects(otherComparator, options) + }) + + testComparator = remainingComparators.pop() + } + + return result +} + +// comprised of xranges, tildes, stars, and gtlt's at this point. +// already replaced the hyphen ranges +// turn into a set of JUST comparators. +const parseComparator = (comp, options) => { + debug('comp', comp, options) + comp = replaceCarets(comp, options) + debug('caret', comp) + comp = replaceTildes(comp, options) + debug('tildes', comp) + comp = replaceXRanges(comp, options) + debug('xrange', comp) + comp = replaceStars(comp, options) + debug('stars', comp) + return comp +} + +const isX = id => !id || id.toLowerCase() === 'x' || id === '*' + +// ~, ~> --> * (any, kinda silly) +// ~2, ~2.x, ~2.x.x, ~>2, ~>2.x ~>2.x.x --> >=2.0.0 <3.0.0 +// ~2.0, ~2.0.x, ~>2.0, ~>2.0.x --> >=2.0.0 <2.1.0 +// ~1.2, ~1.2.x, ~>1.2, ~>1.2.x --> >=1.2.0 <1.3.0 +// ~1.2.3, ~>1.2.3 --> >=1.2.3 <1.3.0 +// ~1.2.0, ~>1.2.0 --> >=1.2.0 <1.3.0 +const replaceTildes = (comp, options) => + comp.trim().split(/\s+/).map((comp) => { + return replaceTilde(comp, options) + }).join(' ') + +const replaceTilde = (comp, options) => { + const r = options.loose ? re[t.TILDELOOSE] : re[t.TILDE] + return comp.replace(r, (_, M, m, p, pr) => { + debug('tilde', comp, _, M, m, p, pr) + let ret + + if (isX(M)) { + ret = '' + } else if (isX(m)) { + ret = `>=${M}.0.0 <${+M + 1}.0.0` + } else if (isX(p)) { + // ~1.2 == >=1.2.0 <1.3.0 + ret = `>=${M}.${m}.0 <${M}.${+m + 1}.0` + } else if (pr) { + debug('replaceTilde pr', pr) + ret = `>=${M}.${m}.${p}-${pr + } <${M}.${+m + 1}.0` + } else { + // ~1.2.3 == >=1.2.3 <1.3.0 + ret = `>=${M}.${m}.${p + } <${M}.${+m + 1}.0` + } + + debug('tilde return', ret) + return ret + }) +} + +// ^ --> * (any, kinda silly) +// ^2, ^2.x, ^2.x.x --> >=2.0.0 <3.0.0 +// ^2.0, ^2.0.x --> >=2.0.0 <3.0.0 +// ^1.2, ^1.2.x --> >=1.2.0 <2.0.0 +// ^1.2.3 --> >=1.2.3 <2.0.0 +// ^1.2.0 --> >=1.2.0 <2.0.0 +const replaceCarets = (comp, options) => + comp.trim().split(/\s+/).map((comp) => { + return replaceCaret(comp, options) + }).join(' ') + +const replaceCaret = (comp, options) => { + debug('caret', comp, options) + const r = options.loose ? re[t.CARETLOOSE] : re[t.CARET] + return comp.replace(r, (_, M, m, p, pr) => { + debug('caret', comp, _, M, m, p, pr) + let ret + + if (isX(M)) { + ret = '' + } else if (isX(m)) { + ret = `>=${M}.0.0 <${+M + 1}.0.0` + } else if (isX(p)) { + if (M === '0') { + ret = `>=${M}.${m}.0 <${M}.${+m + 1}.0` + } else { + ret = `>=${M}.${m}.0 <${+M + 1}.0.0` + } + } else if (pr) { + debug('replaceCaret pr', pr) + if (M === '0') { + if (m === '0') { + ret = `>=${M}.${m}.${p}-${pr + } <${M}.${m}.${+p + 1}` + } else { + ret = `>=${M}.${m}.${p}-${pr + } <${M}.${+m + 1}.0` + } + } else { + ret = `>=${M}.${m}.${p}-${pr + } <${+M + 1}.0.0` + } + } else { + debug('no pr') + if (M === '0') { + if (m === '0') { + ret = `>=${M}.${m}.${p + } <${M}.${m}.${+p + 1}` + } else { + ret = `>=${M}.${m}.${p + } <${M}.${+m + 1}.0` + } + } else { + ret = `>=${M}.${m}.${p + } <${+M + 1}.0.0` + } + } + + debug('caret return', ret) + return ret + }) +} + +const replaceXRanges = (comp, options) => { + debug('replaceXRanges', comp, options) + return comp.split(/\s+/).map((comp) => { + return replaceXRange(comp, options) + }).join(' ') +} + +const replaceXRange = (comp, options) => { + comp = comp.trim() + const r = options.loose ? re[t.XRANGELOOSE] : re[t.XRANGE] + return comp.replace(r, (ret, gtlt, M, m, p, pr) => { + debug('xRange', comp, ret, gtlt, M, m, p, pr) + const xM = isX(M) + const xm = xM || isX(m) + const xp = xm || isX(p) + const anyX = xp + + if (gtlt === '=' && anyX) { + gtlt = '' + } + + // if we're including prereleases in the match, then we need + // to fix this to -0, the lowest possible prerelease value + pr = options.includePrerelease ? '-0' : '' + + if (xM) { + if (gtlt === '>' || gtlt === '<') { + // nothing is allowed + ret = '<0.0.0-0' + } else { + // nothing is forbidden + ret = '*' + } + } else if (gtlt && anyX) { + // we know patch is an x, because we have any x at all. + // replace X with 0 + if (xm) { + m = 0 + } + p = 0 + + if (gtlt === '>') { + // >1 => >=2.0.0 + // >1.2 => >=1.3.0 + gtlt = '>=' + if (xm) { + M = +M + 1 + m = 0 + p = 0 + } else { + m = +m + 1 + p = 0 + } + } else if (gtlt === '<=') { + // <=0.7.x is actually <0.8.0, since any 0.7.x should + // pass. Similarly, <=7.x is actually <8.0.0, etc. + gtlt = '<' + if (xm) { + M = +M + 1 + } else { + m = +m + 1 + } + } + + ret = `${gtlt + M}.${m}.${p}${pr}` + } else if (xm) { + ret = `>=${M}.0.0${pr} <${+M + 1}.0.0${pr}` + } else if (xp) { + ret = `>=${M}.${m}.0${pr + } <${M}.${+m + 1}.0${pr}` + } + + debug('xRange return', ret) + + return ret + }) +} + +// Because * is AND-ed with everything else in the comparator, +// and '' means "any version", just remove the *s entirely. +const replaceStars = (comp, options) => { + debug('replaceStars', comp, options) + // Looseness is ignored here. star is always as loose as it gets! + return comp.trim().replace(re[t.STAR], '') +} + +// This function is passed to string.replace(re[t.HYPHENRANGE]) +// M, m, patch, prerelease, build +// 1.2 - 3.4.5 => >=1.2.0 <=3.4.5 +// 1.2.3 - 3.4 => >=1.2.0 <3.5.0 Any 3.4.x will do +// 1.2 - 3.4 => >=1.2.0 <3.5.0 +const hyphenReplace = ($0, + from, fM, fm, fp, fpr, fb, + to, tM, tm, tp, tpr, tb) => { + if (isX(fM)) { + from = '' + } else if (isX(fm)) { + from = `>=${fM}.0.0` + } else if (isX(fp)) { + from = `>=${fM}.${fm}.0` + } else { + from = `>=${from}` + } + + if (isX(tM)) { + to = '' + } else if (isX(tm)) { + to = `<${+tM + 1}.0.0` + } else if (isX(tp)) { + to = `<${tM}.${+tm + 1}.0` + } else if (tpr) { + to = `<=${tM}.${tm}.${tp}-${tpr}` + } else { + to = `<=${to}` + } + + return (`${from} ${to}`).trim() +} + +const testSet = (set, version, options) => { + for (let i = 0; i < set.length; i++) { + if (!set[i].test(version)) { + return false + } + } + + if (version.prerelease.length && !options.includePrerelease) { + // Find the set of versions that are allowed to have prereleases + // For example, ^1.2.3-pr.1 desugars to >=1.2.3-pr.1 <2.0.0 + // That should allow `1.2.3-pr.2` to pass. + // However, `1.2.4-alpha.notready` should NOT be allowed, + // even though it's within the range set by the comparators. + for (let i = 0; i < set.length; i++) { + debug(set[i].semver) + if (set[i].semver === Comparator.ANY) { + continue + } + + if (set[i].semver.prerelease.length > 0) { + const allowed = set[i].semver + if (allowed.major === version.major && + allowed.minor === version.minor && + allowed.patch === version.patch) { + return true + } + } + } + + // Version has a -pre, but it's not one of the ones we like. + return false + } + + return true +} diff --git a/node_modules/npm-pick-manifest/node_modules/semver/classes/semver.js b/node_modules/npm-pick-manifest/node_modules/semver/classes/semver.js new file mode 100644 index 000000000..73247ad2b --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/classes/semver.js @@ -0,0 +1,290 @@ +const debug = require('../internal/debug') +const { MAX_LENGTH, MAX_SAFE_INTEGER } = require('../internal/constants') +const { re, t } = require('../internal/re') + +const { compareIdentifiers } = require('../internal/identifiers') +class SemVer { + constructor (version, options) { + if (!options || typeof options !== 'object') { + options = { + loose: !!options, + includePrerelease: false + } + } + if (version instanceof SemVer) { + if (version.loose === !!options.loose && + version.includePrerelease === !!options.includePrerelease) { + return version + } else { + version = version.version + } + } else if (typeof version !== 'string') { + throw new TypeError(`Invalid Version: ${version}`) + } + + if (version.length > MAX_LENGTH) { + throw new TypeError( + `version is longer than ${MAX_LENGTH} characters` + ) + } + + debug('SemVer', version, options) + this.options = options + this.loose = !!options.loose + // this isn't actually relevant for versions, but keep it so that we + // don't run into trouble passing this.options around. + this.includePrerelease = !!options.includePrerelease + + const m = version.trim().match(options.loose ? re[t.LOOSE] : re[t.FULL]) + + if (!m) { + throw new TypeError(`Invalid Version: ${version}`) + } + + this.raw = version + + // these are actually numbers + this.major = +m[1] + this.minor = +m[2] + this.patch = +m[3] + + if (this.major > MAX_SAFE_INTEGER || this.major < 0) { + throw new TypeError('Invalid major version') + } + + if (this.minor > MAX_SAFE_INTEGER || this.minor < 0) { + throw new TypeError('Invalid minor version') + } + + if (this.patch > MAX_SAFE_INTEGER || this.patch < 0) { + throw new TypeError('Invalid patch version') + } + + // numberify any prerelease numeric ids + if (!m[4]) { + this.prerelease = [] + } else { + this.prerelease = m[4].split('.').map((id) => { + if (/^[0-9]+$/.test(id)) { + const num = +id + if (num >= 0 && num < MAX_SAFE_INTEGER) { + return num + } + } + return id + }) + } + + this.build = m[5] ? m[5].split('.') : [] + this.format() + } + + format () { + this.version = `${this.major}.${this.minor}.${this.patch}` + if (this.prerelease.length) { + this.version += `-${this.prerelease.join('.')}` + } + return this.version + } + + toString () { + return this.version + } + + compare (other) { + debug('SemVer.compare', this.version, this.options, other) + if (!(other instanceof SemVer)) { + if (typeof other === 'string' && other === this.version) { + return 0 + } + other = new SemVer(other, this.options) + } + + if (other.version === this.version) { + return 0 + } + + return this.compareMain(other) || this.comparePre(other) + } + + compareMain (other) { + if (!(other instanceof SemVer)) { + other = new SemVer(other, this.options) + } + + return ( + compareIdentifiers(this.major, other.major) || + compareIdentifiers(this.minor, other.minor) || + compareIdentifiers(this.patch, other.patch) + ) + } + + comparePre (other) { + if (!(other instanceof SemVer)) { + other = new SemVer(other, this.options) + } + + // NOT having a prerelease is > having one + if (this.prerelease.length && !other.prerelease.length) { + return -1 + } else if (!this.prerelease.length && other.prerelease.length) { + return 1 + } else if (!this.prerelease.length && !other.prerelease.length) { + return 0 + } + + let i = 0 + do { + const a = this.prerelease[i] + const b = other.prerelease[i] + debug('prerelease compare', i, a, b) + if (a === undefined && b === undefined) { + return 0 + } else if (b === undefined) { + return 1 + } else if (a === undefined) { + return -1 + } else if (a === b) { + continue + } else { + return compareIdentifiers(a, b) + } + } while (++i) + } + + compareBuild (other) { + if (!(other instanceof SemVer)) { + other = new SemVer(other, this.options) + } + + let i = 0 + do { + const a = this.build[i] + const b = other.build[i] + debug('prerelease compare', i, a, b) + if (a === undefined && b === undefined) { + return 0 + } else if (b === undefined) { + return 1 + } else if (a === undefined) { + return -1 + } else if (a === b) { + continue + } else { + return compareIdentifiers(a, b) + } + } while (++i) + } + + // preminor will bump the version up to the next minor release, and immediately + // down to pre-release. premajor and prepatch work the same way. + inc (release, identifier) { + switch (release) { + case 'premajor': + this.prerelease.length = 0 + this.patch = 0 + this.minor = 0 + this.major++ + this.inc('pre', identifier) + break + case 'preminor': + this.prerelease.length = 0 + this.patch = 0 + this.minor++ + this.inc('pre', identifier) + break + case 'prepatch': + // If this is already a prerelease, it will bump to the next version + // drop any prereleases that might already exist, since they are not + // relevant at this point. + this.prerelease.length = 0 + this.inc('patch', identifier) + this.inc('pre', identifier) + break + // If the input is a non-prerelease version, this acts the same as + // prepatch. + case 'prerelease': + if (this.prerelease.length === 0) { + this.inc('patch', identifier) + } + this.inc('pre', identifier) + break + + case 'major': + // If this is a pre-major version, bump up to the same major version. + // Otherwise increment major. + // 1.0.0-5 bumps to 1.0.0 + // 1.1.0 bumps to 2.0.0 + if ( + this.minor !== 0 || + this.patch !== 0 || + this.prerelease.length === 0 + ) { + this.major++ + } + this.minor = 0 + this.patch = 0 + this.prerelease = [] + break + case 'minor': + // If this is a pre-minor version, bump up to the same minor version. + // Otherwise increment minor. + // 1.2.0-5 bumps to 1.2.0 + // 1.2.1 bumps to 1.3.0 + if (this.patch !== 0 || this.prerelease.length === 0) { + this.minor++ + } + this.patch = 0 + this.prerelease = [] + break + case 'patch': + // If this is not a pre-release version, it will increment the patch. + // If it is a pre-release it will bump up to the same patch version. + // 1.2.0-5 patches to 1.2.0 + // 1.2.0 patches to 1.2.1 + if (this.prerelease.length === 0) { + this.patch++ + } + this.prerelease = [] + break + // This probably shouldn't be used publicly. + // 1.0.0 'pre' would become 1.0.0-0 which is the wrong direction. + case 'pre': + if (this.prerelease.length === 0) { + this.prerelease = [0] + } else { + let i = this.prerelease.length + while (--i >= 0) { + if (typeof this.prerelease[i] === 'number') { + this.prerelease[i]++ + i = -2 + } + } + if (i === -1) { + // didn't increment anything + this.prerelease.push(0) + } + } + if (identifier) { + // 1.2.0-beta.1 bumps to 1.2.0-beta.2, + // 1.2.0-beta.fooblz or 1.2.0-beta bumps to 1.2.0-beta.0 + if (this.prerelease[0] === identifier) { + if (isNaN(this.prerelease[1])) { + this.prerelease = [identifier, 0] + } + } else { + this.prerelease = [identifier, 0] + } + } + break + + default: + throw new Error(`invalid increment argument: ${release}`) + } + this.format() + this.raw = this.version + return this + } +} + +module.exports = SemVer diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/clean.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/clean.js new file mode 100644 index 000000000..811fe6b82 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/clean.js @@ -0,0 +1,6 @@ +const parse = require('./parse') +const clean = (version, options) => { + const s = parse(version.trim().replace(/^[=v]+/, ''), options) + return s ? s.version : null +} +module.exports = clean diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/cmp.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/cmp.js new file mode 100644 index 000000000..3b89db779 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/cmp.js @@ -0,0 +1,48 @@ +const eq = require('./eq') +const neq = require('./neq') +const gt = require('./gt') +const gte = require('./gte') +const lt = require('./lt') +const lte = require('./lte') + +const cmp = (a, op, b, loose) => { + switch (op) { + case '===': + if (typeof a === 'object') + a = a.version + if (typeof b === 'object') + b = b.version + return a === b + + case '!==': + if (typeof a === 'object') + a = a.version + if (typeof b === 'object') + b = b.version + return a !== b + + case '': + case '=': + case '==': + return eq(a, b, loose) + + case '!=': + return neq(a, b, loose) + + case '>': + return gt(a, b, loose) + + case '>=': + return gte(a, b, loose) + + case '<': + return lt(a, b, loose) + + case '<=': + return lte(a, b, loose) + + default: + throw new TypeError(`Invalid operator: ${op}`) + } +} +module.exports = cmp diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/coerce.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/coerce.js new file mode 100644 index 000000000..106ca71c9 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/coerce.js @@ -0,0 +1,51 @@ +const SemVer = require('../classes/semver') +const parse = require('./parse') +const {re, t} = require('../internal/re') + +const coerce = (version, options) => { + if (version instanceof SemVer) { + return version + } + + if (typeof version === 'number') { + version = String(version) + } + + if (typeof version !== 'string') { + return null + } + + options = options || {} + + let match = null + if (!options.rtl) { + match = version.match(re[t.COERCE]) + } else { + // Find the right-most coercible string that does not share + // a terminus with a more left-ward coercible string. + // Eg, '1.2.3.4' wants to coerce '2.3.4', not '3.4' or '4' + // + // Walk through the string checking with a /g regexp + // Manually set the index so as to pick up overlapping matches. + // Stop when we get a match that ends at the string end, since no + // coercible string can be more right-ward without the same terminus. + let next + while ((next = re[t.COERCERTL].exec(version)) && + (!match || match.index + match[0].length !== version.length) + ) { + if (!match || + next.index + next[0].length !== match.index + match[0].length) { + match = next + } + re[t.COERCERTL].lastIndex = next.index + next[1].length + next[2].length + } + // leave it in a clean state + re[t.COERCERTL].lastIndex = -1 + } + + if (match === null) + return null + + return parse(`${match[2]}.${match[3] || '0'}.${match[4] || '0'}`, options) +} +module.exports = coerce diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/compare-build.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/compare-build.js new file mode 100644 index 000000000..9eb881bef --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/compare-build.js @@ -0,0 +1,7 @@ +const SemVer = require('../classes/semver') +const compareBuild = (a, b, loose) => { + const versionA = new SemVer(a, loose) + const versionB = new SemVer(b, loose) + return versionA.compare(versionB) || versionA.compareBuild(versionB) +} +module.exports = compareBuild diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/compare-loose.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/compare-loose.js new file mode 100644 index 000000000..4881fbe00 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/compare-loose.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const compareLoose = (a, b) => compare(a, b, true) +module.exports = compareLoose diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/compare.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/compare.js new file mode 100644 index 000000000..748b7afa5 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/compare.js @@ -0,0 +1,5 @@ +const SemVer = require('../classes/semver') +const compare = (a, b, loose) => + new SemVer(a, loose).compare(new SemVer(b, loose)) + +module.exports = compare diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/diff.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/diff.js new file mode 100644 index 000000000..87200ef3b --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/diff.js @@ -0,0 +1,23 @@ +const parse = require('./parse') +const eq = require('./eq') + +const diff = (version1, version2) => { + if (eq(version1, version2)) { + return null + } else { + const v1 = parse(version1) + const v2 = parse(version2) + const hasPre = v1.prerelease.length || v2.prerelease.length + const prefix = hasPre ? 'pre' : '' + const defaultResult = hasPre ? 'prerelease' : '' + for (const key in v1) { + if (key === 'major' || key === 'minor' || key === 'patch') { + if (v1[key] !== v2[key]) { + return prefix + key + } + } + } + return defaultResult // may be undefined + } +} +module.exports = diff diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/eq.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/eq.js new file mode 100644 index 000000000..271fed976 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/eq.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const eq = (a, b, loose) => compare(a, b, loose) === 0 +module.exports = eq diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/gt.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/gt.js new file mode 100644 index 000000000..d9b2156d8 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/gt.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const gt = (a, b, loose) => compare(a, b, loose) > 0 +module.exports = gt diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/gte.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/gte.js new file mode 100644 index 000000000..5aeaa6347 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/gte.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const gte = (a, b, loose) => compare(a, b, loose) >= 0 +module.exports = gte diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/inc.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/inc.js new file mode 100644 index 000000000..aa4d83ab4 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/inc.js @@ -0,0 +1,15 @@ +const SemVer = require('../classes/semver') + +const inc = (version, release, options, identifier) => { + if (typeof (options) === 'string') { + identifier = options + options = undefined + } + + try { + return new SemVer(version, options).inc(release, identifier).version + } catch (er) { + return null + } +} +module.exports = inc diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/lt.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/lt.js new file mode 100644 index 000000000..b440ab7d4 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/lt.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const lt = (a, b, loose) => compare(a, b, loose) < 0 +module.exports = lt diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/lte.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/lte.js new file mode 100644 index 000000000..6dcc95650 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/lte.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const lte = (a, b, loose) => compare(a, b, loose) <= 0 +module.exports = lte diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/major.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/major.js new file mode 100644 index 000000000..4283165e9 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/major.js @@ -0,0 +1,3 @@ +const SemVer = require('../classes/semver') +const major = (a, loose) => new SemVer(a, loose).major +module.exports = major diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/minor.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/minor.js new file mode 100644 index 000000000..57b3455f8 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/minor.js @@ -0,0 +1,3 @@ +const SemVer = require('../classes/semver') +const minor = (a, loose) => new SemVer(a, loose).minor +module.exports = minor diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/neq.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/neq.js new file mode 100644 index 000000000..f944c0157 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/neq.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const neq = (a, b, loose) => compare(a, b, loose) !== 0 +module.exports = neq diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/parse.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/parse.js new file mode 100644 index 000000000..457fee04a --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/parse.js @@ -0,0 +1,37 @@ +const {MAX_LENGTH} = require('../internal/constants') +const { re, t } = require('../internal/re') +const SemVer = require('../classes/semver') + +const parse = (version, options) => { + if (!options || typeof options !== 'object') { + options = { + loose: !!options, + includePrerelease: false + } + } + + if (version instanceof SemVer) { + return version + } + + if (typeof version !== 'string') { + return null + } + + if (version.length > MAX_LENGTH) { + return null + } + + const r = options.loose ? re[t.LOOSE] : re[t.FULL] + if (!r.test(version)) { + return null + } + + try { + return new SemVer(version, options) + } catch (er) { + return null + } +} + +module.exports = parse diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/patch.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/patch.js new file mode 100644 index 000000000..63afca252 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/patch.js @@ -0,0 +1,3 @@ +const SemVer = require('../classes/semver') +const patch = (a, loose) => new SemVer(a, loose).patch +module.exports = patch diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/prerelease.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/prerelease.js new file mode 100644 index 000000000..06aa13248 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/prerelease.js @@ -0,0 +1,6 @@ +const parse = require('./parse') +const prerelease = (version, options) => { + const parsed = parse(version, options) + return (parsed && parsed.prerelease.length) ? parsed.prerelease : null +} +module.exports = prerelease diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/rcompare.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/rcompare.js new file mode 100644 index 000000000..0ac509e79 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/rcompare.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const rcompare = (a, b, loose) => compare(b, a, loose) +module.exports = rcompare diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/rsort.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/rsort.js new file mode 100644 index 000000000..82404c5cf --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/rsort.js @@ -0,0 +1,3 @@ +const compareBuild = require('./compare-build') +const rsort = (list, loose) => list.sort((a, b) => compareBuild(b, a, loose)) +module.exports = rsort diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/satisfies.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/satisfies.js new file mode 100644 index 000000000..50af1c199 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/satisfies.js @@ -0,0 +1,10 @@ +const Range = require('../classes/range') +const satisfies = (version, range, options) => { + try { + range = new Range(range, options) + } catch (er) { + return false + } + return range.test(version) +} +module.exports = satisfies diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/sort.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/sort.js new file mode 100644 index 000000000..4d10917ab --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/sort.js @@ -0,0 +1,3 @@ +const compareBuild = require('./compare-build') +const sort = (list, loose) => list.sort((a, b) => compareBuild(a, b, loose)) +module.exports = sort diff --git a/node_modules/npm-pick-manifest/node_modules/semver/functions/valid.js b/node_modules/npm-pick-manifest/node_modules/semver/functions/valid.js new file mode 100644 index 000000000..f27bae107 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/functions/valid.js @@ -0,0 +1,6 @@ +const parse = require('./parse') +const valid = (version, options) => { + const v = parse(version, options) + return v ? v.version : null +} +module.exports = valid diff --git a/node_modules/npm-pick-manifest/node_modules/semver/index.js b/node_modules/npm-pick-manifest/node_modules/semver/index.js new file mode 100644 index 000000000..3a0b4e52c --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/index.js @@ -0,0 +1,46 @@ +// just pre-load all the stuff that index.js lazily exports +const internalRe = require('./internal/re') +module.exports = { + re: internalRe.re, + src: internalRe.src, + tokens: internalRe.t, + SEMVER_SPEC_VERSION: require('./internal/constants').SEMVER_SPEC_VERSION, + SemVer: require('./classes/semver'), + compareIdentifiers: require('./internal/identifiers').compareIdentifiers, + rcompareIdentifiers: require('./internal/identifiers').rcompareIdentifiers, + parse: require('./functions/parse'), + valid: require('./functions/valid'), + clean: require('./functions/clean'), + inc: require('./functions/inc'), + diff: require('./functions/diff'), + major: require('./functions/major'), + minor: require('./functions/minor'), + patch: require('./functions/patch'), + prerelease: require('./functions/prerelease'), + compare: require('./functions/compare'), + rcompare: require('./functions/rcompare'), + compareLoose: require('./functions/compare-loose'), + compareBuild: require('./functions/compare-build'), + sort: require('./functions/sort'), + rsort: require('./functions/rsort'), + gt: require('./functions/gt'), + lt: require('./functions/lt'), + eq: require('./functions/eq'), + neq: require('./functions/neq'), + gte: require('./functions/gte'), + lte: require('./functions/lte'), + cmp: require('./functions/cmp'), + coerce: require('./functions/coerce'), + Comparator: require('./classes/comparator'), + Range: require('./classes/range'), + satisfies: require('./functions/satisfies'), + toComparators: require('./ranges/to-comparators'), + maxSatisfying: require('./ranges/max-satisfying'), + minSatisfying: require('./ranges/min-satisfying'), + minVersion: require('./ranges/min-version'), + validRange: require('./ranges/valid'), + outside: require('./ranges/outside'), + gtr: require('./ranges/gtr'), + ltr: require('./ranges/ltr'), + intersects: require('./ranges/intersects'), +} diff --git a/node_modules/npm-pick-manifest/node_modules/semver/internal/constants.js b/node_modules/npm-pick-manifest/node_modules/semver/internal/constants.js new file mode 100644 index 000000000..49df215ad --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/internal/constants.js @@ -0,0 +1,17 @@ +// Note: this is the semver.org version of the spec that it implements +// Not necessarily the package version of this code. +const SEMVER_SPEC_VERSION = '2.0.0' + +const MAX_LENGTH = 256 +const MAX_SAFE_INTEGER = Number.MAX_SAFE_INTEGER || + /* istanbul ignore next */ 9007199254740991 + +// Max safe segment length for coercion. +const MAX_SAFE_COMPONENT_LENGTH = 16 + +module.exports = { + SEMVER_SPEC_VERSION, + MAX_LENGTH, + MAX_SAFE_INTEGER, + MAX_SAFE_COMPONENT_LENGTH +} diff --git a/node_modules/npm-pick-manifest/node_modules/semver/internal/debug.js b/node_modules/npm-pick-manifest/node_modules/semver/internal/debug.js new file mode 100644 index 000000000..1c00e1369 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/internal/debug.js @@ -0,0 +1,9 @@ +const debug = ( + typeof process === 'object' && + process.env && + process.env.NODE_DEBUG && + /\bsemver\b/i.test(process.env.NODE_DEBUG) +) ? (...args) => console.error('SEMVER', ...args) + : () => {} + +module.exports = debug diff --git a/node_modules/npm-pick-manifest/node_modules/semver/internal/identifiers.js b/node_modules/npm-pick-manifest/node_modules/semver/internal/identifiers.js new file mode 100644 index 000000000..ed1309421 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/internal/identifiers.js @@ -0,0 +1,23 @@ +const numeric = /^[0-9]+$/ +const compareIdentifiers = (a, b) => { + const anum = numeric.test(a) + const bnum = numeric.test(b) + + if (anum && bnum) { + a = +a + b = +b + } + + return a === b ? 0 + : (anum && !bnum) ? -1 + : (bnum && !anum) ? 1 + : a < b ? -1 + : 1 +} + +const rcompareIdentifiers = (a, b) => compareIdentifiers(b, a) + +module.exports = { + compareIdentifiers, + rcompareIdentifiers +} diff --git a/node_modules/npm-pick-manifest/node_modules/semver/internal/re.js b/node_modules/npm-pick-manifest/node_modules/semver/internal/re.js new file mode 100644 index 000000000..0e8fb5289 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/internal/re.js @@ -0,0 +1,179 @@ +const { MAX_SAFE_COMPONENT_LENGTH } = require('./constants') +const debug = require('./debug') +exports = module.exports = {} + +// The actual regexps go on exports.re +const re = exports.re = [] +const src = exports.src = [] +const t = exports.t = {} +let R = 0 + +const createToken = (name, value, isGlobal) => { + const index = R++ + debug(index, value) + t[name] = index + src[index] = value + re[index] = new RegExp(value, isGlobal ? 'g' : undefined) +} + +// The following Regular Expressions can be used for tokenizing, +// validating, and parsing SemVer version strings. + +// ## Numeric Identifier +// A single `0`, or a non-zero digit followed by zero or more digits. + +createToken('NUMERICIDENTIFIER', '0|[1-9]\\d*') +createToken('NUMERICIDENTIFIERLOOSE', '[0-9]+') + +// ## Non-numeric Identifier +// Zero or more digits, followed by a letter or hyphen, and then zero or +// more letters, digits, or hyphens. + +createToken('NONNUMERICIDENTIFIER', '\\d*[a-zA-Z-][a-zA-Z0-9-]*') + +// ## Main Version +// Three dot-separated numeric identifiers. + +createToken('MAINVERSION', `(${src[t.NUMERICIDENTIFIER]})\\.` + + `(${src[t.NUMERICIDENTIFIER]})\\.` + + `(${src[t.NUMERICIDENTIFIER]})`) + +createToken('MAINVERSIONLOOSE', `(${src[t.NUMERICIDENTIFIERLOOSE]})\\.` + + `(${src[t.NUMERICIDENTIFIERLOOSE]})\\.` + + `(${src[t.NUMERICIDENTIFIERLOOSE]})`) + +// ## Pre-release Version Identifier +// A numeric identifier, or a non-numeric identifier. + +createToken('PRERELEASEIDENTIFIER', `(?:${src[t.NUMERICIDENTIFIER] +}|${src[t.NONNUMERICIDENTIFIER]})`) + +createToken('PRERELEASEIDENTIFIERLOOSE', `(?:${src[t.NUMERICIDENTIFIERLOOSE] +}|${src[t.NONNUMERICIDENTIFIER]})`) + +// ## Pre-release Version +// Hyphen, followed by one or more dot-separated pre-release version +// identifiers. + +createToken('PRERELEASE', `(?:-(${src[t.PRERELEASEIDENTIFIER] +}(?:\\.${src[t.PRERELEASEIDENTIFIER]})*))`) + +createToken('PRERELEASELOOSE', `(?:-?(${src[t.PRERELEASEIDENTIFIERLOOSE] +}(?:\\.${src[t.PRERELEASEIDENTIFIERLOOSE]})*))`) + +// ## Build Metadata Identifier +// Any combination of digits, letters, or hyphens. + +createToken('BUILDIDENTIFIER', '[0-9A-Za-z-]+') + +// ## Build Metadata +// Plus sign, followed by one or more period-separated build metadata +// identifiers. + +createToken('BUILD', `(?:\\+(${src[t.BUILDIDENTIFIER] +}(?:\\.${src[t.BUILDIDENTIFIER]})*))`) + +// ## Full Version String +// A main version, followed optionally by a pre-release version and +// build metadata. + +// Note that the only major, minor, patch, and pre-release sections of +// the version string are capturing groups. The build metadata is not a +// capturing group, because it should not ever be used in version +// comparison. + +createToken('FULLPLAIN', `v?${src[t.MAINVERSION] +}${src[t.PRERELEASE]}?${ + src[t.BUILD]}?`) + +createToken('FULL', `^${src[t.FULLPLAIN]}$`) + +// like full, but allows v1.2.3 and =1.2.3, which people do sometimes. +// also, 1.0.0alpha1 (prerelease without the hyphen) which is pretty +// common in the npm registry. +createToken('LOOSEPLAIN', `[v=\\s]*${src[t.MAINVERSIONLOOSE] +}${src[t.PRERELEASELOOSE]}?${ + src[t.BUILD]}?`) + +createToken('LOOSE', `^${src[t.LOOSEPLAIN]}$`) + +createToken('GTLT', '((?:<|>)?=?)') + +// Something like "2.*" or "1.2.x". +// Note that "x.x" is a valid xRange identifer, meaning "any version" +// Only the first item is strictly required. +createToken('XRANGEIDENTIFIERLOOSE', `${src[t.NUMERICIDENTIFIERLOOSE]}|x|X|\\*`) +createToken('XRANGEIDENTIFIER', `${src[t.NUMERICIDENTIFIER]}|x|X|\\*`) + +createToken('XRANGEPLAIN', `[v=\\s]*(${src[t.XRANGEIDENTIFIER]})` + + `(?:\\.(${src[t.XRANGEIDENTIFIER]})` + + `(?:\\.(${src[t.XRANGEIDENTIFIER]})` + + `(?:${src[t.PRERELEASE]})?${ + src[t.BUILD]}?` + + `)?)?`) + +createToken('XRANGEPLAINLOOSE', `[v=\\s]*(${src[t.XRANGEIDENTIFIERLOOSE]})` + + `(?:\\.(${src[t.XRANGEIDENTIFIERLOOSE]})` + + `(?:\\.(${src[t.XRANGEIDENTIFIERLOOSE]})` + + `(?:${src[t.PRERELEASELOOSE]})?${ + src[t.BUILD]}?` + + `)?)?`) + +createToken('XRANGE', `^${src[t.GTLT]}\\s*${src[t.XRANGEPLAIN]}$`) +createToken('XRANGELOOSE', `^${src[t.GTLT]}\\s*${src[t.XRANGEPLAINLOOSE]}$`) + +// Coercion. +// Extract anything that could conceivably be a part of a valid semver +createToken('COERCE', `${'(^|[^\\d])' + + '(\\d{1,'}${MAX_SAFE_COMPONENT_LENGTH}})` + + `(?:\\.(\\d{1,${MAX_SAFE_COMPONENT_LENGTH}}))?` + + `(?:\\.(\\d{1,${MAX_SAFE_COMPONENT_LENGTH}}))?` + + `(?:$|[^\\d])`) +createToken('COERCERTL', src[t.COERCE], true) + +// Tilde ranges. +// Meaning is "reasonably at or greater than" +createToken('LONETILDE', '(?:~>?)') + +createToken('TILDETRIM', `(\\s*)${src[t.LONETILDE]}\\s+`, true) +exports.tildeTrimReplace = '$1~' + +createToken('TILDE', `^${src[t.LONETILDE]}${src[t.XRANGEPLAIN]}$`) +createToken('TILDELOOSE', `^${src[t.LONETILDE]}${src[t.XRANGEPLAINLOOSE]}$`) + +// Caret ranges. +// Meaning is "at least and backwards compatible with" +createToken('LONECARET', '(?:\\^)') + +createToken('CARETTRIM', `(\\s*)${src[t.LONECARET]}\\s+`, true) +exports.caretTrimReplace = '$1^' + +createToken('CARET', `^${src[t.LONECARET]}${src[t.XRANGEPLAIN]}$`) +createToken('CARETLOOSE', `^${src[t.LONECARET]}${src[t.XRANGEPLAINLOOSE]}$`) + +// A simple gt/lt/eq thing, or just "" to indicate "any version" +createToken('COMPARATORLOOSE', `^${src[t.GTLT]}\\s*(${src[t.LOOSEPLAIN]})$|^$`) +createToken('COMPARATOR', `^${src[t.GTLT]}\\s*(${src[t.FULLPLAIN]})$|^$`) + +// An expression to strip any whitespace between the gtlt and the thing +// it modifies, so that `> 1.2.3` ==> `>1.2.3` +createToken('COMPARATORTRIM', `(\\s*)${src[t.GTLT] +}\\s*(${src[t.LOOSEPLAIN]}|${src[t.XRANGEPLAIN]})`, true) +exports.comparatorTrimReplace = '$1$2$3' + +// Something like `1.2.3 - 1.2.4` +// Note that these all use the loose form, because they'll be +// checked against either the strict or loose comparator form +// later. +createToken('HYPHENRANGE', `^\\s*(${src[t.XRANGEPLAIN]})` + + `\\s+-\\s+` + + `(${src[t.XRANGEPLAIN]})` + + `\\s*$`) + +createToken('HYPHENRANGELOOSE', `^\\s*(${src[t.XRANGEPLAINLOOSE]})` + + `\\s+-\\s+` + + `(${src[t.XRANGEPLAINLOOSE]})` + + `\\s*$`) + +// Star ranges basically just allow anything at all. +createToken('STAR', '(<|>)?=?\\s*\\*') diff --git a/node_modules/npm-pick-manifest/node_modules/semver/package.json b/node_modules/npm-pick-manifest/node_modules/semver/package.json new file mode 100644 index 000000000..659e69e2f --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/package.json @@ -0,0 +1,72 @@ +{ + "_from": "semver@^7.0.0", + "_id": "semver@7.1.3", + "_inBundle": false, + "_integrity": "sha512-ekM0zfiA9SCBlsKa2X1hxyxiI4L3B6EbVJkkdgQXnSEEaHlGdvyodMruTiulSRWMMB4NeIuYNMC9rTKTz97GxA==", + "_location": "/npm-pick-manifest/semver", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "semver@^7.0.0", + "name": "semver", + "escapedName": "semver", + "rawSpec": "^7.0.0", + "saveSpec": null, + "fetchSpec": "^7.0.0" + }, + "_requiredBy": [ + "/npm-pick-manifest", + "/npm-pick-manifest/npm-install-checks", + "/npm-pick-manifest/npm-package-arg" + ], + "_resolved": "https://registry.npmjs.org/semver/-/semver-7.1.3.tgz", + "_shasum": "e4345ce73071c53f336445cfc19efb1c311df2a6", + "_spec": "semver@^7.0.0", + "_where": "/Users/claudiahdz/npm/cli/node_modules/npm-pick-manifest", + "bin": { + "semver": "bin/semver.js" + }, + "bugs": { + "url": "https://github.com/npm/node-semver/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "The semantic version parser used by npm.", + "devDependencies": { + "tap": "^14.10.2" + }, + "engines": { + "node": ">=10" + }, + "files": [ + "bin", + "range.bnf", + "classes", + "functions", + "internal", + "ranges", + "index.js", + "preload.js" + ], + "homepage": "https://github.com/npm/node-semver#readme", + "license": "ISC", + "main": "index.js", + "name": "semver", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/node-semver.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "snap": "tap", + "test": "tap" + }, + "tap": { + "check-coverage": true, + "coverage-map": "map.js" + }, + "version": "7.1.3" +} diff --git a/node_modules/npm-pick-manifest/node_modules/semver/preload.js b/node_modules/npm-pick-manifest/node_modules/semver/preload.js new file mode 100644 index 000000000..947cd4f79 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/preload.js @@ -0,0 +1,2 @@ +// XXX remove in v8 or beyond +module.exports = require('./index.js') diff --git a/node_modules/npm-pick-manifest/node_modules/semver/range.bnf b/node_modules/npm-pick-manifest/node_modules/semver/range.bnf new file mode 100644 index 000000000..d4c6ae0d7 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/range.bnf @@ -0,0 +1,16 @@ +range-set ::= range ( logical-or range ) * +logical-or ::= ( ' ' ) * '||' ( ' ' ) * +range ::= hyphen | simple ( ' ' simple ) * | '' +hyphen ::= partial ' - ' partial +simple ::= primitive | partial | tilde | caret +primitive ::= ( '<' | '>' | '>=' | '<=' | '=' ) partial +partial ::= xr ( '.' xr ( '.' xr qualifier ? )? )? +xr ::= 'x' | 'X' | '*' | nr +nr ::= '0' | [1-9] ( [0-9] ) * +tilde ::= '~' partial +caret ::= '^' partial +qualifier ::= ( '-' pre )? ( '+' build )? +pre ::= parts +build ::= parts +parts ::= part ( '.' part ) * +part ::= nr | [-0-9A-Za-z]+ diff --git a/node_modules/npm-pick-manifest/node_modules/semver/ranges/gtr.js b/node_modules/npm-pick-manifest/node_modules/semver/ranges/gtr.js new file mode 100644 index 000000000..db7e35599 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/ranges/gtr.js @@ -0,0 +1,4 @@ +// Determine if version is greater than all the versions possible in the range. +const outside = require('./outside') +const gtr = (version, range, options) => outside(version, range, '>', options) +module.exports = gtr diff --git a/node_modules/npm-pick-manifest/node_modules/semver/ranges/intersects.js b/node_modules/npm-pick-manifest/node_modules/semver/ranges/intersects.js new file mode 100644 index 000000000..3d1a6f31d --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/ranges/intersects.js @@ -0,0 +1,7 @@ +const Range = require('../classes/range') +const intersects = (r1, r2, options) => { + r1 = new Range(r1, options) + r2 = new Range(r2, options) + return r1.intersects(r2) +} +module.exports = intersects diff --git a/node_modules/npm-pick-manifest/node_modules/semver/ranges/ltr.js b/node_modules/npm-pick-manifest/node_modules/semver/ranges/ltr.js new file mode 100644 index 000000000..528a885eb --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/ranges/ltr.js @@ -0,0 +1,4 @@ +const outside = require('./outside') +// Determine if version is less than all the versions possible in the range +const ltr = (version, range, options) => outside(version, range, '<', options) +module.exports = ltr diff --git a/node_modules/npm-pick-manifest/node_modules/semver/ranges/max-satisfying.js b/node_modules/npm-pick-manifest/node_modules/semver/ranges/max-satisfying.js new file mode 100644 index 000000000..6e3d993c6 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/ranges/max-satisfying.js @@ -0,0 +1,25 @@ +const SemVer = require('../classes/semver') +const Range = require('../classes/range') + +const maxSatisfying = (versions, range, options) => { + let max = null + let maxSV = null + let rangeObj = null + try { + rangeObj = new Range(range, options) + } catch (er) { + return null + } + versions.forEach((v) => { + if (rangeObj.test(v)) { + // satisfies(v, range, options) + if (!max || maxSV.compare(v) === -1) { + // compare(max, v, true) + max = v + maxSV = new SemVer(max, options) + } + } + }) + return max +} +module.exports = maxSatisfying diff --git a/node_modules/npm-pick-manifest/node_modules/semver/ranges/min-satisfying.js b/node_modules/npm-pick-manifest/node_modules/semver/ranges/min-satisfying.js new file mode 100644 index 000000000..9b60974e2 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/ranges/min-satisfying.js @@ -0,0 +1,24 @@ +const SemVer = require('../classes/semver') +const Range = require('../classes/range') +const minSatisfying = (versions, range, options) => { + let min = null + let minSV = null + let rangeObj = null + try { + rangeObj = new Range(range, options) + } catch (er) { + return null + } + versions.forEach((v) => { + if (rangeObj.test(v)) { + // satisfies(v, range, options) + if (!min || minSV.compare(v) === 1) { + // compare(min, v, true) + min = v + minSV = new SemVer(min, options) + } + } + }) + return min +} +module.exports = minSatisfying diff --git a/node_modules/npm-pick-manifest/node_modules/semver/ranges/min-version.js b/node_modules/npm-pick-manifest/node_modules/semver/ranges/min-version.js new file mode 100644 index 000000000..7118d237b --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/ranges/min-version.js @@ -0,0 +1,57 @@ +const SemVer = require('../classes/semver') +const Range = require('../classes/range') +const gt = require('../functions/gt') + +const minVersion = (range, loose) => { + range = new Range(range, loose) + + let minver = new SemVer('0.0.0') + if (range.test(minver)) { + return minver + } + + minver = new SemVer('0.0.0-0') + if (range.test(minver)) { + return minver + } + + minver = null + for (let i = 0; i < range.set.length; ++i) { + const comparators = range.set[i] + + comparators.forEach((comparator) => { + // Clone to avoid manipulating the comparator's semver object. + const compver = new SemVer(comparator.semver.version) + switch (comparator.operator) { + case '>': + if (compver.prerelease.length === 0) { + compver.patch++ + } else { + compver.prerelease.push(0) + } + compver.raw = compver.format() + /* fallthrough */ + case '': + case '>=': + if (!minver || gt(minver, compver)) { + minver = compver + } + break + case '<': + case '<=': + /* Ignore maximum versions */ + break + /* istanbul ignore next */ + default: + throw new Error(`Unexpected operation: ${comparator.operator}`) + } + }) + } + + if (minver && range.test(minver)) { + return minver + } + + return null +} +module.exports = minVersion diff --git a/node_modules/npm-pick-manifest/node_modules/semver/ranges/outside.js b/node_modules/npm-pick-manifest/node_modules/semver/ranges/outside.js new file mode 100644 index 000000000..e35ed1176 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/ranges/outside.js @@ -0,0 +1,80 @@ +const SemVer = require('../classes/semver') +const Comparator = require('../classes/comparator') +const {ANY} = Comparator +const Range = require('../classes/range') +const satisfies = require('../functions/satisfies') +const gt = require('../functions/gt') +const lt = require('../functions/lt') +const lte = require('../functions/lte') +const gte = require('../functions/gte') + +const outside = (version, range, hilo, options) => { + version = new SemVer(version, options) + range = new Range(range, options) + + let gtfn, ltefn, ltfn, comp, ecomp + switch (hilo) { + case '>': + gtfn = gt + ltefn = lte + ltfn = lt + comp = '>' + ecomp = '>=' + break + case '<': + gtfn = lt + ltefn = gte + ltfn = gt + comp = '<' + ecomp = '<=' + break + default: + throw new TypeError('Must provide a hilo val of "<" or ">"') + } + + // If it satisifes the range it is not outside + if (satisfies(version, range, options)) { + return false + } + + // From now on, variable terms are as if we're in "gtr" mode. + // but note that everything is flipped for the "ltr" function. + + for (let i = 0; i < range.set.length; ++i) { + const comparators = range.set[i] + + let high = null + let low = null + + comparators.forEach((comparator) => { + if (comparator.semver === ANY) { + comparator = new Comparator('>=0.0.0') + } + high = high || comparator + low = low || comparator + if (gtfn(comparator.semver, high.semver, options)) { + high = comparator + } else if (ltfn(comparator.semver, low.semver, options)) { + low = comparator + } + }) + + // If the edge version comparator has a operator then our version + // isn't outside it + if (high.operator === comp || high.operator === ecomp) { + return false + } + + // If the lowest version comparator has an operator and our version + // is less than it then it isn't higher than the range + if ((!low.operator || low.operator === comp) && + ltefn(version, low.semver)) { + return false + } else if (low.operator === ecomp && ltfn(version, low.semver)) { + return false + } + } + return true +} + +module.exports = outside diff --git a/node_modules/npm-pick-manifest/node_modules/semver/ranges/to-comparators.js b/node_modules/npm-pick-manifest/node_modules/semver/ranges/to-comparators.js new file mode 100644 index 000000000..6c8bc7e6f --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/ranges/to-comparators.js @@ -0,0 +1,8 @@ +const Range = require('../classes/range') + +// Mostly just for testing and legacy API reasons +const toComparators = (range, options) => + new Range(range, options).set + .map(comp => comp.map(c => c.value).join(' ').trim().split(' ')) + +module.exports = toComparators diff --git a/node_modules/npm-pick-manifest/node_modules/semver/ranges/valid.js b/node_modules/npm-pick-manifest/node_modules/semver/ranges/valid.js new file mode 100644 index 000000000..365f35689 --- /dev/null +++ b/node_modules/npm-pick-manifest/node_modules/semver/ranges/valid.js @@ -0,0 +1,11 @@ +const Range = require('../classes/range') +const validRange = (range, options) => { + try { + // Return '*' instead of '' so that truthiness works. + // This will throw if it's invalid anyway + return new Range(range, options).range || '*' + } catch (er) { + return null + } +} +module.exports = validRange diff --git a/node_modules/npm-pick-manifest/package.json b/node_modules/npm-pick-manifest/package.json index 5adbc2695..74bab6063 100644 --- a/node_modules/npm-pick-manifest/package.json +++ b/node_modules/npm-pick-manifest/package.json @@ -1,28 +1,31 @@ { - "_from": "npm-pick-manifest@3.0.2", - "_id": "npm-pick-manifest@3.0.2", + "_from": "npm-pick-manifest@6.0.0", + "_id": "npm-pick-manifest@6.0.0", "_inBundle": false, - "_integrity": "sha512-wNprTNg+X5nf+tDi+hbjdHhM4bX+mKqv6XmPh7B5eG+QY9VARfQPfCEH013H5GqfNj6ee8Ij2fg8yk0mzps1Vw==", + "_integrity": "sha512-PdJpXMvjqt4nftNEDpCgjBUF8yI3Q3MyuAmVB9nemnnCg32F4BPL/JFBfdj8DubgHCYUFQhtLWmBPvdsFtjWMg==", "_location": "/npm-pick-manifest", - "_phantomChildren": {}, + "_phantomChildren": { + "lru-cache": "5.1.1", + "osenv": "0.1.5", + "validate-npm-package-name": "3.0.0" + }, "_requested": { "type": "version", "registry": true, - "raw": "npm-pick-manifest@3.0.2", + "raw": "npm-pick-manifest@6.0.0", "name": "npm-pick-manifest", "escapedName": "npm-pick-manifest", - "rawSpec": "3.0.2", + "rawSpec": "6.0.0", "saveSpec": null, - "fetchSpec": "3.0.2" + "fetchSpec": "6.0.0" }, "_requiredBy": [ "#USER", - "/", - "/pacote" + "/" ], - "_resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-3.0.2.tgz", - "_shasum": "f4d9e5fd4be2153e5f4e5f9b7be8dc419a99abb7", - "_spec": "npm-pick-manifest@3.0.2", + "_resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-6.0.0.tgz", + "_shasum": "bfde7abe95f2670aed1629a3c18245ccb3cc2eb8", + "_spec": "npm-pick-manifest@6.0.0", "_where": "/Users/claudiahdz/npm/cli", "author": { "name": "Kat Marchán", @@ -32,28 +35,17 @@ "url": "https://github.com/npm/npm-pick-manifest/issues" }, "bundleDependencies": false, - "config": { - "nyc": { - "exclude": [ - "node_modules/**", - "test/**" - ] - } - }, "dependencies": { - "figgy-pudding": "^3.5.1", - "npm-package-arg": "^6.0.0", - "semver": "^5.4.1" + "npm-install-checks": "^4.0.0", + "npm-package-arg": "^8.0.0", + "semver": "^7.0.0" }, "deprecated": false, "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", "devDependencies": { - "nyc": "^13.1.0", - "standard": "^10.0.3", - "standard-version": "^4.4.0", - "tap": "^12.0.1", - "weallbehave": "^1.2.0", - "weallcontribute": "^1.0.8" + "standard": "^14.3.1", + "standard-version": "^7.0.1", + "tap": "^14.10.2" }, "files": [ "*.js" @@ -72,13 +64,17 @@ "url": "git+https://github.com/npm/npm-pick-manifest.git" }, "scripts": { - "postrelease": "npm publish && git push --follow-tags", + "coverage": "tap", + "lint": "standard", + "postrelease": "npm publish", + "posttest": "npm run lint", + "prepublishOnly": "git push --follow-tags", "prerelease": "npm t", - "pretest": "standard", "release": "standard-version -s", - "test": "tap -J --100 --coverage test/*.js", - "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", - "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + "test": "tap" + }, + "tap": { + "check-coverage": true }, - "version": "3.0.2" + "version": "6.0.0" } diff --git a/node_modules/npm-profile/index.js b/node_modules/npm-profile/index.js index d9c48c131..b7f753fb4 100644 --- a/node_modules/npm-profile/index.js +++ b/node_modules/npm-profile/index.js @@ -1,7 +1,7 @@ 'use strict' const fetch = require('npm-registry-fetch') -const { HttpErrorBase } = require('npm-registry-fetch/errors.js') +const {HttpErrorBase} = require('npm-registry-fetch/errors.js') const os = require('os') const pudding = require('figgy-pudding') const validate = require('aproba') @@ -18,16 +18,6 @@ exports.listTokens = listTokens exports.removeToken = removeToken exports.createToken = createToken -const url = require('url') - -const isValidUrl = u => { - if (u && typeof u === 'string') { - const p = url.parse(u) - return p.slashes && p.host && p.path && /^https?:$/.test(p.protocol) - } - return false -} - const ProfileConfig = pudding({ creds: {}, hostname: {}, @@ -86,16 +76,21 @@ function webAuth (opener, opts, body) { })).then(res => { return Promise.all([res, res.json()]) }).then(([res, content]) => { - const { doneUrl, loginUrl } = content + const {doneUrl, loginUrl} = content process.emit('log', 'verbose', 'web auth', 'got response', content) - if (!isValidUrl(doneUrl) || !isValidUrl(loginUrl)) { + if ( + typeof doneUrl !== 'string' || + typeof loginUrl !== 'string' || + !doneUrl || + !loginUrl + ) { throw new WebLoginInvalidResponse('POST', res, content) } return content - }).then(({ doneUrl, loginUrl }) => { + }).then(({doneUrl, loginUrl}) => { process.emit('log', 'verbose', 'web auth', 'opening url pair') return opener(loginUrl).then( - () => webAuthCheckLogin(doneUrl, opts.concat({ cache: false })) + () => webAuthCheckLogin(doneUrl, opts.concat({cache: false})) ) }).catch(er => { if ((er.statusCode >= 400 && er.statusCode <= 499) || er.statusCode === 500) { @@ -188,7 +183,7 @@ function loginCouch (username, password, opts) { } if (err.code !== 'E409') throw err return fetch.json(target, opts.concat({ - query: { write: true } + query: {write: true} })).then(result => { Object.keys(result).forEach(function (k) { if (!body[k] || k === 'roles') { diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 000000000..8eee50a47 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,239 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="4.0.2"></a> +## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04) + + +### Bug Fixes + +* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9) +* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) + + +* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) + + +### BREAKING CHANGES + +* uid and gid are inferred from cache folder, rather than +being passed in as options. + + + +<a name="3.9.1"></a> +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + +<a name="3.9.0"></a> +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + +<a name="3.8.0"></a> +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + +<a name="3.7.0"></a> +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + +<a name="3.6.0"></a> +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + +<a name="3.5.0"></a> +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + +<a name="3.4.0"></a> +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + +<a name="3.3.0"></a> +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + +<a name="3.2.1"></a> +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + +<a name="3.2.0"></a> +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + +<a name="3.1.1"></a> +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + +<a name="3.1.0"></a> +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="1.1.1"></a> +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + +<a name="1.1.0"></a> +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + +<a name="1.0.1"></a> +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + +<a name="1.0.0"></a> +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/README.md b/node_modules/npm-profile/node_modules/npm-registry-fetch/README.md new file mode 100644 index 000000000..0c3f4f946 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### <a name="fetch"></a> `> fetch(url, [opts]) -> Promise<Response>` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### <a name="fetch-json"></a> `> fetch.json(url, [opts]) -> Promise<ResponseJSON>` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### <a name="fetch-json-stream"></a> `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### <a name="fetch-opts"></a> `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### <a name="opts-agent"></a> `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### <a name="opts-body"></a> `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### <a name="opts-ca"></a> `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### <a name="opts-cache"></a> `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### <a name="opts-cert"></a> `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### <a name="opts-fetch-retries"></a> `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-factor"></a> `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-mintimeout"></a> `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-maxtimeout"></a> `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-force-auth"></a> `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### <a name="opts-gzip"></a> `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### <a name="opts-headers"></a> `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### <a name="opts-ignore-body"></a> `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### <a name="opts-integrity"></a> `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### <a name='opts-is-from-ci'></a> `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### <a name="opts-key"></a> `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### <a name="opts-local-address"></a> `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### <a name="opts-log"></a> `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### <a name="opts-map-json"></a> `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### <a name="opts-maxsockets"></a> `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### <a name="opts-method"></a> `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### <a name="opts-noproxy"></a> `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### <a name="opts-npm-session"></a> `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### <a name="opts-offline"></a> `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-otp"></a> `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### <a name="opts-password"></a> `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### <a name="opts-prefer-offline"></a> `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-prefer-online"></a> `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### <a name="opts-project-scope"></a> `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### <a name="opts-proxy"></a> `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### <a name="opts-query"></a> `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### <a name="opts-refer"></a> `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### <a name="opts-registry"></a> `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.<scope>:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### <a name="opts-retry"></a> `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### <a name="opts-scope"></a> `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.<scope>:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### <a name="opts-scope-registry"></a> `opts.<scope>:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### <a name="opts-spec"></a> `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### <a name="opts-strict-ssl"></a> `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### <a name="opts-timeout"></a> `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### <a name="opts-token"></a> `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### <a name="opts-user-agent"></a> `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@<version>/node@<node-version>+<arch> (<platform>)'` + +User agent string to send in the `User-Agent` header. + +##### <a name="opts-username"></a> `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### <a name="opts-auth"></a> `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/auth.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 000000000..d583982d0 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/check-response.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 000000000..14058239b --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/config.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/config.js new file mode 100644 index 000000000..1c43b26ea --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,96 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/errors.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 000000000..ba78735fc --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/index.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/index.js new file mode 100644 index 000000000..c18487388 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,191 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/package.json b/node_modules/npm-profile/node_modules/npm-registry-fetch/package.json new file mode 100644 index 000000000..d8e188689 --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,93 @@ +{ + "_from": "npm-registry-fetch@^4.0.0", + "_id": "npm-registry-fetch@4.0.2", + "_inBundle": false, + "_integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "_location": "/npm-profile/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^4.0.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/npm-profile" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "_shasum": "2b1434f93ccbe6b6385f8e45f45db93e16921d7a", + "_spec": "npm-registry-fetch@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-profile", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^12.0.0", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/npm-profile/node_modules/npm-registry-fetch/silentlog.js b/node_modules/npm-profile/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 000000000..886c5d55b --- /dev/null +++ b/node_modules/npm-profile/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/npm-profile/node_modules/safe-buffer/LICENSE b/node_modules/npm-profile/node_modules/safe-buffer/LICENSE new file mode 100644 index 000000000..0c068ceec --- /dev/null +++ b/node_modules/npm-profile/node_modules/safe-buffer/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) Feross Aboukhadijeh + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/npm-profile/node_modules/safe-buffer/README.md b/node_modules/npm-profile/node_modules/safe-buffer/README.md new file mode 100644 index 000000000..356e35193 --- /dev/null +++ b/node_modules/npm-profile/node_modules/safe-buffer/README.md @@ -0,0 +1,586 @@ +# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] + +[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg +[travis-url]: https://travis-ci.org/feross/safe-buffer +[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg +[npm-url]: https://npmjs.org/package/safe-buffer +[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg +[downloads-url]: https://npmjs.org/package/safe-buffer +[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg +[standard-url]: https://standardjs.com + +#### Safer Node.js Buffer API + +**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`, +`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.** + +**Uses the built-in implementation when available.** + +## install + +``` +npm install safe-buffer +``` + +[Get supported safe-buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-safe-buffer?utm_source=npm-safe-buffer&utm_medium=referral&utm_campaign=readme) + +## usage + +The goal of this package is to provide a safe replacement for the node.js `Buffer`. + +It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to +the top of your node.js modules: + +```js +var Buffer = require('safe-buffer').Buffer + +// Existing buffer code will continue to work without issues: + +new Buffer('hey', 'utf8') +new Buffer([1, 2, 3], 'utf8') +new Buffer(obj) +new Buffer(16) // create an uninitialized buffer (potentially unsafe) + +// But you can use these new explicit APIs to make clear what you want: + +Buffer.from('hey', 'utf8') // convert from many types to a Buffer +Buffer.alloc(16) // create a zero-filled buffer (safe) +Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe) +``` + +## api + +### Class Method: Buffer.from(array) +<!-- YAML +added: v3.0.0 +--> + +* `array` {Array} + +Allocates a new `Buffer` using an `array` of octets. + +```js +const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]); + // creates a new Buffer containing ASCII bytes + // ['b','u','f','f','e','r'] +``` + +A `TypeError` will be thrown if `array` is not an `Array`. + +### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]]) +<!-- YAML +added: v5.10.0 +--> + +* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or + a `new ArrayBuffer()` +* `byteOffset` {Number} Default: `0` +* `length` {Number} Default: `arrayBuffer.length - byteOffset` + +When passed a reference to the `.buffer` property of a `TypedArray` instance, +the newly created `Buffer` will share the same allocated memory as the +TypedArray. + +```js +const arr = new Uint16Array(2); +arr[0] = 5000; +arr[1] = 4000; + +const buf = Buffer.from(arr.buffer); // shares the memory with arr; + +console.log(buf); + // Prints: <Buffer 88 13 a0 0f> + +// changing the TypedArray changes the Buffer also +arr[1] = 6000; + +console.log(buf); + // Prints: <Buffer 88 13 70 17> +``` + +The optional `byteOffset` and `length` arguments specify a memory range within +the `arrayBuffer` that will be shared by the `Buffer`. + +```js +const ab = new ArrayBuffer(10); +const buf = Buffer.from(ab, 0, 2); +console.log(buf.length); + // Prints: 2 +``` + +A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`. + +### Class Method: Buffer.from(buffer) +<!-- YAML +added: v3.0.0 +--> + +* `buffer` {Buffer} + +Copies the passed `buffer` data onto a new `Buffer` instance. + +```js +const buf1 = Buffer.from('buffer'); +const buf2 = Buffer.from(buf1); + +buf1[0] = 0x61; +console.log(buf1.toString()); + // 'auffer' +console.log(buf2.toString()); + // 'buffer' (copy is not changed) +``` + +A `TypeError` will be thrown if `buffer` is not a `Buffer`. + +### Class Method: Buffer.from(str[, encoding]) +<!-- YAML +added: v5.10.0 +--> + +* `str` {String} String to encode. +* `encoding` {String} Encoding to use, Default: `'utf8'` + +Creates a new `Buffer` containing the given JavaScript string `str`. If +provided, the `encoding` parameter identifies the character encoding. +If not provided, `encoding` defaults to `'utf8'`. + +```js +const buf1 = Buffer.from('this is a tést'); +console.log(buf1.toString()); + // prints: this is a tést +console.log(buf1.toString('ascii')); + // prints: this is a tC)st + +const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex'); +console.log(buf2.toString()); + // prints: this is a tést +``` + +A `TypeError` will be thrown if `str` is not a string. + +### Class Method: Buffer.alloc(size[, fill[, encoding]]) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} +* `fill` {Value} Default: `undefined` +* `encoding` {String} Default: `utf8` + +Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the +`Buffer` will be *zero-filled*. + +```js +const buf = Buffer.alloc(5); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +The `size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +If `fill` is specified, the allocated `Buffer` will be initialized by calling +`buf.fill(fill)`. See [`buf.fill()`][] for more information. + +```js +const buf = Buffer.alloc(5, 'a'); +console.log(buf); + // <Buffer 61 61 61 61 61> +``` + +If both `fill` and `encoding` are specified, the allocated `Buffer` will be +initialized by calling `buf.fill(fill, encoding)`. For example: + +```js +const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64'); +console.log(buf); + // <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64> +``` + +Calling `Buffer.alloc(size)` can be significantly slower than the alternative +`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance +contents will *never contain sensitive data*. + +A `TypeError` will be thrown if `size` is not a number. + +### Class Method: Buffer.allocUnsafe(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* `Buffer` of `size` bytes. The `size` must +be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit +architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is +thrown. A zero-length Buffer will be created if a `size` less than or equal to +0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +```js +const buf = Buffer.allocUnsafe(5); +console.log(buf); + // <Buffer 78 e0 82 02 01> + // (octets will be different, every time) +buf.fill(0); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +A `TypeError` will be thrown if `size` is not a number. + +Note that the `Buffer` module pre-allocates an internal `Buffer` instance of +size `Buffer.poolSize` that is used as a pool for the fast allocation of new +`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated +`new Buffer(size)` constructor) only when `size` is less than or equal to +`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default +value of `Buffer.poolSize` is `8192` but can be modified. + +Use of this pre-allocated internal memory pool is a key difference between +calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`. +Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer +pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal +Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The +difference is subtle but can be important when an application requires the +additional performance that `Buffer.allocUnsafe(size)` provides. + +### Class Method: Buffer.allocUnsafeSlow(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes. The +`size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances, +allocations under 4KB are, by default, sliced from a single pre-allocated +`Buffer`. This allows applications to avoid the garbage collection overhead of +creating many individually allocated Buffers. This approach improves both +performance and memory usage by eliminating the need to track and cleanup as +many `Persistent` objects. + +However, in the case where a developer may need to retain a small chunk of +memory from a pool for an indeterminate amount of time, it may be appropriate +to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then +copy out the relevant bits. + +```js +// need to keep around a few small chunks of memory +const store = []; + +socket.on('readable', () => { + const data = socket.read(); + // allocate for retained data + const sb = Buffer.allocUnsafeSlow(10); + // copy the data into the new allocation + data.copy(sb, 0, 0, 10); + store.push(sb); +}); +``` + +Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after* +a developer has observed undue memory retention in their applications. + +A `TypeError` will be thrown if `size` is not a number. + +### All the Rest + +The rest of the `Buffer` API is exactly the same as in node.js. +[See the docs](https://nodejs.org/api/buffer.html). + + +## Related links + +- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660) +- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4) + +## Why is `Buffer` unsafe? + +Today, the node.js `Buffer` constructor is overloaded to handle many different argument +types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.), +`ArrayBuffer`, and also `Number`. + +The API is optimized for convenience: you can throw any type at it, and it will try to do +what you want. + +Because the Buffer constructor is so powerful, you often see code like this: + +```js +// Convert UTF-8 strings to hex +function toHex (str) { + return new Buffer(str).toString('hex') +} +``` + +***But what happens if `toHex` is called with a `Number` argument?*** + +### Remote Memory Disclosure + +If an attacker can make your program call the `Buffer` constructor with a `Number` +argument, then they can make it allocate uninitialized memory from the node.js process. +This could potentially disclose TLS private keys, user data, or database passwords. + +When the `Buffer` constructor is passed a `Number` argument, it returns an +**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like +this, you **MUST** overwrite the contents before returning it to the user. + +From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size): + +> `new Buffer(size)` +> +> - `size` Number +> +> The underlying memory for `Buffer` instances created in this way is not initialized. +> **The contents of a newly created `Buffer` are unknown and could contain sensitive +> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes. + +(Emphasis our own.) + +Whenever the programmer intended to create an uninitialized `Buffer` you often see code +like this: + +```js +var buf = new Buffer(16) + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### Would this ever be a problem in real code? + +Yes. It's surprisingly common to forget to check the type of your variables in a +dynamically-typed language like JavaScript. + +Usually the consequences of assuming the wrong type is that your program crashes with an +uncaught exception. But the failure mode for forgetting to check the type of arguments to +the `Buffer` constructor is more catastrophic. + +Here's an example of a vulnerable service that takes a JSON payload and converts it to +hex: + +```js +// Take a JSON payload {str: "some string"} and convert it to hex +var server = http.createServer(function (req, res) { + var data = '' + req.setEncoding('utf8') + req.on('data', function (chunk) { + data += chunk + }) + req.on('end', function () { + var body = JSON.parse(data) + res.end(new Buffer(body.str).toString('hex')) + }) +}) + +server.listen(8080) +``` + +In this example, an http client just has to send: + +```json +{ + "str": 1000 +} +``` + +and it will get back 1,000 bytes of uninitialized memory from the server. + +This is a very serious bug. It's similar in severity to the +[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process +memory by remote attackers. + + +### Which real-world packages were vulnerable? + +#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht) + +[Mathias Buus](https://github.com/mafintosh) and I +([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages, +[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow +anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get +them to reveal 20 bytes at a time of uninitialized memory from the node.js process. + +Here's +[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8) +that fixed it. We released a new fixed version, created a +[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all +vulnerable versions on npm so users will get a warning to upgrade to a newer version. + +#### [`ws`](https://www.npmjs.com/package/ws) + +That got us wondering if there were other vulnerable packages. Sure enough, within a short +period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the +most popular WebSocket implementation in node.js. + +If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as +expected, then uninitialized server memory would be disclosed to the remote peer. + +These were the vulnerable methods: + +```js +socket.send(number) +socket.ping(number) +socket.pong(number) +``` + +Here's a vulnerable socket server with some echo functionality: + +```js +server.on('connection', function (socket) { + socket.on('message', function (message) { + message = JSON.parse(message) + if (message.type === 'echo') { + socket.send(message.data) // send back the user's message + } + }) +}) +``` + +`socket.send(number)` called on the server, will disclose server memory. + +Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue +was fixed, with a more detailed explanation. Props to +[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the +[Node Security Project disclosure](https://nodesecurity.io/advisories/67). + + +### What's the solution? + +It's important that node.js offers a fast way to get memory otherwise performance-critical +applications would needlessly get a lot slower. + +But we need a better way to *signal our intent* as programmers. **When we want +uninitialized memory, we should request it explicitly.** + +Sensitive functionality should not be packed into a developer-friendly API that loosely +accepts many different types. This type of API encourages the lazy practice of passing +variables in without checking the type very carefully. + +#### A new API: `Buffer.allocUnsafe(number)` + +The functionality of creating buffers with uninitialized memory should be part of another +API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that +frequently gets user input of all sorts of different types passed into it. + +```js +var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory! + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### How do we fix node.js core? + +We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as +`semver-major`) which defends against one case: + +```js +var str = 16 +new Buffer(str, 'utf8') +``` + +In this situation, it's implied that the programmer intended the first argument to be a +string, since they passed an encoding as a second argument. Today, node.js will allocate +uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not +what the programmer intended. + +But this is only a partial solution, since if the programmer does `new Buffer(variable)` +(without an `encoding` parameter) there's no way to know what they intended. If `variable` +is sometimes a number, then uninitialized memory will sometimes be returned. + +### What's the real long-term fix? + +We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when +we need uninitialized memory. But that would break 1000s of packages. + +~~We believe the best solution is to:~~ + +~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~ + +~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~ + +#### Update + +We now support adding three new APIs: + +- `Buffer.from(value)` - convert from any type to a buffer +- `Buffer.alloc(size)` - create a zero-filled buffer +- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size + +This solves the core problem that affected `ws` and `bittorrent-dht` which is +`Buffer(variable)` getting tricked into taking a number argument. + +This way, existing code continues working and the impact on the npm ecosystem will be +minimal. Over time, npm maintainers can migrate performance-critical code to use +`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`. + + +### Conclusion + +We think there's a serious design issue with the `Buffer` API as it exists today. It +promotes insecure software by putting high-risk functionality into a convenient API +with friendly "developer ergonomics". + +This wasn't merely a theoretical exercise because we found the issue in some of the +most popular npm packages. + +Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of +`buffer`. + +```js +var Buffer = require('safe-buffer').Buffer +``` + +Eventually, we hope that node.js core can switch to this new, safer behavior. We believe +the impact on the ecosystem would be minimal since it's not a breaking change. +Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while +older, insecure packages would magically become safe from this attack vector. + + +## links + +- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514) +- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67) +- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68) + + +## credit + +The original issues in `bittorrent-dht` +([disclosure](https://nodesecurity.io/advisories/68)) and +`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by +[Mathias Buus](https://github.com/mafintosh) and +[Feross Aboukhadijeh](http://feross.org/). + +Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues +and for his work running the [Node Security Project](https://nodesecurity.io/). + +Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and +auditing the code. + + +## license + +MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org) diff --git a/node_modules/npm-profile/node_modules/safe-buffer/index.d.ts b/node_modules/npm-profile/node_modules/safe-buffer/index.d.ts new file mode 100644 index 000000000..e9fed809a --- /dev/null +++ b/node_modules/npm-profile/node_modules/safe-buffer/index.d.ts @@ -0,0 +1,187 @@ +declare module "safe-buffer" { + export class Buffer { + length: number + write(string: string, offset?: number, length?: number, encoding?: string): number; + toString(encoding?: string, start?: number, end?: number): string; + toJSON(): { type: 'Buffer', data: any[] }; + equals(otherBuffer: Buffer): boolean; + compare(otherBuffer: Buffer, targetStart?: number, targetEnd?: number, sourceStart?: number, sourceEnd?: number): number; + copy(targetBuffer: Buffer, targetStart?: number, sourceStart?: number, sourceEnd?: number): number; + slice(start?: number, end?: number): Buffer; + writeUIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeUIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + readUIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readUIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readUInt8(offset: number, noAssert?: boolean): number; + readUInt16LE(offset: number, noAssert?: boolean): number; + readUInt16BE(offset: number, noAssert?: boolean): number; + readUInt32LE(offset: number, noAssert?: boolean): number; + readUInt32BE(offset: number, noAssert?: boolean): number; + readInt8(offset: number, noAssert?: boolean): number; + readInt16LE(offset: number, noAssert?: boolean): number; + readInt16BE(offset: number, noAssert?: boolean): number; + readInt32LE(offset: number, noAssert?: boolean): number; + readInt32BE(offset: number, noAssert?: boolean): number; + readFloatLE(offset: number, noAssert?: boolean): number; + readFloatBE(offset: number, noAssert?: boolean): number; + readDoubleLE(offset: number, noAssert?: boolean): number; + readDoubleBE(offset: number, noAssert?: boolean): number; + swap16(): Buffer; + swap32(): Buffer; + swap64(): Buffer; + writeUInt8(value: number, offset: number, noAssert?: boolean): number; + writeUInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeInt8(value: number, offset: number, noAssert?: boolean): number; + writeInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeFloatLE(value: number, offset: number, noAssert?: boolean): number; + writeFloatBE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleLE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleBE(value: number, offset: number, noAssert?: boolean): number; + fill(value: any, offset?: number, end?: number): this; + indexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + lastIndexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + includes(value: string | number | Buffer, byteOffset?: number, encoding?: string): boolean; + + /** + * Allocates a new buffer containing the given {str}. + * + * @param str String to store in buffer. + * @param encoding encoding to use, optional. Default is 'utf8' + */ + constructor (str: string, encoding?: string); + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + */ + constructor (size: number); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: Uint8Array); + /** + * Produces a Buffer backed by the same allocated memory as + * the given {ArrayBuffer}. + * + * + * @param arrayBuffer The ArrayBuffer with which to share memory. + */ + constructor (arrayBuffer: ArrayBuffer); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: any[]); + /** + * Copies the passed {buffer} data onto a new {Buffer} instance. + * + * @param buffer The buffer to copy. + */ + constructor (buffer: Buffer); + prototype: Buffer; + /** + * Allocates a new Buffer using an {array} of octets. + * + * @param array + */ + static from(array: any[]): Buffer; + /** + * When passed a reference to the .buffer property of a TypedArray instance, + * the newly created Buffer will share the same allocated memory as the TypedArray. + * The optional {byteOffset} and {length} arguments specify a memory range + * within the {arrayBuffer} that will be shared by the Buffer. + * + * @param arrayBuffer The .buffer property of a TypedArray or a new ArrayBuffer() + * @param byteOffset + * @param length + */ + static from(arrayBuffer: ArrayBuffer, byteOffset?: number, length?: number): Buffer; + /** + * Copies the passed {buffer} data onto a new Buffer instance. + * + * @param buffer + */ + static from(buffer: Buffer): Buffer; + /** + * Creates a new Buffer containing the given JavaScript string {str}. + * If provided, the {encoding} parameter identifies the character encoding. + * If not provided, {encoding} defaults to 'utf8'. + * + * @param str + */ + static from(str: string, encoding?: string): Buffer; + /** + * Returns true if {obj} is a Buffer + * + * @param obj object to test. + */ + static isBuffer(obj: any): obj is Buffer; + /** + * Returns true if {encoding} is a valid encoding argument. + * Valid string encodings in Node 0.12: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'binary'(deprecated)|'hex' + * + * @param encoding string to test. + */ + static isEncoding(encoding: string): boolean; + /** + * Gives the actual byte length of a string. encoding defaults to 'utf8'. + * This is not the same as String.prototype.length since that returns the number of characters in a string. + * + * @param string string to test. + * @param encoding encoding used to evaluate (defaults to 'utf8') + */ + static byteLength(string: string, encoding?: string): number; + /** + * Returns a buffer which is the result of concatenating all the buffers in the list together. + * + * If the list has no items, or if the totalLength is 0, then it returns a zero-length buffer. + * If the list has exactly one item, then the first item of the list is returned. + * If the list has more than one item, then a new Buffer is created. + * + * @param list An array of Buffer objects to concatenate + * @param totalLength Total length of the buffers when concatenated. + * If totalLength is not provided, it is read from the buffers in the list. However, this adds an additional loop to the function, so it is faster to provide the length explicitly. + */ + static concat(list: Buffer[], totalLength?: number): Buffer; + /** + * The same as buf1.compare(buf2). + */ + static compare(buf1: Buffer, buf2: Buffer): number; + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + * @param fill if specified, buffer will be initialized by calling buf.fill(fill). + * If parameter is omitted, buffer will be filled with zeros. + * @param encoding encoding used for call to buf.fill while initalizing + */ + static alloc(size: number, fill?: string | Buffer | number, encoding?: string): Buffer; + /** + * Allocates a new buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafe(size: number): Buffer; + /** + * Allocates a new non-pooled buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafeSlow(size: number): Buffer; + } +}
\ No newline at end of file diff --git a/node_modules/npm-profile/node_modules/safe-buffer/index.js b/node_modules/npm-profile/node_modules/safe-buffer/index.js new file mode 100644 index 000000000..054c8d30d --- /dev/null +++ b/node_modules/npm-profile/node_modules/safe-buffer/index.js @@ -0,0 +1,64 @@ +/* eslint-disable node/no-deprecated-api */ +var buffer = require('buffer') +var Buffer = buffer.Buffer + +// alternative to using Object.keys for old browsers +function copyProps (src, dst) { + for (var key in src) { + dst[key] = src[key] + } +} +if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) { + module.exports = buffer +} else { + // Copy properties from require('buffer') + copyProps(buffer, exports) + exports.Buffer = SafeBuffer +} + +function SafeBuffer (arg, encodingOrOffset, length) { + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.prototype = Object.create(Buffer.prototype) + +// Copy static methods from Buffer +copyProps(Buffer, SafeBuffer) + +SafeBuffer.from = function (arg, encodingOrOffset, length) { + if (typeof arg === 'number') { + throw new TypeError('Argument must not be a number') + } + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.alloc = function (size, fill, encoding) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + var buf = Buffer(size) + if (fill !== undefined) { + if (typeof encoding === 'string') { + buf.fill(fill, encoding) + } else { + buf.fill(fill) + } + } else { + buf.fill(0) + } + return buf +} + +SafeBuffer.allocUnsafe = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return Buffer(size) +} + +SafeBuffer.allocUnsafeSlow = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return buffer.SlowBuffer(size) +} diff --git a/node_modules/npm-profile/node_modules/safe-buffer/package.json b/node_modules/npm-profile/node_modules/safe-buffer/package.json new file mode 100644 index 000000000..203338aa5 --- /dev/null +++ b/node_modules/npm-profile/node_modules/safe-buffer/package.json @@ -0,0 +1,62 @@ +{ + "_from": "safe-buffer@^5.2.0", + "_id": "safe-buffer@5.2.0", + "_inBundle": false, + "_integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==", + "_location": "/npm-profile/safe-buffer", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "safe-buffer@^5.2.0", + "name": "safe-buffer", + "escapedName": "safe-buffer", + "rawSpec": "^5.2.0", + "saveSpec": null, + "fetchSpec": "^5.2.0" + }, + "_requiredBy": [ + "/npm-profile/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "_shasum": "b74daec49b1148f88c64b68d49b1e815c1f2f519", + "_spec": "safe-buffer@^5.2.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-profile/node_modules/npm-registry-fetch", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/safe-buffer/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Safer Node.js Buffer API", + "devDependencies": { + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/safe-buffer", + "keywords": [ + "buffer", + "buffer allocate", + "node security", + "safe", + "safe-buffer", + "security", + "uninitialized" + ], + "license": "MIT", + "main": "index.js", + "name": "safe-buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/safe-buffer.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "types": "index.d.ts", + "version": "5.2.0" +} diff --git a/node_modules/npm-profile/package.json b/node_modules/npm-profile/package.json index e90e16ddf..2f252aac8 100644 --- a/node_modules/npm-profile/package.json +++ b/node_modules/npm-profile/package.json @@ -1,29 +1,28 @@ { - "_from": "npm-profile@4.0.4", - "_id": "npm-profile@4.0.4", + "_from": "npm-profile@4.0.2", + "_id": "npm-profile@4.0.2", "_inBundle": false, - "_integrity": "sha512-Ta8xq8TLMpqssF0H60BXS1A90iMoM6GeKwsmravJ6wYjWwSzcYBTdyWa3DZCYqPutacBMEm7cxiOkiIeCUAHDQ==", + "_integrity": "sha512-VRsC04pvRH+9cF+PoVh2nTmJjiG21yu59IHpsBpkxk+jaGAV8lxx96G4SDc0jOHAkfWLXbc6kIph3dGAuRnotQ==", "_location": "/npm-profile", "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "npm-profile@4.0.4", + "raw": "npm-profile@4.0.2", "name": "npm-profile", "escapedName": "npm-profile", - "rawSpec": "4.0.4", + "rawSpec": "4.0.2", "saveSpec": null, - "fetchSpec": "4.0.4" + "fetchSpec": "4.0.2" }, "_requiredBy": [ "#USER", - "/", - "/libnpm" + "/" ], - "_resolved": "https://registry.npmjs.org/npm-profile/-/npm-profile-4.0.4.tgz", - "_shasum": "28ee94390e936df6d084263ee2061336a6a1581b", - "_spec": "npm-profile@4.0.4", - "_where": "/Users/darcyclarke/Documents/Repos/npm/cli", + "_resolved": "https://registry.npmjs.org/npm-profile/-/npm-profile-4.0.2.tgz", + "_shasum": "8272a71c19634d0dce9c35a5daf8ee589cbb0f52", + "_spec": "npm-profile@4.0.2", + "_where": "/Users/isaacs/dev/npm/cli", "author": { "name": "Rebecca Turner", "email": "me@re-becca.org", @@ -49,12 +48,9 @@ "license": "ISC", "main": "index.js", "name": "npm-profile", - "publishConfig": { - "tag": "legacy-v4" - }, "repository": { "type": "git", "url": "git+https://github.com/npm/npm-profile.git" }, - "version": "4.0.4" + "version": "4.0.2" } diff --git a/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/npm-registry-fetch/CHANGELOG.md index 75b74eec6..daf8a9378 100644 --- a/node_modules/npm-registry-fetch/CHANGELOG.md +++ b/node_modules/npm-registry-fetch/CHANGELOG.md @@ -1,20 +1,52 @@ -# Change Log +# Changelog All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. -<a name="4.0.4"></a> -## [4.0.4](https://github.com/npm/registry-fetch/compare/v4.0.3...v4.0.4) (2020-04-28) +## [6.0.0](https://github.com/npm/registry-fetch/compare/v5.0.1...v6.0.0) (2019-12-17) +### ⚠ BREAKING CHANGES -<a name="4.0.3"></a> -## [4.0.3](https://github.com/npm/registry-fetch/compare/v4.0.2...v4.0.3) (2020-02-13) +* This drops support for node < 10. +There are some lint failures due to standard pushing for using WhatWG URL +objects instead of url.parse/url.resolve. However, the code in this lib +does some fancy things with the query/search portions of the parsed url +object, so it'll take a bit of care to make it work properly. ### Bug Fixes -* always bypass cache when ?write=true ([ba8b4fe](https://github.com/npm/registry-fetch/commit/ba8b4fe)) -* use 30s default for timeout as per README ([69c2977](https://github.com/npm/registry-fetch/commit/69c2977)), closes [#20](https://github.com/npm/registry-fetch/issues/20) +* detect CI so our tests don't fail in CI ([5813da6](https://github.com/npm/registry-fetch/commit/5813da634cef73b12e40373972d7937e6934fce0)) +* Use WhatWG URLs instead of url.parse ([8ccfa8a](https://github.com/npm/registry-fetch/commit/8ccfa8a72c38cfedb0f525b7f453644fd4444f99)) + + +* normalize settings, drop old nodes, update deps ([510b125](https://github.com/npm/registry-fetch/commit/510b1255cc7ed4bb397a34e0007757dae33e2275)) + +<a name="5.0.1"></a> +## [5.0.1](https://github.com/npm/registry-fetch/compare/v5.0.0...v5.0.1) (2019-11-11) + + + +<a name="5.0.0"></a> +# [5.0.0](https://github.com/npm/registry-fetch/compare/v4.0.2...v5.0.0) (2019-10-04) + + +### Bug Fixes + +* prefer const in getAuth function ([90ac7b1](https://github.com/npm/registry-fetch/commit/90ac7b1)) +* use minizlib instead of core zlib ([e64702e](https://github.com/npm/registry-fetch/commit/e64702e)) + + +### Features + +* refactor to use Minipass streams ([bb37f20](https://github.com/npm/registry-fetch/commit/bb37f20)) + + +### BREAKING CHANGES + +* this replaces all core streams (except for some +PassThrough streams in a few tests) with Minipass streams, and updates +all deps to the latest and greatest Minipass versions of things. diff --git a/node_modules/npm-registry-fetch/README.md b/node_modules/npm-registry-fetch/README.md index 9f9c6d0e8..5f601916d 100644 --- a/node_modules/npm-registry-fetch/README.md +++ b/node_modules/npm-registry-fetch/README.md @@ -1,4 +1,4 @@ -# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) +# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) [`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js library that implements a `fetch`-like API for accessing npm registry APIs @@ -50,25 +50,6 @@ Happy hacking! ### API -#### Caching and `write=true` query strings - -Before performing any PUT or DELETE operation, npm clients first make a -GET request to the registry resource being updated, which includes -the query string `?write=true`. - -The semantics of this are, effectively, "I intend to write to this thing, -and need to know the latest current value, so that my write can land -cleanly". - -The public npm registry handles these `?write=true` requests by ensuring -that the cache is re-validated before sending a response. In order to -maintain the same behavior on the client, and not get tripped up by an -overeager local cache when we intend to write data to the registry, any -request that comes through `npm-registry-fetch` that contains `write=true` -in the query string will forcibly set the `prefer-online` option to `true`, -and set both `prefer-offline` and `offline` to false, so that any local -cached value will be revalidated. - #### <a name="fetch"></a> `> fetch(url, [opts]) -> Promise<Response>` Performs a request to a given URL. @@ -410,9 +391,6 @@ Force offline mode: no network requests will be done during install. To allow This option is only really useful if you're also using [`opts.cache`](#opts-cache). -This option is set to `true` when the request includes `write=true` in the -query string. - ##### <a name="opts-otp"></a> `opts.otp` * Type: Number | String @@ -424,7 +402,7 @@ account. ##### <a name="opts-password"></a> `opts.password` -* Alias: `_password` +* Alias: _password * Type: String * Default: null @@ -454,9 +432,6 @@ will be requested from the server. To force full offline mode, use This option is generally only useful if you're also using [`opts.cache`](#opts-cache). -This option is set to `false` when the request includes `write=true` in the -query string. - ##### <a name="opts-prefer-online"></a> `opts.prefer-online` * Type: Boolean @@ -468,8 +443,6 @@ for updates immediately even for fresh package data. This option is generally only useful if you're also using [`opts.cache`](#opts-cache). -This option is set to `true` when the request includes `write=true` in the -query string. ##### <a name="opts-project-scope"></a> `opts.project-scope` @@ -581,7 +554,7 @@ See also [`opts.ca`](#opts-ca). ##### <a name="opts-timeout"></a> `opts.timeout` * Type: Milliseconds -* Default: 0 (no timeout) +* Default: 30000 (30 seconds) Time before a hanging request times out. @@ -633,4 +606,4 @@ See also [`opts.password`](#opts-password) * Default: null ** DEPRECATED ** This is a legacy authentication token supported only for -compatibility. Please use [`opts.token`](#opts-token) instead. +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/npm-registry-fetch/auth.js b/node_modules/npm-registry-fetch/auth.js index d583982d0..3198b9c40 100644 --- a/node_modules/npm-registry-fetch/auth.js +++ b/node_modules/npm-registry-fetch/auth.js @@ -7,7 +7,7 @@ module.exports = getAuth function getAuth (registry, opts) { if (!registry) { throw new Error('registry is required') } opts = config(opts) - let AUTH = {} + const AUTH = {} const regKey = registry && registryKey(registry) if (opts.forceAuth) { opts = opts.forceAuth @@ -47,11 +47,12 @@ function addKey (opts, obj, scope, key, objKey) { // Called a nerf dart in the main codebase. Used as a "safe" // key when fetching registry info from config. function registryKey (registry) { - const parsed = url.parse(registry) + const parsed = new url.URL(registry) const formatted = url.format({ + protocol: parsed.protocol, host: parsed.host, pathname: parsed.pathname, - slashes: parsed.slashes + slashes: true }) - return url.resolve(formatted, '.') + return url.format(new url.URL('.', formatted)).replace(/^[^:]+:/, '') } diff --git a/node_modules/npm-registry-fetch/check-response.js b/node_modules/npm-registry-fetch/check-response.js index 14058239b..3137ea712 100644 --- a/node_modules/npm-registry-fetch/check-response.js +++ b/node_modules/npm-registry-fetch/check-response.js @@ -3,7 +3,7 @@ const config = require('./config.js') const errors = require('./errors.js') const LRU = require('lru-cache') - +const { Response } = require('minipass-fetch') module.exports = checkResponse function checkResponse (method, res, registry, startTime, opts) { opts = config(opts) @@ -18,7 +18,7 @@ function checkResponse (method, res, registry, startTime, opts) { res.body.on('end', () => logRequest(method, res, startTime, opts)) if (opts.ignoreBody) { res.body.resume() - res.body = null + return new Response(null, res) } return res } @@ -41,17 +41,22 @@ const BAD_HOSTS = new LRU({ max: 50 }) function checkWarnings (res, registry, opts) { if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { const warnings = {} - res.headers.raw()['warning'].forEach(w => { - const match = w.match(WARNING_REGEXP) - if (match) { - warnings[match[1]] = { - code: match[1], - host: match[2], - message: match[3], - date: new Date(match[4]) + // note: headers.raw() will preserve case, so we might have a + // key on the object like 'WaRnInG' if that was used first + for (const [key, value] of Object.entries(res.headers.raw())) { + if (key.toLowerCase() !== 'warning') { continue } + value.forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } } - } - }) + }) + } BAD_HOSTS.set(registry, true) if (warnings['199']) { if (warnings['199'].message.match(/ENOTFOUND/)) { diff --git a/node_modules/npm-registry-fetch/config.js b/node_modules/npm-registry-fetch/config.js index c4e8b6874..d22ef4ca4 100644 --- a/node_modules/npm-registry-fetch/config.js +++ b/node_modules/npm-registry-fetch/config.js @@ -3,81 +3,73 @@ const pkg = require('./package.json') const figgyPudding = require('figgy-pudding') const silentLog = require('./silentlog.js') +const ciDetect = require('@npmcli/ci-detect') const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi module.exports = figgyPudding({ - 'agent': {}, - 'algorithms': {}, - 'body': {}, - 'ca': {}, - 'cache': {}, - 'cert': {}, + agent: {}, + algorithms: {}, + body: {}, + ca: {}, + cache: {}, + cert: {}, 'fetch-retries': {}, 'fetch-retry-factor': {}, 'fetch-retry-maxtimeout': {}, 'fetch-retry-mintimeout': {}, 'force-auth': {}, forceAuth: 'force-auth', - 'gzip': {}, - 'headers': {}, + gzip: {}, + headers: {}, 'https-proxy': {}, 'ignore-body': {}, ignoreBody: 'ignore-body', - 'integrity': {}, + integrity: {}, 'is-from-ci': 'isFromCI', - 'isFromCI': { + isFromCI: { default () { - return ( - process.env['CI'] === 'true' || - process.env['TDDIUM'] || - process.env['JENKINS_URL'] || - process.env['bamboo.buildKey'] || - process.env['GO_PIPELINE_NAME'] - ) + return ciDetect() } }, - 'key': {}, + key: {}, 'local-address': {}, - 'log': { + log: { default: silentLog }, 'map-json': 'mapJson', - 'mapJSON': 'mapJson', - 'mapJson': {}, + mapJSON: 'mapJson', + mapJson: {}, 'max-sockets': 'maxsockets', - 'maxsockets': { + maxsockets: { default: 12 }, - 'memoize': {}, - 'method': { + memoize: {}, + method: { default: 'GET' }, 'no-proxy': {}, - 'noproxy': {}, + noproxy: {}, 'npm-session': 'npmSession', - 'npmSession': {}, - 'offline': {}, - 'otp': {}, + npmSession: {}, + offline: {}, + otp: {}, 'prefer-offline': {}, 'prefer-online': {}, - 'projectScope': {}, + projectScope: {}, 'project-scope': 'projectScope', - 'Promise': {default: () => Promise}, - 'proxy': {}, - 'query': {}, - 'refer': {}, - 'referer': 'refer', - 'registry': { + proxy: {}, + query: {}, + refer: {}, + referer: 'refer', + registry: { default: 'https://registry.npmjs.org/' }, - 'retry': {}, - 'scope': {}, - 'spec': {}, + retry: {}, + scope: {}, + spec: {}, 'strict-ssl': {}, - 'timeout': { - default: 0 - }, + timeout: {}, 'user-agent': { default: `${ pkg.name diff --git a/node_modules/npm-registry-fetch/errors.js b/node_modules/npm-registry-fetch/errors.js index ba78735fc..c41947e29 100644 --- a/node_modules/npm-registry-fetch/errors.js +++ b/node_modules/npm-registry-fetch/errors.js @@ -4,7 +4,7 @@ const url = require('url') function packageName (href) { try { - let basePath = url.parse(href).pathname.substr(1) + let basePath = new url.URL(href).pathname.substr(1) if (!basePath.match(/^-/)) { basePath = basePath.split('/') var index = basePath.indexOf('_rewrite') diff --git a/node_modules/npm-registry-fetch/index.js b/node_modules/npm-registry-fetch/index.js index 9bd0ad32d..47d0ab60a 100644 --- a/node_modules/npm-registry-fetch/index.js +++ b/node_modules/npm-registry-fetch/index.js @@ -2,16 +2,26 @@ const Buffer = require('safe-buffer').Buffer +const ciDetect = require('@npmcli/ci-detect') const checkResponse = require('./check-response.js') const config = require('./config.js') const getAuth = require('./auth.js') const fetch = require('make-fetch-happen') -const JSONStream = require('JSONStream') +const JSONStream = require('minipass-json-stream') const npa = require('npm-package-arg') -const {PassThrough} = require('stream') const qs = require('querystring') const url = require('url') -const zlib = require('zlib') +const zlib = require('minizlib') +const Minipass = require('minipass') + +// WhatWG URL throws if it's not fully resolved +const urlIsValid = u => { + try { + return !!new url.URL(u) + } catch (_) { + return false + } +} module.exports = regFetch function regFetch (uri, opts) { @@ -19,73 +29,65 @@ function regFetch (uri, opts) { const registry = ( (opts.spec && pickRegistry(opts.spec, opts)) || opts.registry || + /* istanbul ignore next: default set in figgy pudding config */ 'https://registry.npmjs.org/' ) - uri = url.parse(uri).protocol - ? uri - : `${ + + if (!urlIsValid(uri)) { + uri = `${ registry.trim().replace(/\/?$/g, '') }/${ uri.trim().replace(/^\//, '') }` + } + + const method = opts.method || + /* istanbul ignore next: default set in figgy pudding config */ + 'GET' + // through that takes into account the scope, the prefix of `uri`, etc const startTime = Date.now() const headers = getHeaders(registry, uri, opts) let body = opts.body - const bodyIsStream = body && + const bodyIsStream = Minipass.isStream(body) + const bodyIsPromise = body && typeof body === 'object' && - typeof body.pipe === 'function' - if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + typeof body.then === 'function' + + if (body && !bodyIsStream && !bodyIsPromise && typeof body !== 'string' && !Buffer.isBuffer(body)) { headers['content-type'] = headers['content-type'] || 'application/json' body = JSON.stringify(body) } else if (body && !headers['content-type']) { headers['content-type'] = 'application/octet-stream' } + if (opts.gzip) { headers['content-encoding'] = 'gzip' if (bodyIsStream) { - const gz = zlib.createGzip() - body.on('error', err => gz.emit('error', err)) + const gz = new zlib.Gzip() + body.on('error', /* istanbul ignore next: unlikely and hard to test */ + err => gz.emit('error', err)) body = body.pipe(gz) - } else { - body = new opts.Promise((resolve, reject) => { - zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) - }) + } else if (!bodyIsPromise) { + body = new zlib.Gzip().end(body).concat() } } - let q = opts.query - if (q) { - if (typeof q === 'string') { - q = qs.parse(q) - } else if (typeof q !== 'object') { - throw new TypeError('invalid query option, must be string or object') - } + if (opts.query) { + const q = typeof opts.query === 'string' + ? qs.parse(opts.query) + : opts.query + + const parsed = new url.URL(uri) Object.keys(q).forEach(key => { - if (q[key] === undefined) { - delete q[key] + if (q[key] !== undefined) { + parsed.searchParams.set(key, q[key]) } }) - } - const parsed = url.parse(uri) - - const query = parsed.query ? Object.assign(qs.parse(parsed.query), q || {}) - : Object.keys(q || {}).length ? q - : null - - if (query) { - if (String(query.write) === 'true' && opts.method === 'GET') { - opts = opts.concat({ - offline: false, - 'prefer-offline': false, - 'prefer-online': true - }) - } - parsed.search = '?' + qs.stringify(query) uri = url.format(parsed) } - return opts.Promise.resolve(body).then(body => fetch(uri, { + const doFetch = (body) => fetch(uri, { agent: opts.agent, algorithms: opts.algorithms, body, @@ -99,9 +101,8 @@ function regFetch (uri, opts) { localAddress: opts['local-address'], maxSockets: opts.maxsockets, memoize: opts.memoize, - method: opts.method || 'GET', + method: method, noProxy: opts['no-proxy'] || opts.noproxy, - Promise: opts.Promise, proxy: opts['https-proxy'] || opts.proxy, referer: opts.refer, retry: opts.retry != null ? opts.retry : { @@ -113,8 +114,10 @@ function regFetch (uri, opts) { strictSSL: !!opts['strict-ssl'], timeout: opts.timeout }).then(res => checkResponse( - opts.method || 'GET', res, registry, startTime, opts - ))) + method, res, registry, startTime, opts + )) + + return Promise.resolve(body).then(doFetch) } module.exports.json = fetchJSON @@ -126,13 +129,12 @@ module.exports.json.stream = fetchJSONStream function fetchJSONStream (uri, jsonPath, opts) { opts = config(opts) const parser = JSONStream.parse(jsonPath, opts.mapJson) - const pt = parser.pipe(new PassThrough({objectMode: true})) - parser.on('error', err => pt.emit('error', err)) - regFetch(uri, opts).then(res => { - res.body.on('error', err => parser.emit('error', err)) - res.body.pipe(parser) - }, err => pt.emit('error', err)) - return pt + regFetch(uri, opts).then(res => + res.body.on('error', + /* istanbul ignore next: unlikely and difficult to test */ + er => parser.emit('error', er)).pipe(parser) + ).catch(er => parser.emit('error', er)) + return parser } module.exports.pickRegistry = pickRegistry @@ -147,7 +149,9 @@ function pickRegistry (spec, opts) { } if (!registry) { - registry = opts.registry || 'https://registry.npmjs.org/' + registry = opts.registry || + /* istanbul ignore next: default set by figgy pudding config */ + 'https://registry.npmjs.org/' } return registry @@ -166,17 +170,12 @@ function getCacheMode (opts) { function getHeaders (registry, uri, opts) { const headers = Object.assign({ 'npm-in-ci': !!( - opts['is-from-ci'] || - process.env['CI'] === 'true' || - process.env['TDDIUM'] || - process.env['JENKINS_URL'] || - process.env['bamboo.buildKey'] || - process.env['GO_PIPELINE_NAME'] + opts['is-from-ci'] || ciDetect() ), 'npm-scope': opts['project-scope'], 'npm-session': opts['npm-session'], 'user-agent': opts['user-agent'], - 'referer': opts.refer + referer: opts.refer }, opts.headers) const auth = getAuth(registry, opts) @@ -184,7 +183,7 @@ function getHeaders (registry, uri, opts) { // credentials on `alwaysAuth` const shouldAuth = ( auth.alwaysAuth || - url.parse(uri).host === url.parse(registry).host + new url.URL(uri).host === new url.URL(registry).host ) if (shouldAuth && auth.token) { headers.authorization = `Bearer ${auth.token}` diff --git a/node_modules/npm-registry-fetch/node_modules/.bin/mkdirp b/node_modules/npm-registry-fetch/node_modules/.bin/mkdirp new file mode 120000 index 000000000..017896ceb --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/.bin/mkdirp @@ -0,0 +1 @@ +../mkdirp/bin/cmd.js
\ No newline at end of file diff --git a/node_modules/npm-registry-fetch/node_modules/.bin/rimraf b/node_modules/npm-registry-fetch/node_modules/.bin/rimraf new file mode 120000 index 000000000..4cd49a49d --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/.bin/rimraf @@ -0,0 +1 @@ +../rimraf/bin.js
\ No newline at end of file diff --git a/node_modules/npm-registry-fetch/node_modules/.bin/semver b/node_modules/npm-registry-fetch/node_modules/.bin/semver new file mode 120000 index 000000000..5aaadf42c --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/.bin/semver @@ -0,0 +1 @@ +../semver/bin/semver.js
\ No newline at end of file diff --git a/node_modules/npm-registry-fetch/node_modules/agent-base/README.md b/node_modules/npm-registry-fetch/node_modules/agent-base/README.md new file mode 100644 index 000000000..d791f0005 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agent-base/README.md @@ -0,0 +1,145 @@ +agent-base +========== +### Turn a function into an [`http.Agent`][http.Agent] instance +[](https://github.com/TooTallNate/node-agent-base/actions?workflow=Node+CI) + +This module provides an `http.Agent` generator. That is, you pass it an async +callback function, and it returns a new `http.Agent` instance that will invoke the +given callback function when sending outbound HTTP requests. + +#### Some subclasses: + +Here's some more interesting uses of `agent-base`. +Send a pull request to list yours! + + * [`http-proxy-agent`][http-proxy-agent]: An HTTP(s) proxy `http.Agent` implementation for HTTP endpoints + * [`https-proxy-agent`][https-proxy-agent]: An HTTP(s) proxy `http.Agent` implementation for HTTPS endpoints + * [`pac-proxy-agent`][pac-proxy-agent]: A PAC file proxy `http.Agent` implementation for HTTP and HTTPS + * [`socks-proxy-agent`][socks-proxy-agent]: A SOCKS (v4a) proxy `http.Agent` implementation for HTTP and HTTPS + + +Installation +------------ + +Install with `npm`: + +``` bash +$ npm install agent-base +``` + + +Example +------- + +Here's a minimal example that creates a new `net.Socket` connection to the server +for every HTTP request (i.e. the equivalent of `agent: false` option): + +```js +var net = require('net'); +var tls = require('tls'); +var url = require('url'); +var http = require('http'); +var agent = require('agent-base'); + +var endpoint = 'http://nodejs.org/api/'; +var parsed = url.parse(endpoint); + +// This is the important part! +parsed.agent = agent(function (req, opts) { + var socket; + // `secureEndpoint` is true when using the https module + if (opts.secureEndpoint) { + socket = tls.connect(opts); + } else { + socket = net.connect(opts); + } + return socket; +}); + +// Everything else works just like normal... +http.get(parsed, function (res) { + console.log('"response" event!', res.headers); + res.pipe(process.stdout); +}); +``` + +Returning a Promise or using an `async` function is also supported: + +```js +agent(async function (req, opts) { + await sleep(1000); + // etc… +}); +``` + +Return another `http.Agent` instance to "pass through" the responsibility +for that HTTP request to that agent: + +```js +agent(function (req, opts) { + return opts.secureEndpoint ? https.globalAgent : http.globalAgent; +}); +``` + + +API +--- + +## Agent(Function callback[, Object options]) → [http.Agent][] + +Creates a base `http.Agent` that will execute the callback function `callback` +for every HTTP request that it is used as the `agent` for. The callback function +is responsible for creating a `stream.Duplex` instance of some kind that will be +used as the underlying socket in the HTTP request. + +The `options` object accepts the following properties: + + * `timeout` - Number - Timeout for the `callback()` function in milliseconds. Defaults to Infinity (optional). + +The callback function should have the following signature: + +### callback(http.ClientRequest req, Object options, Function cb) → undefined + +The ClientRequest `req` can be accessed to read request headers and +and the path, etc. The `options` object contains the options passed +to the `http.request()`/`https.request()` function call, and is formatted +to be directly passed to `net.connect()`/`tls.connect()`, or however +else you want a Socket to be created. Pass the created socket to +the callback function `cb` once created, and the HTTP request will +continue to proceed. + +If the `https` module is used to invoke the HTTP request, then the +`secureEndpoint` property on `options` _will be set to `true`_. + + +License +------- + +(The MIT License) + +Copyright (c) 2013 Nathan Rajlich <nathan@tootallnate.net> + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +'Software'), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +[http-proxy-agent]: https://github.com/TooTallNate/node-http-proxy-agent +[https-proxy-agent]: https://github.com/TooTallNate/node-https-proxy-agent +[pac-proxy-agent]: https://github.com/TooTallNate/node-pac-proxy-agent +[socks-proxy-agent]: https://github.com/TooTallNate/node-socks-proxy-agent +[http.Agent]: https://nodejs.org/api/http.html#http_class_http_agent diff --git a/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/index.d.ts b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/index.d.ts new file mode 100644 index 000000000..28fb567a9 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/index.d.ts @@ -0,0 +1,63 @@ +/// <reference types="node" /> +import net from 'net'; +import http from 'http'; +import { EventEmitter } from 'events'; +declare function createAgent(opts?: createAgent.AgentOptions): createAgent.Agent; +declare namespace createAgent { + var prototype: Agent; +} +declare function createAgent(callback: createAgent.AgentCallback, opts?: createAgent.AgentOptions): createAgent.Agent; +declare namespace createAgent { + var prototype: Agent; +} +declare namespace createAgent { + type ClientRequest = http.ClientRequest & { + _last?: boolean; + _hadError?: boolean; + method: string; + }; + type AgentCallbackReturn = net.Socket | createAgent.Agent | http.Agent; + type AgentCallbackCallback = (err: Error | null | undefined, socket: createAgent.AgentCallbackReturn) => void; + type AgentCallbackPromise = (req: createAgent.ClientRequest, opts: createAgent.RequestOptions) => createAgent.AgentCallbackReturn | Promise<createAgent.AgentCallbackReturn>; + type AgentCallback = typeof Agent.prototype.callback; + type AgentOptions = http.AgentOptions & {}; + type RequestOptions = http.RequestOptions & { + port: number; + secureEndpoint: boolean; + }; + /** + * Base `http.Agent` implementation. + * No pooling/keep-alive is implemented by default. + * + * @param {Function} callback + * @api public + */ + class Agent extends EventEmitter { + timeout: number | null; + options?: createAgent.AgentOptions; + maxFreeSockets: number; + maxSockets: number; + sockets: net.Socket[]; + requests: http.ClientRequest[]; + private promisifiedCallback?; + private explicitDefaultPort?; + private explicitProtocol?; + constructor(callback?: createAgent.AgentCallback | createAgent.AgentOptions, _opts?: createAgent.AgentOptions); + get defaultPort(): number; + set defaultPort(v: number); + get protocol(): string; + set protocol(v: string); + callback(req: createAgent.ClientRequest, opts: createAgent.RequestOptions, fn: createAgent.AgentCallbackCallback): void; + callback(req: createAgent.ClientRequest, opts: createAgent.RequestOptions): createAgent.AgentCallbackReturn | Promise<createAgent.AgentCallbackReturn>; + /** + * Called by node-core's "_http_client.js" module when creating + * a new HTTP request with this Agent instance. + * + * @api public + */ + addRequest(req: ClientRequest, _opts: RequestOptions): void; + freeSocket(socket: net.Socket, opts: AgentOptions): void; + destroy(): void; + } +} +export = createAgent; diff --git a/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/index.js b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/index.js new file mode 100644 index 000000000..788decacc --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/index.js @@ -0,0 +1,206 @@ +"use strict"; +var __importDefault = (this && this.__importDefault) || function (mod) { + return (mod && mod.__esModule) ? mod : { "default": mod }; +}; +const events_1 = require("events"); +const promisify_1 = __importDefault(require("./promisify")); +function isAgentBase(v) { + return Boolean(v) && typeof v.addRequest === 'function'; +} +function isHttpAgent(v) { + return Boolean(v) && typeof v.addRequest === 'function'; +} +function isSecureEndpoint() { + const { stack } = new Error(); + if (typeof stack !== 'string') + return false; + return stack.split('\n').some(l => l.indexOf('(https.js:') !== -1); +} +function createAgent(callback, opts) { + return new createAgent.Agent(callback, opts); +} +(function (createAgent) { + /** + * Base `http.Agent` implementation. + * No pooling/keep-alive is implemented by default. + * + * @param {Function} callback + * @api public + */ + class Agent extends events_1.EventEmitter { + constructor(callback, _opts) { + super(); + // The callback gets promisified lazily + this.promisifiedCallback = undefined; + let opts = _opts; + if (typeof callback === 'function') { + this.callback = callback; + } + else if (callback) { + opts = callback; + } + // timeout for the socket to be returned from the callback + this.timeout = null; + if (opts && typeof opts.timeout === 'number') { + this.timeout = opts.timeout; + } + this.options = opts || {}; + this.maxFreeSockets = 1; + this.maxSockets = 1; + this.sockets = []; + this.requests = []; + } + get defaultPort() { + if (typeof this.explicitDefaultPort === 'number') { + return this.explicitDefaultPort; + } + else { + return isSecureEndpoint() ? 443 : 80; + } + } + set defaultPort(v) { + this.explicitDefaultPort = v; + } + get protocol() { + if (typeof this.explicitProtocol === 'string') { + return this.explicitProtocol; + } + else { + return isSecureEndpoint() ? 'https:' : 'http:'; + } + } + set protocol(v) { + this.explicitProtocol = v; + } + callback(req, opts, fn) { + throw new Error('"agent-base" has no default implementation, you must subclass and override `callback()`'); + } + /** + * Called by node-core's "_http_client.js" module when creating + * a new HTTP request with this Agent instance. + * + * @api public + */ + addRequest(req, _opts) { + const ownOpts = Object.assign({}, _opts); + if (typeof ownOpts.secureEndpoint !== 'boolean') { + ownOpts.secureEndpoint = isSecureEndpoint(); + } + // Set default `host` for HTTP to localhost + if (ownOpts.host == null) { + ownOpts.host = 'localhost'; + } + // Set default `port` for HTTP if none was explicitly specified + if (ownOpts.port == null) { + ownOpts.port = ownOpts.secureEndpoint ? 443 : 80; + } + const opts = Object.assign(Object.assign({}, this.options), ownOpts); + if (opts.host && opts.path) { + // If both a `host` and `path` are specified then it's most likely the + // result of a `url.parse()` call... we need to remove the `path` portion so + // that `net.connect()` doesn't attempt to open that as a unix socket file. + delete opts.path; + } + delete opts.agent; + delete opts.hostname; + delete opts._defaultAgent; + delete opts.defaultPort; + delete opts.createConnection; + // Hint to use "Connection: close" + // XXX: non-documented `http` module API :( + req._last = true; + req.shouldKeepAlive = false; + // Create the `stream.Duplex` instance + let timedOut = false; + let timeout = null; + const timeoutMs = this.timeout; + const freeSocket = this.freeSocket; + function onerror(err) { + if (req._hadError) + return; + req.emit('error', err); + // For Safety. Some additional errors might fire later on + // and we need to make sure we don't double-fire the error event. + req._hadError = true; + } + function ontimeout() { + timeout = null; + timedOut = true; + const err = new Error(`A "socket" was not created for HTTP request before ${timeoutMs}ms`); + err.code = 'ETIMEOUT'; + onerror(err); + } + function callbackError(err) { + if (timedOut) + return; + if (timeout !== null) { + clearTimeout(timeout); + timeout = null; + } + onerror(err); + } + function onsocket(socket) { + let sock; + function onfree() { + freeSocket(sock, opts); + } + if (timedOut) + return; + if (timeout != null) { + clearTimeout(timeout); + timeout = null; + } + if (isAgentBase(socket) || isHttpAgent(socket)) { + // `socket` is actually an `http.Agent` instance, so + // relinquish responsibility for this `req` to the Agent + // from here on + socket.addRequest(req, opts); + return; + } + if (socket) { + sock = socket; + sock.on('free', onfree); + req.onSocket(sock); + return; + } + const err = new Error(`no Duplex stream was returned to agent-base for \`${req.method} ${req.path}\``); + onerror(err); + } + if (typeof this.callback !== 'function') { + onerror(new Error('`callback` is not defined')); + return; + } + if (!this.promisifiedCallback) { + if (this.callback.length >= 3) { + // Legacy callback function - convert to a Promise + this.promisifiedCallback = promisify_1.default(this.callback); + } + else { + this.promisifiedCallback = this.callback; + } + } + if (typeof timeoutMs === 'number' && timeoutMs > 0) { + timeout = setTimeout(ontimeout, timeoutMs); + } + if ('port' in opts && typeof opts.port !== 'number') { + opts.port = Number(opts.port); + } + try { + Promise.resolve(this.promisifiedCallback(req, opts)).then(onsocket, callbackError); + } + catch (err) { + Promise.reject(err).catch(callbackError); + } + } + freeSocket(socket, opts) { + // TODO reuse sockets + socket.destroy(); + } + destroy() { } + } + createAgent.Agent = Agent; +})(createAgent || (createAgent = {})); +// So that `instanceof` works correctly +createAgent.prototype = createAgent.Agent.prototype; +module.exports = createAgent; +//# sourceMappingURL=index.js.map
\ No newline at end of file diff --git a/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/index.js.map b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/index.js.map new file mode 100644 index 000000000..64065f66f --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;AAEA,mCAAsC;AACtC,4DAAoC;AAEpC,SAAS,WAAW,CAAC,CAAM;IAC1B,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,UAAU,KAAK,UAAU,CAAC;AACzD,CAAC;AAED,SAAS,WAAW,CAAC,CAAM;IAC1B,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,UAAU,KAAK,UAAU,CAAC;AACzD,CAAC;AAED,SAAS,gBAAgB;IACxB,MAAM,EAAE,KAAK,EAAE,GAAG,IAAI,KAAK,EAAE,CAAC;IAC9B,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,OAAO,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACpE,CAAC;AAOD,SAAS,WAAW,CACnB,QAA+D,EAC/D,IAA+B;IAE/B,OAAO,IAAI,WAAW,CAAC,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;AAC9C,CAAC;AAED,WAAU,WAAW;IAmCpB;;;;;;OAMG;IACH,MAAa,KAAM,SAAQ,qBAAY;QAWtC,YACC,QAA+D,EAC/D,KAAgC;YAEhC,KAAK,EAAE,CAAC;YAER,uCAAuC;YACvC,IAAI,CAAC,mBAAmB,GAAG,SAAS,CAAC;YAErC,IAAI,IAAI,GAAG,KAAK,CAAC;YACjB,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE;gBACnC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;aACzB;iBAAM,IAAI,QAAQ,EAAE;gBACpB,IAAI,GAAG,QAAQ,CAAC;aAChB;YAED,0DAA0D;YAC1D,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;YACpB,IAAI,IAAI,IAAI,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,EAAE;gBAC7C,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;aAC5B;YAED,IAAI,CAAC,OAAO,GAAG,IAAI,IAAI,EAAE,CAAC;YAE1B,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC;YACxB,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;YACpB,IAAI,CAAC,OAAO,GAAG,EAAE,CAAC;YAClB,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;QACpB,CAAC;QAED,IAAI,WAAW;YACd,IAAI,OAAO,IAAI,CAAC,mBAAmB,KAAK,QAAQ,EAAE;gBACjD,OAAO,IAAI,CAAC,mBAAmB,CAAC;aAChC;iBAAM;gBACN,OAAO,gBAAgB,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;aACrC;QACF,CAAC;QAED,IAAI,WAAW,CAAC,CAAS;YACxB,IAAI,CAAC,mBAAmB,GAAG,CAAC,CAAC;QAC9B,CAAC;QAED,IAAI,QAAQ;YACX,IAAI,OAAO,IAAI,CAAC,gBAAgB,KAAK,QAAQ,EAAE;gBAC9C,OAAO,IAAI,CAAC,gBAAgB,CAAC;aAC7B;iBAAM;gBACN,OAAO,gBAAgB,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC;aAC/C;QACF,CAAC;QAED,IAAI,QAAQ,CAAC,CAAS;YACrB,IAAI,CAAC,gBAAgB,GAAG,CAAC,CAAC;QAC3B,CAAC;QAaD,QAAQ,CACP,GAA8B,EAC9B,IAA8B,EAC9B,EAAsC;YAKtC,MAAM,IAAI,KAAK,CACd,yFAAyF,CACzF,CAAC;QACH,CAAC;QAED;;;;;WAKG;QACH,UAAU,CAAC,GAAkB,EAAE,KAAqB;YACnD,MAAM,OAAO,qBAAwB,KAAK,CAAE,CAAC;YAE7C,IAAI,OAAO,OAAO,CAAC,cAAc,KAAK,SAAS,EAAE;gBAChD,OAAO,CAAC,cAAc,GAAG,gBAAgB,EAAE,CAAC;aAC5C;YAED,2CAA2C;YAC3C,IAAI,OAAO,CAAC,IAAI,IAAI,IAAI,EAAE;gBACzB,OAAO,CAAC,IAAI,GAAG,WAAW,CAAC;aAC3B;YAED,+DAA+D;YAC/D,IAAI,OAAO,CAAC,IAAI,IAAI,IAAI,EAAE;gBACzB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;aACjD;YAED,MAAM,IAAI,mCAAQ,IAAI,CAAC,OAAO,GAAK,OAAO,CAAE,CAAC;YAE7C,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,EAAE;gBAC3B,sEAAsE;gBACtE,4EAA4E;gBAC5E,2EAA2E;gBAC3E,OAAO,IAAI,CAAC,IAAI,CAAC;aACjB;YAED,OAAO,IAAI,CAAC,KAAK,CAAC;YAClB,OAAO,IAAI,CAAC,QAAQ,CAAC;YACrB,OAAO,IAAI,CAAC,aAAa,CAAC;YAC1B,OAAO,IAAI,CAAC,WAAW,CAAC;YACxB,OAAO,IAAI,CAAC,gBAAgB,CAAC;YAE7B,kCAAkC;YAClC,2CAA2C;YAC3C,GAAG,CAAC,KAAK,GAAG,IAAI,CAAC;YACjB,GAAG,CAAC,eAAe,GAAG,KAAK,CAAC;YAE5B,sCAAsC;YACtC,IAAI,QAAQ,GAAG,KAAK,CAAC;YACrB,IAAI,OAAO,GAAyC,IAAI,CAAC;YACzD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC;YAC/B,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;YAEnC,SAAS,OAAO,CAAC,GAA0B;gBAC1C,IAAI,GAAG,CAAC,SAAS;oBAAE,OAAO;gBAC1B,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;gBACvB,yDAAyD;gBACzD,iEAAiE;gBACjE,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC;YACtB,CAAC;YAED,SAAS,SAAS;gBACjB,OAAO,GAAG,IAAI,CAAC;gBACf,QAAQ,GAAG,IAAI,CAAC;gBAChB,MAAM,GAAG,GAA0B,IAAI,KAAK,CAC3C,sDAAsD,SAAS,IAAI,CACnE,CAAC;gBACF,GAAG,CAAC,IAAI,GAAG,UAAU,CAAC;gBACtB,OAAO,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;YAED,SAAS,aAAa,CAAC,GAA0B;gBAChD,IAAI,QAAQ;oBAAE,OAAO;gBACrB,IAAI,OAAO,KAAK,IAAI,EAAE;oBACrB,YAAY,CAAC,OAAO,CAAC,CAAC;oBACtB,OAAO,GAAG,IAAI,CAAC;iBACf;gBACD,OAAO,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;YAED,SAAS,QAAQ,CAAC,MAA2B;gBAC5C,IAAI,IAAgB,CAAC;gBAErB,SAAS,MAAM;oBACd,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;gBACxB,CAAC;gBAED,IAAI,QAAQ;oBAAE,OAAO;gBACrB,IAAI,OAAO,IAAI,IAAI,EAAE;oBACpB,YAAY,CAAC,OAAO,CAAC,CAAC;oBACtB,OAAO,GAAG,IAAI,CAAC;iBACf;gBAED,IAAI,WAAW,CAAC,MAAM,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,EAAE;oBAC/C,oDAAoD;oBACpD,wDAAwD;oBACxD,eAAe;oBACd,MAA4B,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;oBACpD,OAAO;iBACP;gBAED,IAAI,MAAM,EAAE;oBACX,IAAI,GAAG,MAAM,CAAC;oBACd,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;oBACxB,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;oBACnB,OAAO;iBACP;gBAED,MAAM,GAAG,GAAG,IAAI,KAAK,CACpB,qDAAqD,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,IAAI,CAC/E,CAAC;gBACF,OAAO,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;YAED,IAAI,OAAO,IAAI,CAAC,QAAQ,KAAK,UAAU,EAAE;gBACxC,OAAO,CAAC,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC,CAAC;gBAChD,OAAO;aACP;YAED,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE;gBAC9B,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC,EAAE;oBAC9B,kDAAkD;oBAClD,IAAI,CAAC,mBAAmB,GAAG,mBAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;iBACpD;qBAAM;oBACN,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC,QAAQ,CAAC;iBACzC;aACD;YAED,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,SAAS,GAAG,CAAC,EAAE;gBACnD,OAAO,GAAG,UAAU,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;aAC3C;YAED,IAAI,MAAM,IAAI,IAAI,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE;gBACpD,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;aAC9B;YAED,IAAI;gBACH,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,CACxD,QAAQ,EACR,aAAa,CACb,CAAC;aACF;YAAC,OAAO,GAAG,EAAE;gBACb,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;aACzC;QACF,CAAC;QAED,UAAU,CAAC,MAAkB,EAAE,IAAkB;YAChD,qBAAqB;YACrB,MAAM,CAAC,OAAO,EAAE,CAAC;QAClB,CAAC;QAED,OAAO,KAAI,CAAC;KACZ;IA7OY,iBAAK,QA6OjB,CAAA;AACF,CAAC,EAxRS,WAAW,KAAX,WAAW,QAwRpB;AAED,uCAAuC;AACvC,WAAW,CAAC,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,SAAS,CAAC;AAEpD,iBAAS,WAAW,CAAC"}
\ No newline at end of file diff --git a/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/promisify.d.ts b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/promisify.d.ts new file mode 100644 index 000000000..02688696f --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/promisify.d.ts @@ -0,0 +1,4 @@ +import { ClientRequest, RequestOptions, AgentCallbackCallback, AgentCallbackPromise } from './index'; +declare type LegacyCallback = (req: ClientRequest, opts: RequestOptions, fn: AgentCallbackCallback) => void; +export default function promisify(fn: LegacyCallback): AgentCallbackPromise; +export {}; diff --git a/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/promisify.js b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/promisify.js new file mode 100644 index 000000000..b2f6132a7 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/promisify.js @@ -0,0 +1,18 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +function promisify(fn) { + return function (req, opts) { + return new Promise((resolve, reject) => { + fn.call(this, req, opts, (err, rtn) => { + if (err) { + reject(err); + } + else { + resolve(rtn); + } + }); + }); + }; +} +exports.default = promisify; +//# sourceMappingURL=promisify.js.map
\ No newline at end of file diff --git a/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/promisify.js.map b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/promisify.js.map new file mode 100644 index 000000000..cff52898a --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agent-base/dist/src/promisify.js.map @@ -0,0 +1 @@ +{"version":3,"file":"promisify.js","sourceRoot":"","sources":["../../src/promisify.ts"],"names":[],"mappings":";;AAeA,SAAwB,SAAS,CAAC,EAAkB;IACnD,OAAO,UAAsB,GAAkB,EAAE,IAAoB;QACpE,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACtC,EAAE,CAAC,IAAI,CACN,IAAI,EACJ,GAAG,EACH,IAAI,EACJ,CAAC,GAA6B,EAAE,GAAwB,EAAE,EAAE;gBAC3D,IAAI,GAAG,EAAE;oBACR,MAAM,CAAC,GAAG,CAAC,CAAC;iBACZ;qBAAM;oBACN,OAAO,CAAC,GAAG,CAAC,CAAC;iBACb;YACF,CAAC,CACD,CAAC;QACH,CAAC,CAAC,CAAC;IACJ,CAAC,CAAC;AACH,CAAC;AAjBD,4BAiBC"}
\ No newline at end of file diff --git a/node_modules/npm-registry-fetch/node_modules/agent-base/package.json b/node_modules/npm-registry-fetch/node_modules/agent-base/package.json new file mode 100644 index 000000000..bd5f8e4d5 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agent-base/package.json @@ -0,0 +1,88 @@ +{ + "_from": "agent-base@5", + "_id": "agent-base@5.1.1", + "_inBundle": false, + "_integrity": "sha512-TMeqbNl2fMW0nMjTEPOwe3J/PRFP4vqeoNuQMG0HlMrtm5QxKqdvAkZ1pRBQ/ulIyDD5Yq0nJ7YbdD8ey0TO3g==", + "_location": "/npm-registry-fetch/agent-base", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "agent-base@5", + "name": "agent-base", + "escapedName": "agent-base", + "rawSpec": "5", + "saveSpec": null, + "fetchSpec": "5" + }, + "_requiredBy": [ + "/npm-registry-fetch/http-proxy-agent", + "/npm-registry-fetch/https-proxy-agent" + ], + "_resolved": "https://registry.npmjs.org/agent-base/-/agent-base-5.1.1.tgz", + "_shasum": "e8fb3f242959db44d63be665db7a8e739537a32c", + "_spec": "agent-base@5", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/http-proxy-agent", + "author": { + "name": "Nathan Rajlich", + "email": "nathan@tootallnate.net", + "url": "http://n8.io/" + }, + "bugs": { + "url": "https://github.com/TooTallNate/node-agent-base/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Turn a function into an `http.Agent` instance", + "devDependencies": { + "@types/mocha": "^5.2.7", + "@types/node": "^10.5.3", + "@types/ws": "^6.0.3", + "@typescript-eslint/eslint-plugin": "1.6.0", + "@typescript-eslint/parser": "1.1.0", + "async-listen": "^1.2.0", + "cpy-cli": "^2.0.0", + "eslint": "5.16.0", + "eslint-config-airbnb": "17.1.0", + "eslint-config-prettier": "4.1.0", + "eslint-import-resolver-typescript": "1.1.1", + "eslint-plugin-import": "2.16.0", + "eslint-plugin-jsx-a11y": "6.2.1", + "eslint-plugin-react": "7.12.4", + "mocha": "^6.2.0", + "rimraf": "^3.0.0", + "typescript": "^3.5.3", + "ws": "^3.0.0" + }, + "engines": { + "node": ">= 6.0.0" + }, + "files": [ + "dist/src" + ], + "homepage": "https://github.com/TooTallNate/node-agent-base#readme", + "keywords": [ + "http", + "agent", + "base", + "barebones", + "https" + ], + "license": "MIT", + "main": "dist/src/index", + "name": "agent-base", + "repository": { + "type": "git", + "url": "git://github.com/TooTallNate/node-agent-base.git" + }, + "scripts": { + "build": "tsc", + "postbuild": "cpy --parents src test '!**/*.ts' dist", + "prebuild": "rimraf dist", + "prepublishOnly": "npm run build", + "test": "mocha --reporter spec dist/test/*.js", + "test-lint": "eslint src --ext .js,.ts" + }, + "typings": "dist/src/index", + "version": "5.1.1" +} diff --git a/node_modules/npm-registry-fetch/node_modules/agentkeepalive/History.md b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/History.md new file mode 100644 index 000000000..b6baee2d2 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/History.md @@ -0,0 +1,206 @@ + +4.1.0 / 2019-10-12 +================== + +**features** + * [[`fe33b80`](http://github.com/node-modules/agentkeepalive/commit/fe33b800acc09109388bfe65107550952b6fc7b0)] - feat: Add `reusedSocket` property on client request (#82) (Weijia Wang <<starkwang@126.com>>) + +**others** + * [[`77ba744`](http://github.com/node-modules/agentkeepalive/commit/77ba744667bb6b9e5986a53e5222f62094db12b9)] - docs: fix grammar in readme (#81) (Herrington Darkholme <<2883231+HerringtonDarkholme@users.noreply.github.com>>) + +4.0.2 / 2019-02-19 +================== + +**fixes** + * [[`56d4a9b`](http://github.com/node-modules/agentkeepalive/commit/56d4a9b2a4499ea28943ddb590358d7831a02cb1)] - fix: HttpAgent export = internal (#74) (Andrew Leedham <<AndrewLeedham@outlook.com>>) + +4.0.1 / 2019-02-19 +================== + +**fixes** + * [[`bad1ac0`](http://github.com/node-modules/agentkeepalive/commit/bad1ac0e710fbc486717e14e68c59266d35df6a8)] - fix: HttpsAgent Type Definition (#71) (#72) (Andrew Leedham <<AndrewLeedham@outlook.com>>) + * [[`f48a4a7`](http://github.com/node-modules/agentkeepalive/commit/f48a4a701ea6fbe43781c91e1c0aaad6e328ac7f)] - fix: export interface (#70) (Vinay <<vinaybedre@gmail.com>>) + +**others** + * [[`9124343`](http://github.com/node-modules/agentkeepalive/commit/91243437cfdd324cb97f39dee76746d5e5f4cd72)] - chore: add agent.options.keepAlive instead agent.keepAlive (fengmk2 <<fengmk2@gmail.com>>) + * [[`d177d40`](http://github.com/node-modules/agentkeepalive/commit/d177d40422fe7296990b4e270cf498e3f33c18fa)] - test: add request timeout bigger than agent timeout cases (fengmk2 <<fengmk2@gmail.com>>) + +4.0.0 / 2018-10-23 +================== + +**features** + * [[`5c9f3bb`](http://github.com/node-modules/agentkeepalive/commit/5c9f3bbd60555744edcf777105b148982a1a42b6)] - feat: impl the new Agent extend http.Agent (fengmk2 <<fengmk2@gmail.com>>) + +**others** + * [[`498c8f1`](http://github.com/node-modules/agentkeepalive/commit/498c8f13cf76600d3dd6e1c91cdf2d8292355dff)] - chore: move LICENSE from readme to file (fengmk2 <<fengmk2@gmail.com>>) + * [[`4f39894`](http://github.com/node-modules/agentkeepalive/commit/4f398942ba2f90cf4501239e56ac4e6344931a01)] - bugfix: support agent.options.timeout on https agent (fengmk2 <<fengmk2@gmail.com>>) + +3.5.2 / 2018-10-19 +================== + +**fixes** + * [[`5751fc1`](http://github.com/node-modules/agentkeepalive/commit/5751fc1180ed6544602c681ffbd08ca66a0cb12c)] - fix: sockLen being miscalculated when removing sockets (#60) (Ehden Sinai <<cixel@users.noreply.github.com>>) + +3.5.1 / 2018-07-31 +================== + +**fixes** + * [[`495f1ab`](http://github.com/node-modules/agentkeepalive/commit/495f1ab625d43945d72f68096b97db723d4f0657)] - fix: add the lost npm files (#66) (Henry Zhuang <<zhuanghengfei@gmail.com>>) + +3.5.0 / 2018-07-31 +================== + +**features** + * [[`16f5aea`](http://github.com/node-modules/agentkeepalive/commit/16f5aeadfda57f1c602652f1472a63cc83cd05bf)] - feat: add typing define. (#65) (Henry Zhuang <<zhuanghengfei@gmail.com>>) + +**others** + * [[`28fa062`](http://github.com/node-modules/agentkeepalive/commit/28fa06246fb5103f88ebeeb8563757a9078b8157)] - docs: add "per host" to description of maxFreeSockets (tony-gutierrez <<tony.gutierrez@bluefletch.com>>) + * [[`7df2577`](http://github.com/node-modules/agentkeepalive/commit/7df25774f00a1031ca4daad2878a17e0539072a2)] - test: run test on node 10 (#63) (fengmk2 <<fengmk2@gmail.com>>) + +3.4.1 / 2018-03-08 +================== + +**fixes** + * [[`4d3a3b1`](http://github.com/node-modules/agentkeepalive/commit/4d3a3b1f7b16595febbbd39eeed72b2663549014)] - fix: Handle ipv6 addresses in host-header correctly with TLS (#53) (Mattias Holmlund <<u376@m1.holmlund.se>>) + +**others** + * [[`55a7a5c`](http://github.com/node-modules/agentkeepalive/commit/55a7a5cd33e97f9a8370083dcb041c5552f10ac9)] - test: stop timer after test end (fengmk2 <<fengmk2@gmail.com>>) + +3.4.0 / 2018-02-27 +================== + +**features** + * [[`bc7cadb`](http://github.com/node-modules/agentkeepalive/commit/bc7cadb30ecd2071e2b341ac53ae1a2b8155c43d)] - feat: use socket custom freeSocketKeepAliveTimeout first (#59) (fengmk2 <<fengmk2@gmail.com>>) + +**others** + * [[`138eda8`](http://github.com/node-modules/agentkeepalive/commit/138eda81e10b632aaa87bea0cb66d8667124c4e8)] - doc: fix `keepAliveMsecs` params description (#55) (Hongcai Deng <<admin@dhchouse.com>>) + +3.3.0 / 2017-06-20 +================== + + * feat: add statusChanged getter (#51) + * chore: format License + +3.2.0 / 2017-06-10 +================== + + * feat: add expiring active sockets + * test: add node 8 (#49) + +3.1.0 / 2017-02-20 +================== + + * feat: timeout support humanize ms (#48) + +3.0.0 / 2016-12-20 +================== + + * fix: emit agent socket close event + * test: add remove excess calls to removeSocket + * test: use egg-ci + * test: refactor test with eslint rules + * feat: merge _http_agent.js from 7.2.1 + +2.2.0 / 2016-06-26 +================== + + * feat: Add browser shim (noop) for isomorphic use. (#39) + * chore: add security check badge + +2.1.1 / 2016-04-06 +================== + + * https: fix ssl socket leak when keepalive is used + * chore: remove circle ci image + +2.1.0 / 2016-04-02 +================== + + * fix: opened sockets number overflow maxSockets + +2.0.5 / 2016-03-16 +================== + + * fix: pick _evictSession to httpsAgent + +2.0.4 / 2016-03-13 +================== + + * test: add Circle ci + * test: add appveyor ci build + * refactor: make sure only one error listener + * chore: use codecov + * fix: handle idle socket error + * test: run on more node versions + +2.0.3 / 2015-08-03 +================== + + * fix: add default error handler to avoid Unhandled error event throw + +2.0.2 / 2015-04-25 +================== + + * fix: remove socket from freeSockets on 'timeout' (@pmalouin) + +2.0.1 / 2015-04-19 +================== + + * fix: add timeoutSocketCount to getCurrentStatus() + * feat(getCurrentStatus): add getCurrentStatus + +2.0.0 / 2015-04-01 +================== + + * fix: socket.destroyed always be undefined on 0.10.x + * Make it compatible with node v0.10.x (@lattmann) + +1.2.1 / 2015-03-23 +================== + + * patch from iojs: don't overwrite servername option + * patch commits from joyent/node + * add max sockets test case + * add nagle algorithm delayed link + +1.2.0 / 2014-09-02 +================== + + * allow set keepAliveTimeout = 0 + * support timeout on working socket. fixed #6 + +1.1.0 / 2014-08-28 +================== + + * add some socket counter for deep monitor + +1.0.0 / 2014-08-13 +================== + + * update _http_agent, only support 0.11+, only support node 0.11.0+ + +0.2.2 / 2013-11-19 +================== + + * support node 0.8 and node 0.10 + +0.2.1 / 2013-11-08 +================== + + * fix socket does not timeout bug, it will hang on life, must use 0.2.x on node 0.11 + +0.2.0 / 2013-11-06 +================== + + * use keepalive agent on node 0.11+ impl + +0.1.5 / 2013-06-24 +================== + + * support coveralls + * add node 0.10 test + * add 0.8.22 original https.js + * add original http.js module to diff + * update jscover + * mv pem to fixtures + * add https agent usage diff --git a/node_modules/npm-registry-fetch/node_modules/agentkeepalive/LICENSE b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/LICENSE new file mode 100644 index 000000000..941258ca7 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/LICENSE @@ -0,0 +1,23 @@ +The MIT License + +Copyright(c) node-modules and other contributors. +Copyright(c) 2012 - 2015 fengmk2 <fengmk2@gmail.com> + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +'Software'), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/agentkeepalive/README.md b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/README.md new file mode 100644 index 000000000..a8cb6aaa5 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/README.md @@ -0,0 +1,253 @@ +# agentkeepalive + +[![NPM version][npm-image]][npm-url] +[![build status][travis-image]][travis-url] +[![Appveyor status][appveyor-image]][appveyor-url] +[![Test coverage][codecov-image]][codecov-url] +[![David deps][david-image]][david-url] +[![Known Vulnerabilities][snyk-image]][snyk-url] +[![npm download][download-image]][download-url] + +[npm-image]: https://img.shields.io/npm/v/agentkeepalive.svg?style=flat +[npm-url]: https://npmjs.org/package/agentkeepalive +[travis-image]: https://img.shields.io/travis/node-modules/agentkeepalive.svg?style=flat +[travis-url]: https://travis-ci.org/node-modules/agentkeepalive +[appveyor-image]: https://ci.appveyor.com/api/projects/status/k7ct4s47di6m5uy2?svg=true +[appveyor-url]: https://ci.appveyor.com/project/fengmk2/agentkeepalive +[codecov-image]: https://codecov.io/gh/node-modules/agentkeepalive/branch/master/graph/badge.svg +[codecov-url]: https://codecov.io/gh/node-modules/agentkeepalive +[david-image]: https://img.shields.io/david/node-modules/agentkeepalive.svg?style=flat +[david-url]: https://david-dm.org/node-modules/agentkeepalive +[snyk-image]: https://snyk.io/test/npm/agentkeepalive/badge.svg?style=flat-square +[snyk-url]: https://snyk.io/test/npm/agentkeepalive +[download-image]: https://img.shields.io/npm/dm/agentkeepalive.svg?style=flat-square +[download-url]: https://npmjs.org/package/agentkeepalive + +The enhancement features `keep alive` `http.Agent`. Support `http` and `https`. + +## What's different from original `http.Agent`? + +- `keepAlive=true` by default +- Disable Nagle's algorithm: `socket.setNoDelay(true)` +- Add free socket timeout: avoid long time inactivity socket leak in the free-sockets queue. +- Add active socket timeout: avoid long time inactivity socket leak in the active-sockets queue. +- TTL for active socket. + +## Node.js version required + +Support Node.js >= `8.0.0` + +## Install + +```bash +$ npm install agentkeepalive --save +``` + +## new Agent([options]) + +* `options` {Object} Set of configurable options to set on the agent. + Can have the following fields: + * `keepAlive` {Boolean} Keep sockets around in a pool to be used by + other requests in the future. Default = `true`. + * `keepAliveMsecs` {Number} When using the keepAlive option, specifies the initial delay + for TCP Keep-Alive packets. Ignored when the keepAlive option is false or undefined. Defaults to 1000. + Default = `1000`. Only relevant if `keepAlive` is set to `true`. + * `freeSocketTimeout`: {Number} Sets the free socket to timeout + after `freeSocketTimeout` milliseconds of inactivity on the free socket. + Default is `15000`. + Only relevant if `keepAlive` is set to `true`. + * `timeout`: {Number} Sets the working socket to timeout + after `timeout` milliseconds of inactivity on the working socket. + Default is `freeSocketTimeout * 2`. + * `maxSockets` {Number} Maximum number of sockets to allow per + host. Default = `Infinity`. + * `maxFreeSockets` {Number} Maximum number of sockets (per host) to leave open + in a free state. Only relevant if `keepAlive` is set to `true`. + Default = `256`. + * `socketActiveTTL` {Number} Sets the socket active time to live, even if it's in use. + If not set, the behaviour keeps the same (the socket will be released only when free) + Default = `null`. + +## Usage + +```js +const http = require('http'); +const Agent = require('agentkeepalive'); + +const keepaliveAgent = new Agent({ + maxSockets: 100, + maxFreeSockets: 10, + timeout: 60000, // active socket keepalive for 60 seconds + freeSocketTimeout: 30000, // free socket keepalive for 30 seconds +}); + +const options = { + host: 'cnodejs.org', + port: 80, + path: '/', + method: 'GET', + agent: keepaliveAgent, +}; + +const req = http.request(options, res => { + console.log('STATUS: ' + res.statusCode); + console.log('HEADERS: ' + JSON.stringify(res.headers)); + res.setEncoding('utf8'); + res.on('data', function (chunk) { + console.log('BODY: ' + chunk); + }); +}); +req.on('error', e => { + console.log('problem with request: ' + e.message); +}); +req.end(); + +setTimeout(() => { + if (keepaliveAgent.statusChanged) { + console.log('[%s] agent status changed: %j', Date(), keepaliveAgent.getCurrentStatus()); + } +}, 2000); + +``` + +### `getter agent.statusChanged` + +counters have change or not after last checkpoint. + +### `agent.getCurrentStatus()` + +`agent.getCurrentStatus()` will return a object to show the status of this agent: + +```js +{ + createSocketCount: 10, + closeSocketCount: 5, + timeoutSocketCount: 0, + requestCount: 5, + freeSockets: { 'localhost:57479:': 3 }, + sockets: { 'localhost:57479:': 5 }, + requests: {} +} +``` + +### Support `https` + +```js +const https = require('https'); +const HttpsAgent = require('agentkeepalive').HttpsAgent; + +const keepaliveAgent = new HttpsAgent(); +// https://www.google.com/search?q=nodejs&sugexp=chrome,mod=12&sourceid=chrome&ie=UTF-8 +const options = { + host: 'www.google.com', + port: 443, + path: '/search?q=nodejs&sugexp=chrome,mod=12&sourceid=chrome&ie=UTF-8', + method: 'GET', + agent: keepaliveAgent, +}; + +const req = https.request(options, res => { + console.log('STATUS: ' + res.statusCode); + console.log('HEADERS: ' + JSON.stringify(res.headers)); + res.setEncoding('utf8'); + res.on('data', chunk => { + console.log('BODY: ' + chunk); + }); +}); + +req.on('error', e => { + console.log('problem with request: ' + e.message); +}); +req.end(); + +setTimeout(() => { + console.log('agent status: %j', keepaliveAgent.getCurrentStatus()); +}, 2000); +``` + +### Support `req.reusedSocket` + +This agent implements the `req.reusedSocket` to determine whether a request is send through a reused socket. + +When server closes connection at unfortunate time ([keep-alive race](https://code-examples.net/en/q/28a8069)), the http client will throw a `ECONNRESET` error. Under this circumstance, `req.reusedSocket` is useful when we want to retry the request automatically. + +```js +const http = require('http'); +const Agent = require('agentkeepalive'); +const agent = new Agent(); + +const req = http + .get('http://localhost:3000', { agent }, (res) => { + // ... + }) + .on('error', (err) => { + if (req.reusedSocket && err.code === 'ECONNRESET') { + // retry the request or anything else... + } + }) +``` + +This behavior is consistent with Node.js core. But through `agentkeepalive`, you can use this feature in older Node.js version. + +## [Benchmark](https://github.com/node-modules/agentkeepalive/tree/master/benchmark) + +run the benchmark: + +```bash +cd benchmark +sh start.sh +``` + +Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz + +node@v0.8.9 + +50 maxSockets, 60 concurrent, 1000 requests per concurrent, 5ms delay + +Keep alive agent (30 seconds): + +```js +Transactions: 60000 hits +Availability: 100.00 % +Elapsed time: 29.70 secs +Data transferred: 14.88 MB +Response time: 0.03 secs +Transaction rate: 2020.20 trans/sec +Throughput: 0.50 MB/sec +Concurrency: 59.84 +Successful transactions: 60000 +Failed transactions: 0 +Longest transaction: 0.15 +Shortest transaction: 0.01 +``` + +Normal agent: + +```js +Transactions: 60000 hits +Availability: 100.00 % +Elapsed time: 46.53 secs +Data transferred: 14.88 MB +Response time: 0.05 secs +Transaction rate: 1289.49 trans/sec +Throughput: 0.32 MB/sec +Concurrency: 59.81 +Successful transactions: 60000 +Failed transactions: 0 +Longest transaction: 0.45 +Shortest transaction: 0.00 +``` + +Socket created: + +```bash +[proxy.js:120000] keepalive, 50 created, 60000 requestFinished, 1200 req/socket, 0 requests, 0 sockets, 0 unusedSockets, 50 timeout +{" <10ms":662," <15ms":17825," <20ms":20552," <30ms":17646," <40ms":2315," <50ms":567," <100ms":377," <150ms":56," <200ms":0," >=200ms+":0} +---------------------------------------------------------------- +[proxy.js:120000] normal , 53866 created, 84260 requestFinished, 1.56 req/socket, 0 requests, 0 sockets +{" <10ms":75," <15ms":1112," <20ms":10947," <30ms":32130," <40ms":8228," <50ms":3002," <100ms":4274," <150ms":181," <200ms":18," >=200ms+":33} +``` + +## License + +[MIT](LICENSE) diff --git a/node_modules/npm-registry-fetch/node_modules/agentkeepalive/browser.js b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/browser.js new file mode 100644 index 000000000..29c9398aa --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/browser.js @@ -0,0 +1,5 @@ +module.exports = noop; +module.exports.HttpsAgent = noop; + +// Noop function for browser since native api's don't use agents. +function noop () {} diff --git a/node_modules/npm-registry-fetch/node_modules/agentkeepalive/index.d.ts b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/index.d.ts new file mode 100644 index 000000000..e93988951 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/index.d.ts @@ -0,0 +1,46 @@ +declare module "agentkeepalive" { + import * as http from 'http'; + import * as https from 'https'; + + export interface AgentStatus { + createSocketCount: number, + createSocketErrorCount: number, + closeSocketCount: number, + errorSocketCount: number, + timeoutSocketCount: number, + requestCount: number, + freeSockets: object, + sockets: object, + requests: object, + } + + export interface HttpOptions extends http.AgentOptions { + keepAlive?: boolean; + freeSocketTimeout?: number; + freeSocketKeepAliveTimeout?: number; + timeout?: number; + socketActiveTTL?: number; + } + + export interface HttpsOptions extends https.AgentOptions { + keepAlive?: boolean; + freeSocketTimeout?: number; + freeSocketKeepAliveTimeout?: number; + timeout?: number; + socketActiveTTL?: number; + } + + export default class HttpAgent extends http.Agent { + constructor(opts?: HttpOptions); + readonly statusChanged: boolean; + createSocket(req: http.IncomingMessage, options: http.RequestOptions, cb: Function): void; + getCurrentStatus(): AgentStatus; + } + + export class HttpsAgent extends https.Agent { + constructor(opts?: HttpsOptions); + readonly statusChanged: boolean; + createSocket(req: http.IncomingMessage, options: https.RequestOptions, cb: Function): void; + getCurrentStatus(): AgentStatus; + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/agentkeepalive/index.js b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/index.js new file mode 100644 index 000000000..6ca151346 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/index.js @@ -0,0 +1,5 @@ +'use strict'; + +module.exports = require('./lib/agent'); +module.exports.HttpsAgent = require('./lib/https_agent'); +module.exports.constants = require('./lib/constants'); diff --git a/node_modules/npm-registry-fetch/node_modules/agentkeepalive/lib/agent.js b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/lib/agent.js new file mode 100644 index 000000000..0a313cecf --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/lib/agent.js @@ -0,0 +1,358 @@ +'use strict'; + +const OriginalAgent = require('http').Agent; +const ms = require('humanize-ms'); +const debug = require('debug')('agentkeepalive'); +const deprecate = require('depd')('agentkeepalive'); +const { + INIT_SOCKET, + CURRENT_ID, + CREATE_ID, + SOCKET_CREATED_TIME, + SOCKET_NAME, + SOCKET_REQUEST_COUNT, + SOCKET_REQUEST_FINISHED_COUNT, +} = require('./constants'); + +// OriginalAgent come from +// - https://github.com/nodejs/node/blob/v8.12.0/lib/_http_agent.js +// - https://github.com/nodejs/node/blob/v10.12.0/lib/_http_agent.js + +class Agent extends OriginalAgent { + constructor(options) { + options = options || {}; + options.keepAlive = options.keepAlive !== false; + // default is keep-alive and 15s free socket timeout + if (options.freeSocketTimeout === undefined) { + options.freeSocketTimeout = 15000; + } + // Legacy API: keepAliveTimeout should be rename to `freeSocketTimeout` + if (options.keepAliveTimeout) { + deprecate('options.keepAliveTimeout is deprecated, please use options.freeSocketTimeout instead'); + options.freeSocketTimeout = options.keepAliveTimeout; + delete options.keepAliveTimeout; + } + // Legacy API: freeSocketKeepAliveTimeout should be rename to `freeSocketTimeout` + if (options.freeSocketKeepAliveTimeout) { + deprecate('options.freeSocketKeepAliveTimeout is deprecated, please use options.freeSocketTimeout instead'); + options.freeSocketTimeout = options.freeSocketKeepAliveTimeout; + delete options.freeSocketKeepAliveTimeout; + } + + // Sets the socket to timeout after timeout milliseconds of inactivity on the socket. + // By default is double free socket timeout. + if (options.timeout === undefined) { + // make sure socket default inactivity timeout >= 30s + options.timeout = Math.max(options.freeSocketTimeout * 2, 30000); + } + + // support humanize format + options.timeout = ms(options.timeout); + options.freeSocketTimeout = ms(options.freeSocketTimeout); + options.socketActiveTTL = options.socketActiveTTL ? ms(options.socketActiveTTL) : 0; + + super(options); + + this[CURRENT_ID] = 0; + + // create socket success counter + this.createSocketCount = 0; + this.createSocketCountLastCheck = 0; + + this.createSocketErrorCount = 0; + this.createSocketErrorCountLastCheck = 0; + + this.closeSocketCount = 0; + this.closeSocketCountLastCheck = 0; + + // socket error event count + this.errorSocketCount = 0; + this.errorSocketCountLastCheck = 0; + + // request finished counter + this.requestCount = 0; + this.requestCountLastCheck = 0; + + // including free socket timeout counter + this.timeoutSocketCount = 0; + this.timeoutSocketCountLastCheck = 0; + } + + get freeSocketKeepAliveTimeout() { + deprecate('agent.freeSocketKeepAliveTimeout is deprecated, please use agent.options.freeSocketTimeout instead'); + return this.options.freeSocketTimeout; + } + + get timeout() { + deprecate('agent.timeout is deprecated, please use agent.options.timeout instead'); + return this.options.timeout; + } + + get socketActiveTTL() { + deprecate('agent.socketActiveTTL is deprecated, please use agent.options.socketActiveTTL instead'); + return this.options.socketActiveTTL; + } + + keepSocketAlive(socket) { + const result = super.keepSocketAlive(socket); + // should not keepAlive, do nothing + if (!result) return result; + + let freeSocketTimeout = this.options.freeSocketTimeout; + const socketActiveTTL = this.options.socketActiveTTL; + if (socketActiveTTL) { + // check socketActiveTTL + const aliveTime = Date.now() - socket[SOCKET_CREATED_TIME]; + const diff = socketActiveTTL - aliveTime; + // destroy it + if (diff <= 0) { + debug('%s(requests: %s, finished: %s) free but need to destroy by TTL, alive %sms(max %sms)', + socket[SOCKET_NAME], socket[SOCKET_REQUEST_COUNT], socket[SOCKET_REQUEST_FINISHED_COUNT], + aliveTime, socketActiveTTL); + return false; + } + + if (freeSocketTimeout && diff < freeSocketTimeout) { + debug('%s(requests: %s, finished: %s) free and wait for %sms TTL timeout', + socket[SOCKET_NAME], socket[SOCKET_REQUEST_COUNT], socket[SOCKET_REQUEST_FINISHED_COUNT], + diff); + freeSocketTimeout = diff; + } + } + // set freeSocketTimeout + if (freeSocketTimeout) { + // set free keepalive timer + // try to use socket custom freeSocketTimeout first, support headers['keep-alive'] + // https://github.com/node-modules/urllib/blob/b76053020923f4d99a1c93cf2e16e0c5ba10bacf/lib/urllib.js#L498 + const customFreeSocketTimeout = socket.freeSocketTimeout || socket.freeSocketKeepAliveTimeout; + if (customFreeSocketTimeout && customFreeSocketTimeout < freeSocketTimeout) { + freeSocketTimeout = customFreeSocketTimeout; + } + // FIXME: need to make setRequestSocket as a method on Agent class + // then we can reset the agent.options.timeout when free socket is reused. + socket.setTimeout(freeSocketTimeout); + } + return true; + } + + // only call on addRequest + reuseSocket(...args) { + // reuseSocket(socket, req) + super.reuseSocket(...args); + const socket = args[0]; + const req = args[1]; + req.reusedSocket = true; + const agentTimeout = this.options.timeout; + if (getSocketTimeout(socket) !== agentTimeout) { + // reset timeout before use + socket.setTimeout(agentTimeout); + debug('%s reset timeout to %sms', socket[SOCKET_NAME], agentTimeout); + } + socket[SOCKET_REQUEST_COUNT]++; + debug('%s(requests: %s, finished: %s) reuse on addRequest, timeout %sms', + socket[SOCKET_NAME], socket[SOCKET_REQUEST_COUNT], socket[SOCKET_REQUEST_FINISHED_COUNT], + getSocketTimeout(socket)); + } + + [CREATE_ID]() { + const id = this[CURRENT_ID]++; + if (this[CURRENT_ID] === Number.MAX_SAFE_INTEGER) this[CURRENT_ID] = 0; + return id; + } + + [INIT_SOCKET](socket, options) { + // bugfix here. + // https on node 8, 10 won't set agent.options.timeout by default + // TODO: need to fix on node itself + if (options.timeout) { + const timeout = getSocketTimeout(socket); + if (!timeout) { + socket.setTimeout(options.timeout); + } + } + + if (this.options.keepAlive) { + // Disable Nagle's algorithm: http://blog.caustik.com/2012/04/08/scaling-node-js-to-100k-concurrent-connections/ + // https://fengmk2.com/benchmark/nagle-algorithm-delayed-ack-mock.html + socket.setNoDelay(true); + } + this.createSocketCount++; + if (this.options.socketActiveTTL) { + socket[SOCKET_CREATED_TIME] = Date.now(); + } + // don't show the hole '-----BEGIN CERTIFICATE----' key string + socket[SOCKET_NAME] = `sock[${this[CREATE_ID]()}#${options._agentKey}]`.split('-----BEGIN', 1)[0]; + socket[SOCKET_REQUEST_COUNT] = 1; + socket[SOCKET_REQUEST_FINISHED_COUNT] = 0; + installListeners(this, socket, options); + } + + createConnection(options, oncreate) { + let called = false; + const onNewCreate = (err, socket) => { + if (called) return; + called = true; + + if (err) { + this.createSocketErrorCount++; + return oncreate(err); + } + this[INIT_SOCKET](socket, options); + oncreate(err, socket); + }; + + const newSocket = super.createConnection(options, onNewCreate); + if (newSocket) onNewCreate(null, newSocket); + } + + get statusChanged() { + const changed = this.createSocketCount !== this.createSocketCountLastCheck || + this.createSocketErrorCount !== this.createSocketErrorCountLastCheck || + this.closeSocketCount !== this.closeSocketCountLastCheck || + this.errorSocketCount !== this.errorSocketCountLastCheck || + this.timeoutSocketCount !== this.timeoutSocketCountLastCheck || + this.requestCount !== this.requestCountLastCheck; + if (changed) { + this.createSocketCountLastCheck = this.createSocketCount; + this.createSocketErrorCountLastCheck = this.createSocketErrorCount; + this.closeSocketCountLastCheck = this.closeSocketCount; + this.errorSocketCountLastCheck = this.errorSocketCount; + this.timeoutSocketCountLastCheck = this.timeoutSocketCount; + this.requestCountLastCheck = this.requestCount; + } + return changed; + } + + getCurrentStatus() { + return { + createSocketCount: this.createSocketCount, + createSocketErrorCount: this.createSocketErrorCount, + closeSocketCount: this.closeSocketCount, + errorSocketCount: this.errorSocketCount, + timeoutSocketCount: this.timeoutSocketCount, + requestCount: this.requestCount, + freeSockets: inspect(this.freeSockets), + sockets: inspect(this.sockets), + requests: inspect(this.requests), + }; + } +} + +// node 8 don't has timeout attribute on socket +// https://github.com/nodejs/node/pull/21204/files#diff-e6ef024c3775d787c38487a6309e491dR408 +function getSocketTimeout(socket) { + return socket.timeout || socket._idleTimeout; +} + +function installListeners(agent, socket, options) { + debug('%s create, timeout %sms', socket[SOCKET_NAME], getSocketTimeout(socket)); + + // listener socket events: close, timeout, error, free + function onFree() { + // create and socket.emit('free') logic + // https://github.com/nodejs/node/blob/master/lib/_http_agent.js#L311 + // no req on the socket, it should be the new socket + if (!socket._httpMessage && socket[SOCKET_REQUEST_COUNT] === 1) return; + + socket[SOCKET_REQUEST_FINISHED_COUNT]++; + agent.requestCount++; + debug('%s(requests: %s, finished: %s) free', + socket[SOCKET_NAME], socket[SOCKET_REQUEST_COUNT], socket[SOCKET_REQUEST_FINISHED_COUNT]); + + // should reuse on pedding requests? + const name = agent.getName(options); + if (socket.writable && agent.requests[name] && agent.requests[name].length) { + // will be reuse on agent free listener + socket[SOCKET_REQUEST_COUNT]++; + debug('%s(requests: %s, finished: %s) will be reuse on agent free event', + socket[SOCKET_NAME], socket[SOCKET_REQUEST_COUNT], socket[SOCKET_REQUEST_FINISHED_COUNT]); + } + } + socket.on('free', onFree); + + function onClose(isError) { + debug('%s(requests: %s, finished: %s) close, isError: %s', + socket[SOCKET_NAME], socket[SOCKET_REQUEST_COUNT], socket[SOCKET_REQUEST_FINISHED_COUNT], isError); + agent.closeSocketCount++; + } + socket.on('close', onClose); + + // start socket timeout handler + function onTimeout() { + const listenerCount = socket.listeners('timeout').length; + debug('%s(requests: %s, finished: %s) timeout after %sms, listeners %s', + socket[SOCKET_NAME], socket[SOCKET_REQUEST_COUNT], socket[SOCKET_REQUEST_FINISHED_COUNT], + getSocketTimeout(socket), listenerCount); + agent.timeoutSocketCount++; + const name = agent.getName(options); + if (agent.freeSockets[name] && agent.freeSockets[name].indexOf(socket) !== -1) { + // free socket timeout, destroy quietly + socket.destroy(); + // Remove it from freeSockets list immediately to prevent new requests + // from being sent through this socket. + agent.removeSocket(socket, options); + debug('%s is free, destroy quietly', socket[SOCKET_NAME]); + } else { + // if there is no any request socket timeout handler, + // agent need to handle socket timeout itself. + // + // custom request socket timeout handle logic must follow these rules: + // 1. Destroy socket first + // 2. Must emit socket 'agentRemove' event tell agent remove socket + // from freeSockets list immediately. + // Otherise you may be get 'socket hang up' error when reuse + // free socket and timeout happen in the same time. + if (listenerCount === 1) { + const error = new Error('Socket timeout'); + error.code = 'ERR_SOCKET_TIMEOUT'; + error.timeout = getSocketTimeout(socket); + // must manually call socket.end() or socket.destroy() to end the connection. + // https://nodejs.org/dist/latest-v10.x/docs/api/net.html#net_socket_settimeout_timeout_callback + socket.destroy(error); + agent.removeSocket(socket, options); + debug('%s destroy with timeout error', socket[SOCKET_NAME]); + } + } + } + socket.on('timeout', onTimeout); + + function onError(err) { + const listenerCount = socket.listeners('error').length; + debug('%s(requests: %s, finished: %s) error: %s, listenerCount: %s', + socket[SOCKET_NAME], socket[SOCKET_REQUEST_COUNT], socket[SOCKET_REQUEST_FINISHED_COUNT], + err, listenerCount); + agent.errorSocketCount++; + if (listenerCount === 1) { + // if socket don't contain error event handler, don't catch it, emit it again + debug('%s emit uncaught error event', socket[SOCKET_NAME]); + socket.removeListener('error', onError); + socket.emit('error', err); + } + } + socket.on('error', onError); + + function onRemove() { + debug('%s(requests: %s, finished: %s) agentRemove', + socket[SOCKET_NAME], + socket[SOCKET_REQUEST_COUNT], socket[SOCKET_REQUEST_FINISHED_COUNT]); + // We need this function for cases like HTTP 'upgrade' + // (defined by WebSockets) where we need to remove a socket from the + // pool because it'll be locked up indefinitely + socket.removeListener('close', onClose); + socket.removeListener('error', onError); + socket.removeListener('free', onFree); + socket.removeListener('timeout', onTimeout); + socket.removeListener('agentRemove', onRemove); + } + socket.on('agentRemove', onRemove); +} + +module.exports = Agent; + +function inspect(obj) { + const res = {}; + for (const key in obj) { + res[key] = obj[key].length; + } + return res; +} diff --git a/node_modules/npm-registry-fetch/node_modules/agentkeepalive/lib/constants.js b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/lib/constants.js new file mode 100644 index 000000000..ca7ab97ea --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/lib/constants.js @@ -0,0 +1,14 @@ +'use strict'; + +module.exports = { + // agent + CURRENT_ID: Symbol('agentkeepalive#currentId'), + CREATE_ID: Symbol('agentkeepalive#createId'), + INIT_SOCKET: Symbol('agentkeepalive#initSocket'), + CREATE_HTTPS_CONNECTION: Symbol('agentkeepalive#createHttpsConnection'), + // socket + SOCKET_CREATED_TIME: Symbol('agentkeepalive#socketCreatedTime'), + SOCKET_NAME: Symbol('agentkeepalive#socketName'), + SOCKET_REQUEST_COUNT: Symbol('agentkeepalive#socketRequestCount'), + SOCKET_REQUEST_FINISHED_COUNT: Symbol('agentkeepalive#socketRequestFinishedCount'), +}; diff --git a/node_modules/npm-registry-fetch/node_modules/agentkeepalive/lib/https_agent.js b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/lib/https_agent.js new file mode 100644 index 000000000..73f529d65 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/lib/https_agent.js @@ -0,0 +1,51 @@ +'use strict'; + +const OriginalHttpsAgent = require('https').Agent; +const HttpAgent = require('./agent'); +const { + INIT_SOCKET, + CREATE_HTTPS_CONNECTION, +} = require('./constants'); + +class HttpsAgent extends HttpAgent { + constructor(options) { + super(options); + + this.defaultPort = 443; + this.protocol = 'https:'; + this.maxCachedSessions = this.options.maxCachedSessions; + /* istanbul ignore next */ + if (this.maxCachedSessions === undefined) { + this.maxCachedSessions = 100; + } + + this._sessionCache = { + map: {}, + list: [], + }; + } + + createConnection(options) { + const socket = this[CREATE_HTTPS_CONNECTION](options); + this[INIT_SOCKET](socket, options); + return socket; + } +} + +// https://github.com/nodejs/node/blob/master/lib/https.js#L89 +HttpsAgent.prototype[CREATE_HTTPS_CONNECTION] = OriginalHttpsAgent.prototype.createConnection; + +[ + 'getName', + '_getSession', + '_cacheSession', + // https://github.com/nodejs/node/pull/4982 + '_evictSession', +].forEach(function(method) { + /* istanbul ignore next */ + if (typeof OriginalHttpsAgent.prototype[method] === 'function') { + HttpsAgent.prototype[method] = OriginalHttpsAgent.prototype[method]; + } +}); + +module.exports = HttpsAgent; diff --git a/node_modules/npm-registry-fetch/node_modules/agentkeepalive/package.json b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/package.json new file mode 100644 index 000000000..bd06c7a99 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/agentkeepalive/package.json @@ -0,0 +1,89 @@ +{ + "_from": "agentkeepalive@^4.1.0", + "_id": "agentkeepalive@4.1.0", + "_inBundle": false, + "_integrity": "sha512-CW/n1wxF8RpEuuiq6Vbn9S8m0VSYDMnZESqaJ6F2cWN9fY8rei2qaxweIaRgq+ek8TqfoFIsUjaGNKGGEHElSg==", + "_location": "/npm-registry-fetch/agentkeepalive", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "agentkeepalive@^4.1.0", + "name": "agentkeepalive", + "escapedName": "agentkeepalive", + "rawSpec": "^4.1.0", + "saveSpec": null, + "fetchSpec": "^4.1.0" + }, + "_requiredBy": [ + "/npm-registry-fetch/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/agentkeepalive/-/agentkeepalive-4.1.0.tgz", + "_shasum": "a48e040ed16745dd29ce923675f60c9c90f39ee0", + "_spec": "agentkeepalive@^4.1.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/make-fetch-happen", + "author": { + "name": "fengmk2", + "email": "fengmk2@gmail.com", + "url": "https://fengmk2.com" + }, + "browser": "browser.js", + "bugs": { + "url": "https://github.com/node-modules/agentkeepalive/issues" + }, + "bundleDependencies": false, + "ci": { + "version": "8, 10" + }, + "dependencies": { + "debug": "^4.1.0", + "depd": "^1.1.2", + "humanize-ms": "^1.2.1" + }, + "deprecated": false, + "description": "Missing keepalive http.Agent", + "devDependencies": { + "autod": "^3.0.1", + "egg-bin": "^4.9.0", + "egg-ci": "^1.10.0", + "eslint": "^5.7.0", + "eslint-config-egg": "^7.1.0", + "mm": "^2.4.1", + "pedding": "^1.1.0" + }, + "engines": { + "node": ">= 8.0.0" + }, + "files": [ + "index.js", + "index.d.ts", + "browser.js", + "lib" + ], + "homepage": "https://github.com/node-modules/agentkeepalive#readme", + "keywords": [ + "http", + "https", + "agent", + "keepalive", + "agentkeepalive", + "HttpAgent", + "HttpsAgent" + ], + "license": "MIT", + "main": "index.js", + "name": "agentkeepalive", + "repository": { + "type": "git", + "url": "git://github.com/node-modules/agentkeepalive.git" + }, + "scripts": { + "autod": "autod", + "ci": "npm run lint && npm run cov", + "cov": "egg-bin cov", + "lint": "eslint lib test index.js", + "test": "npm run lint && egg-bin test", + "test-local": "egg-bin test" + }, + "version": "4.1.0" +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/CHANGELOG.md b/node_modules/npm-registry-fetch/node_modules/cacache/CHANGELOG.md new file mode 100644 index 000000000..6f70b4e7f --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/CHANGELOG.md @@ -0,0 +1,756 @@ +# Changelog + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +## [14.0.0](https://github.com/npm/cacache/compare/v13.0.1...v14.0.0) (2020-01-28) + + +### ⚠ BREAKING CHANGES + +* **deps:** bumps engines to >= 10 + +* **deps:** tar v6 and mkdirp v1 ([5a66e7a](https://github.com/npm/cacache/commit/5a66e7a)) + +### [13.0.1](https://github.com/npm/cacache/compare/v13.0.0...v13.0.1) (2019-09-30) + + +### Bug Fixes + +* **fix-owner:** chownr.sync quits on non-root uid ([08801be](https://github.com/npm/cacache/commit/08801be)) + +## [13.0.0](https://github.com/npm/cacache/compare/v12.0.3...v13.0.0) (2019-09-25) + + +### ⚠ BREAKING CHANGES + +* This subtly changes the streaming interface of +everything in cacache that streams, which is, well, everything in +cacache. Most users will probably not notice, but any code that +depended on stream behavior always being deferred until next tick will +need to adjust. + +The mississippi methods 'to', 'from', 'through', and so on, have been +replaced with their Minipass counterparts, and streaming interaction +with the file system is done via fs-minipass. + +The following modules are of interest here: + +- [minipass](http://npm.im/minipass) The core stream library. + +- [fs-minipass](http://npm.im/fs-minipass) Note that the 'WriteStream' + class from fs-minipass is _not_ a Minipass stream, but rather a plain + old EventEmitter that duck types as a Writable. + +- [minipass-collect](http://npm.im/minipass-collect) Gather up all the + data from a stream. Cacache only uses Collect.PassThrough, which is a + basic Minipass passthrough stream which emits a 'collect' event with + the completed data just before the 'end' event. + +- [minipass-pipeline](http://npm.im/minipass-pipeline) Connect one or + more streams into a pipe chain. Errors anywhere in the pipeline are + proxied down the chain and then up to the Pipeline object itself. + Writes go into the head, reads go to the tail. Used in place of + pump() and pumpify(). + +- [minipass-flush](http://npm.im/minipass-flush) A Minipass passthrough + stream that defers its 'end' event until after a flush() method has + completed (either calling the supplied callback, or returning a + promise.) Use in place of flush-write-stream (aka mississippi.to). + +Streams from through2, concat-stream, and the behavior provided by +end-of-stream are all implemented in Minipass itself. + +Features of interest to cacache, which make Minipass a particularly good +fit: + +- All of the 'endish' events are normalized, so we can just listen on + 'end' and know that finish, prefinish, and close will be handled as + well. +- Minipass doesn't waste time [containing + zalgo](https://blog.izs.me/2013/08/designing-apis-for-asynchrony). +- Minipass has built-in support for promises that indicate the end or + error: stream.promise(), stream.collect(), and stream.concat(). +- With reliable and consistent timing guarantees, much less + error-checking logic is required. We can be more confident that an + error is being thrown or emitted in the correct place, rather than in + a callback which is deferred, resulting in a hung promise or + uncaughtException. + +The biggest downside of Minipass is that it lacks some of the internal +characteristics of node-core streams, which many community modules use +to identify streams. They have no _writableState or _readableState +objects, or _read or _write methods. As a result, the is-stream module +(at least, at the time of this commit) doesn't recognize Minipass +streams as readable or writable streams. + +All in all, the changes required of downstream users should be minimal, +but are unlikely to be zero. Hence the semver major change. + +### Features + +* replace all streams with Minipass streams ([f4c0962](https://github.com/npm/cacache/commit/f4c0962)) +* **deps:** Add minipass and minipass-pipeline ([a6545a9](https://github.com/npm/cacache/commit/a6545a9)) +* **promise:** converted .resolve to native promise, converted .map and .reduce to native ([220c56d](https://github.com/npm/cacache/commit/220c56d)) +* **promise:** individually promisifing functions as needed ([74b939e](https://github.com/npm/cacache/commit/74b939e)) +* **promise:** moved .reject from bluebird to native promise ([1d56da1](https://github.com/npm/cacache/commit/1d56da1)) +* **promise:** removed .fromNode, removed .join ([9c457a0](https://github.com/npm/cacache/commit/9c457a0)) +* **promise:** removed .map, replaced with p-map. removed .try ([cc3ee05](https://github.com/npm/cacache/commit/cc3ee05)) +* **promise:** removed .tap ([0260f12](https://github.com/npm/cacache/commit/0260f12)) +* **promise:** removed .using/.disposer ([5d832f3](https://github.com/npm/cacache/commit/5d832f3)) +* **promise:** removed bluebird ([c21298c](https://github.com/npm/cacache/commit/c21298c)) +* **promise:** removed bluebird specific .catch calls ([28aeeac](https://github.com/npm/cacache/commit/28aeeac)) +* **promise:** replaced .reduce and .mapSeries ([478f5cb](https://github.com/npm/cacache/commit/478f5cb)) + +### [12.0.3](https://github.com/npm/cacache/compare/v12.0.2...v12.0.3) (2019-08-19) + + +### Bug Fixes + +* do not chown if not running as root ([2d80af9](https://github.com/npm/cacache/commit/2d80af9)) + + + +### [12.0.2](https://github.com/npm/cacache/compare/v12.0.1...v12.0.2) (2019-07-19) + + + +### [12.0.1](https://github.com/npm/cacache/compare/v12.0.0...v12.0.1) (2019-07-19) + +* **deps** Abstracted out `lib/util/infer-owner.js` to + [@npmcli/infer-owner](https://www.npmjs.com/package/@npmcli/infer-owner) + so that it could be more easily used in other parts of the npm CLI. + + +## [12.0.0](https://github.com/npm/cacache/compare/v11.3.3...v12.0.0) (2019-07-15) + + +### Features + +* infer uid/gid instead of accepting as options ([ac84d14](https://github.com/npm/cacache/commit/ac84d14)) +* **i18n:** add another error message ([676cb32](https://github.com/npm/cacache/commit/676cb32)) + + +### BREAKING CHANGES + +* the uid gid options are no longer respected or +necessary. As of this change, cacache will always match the cache +contents to the ownership of the cache directory (or its parent +directory), regardless of what the caller passes in. + +Reasoning: + +The number one reason to use a uid or gid option was to keep root-owned +files from causing problems in the cache. In npm's case, this meant +that CLI's ./lib/command.js had to work out the appropriate uid and gid, +then pass it to the libnpmcommand module, which had to in turn pass the +uid and gid to npm-registry-fetch, which then passed it to +make-fetch-happen, which passed it to cacache. (For package fetching, +pacote would be in that mix as well.) + +Added to that, `cacache.rm()` will actually _write_ a file into the +cache index, but has no way to accept an option so that its call to +entry-index.js will write the index with the appropriate uid/gid. +Little ownership bugs were all over the place, and tricky to trace +through. (Why should make-fetch-happen even care about accepting or +passing uids and gids? It's an http library.) + +This change allows us to keep the cache from having mixed ownership in +any situation. + +Of course, this _does_ mean that if you have a root-owned but +user-writable folder (for example, `/tmp`), then the cache will try to +chown everything to root. + +The solution is for the user to create a folder, make it user-owned, and +use that, rather than relying on cacache to create the root cache folder. + +If we decide to restore the uid/gid opts, and use ownership inference +only when uid/gid are unset, then take care to also make rm take an +option object, and pass it through to entry-index.js. + + + +### [11.3.3](https://github.com/npm/cacache/compare/v11.3.2...v11.3.3) (2019-06-17) + + +### Bug Fixes + +* **audit:** npm audit fix ([200a6d5](https://github.com/npm/cacache/commit/200a6d5)) +* **config:** Add ssri config 'error' option ([#146](https://github.com/npm/cacache/issues/146)) ([47de8f5](https://github.com/npm/cacache/commit/47de8f5)) +* **deps:** npm audit fix ([481a7dc](https://github.com/npm/cacache/commit/481a7dc)) +* **standard:** standard --fix ([7799149](https://github.com/npm/cacache/commit/7799149)) +* **write:** avoid another cb never called situation ([5156561](https://github.com/npm/cacache/commit/5156561)) + + + +<a name="11.3.2"></a> +## [11.3.2](https://github.com/npm/cacache/compare/v11.3.1...v11.3.2) (2018-12-21) + + +### Bug Fixes + +* **get:** make sure to handle errors in the .then ([b10bcd0](https://github.com/npm/cacache/commit/b10bcd0)) + + + +<a name="11.3.1"></a> +## [11.3.1](https://github.com/npm/cacache/compare/v11.3.0...v11.3.1) (2018-11-05) + + +### Bug Fixes + +* **get:** export hasContent.sync properly ([d76c920](https://github.com/npm/cacache/commit/d76c920)) + + + +<a name="11.3.0"></a> +# [11.3.0](https://github.com/npm/cacache/compare/v11.2.0...v11.3.0) (2018-11-05) + + +### Features + +* **get:** add sync API for reading ([db1e094](https://github.com/npm/cacache/commit/db1e094)) + + + +<a name="11.2.0"></a> +# [11.2.0](https://github.com/npm/cacache/compare/v11.1.0...v11.2.0) (2018-08-08) + + +### Features + +* **read:** add sync support to other internal read.js fns ([fe638b6](https://github.com/npm/cacache/commit/fe638b6)) + + + +<a name="11.1.0"></a> +# [11.1.0](https://github.com/npm/cacache/compare/v11.0.3...v11.1.0) (2018-08-01) + + +### Features + +* **read:** add sync support for low-level content read ([b43af83](https://github.com/npm/cacache/commit/b43af83)) + + + +<a name="11.0.3"></a> +## [11.0.3](https://github.com/npm/cacache/compare/v11.0.2...v11.0.3) (2018-08-01) + + +### Bug Fixes + +* **config:** add ssri config options ([#136](https://github.com/npm/cacache/issues/136)) ([10d5d9a](https://github.com/npm/cacache/commit/10d5d9a)) +* **perf:** refactor content.read to avoid lstats ([c5ac10e](https://github.com/npm/cacache/commit/c5ac10e)) +* **test:** oops when removing safe-buffer ([1950490](https://github.com/npm/cacache/commit/1950490)) + + + +<a name="11.0.2"></a> +## [11.0.2](https://github.com/npm/cacache/compare/v11.0.1...v11.0.2) (2018-05-07) + + +### Bug Fixes + +* **verify:** size param no longer lost in a verify ([#131](https://github.com/npm/cacache/issues/131)) ([c614a19](https://github.com/npm/cacache/commit/c614a19)), closes [#130](https://github.com/npm/cacache/issues/130) + + + +<a name="11.0.1"></a> +## [11.0.1](https://github.com/npm/cacache/compare/v11.0.0...v11.0.1) (2018-04-10) + + + +<a name="11.0.0"></a> +# [11.0.0](https://github.com/npm/cacache/compare/v10.0.4...v11.0.0) (2018-04-09) + + +### Features + +* **opts:** use figgy-pudding for opts ([#128](https://github.com/npm/cacache/issues/128)) ([33d4eed](https://github.com/npm/cacache/commit/33d4eed)) + + +### meta + +* drop support for node@4 ([529f347](https://github.com/npm/cacache/commit/529f347)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="10.0.4"></a> +## [10.0.4](https://github.com/npm/cacache/compare/v10.0.3...v10.0.4) (2018-02-16) + + + +<a name="10.0.3"></a> +## [10.0.3](https://github.com/npm/cacache/compare/v10.0.2...v10.0.3) (2018-02-16) + + +### Bug Fixes + +* **content:** rethrow aggregate errors as ENOENT ([fa918f5](https://github.com/npm/cacache/commit/fa918f5)) + + + +<a name="10.0.2"></a> +## [10.0.2](https://github.com/npm/cacache/compare/v10.0.1...v10.0.2) (2018-01-07) + + +### Bug Fixes + +* **ls:** deleted entries could cause a premature stream EOF ([347dc36](https://github.com/npm/cacache/commit/347dc36)) + + + +<a name="10.0.1"></a> +## [10.0.1](https://github.com/npm/cacache/compare/v10.0.0...v10.0.1) (2017-11-15) + + +### Bug Fixes + +* **move-file:** actually use the fallback to `move-concurrently` (#110) ([073fbe1](https://github.com/npm/cacache/commit/073fbe1)) + + + +<a name="10.0.0"></a> +# [10.0.0](https://github.com/npm/cacache/compare/v9.3.0...v10.0.0) (2017-10-23) + + +### Features + +* **license:** relicense to ISC (#111) ([fdbb4e5](https://github.com/npm/cacache/commit/fdbb4e5)) + + +### Performance Improvements + +* more copyFile benchmarks ([63787bb](https://github.com/npm/cacache/commit/63787bb)) + + +### BREAKING CHANGES + +* **license:** the license has been changed from CC0-1.0 to ISC. + + + +<a name="9.3.0"></a> +# [9.3.0](https://github.com/npm/cacache/compare/v9.2.9...v9.3.0) (2017-10-07) + + +### Features + +* **copy:** added cacache.get.copy api for fast copies (#107) ([067b5f6](https://github.com/npm/cacache/commit/067b5f6)) + + + +<a name="9.2.9"></a> +## [9.2.9](https://github.com/npm/cacache/compare/v9.2.8...v9.2.9) (2017-06-17) + + + +<a name="9.2.8"></a> +## [9.2.8](https://github.com/npm/cacache/compare/v9.2.7...v9.2.8) (2017-06-05) + + +### Bug Fixes + +* **ssri:** bump ssri for bugfix ([c3232ea](https://github.com/npm/cacache/commit/c3232ea)) + + + +<a name="9.2.7"></a> +## [9.2.7](https://github.com/npm/cacache/compare/v9.2.6...v9.2.7) (2017-06-05) + + +### Bug Fixes + +* **content:** make verified content completely read-only (#96) ([4131196](https://github.com/npm/cacache/commit/4131196)) + + + +<a name="9.2.6"></a> +## [9.2.6](https://github.com/npm/cacache/compare/v9.2.5...v9.2.6) (2017-05-31) + + +### Bug Fixes + +* **node:** update ssri to prevent old node 4 crash ([5209ffe](https://github.com/npm/cacache/commit/5209ffe)) + + + +<a name="9.2.5"></a> +## [9.2.5](https://github.com/npm/cacache/compare/v9.2.4...v9.2.5) (2017-05-25) + + +### Bug Fixes + +* **deps:** fix lockfile issues and bump ssri ([84e1d7e](https://github.com/npm/cacache/commit/84e1d7e)) + + + +<a name="9.2.4"></a> +## [9.2.4](https://github.com/npm/cacache/compare/v9.2.3...v9.2.4) (2017-05-24) + + +### Bug Fixes + +* **deps:** bumping deps ([bbccb12](https://github.com/npm/cacache/commit/bbccb12)) + + + +<a name="9.2.3"></a> +## [9.2.3](https://github.com/npm/cacache/compare/v9.2.2...v9.2.3) (2017-05-24) + + +### Bug Fixes + +* **rm:** stop crashing if content is missing on rm ([ac90bc0](https://github.com/npm/cacache/commit/ac90bc0)) + + + +<a name="9.2.2"></a> +## [9.2.2](https://github.com/npm/cacache/compare/v9.2.1...v9.2.2) (2017-05-14) + + +### Bug Fixes + +* **i18n:** lets pretend this didn't happen ([519b4ee](https://github.com/npm/cacache/commit/519b4ee)) + + + +<a name="9.2.1"></a> +## [9.2.1](https://github.com/npm/cacache/compare/v9.2.0...v9.2.1) (2017-05-14) + + +### Bug Fixes + +* **docs:** fixing translation messup ([bb9e4f9](https://github.com/npm/cacache/commit/bb9e4f9)) + + + +<a name="9.2.0"></a> +# [9.2.0](https://github.com/npm/cacache/compare/v9.1.0...v9.2.0) (2017-05-14) + + +### Features + +* **i18n:** add Spanish translation for API ([531f9a4](https://github.com/npm/cacache/commit/531f9a4)) + + + +<a name="9.1.0"></a> +# [9.1.0](https://github.com/npm/cacache/compare/v9.0.0...v9.1.0) (2017-05-14) + + +### Features + +* **i18n:** Add Spanish translation and i18n setup (#91) ([323b90c](https://github.com/npm/cacache/commit/323b90c)) + + + +<a name="9.0.0"></a> +# [9.0.0](https://github.com/npm/cacache/compare/v8.0.0...v9.0.0) (2017-04-28) + + +### Bug Fixes + +* **memoization:** actually use the LRU ([0e55dc9](https://github.com/npm/cacache/commit/0e55dc9)) + + +### Features + +* **memoization:** memoizers can be injected through opts.memoize (#90) ([e5614c7](https://github.com/npm/cacache/commit/e5614c7)) + + +### BREAKING CHANGES + +* **memoization:** If you were passing an object to opts.memoize, it will now be used as an injected memoization object. If you were only passing booleans and other non-objects through that option, no changes are needed. + + + +<a name="8.0.0"></a> +# [8.0.0](https://github.com/npm/cacache/compare/v7.1.0...v8.0.0) (2017-04-22) + + +### Features + +* **read:** change hasContent to return {sri, size} (#88) ([bad6c49](https://github.com/npm/cacache/commit/bad6c49)), closes [#87](https://github.com/npm/cacache/issues/87) + + +### BREAKING CHANGES + +* **read:** hasContent now returns an object with `{sri, size}` instead of `sri`. Use `result.sri` anywhere that needed the old return value. + + + +<a name="7.1.0"></a> +# [7.1.0](https://github.com/npm/cacache/compare/v7.0.5...v7.1.0) (2017-04-20) + + +### Features + +* **size:** handle content size info (#49) ([91230af](https://github.com/npm/cacache/commit/91230af)) + + + +<a name="7.0.5"></a> +## [7.0.5](https://github.com/npm/cacache/compare/v7.0.4...v7.0.5) (2017-04-18) + + +### Bug Fixes + +* **integrity:** new ssri with fixed integrity stream ([6d13e8e](https://github.com/npm/cacache/commit/6d13e8e)) +* **write:** wrap stuff in promises to improve errors ([3624fc5](https://github.com/npm/cacache/commit/3624fc5)) + + + +<a name="7.0.4"></a> +## [7.0.4](https://github.com/npm/cacache/compare/v7.0.3...v7.0.4) (2017-04-15) + + +### Bug Fixes + +* **fix-owner:** throw away ENOENTs on chownr ([d49bbcd](https://github.com/npm/cacache/commit/d49bbcd)) + + + +<a name="7.0.3"></a> +## [7.0.3](https://github.com/npm/cacache/compare/v7.0.2...v7.0.3) (2017-04-05) + + +### Bug Fixes + +* **read:** fixing error message for integrity verification failures ([9d4f0a5](https://github.com/npm/cacache/commit/9d4f0a5)) + + + +<a name="7.0.2"></a> +## [7.0.2](https://github.com/npm/cacache/compare/v7.0.1...v7.0.2) (2017-04-03) + + +### Bug Fixes + +* **integrity:** use EINTEGRITY error code and update ssri ([8dc2e62](https://github.com/npm/cacache/commit/8dc2e62)) + + + +<a name="7.0.1"></a> +## [7.0.1](https://github.com/npm/cacache/compare/v7.0.0...v7.0.1) (2017-04-03) + + +### Bug Fixes + +* **docs:** fix header name conflict in readme ([afcd456](https://github.com/npm/cacache/commit/afcd456)) + + + +<a name="7.0.0"></a> +# [7.0.0](https://github.com/npm/cacache/compare/v6.3.0...v7.0.0) (2017-04-03) + + +### Bug Fixes + +* **test:** fix content.write tests when running in docker ([d2e9b6a](https://github.com/npm/cacache/commit/d2e9b6a)) + + +### Features + +* **integrity:** subresource integrity support (#78) ([b1e731f](https://github.com/npm/cacache/commit/b1e731f)) + + +### BREAKING CHANGES + +* **integrity:** The entire API has been overhauled to use SRI hashes instead of digest/hashAlgorithm pairs. SRI hashes follow the Subresource Integrity standard and support strings and objects compatible with [`ssri`](https://npm.im/ssri). + +* This change bumps the index version, which will invalidate all previous index entries. Content entries will remain intact, and existing caches will automatically reuse any content from before this breaking change. + +* `cacache.get.info()`, `cacache.ls()`, and `cacache.ls.stream()` will now return objects that looks like this: + +``` +{ + key: String, + integrity: '<algorithm>-<base64hash>', + path: ContentPath, + time: Date<ms>, + metadata: Any +} +``` + +* `opts.digest` and `opts.hashAlgorithm` are obsolete for any API calls that used them. + +* Anywhere `opts.digest` was accepted, `opts.integrity` is now an option. Any valid SRI hash is accepted here -- multiple hash entries will be resolved according to the standard: first, the "strongest" hash algorithm will be picked, and then each of the entries for that algorithm will be matched against the content. Content will be validated if *any* of the entries match (so, a single integrity string can be used for multiple "versions" of the same document/data). + +* `put.byDigest()`, `put.stream.byDigest`, `get.byDigest()` and `get.stream.byDigest()` now expect an SRI instead of a `digest` + `opts.hashAlgorithm` pairing. + +* `get.hasContent()` now expects an integrity hash instead of a digest. If content exists, it will return the specific single integrity hash that was found in the cache. + +* `verify()` has learned to handle integrity-based caches, and forgotten how to handle old-style cache indices due to the format change. + +* `cacache.rm.content()` now expects an integrity hash instead of a hex digest. + + + +<a name="6.3.0"></a> +# [6.3.0](https://github.com/npm/cacache/compare/v6.2.0...v6.3.0) (2017-04-01) + + +### Bug Fixes + +* **fixOwner:** ignore EEXIST race condition from mkdirp ([4670e9b](https://github.com/npm/cacache/commit/4670e9b)) +* **index:** ignore index removal races when inserting ([b9d2fa2](https://github.com/npm/cacache/commit/b9d2fa2)) +* **memo:** use lru-cache for better mem management (#75) ([d8ac5aa](https://github.com/npm/cacache/commit/d8ac5aa)) + + +### Features + +* **dependencies:** Switch to move-concurrently (#77) ([dc6482d](https://github.com/npm/cacache/commit/dc6482d)) + + + +<a name="6.2.0"></a> +# [6.2.0](https://github.com/npm/cacache/compare/v6.1.2...v6.2.0) (2017-03-15) + + +### Bug Fixes + +* **index:** additional bucket entry verification with checksum (#72) ([f8e0f25](https://github.com/npm/cacache/commit/f8e0f25)) +* **verify:** return fixOwner.chownr promise ([6818521](https://github.com/npm/cacache/commit/6818521)) + + +### Features + +* **tmp:** safe tmp dir creation/management util (#73) ([c42da71](https://github.com/npm/cacache/commit/c42da71)) + + + +<a name="6.1.2"></a> +## [6.1.2](https://github.com/npm/cacache/compare/v6.1.1...v6.1.2) (2017-03-13) + + +### Bug Fixes + +* **index:** set default hashAlgorithm ([d6eb2f0](https://github.com/npm/cacache/commit/d6eb2f0)) + + + +<a name="6.1.1"></a> +## [6.1.1](https://github.com/npm/cacache/compare/v6.1.0...v6.1.1) (2017-03-13) + + +### Bug Fixes + +* **coverage:** bumping coverage for verify (#71) ([0b7faf6](https://github.com/npm/cacache/commit/0b7faf6)) +* **deps:** glob should have been a regular dep :< ([0640bc4](https://github.com/npm/cacache/commit/0640bc4)) + + + +<a name="6.1.0"></a> +# [6.1.0](https://github.com/npm/cacache/compare/v6.0.2...v6.1.0) (2017-03-12) + + +### Bug Fixes + +* **coverage:** more coverage for content reads (#70) ([ef4f70a](https://github.com/npm/cacache/commit/ef4f70a)) +* **tests:** use safe-buffer because omfg (#69) ([6ab8132](https://github.com/npm/cacache/commit/6ab8132)) + + +### Features + +* **rm:** limited rm.all and fixed bugs (#66) ([d5d25ba](https://github.com/npm/cacache/commit/d5d25ba)), closes [#66](https://github.com/npm/cacache/issues/66) +* **verify:** tested, working cache verifier/gc (#68) ([45ad77a](https://github.com/npm/cacache/commit/45ad77a)) + + + +<a name="6.0.2"></a> +## [6.0.2](https://github.com/npm/cacache/compare/v6.0.1...v6.0.2) (2017-03-11) + + +### Bug Fixes + +* **index:** segment cache items with another subbucket (#64) ([c3644e5](https://github.com/npm/cacache/commit/c3644e5)) + + + +<a name="6.0.1"></a> +## [6.0.1](https://github.com/npm/cacache/compare/v6.0.0...v6.0.1) (2017-03-05) + + +### Bug Fixes + +* **docs:** Missed spots in README ([8ffb7fa](https://github.com/npm/cacache/commit/8ffb7fa)) + + + +<a name="6.0.0"></a> +# [6.0.0](https://github.com/npm/cacache/compare/v5.0.3...v6.0.0) (2017-03-05) + + +### Bug Fixes + +* **api:** keep memo cache mostly-internal ([2f72d0a](https://github.com/npm/cacache/commit/2f72d0a)) +* **content:** use the rest of the string, not the whole string ([fa8f3c3](https://github.com/npm/cacache/commit/fa8f3c3)) +* **deps:** removed `format-number@2.0.2` ([1187791](https://github.com/npm/cacache/commit/1187791)) +* **deps:** removed inflight@1.0.6 ([0d1819c](https://github.com/npm/cacache/commit/0d1819c)) +* **deps:** rimraf@2.6.1 ([9efab6b](https://github.com/npm/cacache/commit/9efab6b)) +* **deps:** standard@9.0.0 ([4202cba](https://github.com/npm/cacache/commit/4202cba)) +* **deps:** tap@10.3.0 ([aa03088](https://github.com/npm/cacache/commit/aa03088)) +* **deps:** weallcontribute@1.0.8 ([ad4f4dc](https://github.com/npm/cacache/commit/ad4f4dc)) +* **docs:** add security note to hashKey ([03f81ba](https://github.com/npm/cacache/commit/03f81ba)) +* **hashes:** change default hashAlgorithm to sha512 ([ea00ba6](https://github.com/npm/cacache/commit/ea00ba6)) +* **hashes:** missed a spot for hashAlgorithm defaults ([45997d8](https://github.com/npm/cacache/commit/45997d8)) +* **index:** add length header before JSON for verification ([fb8cb4d](https://github.com/npm/cacache/commit/fb8cb4d)) +* **index:** change index filenames to sha1s of keys ([bbc5fca](https://github.com/npm/cacache/commit/bbc5fca)) +* **index:** who cares about race conditions anyway ([b1d3888](https://github.com/npm/cacache/commit/b1d3888)) +* **perf:** bulk-read get+read for massive speed ([d26cdf9](https://github.com/npm/cacache/commit/d26cdf9)) +* **perf:** use bulk file reads for index reads ([79a8891](https://github.com/npm/cacache/commit/79a8891)) +* **put-stream:** remove tmp file on stream insert error ([65f6632](https://github.com/npm/cacache/commit/65f6632)) +* **put-stream:** robustified and predictibilized ([daf9e08](https://github.com/npm/cacache/commit/daf9e08)) +* **put-stream:** use new promise API for moves ([1d36013](https://github.com/npm/cacache/commit/1d36013)) +* **readme:** updated to reflect new default hashAlgo ([c60a2fa](https://github.com/npm/cacache/commit/c60a2fa)) +* **verify:** tiny typo fix ([db22d05](https://github.com/npm/cacache/commit/db22d05)) + + +### Features + +* **api:** converted external api ([7bf032f](https://github.com/npm/cacache/commit/7bf032f)) +* **cacache:** exported clearMemoized() utility ([8d2c5b6](https://github.com/npm/cacache/commit/8d2c5b6)) +* **cache:** add versioning to content and index ([31bc549](https://github.com/npm/cacache/commit/31bc549)) +* **content:** collate content files into subdirs ([c094d9f](https://github.com/npm/cacache/commit/c094d9f)) +* **deps:** `@npmcorp/move@1.0.0` ([bdd00bf](https://github.com/npm/cacache/commit/bdd00bf)) +* **deps:** `bluebird@3.4.7` ([3a17aff](https://github.com/npm/cacache/commit/3a17aff)) +* **deps:** `promise-inflight@1.0.1` ([a004fe6](https://github.com/npm/cacache/commit/a004fe6)) +* **get:** added memoization support for get ([c77d794](https://github.com/npm/cacache/commit/c77d794)) +* **get:** export hasContent ([2956ec3](https://github.com/npm/cacache/commit/2956ec3)) +* **index:** add hashAlgorithm and format insert ret val ([b639746](https://github.com/npm/cacache/commit/b639746)) +* **index:** collate index files into subdirs ([e8402a5](https://github.com/npm/cacache/commit/e8402a5)) +* **index:** promisify entry index ([cda3335](https://github.com/npm/cacache/commit/cda3335)) +* **memo:** added memoization lib ([da07b92](https://github.com/npm/cacache/commit/da07b92)) +* **memo:** export memoization api ([954b1b3](https://github.com/npm/cacache/commit/954b1b3)) +* **move-file:** add move fallback for weird errors ([5cf4616](https://github.com/npm/cacache/commit/5cf4616)) +* **perf:** bulk content write api ([51b536e](https://github.com/npm/cacache/commit/51b536e)) +* **put:** added memoization support to put ([b613a70](https://github.com/npm/cacache/commit/b613a70)) +* **read:** switched to promises ([a869362](https://github.com/npm/cacache/commit/a869362)) +* **rm:** added memoization support to rm ([4205cf0](https://github.com/npm/cacache/commit/4205cf0)) +* **rm:** switched to promises ([a000d24](https://github.com/npm/cacache/commit/a000d24)) +* **util:** promise-inflight ownership fix requests ([9517cd7](https://github.com/npm/cacache/commit/9517cd7)) +* **util:** use promises for api ([ae204bb](https://github.com/npm/cacache/commit/ae204bb)) +* **verify:** converted to Promises ([f0b3974](https://github.com/npm/cacache/commit/f0b3974)) + + +### BREAKING CHANGES + +* cache: index/content directories are now versioned. Previous caches are no longer compatible and cannot be migrated. +* util: fix-owner now uses Promises instead of callbacks +* index: Previously-generated index entries are no longer compatible and the index must be regenerated. +* index: The index format has changed and previous caches are no longer compatible. Existing caches will need to be regenerated. +* hashes: Default hashAlgorithm changed from sha1 to sha512. If you +rely on the prior setting, pass `opts.hashAlgorithm` in explicitly. +* content: Previously-generated content directories are no longer compatible +and must be regenerated. +* verify: API is now promise-based +* read: Switches to a Promise-based API and removes callback stuff +* rm: Switches to a Promise-based API and removes callback stuff +* index: this changes the API to work off promises instead of callbacks +* api: this means we are going all in on promises now diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/LICENSE.md b/node_modules/npm-registry-fetch/node_modules/cacache/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/README.md b/node_modules/npm-registry-fetch/node_modules/cacache/README.md new file mode 100644 index 000000000..19546b5bb --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/README.md @@ -0,0 +1,615 @@ +# cacache [](https://npm.im/cacache) [](https://npm.im/cacache) [](https://travis-ci.org/npm/cacache) [](https://ci.appveyor.com/project/npm/cacache) [](https://coveralls.io/github/npm/cacache?branch=latest) + +[`cacache`](https://github.com/npm/cacache) is a Node.js library for managing +local key and content address caches. It's really fast, really good at +concurrency, and it will never give you corrupted data, even if cache files +get corrupted or manipulated. + +On systems that support user and group settings on files, cacache will +match the `uid` and `gid` values to the folder where the cache lives, even +when running as `root`. + +It was written to be used as [npm](https://npm.im)'s local cache, but can +just as easily be used on its own. + +## Install + +`$ npm install --save cacache` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [Using localized APIs](#localized-api) + * Reading + * [`ls`](#ls) + * [`ls.stream`](#ls-stream) + * [`get`](#get-data) + * [`get.stream`](#get-stream) + * [`get.info`](#get-info) + * [`get.hasContent`](#get-hasContent) + * Writing + * [`put`](#put-data) + * [`put.stream`](#put-stream) + * [`put*` opts](#put-options) + * [`rm.all`](#rm-all) + * [`rm.entry`](#rm-entry) + * [`rm.content`](#rm-content) + * Utilities + * [`clearMemoized`](#clear-memoized) + * [`tmp.mkdir`](#tmp-mkdir) + * [`tmp.withTmp`](#with-tmp) + * Integrity + * [Subresource Integrity](#integrity) + * [`verify`](#verify) + * [`verify.lastRun`](#verify-last-run) + +### Example + +```javascript +const cacache = require('cacache') +const fs = require('fs') + +const tarball = '/path/to/mytar.tgz' +const cachePath = '/tmp/my-toy-cache' +const key = 'my-unique-key-1234' + +// Cache it! Use `cachePath` as the root of the content cache +cacache.put(cachePath, key, '10293801983029384').then(integrity => { + console.log(`Saved content to ${cachePath}.`) +}) + +const destination = '/tmp/mytar.tgz' + +// Copy the contents out of the cache and into their destination! +// But this time, use stream instead! +cacache.get.stream( + cachePath, key +).pipe( + fs.createWriteStream(destination) +).on('finish', () => { + console.log('done extracting!') +}) + +// The same thing, but skip the key index. +cacache.get.byDigest(cachePath, integrityHash).then(data => { + fs.writeFile(destination, data, err => { + console.log('tarball data fetched based on its sha512sum and written out!') + }) +}) +``` + +### Features + +* Extraction by key or by content address (shasum, etc) +* [Subresource Integrity](#integrity) web standard support +* Multi-hash support - safely host sha1, sha512, etc, in a single cache +* Automatic content deduplication +* Fault tolerance (immune to corruption, partial writes, process races, etc) +* Consistency guarantees on read and write (full data verification) +* Lockless, high-concurrency cache access +* Streaming support +* Promise support +* Pretty darn fast -- sub-millisecond reads and writes including verification +* Arbitrary metadata storage +* Garbage collection and additional offline verification +* Thorough test coverage +* There's probably a bloom filter in there somewhere. Those are cool, right? 🤔 + +### Contributing + +The cacache team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](CONTRIBUTING.md) has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### <a name="ls"></a> `> cacache.ls(cache) -> Promise<Object>` + +Lists info for all entries currently in the cache as a single large object. Each +entry in the object will be keyed by the unique index key, with corresponding +[`get.info`](#get-info) objects as the values. + +##### Example + +```javascript +cacache.ls(cachePath).then(console.log) +// Output +{ + 'my-thing': { + key: 'my-thing', + integrity: 'sha512-BaSe64/EnCoDED+HAsh==' + path: '.testcache/content/deadbeef', // joined with `cachePath` + time: 12345698490, + size: 4023948, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } + }, + 'other-thing': { + key: 'other-thing', + integrity: 'sha1-ANothER+hasH=', + path: '.testcache/content/bada55', + time: 11992309289, + size: 111112 + } +} +``` + +#### <a name="ls-stream"></a> `> cacache.ls.stream(cache) -> Readable` + +Lists info for all entries currently in the cache as a single large object. + +This works just like [`ls`](#ls), except [`get.info`](#get-info) entries are +returned as `'data'` events on the returned stream. + +##### Example + +```javascript +cacache.ls.stream(cachePath).on('data', console.log) +// Output +{ + key: 'my-thing', + integrity: 'sha512-BaSe64HaSh', + path: '.testcache/content/deadbeef', // joined with `cachePath` + time: 12345698490, + size: 13423, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } +} + +{ + key: 'other-thing', + integrity: 'whirlpool-WoWSoMuchSupport', + path: '.testcache/content/bada55', + time: 11992309289, + size: 498023984029 +} + +{ + ... +} +``` + +#### <a name="get-data"></a> `> cacache.get(cache, key, [opts]) -> Promise({data, metadata, integrity})` + +Returns an object with the cached data, digest, and metadata identified by +`key`. The `data` property of this object will be a `Buffer` instance that +presumably holds some data that means something to you. I'm sure you know what +to do with it! cacache just won't care. + +`integrity` is a [Subresource +Integrity](#integrity) +string. That is, a string that can be used to verify `data`, which looks like +`<hash-algorithm>-<base64-integrity-hash>`. + +If there is no content identified by `key`, or if the locally-stored data does +not pass the validity checksum, the promise will be rejected. + +A sub-function, `get.byDigest` may be used for identical behavior, except lookup +will happen by integrity hash, bypassing the index entirely. This version of the +function *only* returns `data` itself, without any wrapper. + +##### Note + +This function loads the entire cache entry into memory before returning it. If +you're dealing with Very Large data, consider using [`get.stream`](#get-stream) +instead. + +##### Example + +```javascript +// Look up by key +cache.get(cachePath, 'my-thing').then(console.log) +// Output: +{ + metadata: { + thingName: 'my' + }, + integrity: 'sha512-BaSe64HaSh', + data: Buffer#<deadbeef>, + size: 9320 +} + +// Look up by digest +cache.get.byDigest(cachePath, 'sha512-BaSe64HaSh').then(console.log) +// Output: +Buffer#<deadbeef> +``` + +#### <a name="get-stream"></a> `> cacache.get.stream(cache, key, [opts]) -> Readable` + +Returns a [Readable Stream](https://nodejs.org/api/stream.html#stream_readable_streams) of the cached data identified by `key`. + +If there is no content identified by `key`, or if the locally-stored data does +not pass the validity checksum, an error will be emitted. + +`metadata` and `integrity` events will be emitted before the stream closes, if +you need to collect that extra data about the cached entry. + +A sub-function, `get.stream.byDigest` may be used for identical behavior, +except lookup will happen by integrity hash, bypassing the index entirely. This +version does not emit the `metadata` and `integrity` events at all. + +##### Example + +```javascript +// Look up by key +cache.get.stream( + cachePath, 'my-thing' +).on('metadata', metadata => { + console.log('metadata:', metadata) +}).on('integrity', integrity => { + console.log('integrity:', integrity) +}).pipe( + fs.createWriteStream('./x.tgz') +) +// Outputs: +metadata: { ... } +integrity: 'sha512-SoMeDIGest+64==' + +// Look up by digest +cache.get.stream.byDigest( + cachePath, 'sha512-SoMeDIGest+64==' +).pipe( + fs.createWriteStream('./x.tgz') +) +``` + +#### <a name="get-info"></a> `> cacache.get.info(cache, key) -> Promise` + +Looks up `key` in the cache index, returning information about the entry if +one exists. + +##### Fields + +* `key` - Key the entry was looked up under. Matches the `key` argument. +* `integrity` - [Subresource Integrity hash](#integrity) for the content this entry refers to. +* `path` - Filesystem path where content is stored, joined with `cache` argument. +* `time` - Timestamp the entry was first added on. +* `metadata` - User-assigned metadata associated with the entry/content. + +##### Example + +```javascript +cacache.get.info(cachePath, 'my-thing').then(console.log) + +// Output +{ + key: 'my-thing', + integrity: 'sha256-MUSTVERIFY+ALL/THINGS==' + path: '.testcache/content/deadbeef', + time: 12345698490, + size: 849234, + metadata: { + name: 'blah', + version: '1.2.3', + description: 'this was once a package but now it is my-thing' + } +} +``` + +#### <a name="get-hasContent"></a> `> cacache.get.hasContent(cache, integrity) -> Promise` + +Looks up a [Subresource Integrity hash](#integrity) in the cache. If content +exists for this `integrity`, it will return an object, with the specific single integrity hash +that was found in `sri` key, and the size of the found content as `size`. If no content exists for this integrity, it will return `false`. + +##### Example + +```javascript +cacache.get.hasContent(cachePath, 'sha256-MUSTVERIFY+ALL/THINGS==').then(console.log) + +// Output +{ + sri: { + source: 'sha256-MUSTVERIFY+ALL/THINGS==', + algorithm: 'sha256', + digest: 'MUSTVERIFY+ALL/THINGS==', + options: [] + }, + size: 9001 +} + +cacache.get.hasContent(cachePath, 'sha521-NOT+IN/CACHE==').then(console.log) + +// Output +false +``` + +#### <a name="put-data"></a> `> cacache.put(cache, key, data, [opts]) -> Promise` + +Inserts data passed to it into the cache. The returned Promise resolves with a +digest (generated according to [`opts.algorithms`](#optsalgorithms)) after the +cache entry has been successfully written. + +##### Example + +```javascript +fetch( + 'https://registry.npmjs.org/cacache/-/cacache-1.0.0.tgz' +).then(data => { + return cacache.put(cachePath, 'registry.npmjs.org|cacache@1.0.0', data) +}).then(integrity => { + console.log('integrity hash is', integrity) +}) +``` + +#### <a name="put-stream"></a> `> cacache.put.stream(cache, key, [opts]) -> Writable` + +Returns a [Writable +Stream](https://nodejs.org/api/stream.html#stream_writable_streams) that inserts +data written to it into the cache. Emits an `integrity` event with the digest of +written contents when it succeeds. + +##### Example + +```javascript +request.get( + 'https://registry.npmjs.org/cacache/-/cacache-1.0.0.tgz' +).pipe( + cacache.put.stream( + cachePath, 'registry.npmjs.org|cacache@1.0.0' + ).on('integrity', d => console.log(`integrity digest is ${d}`)) +) +``` + +#### <a name="put-options"></a> `> cacache.put options` + +`cacache.put` functions have a number of options in common. + +##### `opts.metadata` + +Arbitrary metadata to be attached to the inserted key. + +##### `opts.size` + +If provided, the data stream will be verified to check that enough data was +passed through. If there's more or less data than expected, insertion will fail +with an `EBADSIZE` error. + +##### `opts.integrity` + +If present, the pre-calculated digest for the inserted content. If this option +if provided and does not match the post-insertion digest, insertion will fail +with an `EINTEGRITY` error. + +`algorithms` has no effect if this option is present. + +##### `opts.algorithms` + +Default: ['sha512'] + +Hashing algorithms to use when calculating the [subresource integrity +digest](#integrity) +for inserted data. Can use any algorithm listed in `crypto.getHashes()` or +`'omakase'`/`'お任せします'` to pick a random hash algorithm on each insertion. You +may also use any anagram of `'modnar'` to use this feature. + +Currently only supports one algorithm at a time (i.e., an array length of +exactly `1`). Has no effect if `opts.integrity` is present. + +##### `opts.memoize` + +Default: null + +If provided, cacache will memoize the given cache insertion in memory, bypassing +any filesystem checks for that key or digest in future cache fetches. Nothing +will be written to the in-memory cache unless this option is explicitly truthy. + +If `opts.memoize` is an object or a `Map`-like (that is, an object with `get` +and `set` methods), it will be written to instead of the global memoization +cache. + +Reading from disk data can be forced by explicitly passing `memoize: false` to +the reader functions, but their default will be to read from memory. + +#### <a name="rm-all"></a> `> cacache.rm.all(cache) -> Promise` + +Clears the entire cache. Mainly by blowing away the cache directory itself. + +##### Example + +```javascript +cacache.rm.all(cachePath).then(() => { + console.log('THE APOCALYPSE IS UPON US 😱') +}) +``` + +#### <a name="rm-entry"></a> `> cacache.rm.entry(cache, key) -> Promise` + +Alias: `cacache.rm` + +Removes the index entry for `key`. Content will still be accessible if +requested directly by content address ([`get.stream.byDigest`](#get-stream)). + +To remove the content itself (which might still be used by other entries), use +[`rm.content`](#rm-content). Or, to safely vacuum any unused content, use +[`verify`](#verify). + +##### Example + +```javascript +cacache.rm.entry(cachePath, 'my-thing').then(() => { + console.log('I did not like it anyway') +}) +``` + +#### <a name="rm-content"></a> `> cacache.rm.content(cache, integrity) -> Promise` + +Removes the content identified by `integrity`. Any index entries referring to it +will not be usable again until the content is re-added to the cache with an +identical digest. + +##### Example + +```javascript +cacache.rm.content(cachePath, 'sha512-SoMeDIGest/IN+BaSE64==').then(() => { + console.log('data for my-thing is gone!') +}) +``` + +#### <a name="clear-memoized"></a> `> cacache.clearMemoized()` + +Completely resets the in-memory entry cache. + +#### <a name="tmp-mkdir"></a> `> tmp.mkdir(cache, opts) -> Promise<Path>` + +Returns a unique temporary directory inside the cache's `tmp` dir. This +directory will use the same safe user assignment that all the other stuff use. + +Once the directory is made, it's the user's responsibility that all files +within are given the appropriate `gid`/`uid` ownership settings to match +the rest of the cache. If not, you can ask cacache to do it for you by +calling [`tmp.fix()`](#tmp-fix), which will fix all tmp directory +permissions. + +If you want automatic cleanup of this directory, use +[`tmp.withTmp()`](#with-tpm) + +##### Example + +```javascript +cacache.tmp.mkdir(cache).then(dir => { + fs.writeFile(path.join(dir, 'blablabla'), Buffer#<1234>, ...) +}) +``` + +#### <a name="tmp-fix"></a> `> tmp.fix(cache) -> Promise` + +Sets the `uid` and `gid` properties on all files and folders within the tmp +folder to match the rest of the cache. + +Use this after manually writing files into [`tmp.mkdir`](#tmp-mkdir) or +[`tmp.withTmp`](#with-tmp). + +##### Example + +```javascript +cacache.tmp.mkdir(cache).then(dir => { + writeFile(path.join(dir, 'file'), someData).then(() => { + // make sure we didn't just put a root-owned file in the cache + cacache.tmp.fix().then(() => { + // all uids and gids match now + }) + }) +}) +``` + +#### <a name="with-tmp"></a> `> tmp.withTmp(cache, opts, cb) -> Promise` + +Creates a temporary directory with [`tmp.mkdir()`](#tmp-mkdir) and calls `cb` +with it. The created temporary directory will be removed when the return value +of `cb()` resolves, the tmp directory will be automatically deleted once that +promise completes. + +The same caveats apply when it comes to managing permissions for the tmp dir's +contents. + +##### Example + +```javascript +cacache.tmp.withTmp(cache, dir => { + return fs.writeFileAsync(path.join(dir, 'blablabla'), Buffer#<1234>, ...) +}).then(() => { + // `dir` no longer exists +}) +``` + +#### <a name="integrity"></a> Subresource Integrity Digests + +For content verification and addressing, cacache uses strings following the +[Subresource +Integrity spec](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity). +That is, any time cacache expects an `integrity` argument or option, it +should be in the format `<hashAlgorithm>-<base64-hash>`. + +One deviation from the current spec is that cacache will support any hash +algorithms supported by the underlying Node.js process. You can use +`crypto.getHashes()` to see which ones you can use. + +##### Generating Digests Yourself + +If you have an existing content shasum, they are generally formatted as a +hexadecimal string (that is, a sha1 would look like: +`5f5513f8822fdbe5145af33b64d8d970dcf95c6e`). In order to be compatible with +cacache, you'll need to convert this to an equivalent subresource integrity +string. For this example, the corresponding hash would be: +`sha1-X1UT+IIv2+UUWvM7ZNjZcNz5XG4=`. + +If you want to generate an integrity string yourself for existing data, you can +use something like this: + +```javascript +const crypto = require('crypto') +const hashAlgorithm = 'sha512' +const data = 'foobarbaz' + +const integrity = ( + hashAlgorithm + + '-' + + crypto.createHash(hashAlgorithm).update(data).digest('base64') +) +``` + +You can also use [`ssri`](https://npm.im/ssri) to have a richer set of functionality +around SRI strings, including generation, parsing, and translating from existing +hex-formatted strings. + +#### <a name="verify"></a> `> cacache.verify(cache, opts) -> Promise` + +Checks out and fixes up your cache: + +* Cleans up corrupted or invalid index entries. +* Custom entry filtering options. +* Garbage collects any content entries not referenced by the index. +* Checks integrity for all content entries and removes invalid content. +* Fixes cache ownership. +* Removes the `tmp` directory in the cache and all its contents. + +When it's done, it'll return an object with various stats about the verification +process, including amount of storage reclaimed, number of valid entries, number +of entries removed, etc. + +##### Options + +* `opts.filter` - receives a formatted entry. Return false to remove it. + Note: might be called more than once on the same entry. + +##### Example + +```sh +echo somegarbage >> $CACHEPATH/content/deadbeef +``` + +```javascript +cacache.verify(cachePath).then(stats => { + // deadbeef collected, because of invalid checksum. + console.log('cache is much nicer now! stats:', stats) +}) +``` + +#### <a name="verify-last-run"></a> `> cacache.verify.lastRun(cache) -> Promise` + +Returns a `Date` representing the last time `cacache.verify` was run on `cache`. + +##### Example + +```javascript +cacache.verify(cachePath).then(() => { + cacache.verify.lastRun(cachePath).then(lastTime => { + console.log('cacache.verify was last called on' + lastTime) + }) +}) +``` diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/get.js b/node_modules/npm-registry-fetch/node_modules/cacache/get.js new file mode 100644 index 000000000..638d40137 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/get.js @@ -0,0 +1,266 @@ +'use strict' + +const util = require('util') + +const figgyPudding = require('figgy-pudding') +const fs = require('fs') +const index = require('./lib/entry-index') +const memo = require('./lib/memoization') +const read = require('./lib/content/read') + +const Minipass = require('minipass') +const Collect = require('minipass-collect') +const Pipeline = require('minipass-pipeline') + +const writeFile = util.promisify(fs.writeFile) + +const GetOpts = figgyPudding({ + integrity: {}, + memoize: {}, + size: {} +}) + +module.exports = function get (cache, key, opts) { + return getData(false, cache, key, opts) +} +module.exports.byDigest = function getByDigest (cache, digest, opts) { + return getData(true, cache, digest, opts) +} + +function getData (byDigest, cache, key, opts) { + opts = GetOpts(opts) + const memoized = byDigest + ? memo.get.byDigest(cache, key, opts) + : memo.get(cache, key, opts) + if (memoized && opts.memoize !== false) { + return Promise.resolve( + byDigest + ? memoized + : { + metadata: memoized.entry.metadata, + data: memoized.data, + integrity: memoized.entry.integrity, + size: memoized.entry.size + } + ) + } + return (byDigest ? Promise.resolve(null) : index.find(cache, key, opts)).then( + (entry) => { + if (!entry && !byDigest) { + throw new index.NotFoundError(cache, key) + } + return read(cache, byDigest ? key : entry.integrity, { + integrity: opts.integrity, + size: opts.size + }) + .then((data) => + byDigest + ? data + : { + metadata: entry.metadata, + data: data, + size: entry.size, + integrity: entry.integrity + } + ) + .then((res) => { + if (opts.memoize && byDigest) { + memo.put.byDigest(cache, key, res, opts) + } else if (opts.memoize) { + memo.put(cache, entry, res.data, opts) + } + return res + }) + } + ) +} + +module.exports.sync = function get (cache, key, opts) { + return getDataSync(false, cache, key, opts) +} +module.exports.sync.byDigest = function getByDigest (cache, digest, opts) { + return getDataSync(true, cache, digest, opts) +} + +function getDataSync (byDigest, cache, key, opts) { + opts = GetOpts(opts) + const memoized = byDigest + ? memo.get.byDigest(cache, key, opts) + : memo.get(cache, key, opts) + if (memoized && opts.memoize !== false) { + return byDigest + ? memoized + : { + metadata: memoized.entry.metadata, + data: memoized.data, + integrity: memoized.entry.integrity, + size: memoized.entry.size + } + } + const entry = !byDigest && index.find.sync(cache, key, opts) + if (!entry && !byDigest) { + throw new index.NotFoundError(cache, key) + } + const data = read.sync(cache, byDigest ? key : entry.integrity, { + integrity: opts.integrity, + size: opts.size + }) + const res = byDigest + ? data + : { + metadata: entry.metadata, + data: data, + size: entry.size, + integrity: entry.integrity + } + if (opts.memoize && byDigest) { + memo.put.byDigest(cache, key, res, opts) + } else if (opts.memoize) { + memo.put(cache, entry, res.data, opts) + } + return res +} + +module.exports.stream = getStream + +const getMemoizedStream = (memoized) => { + const stream = new Minipass() + stream.on('newListener', function (ev, cb) { + ev === 'metadata' && cb(memoized.entry.metadata) + ev === 'integrity' && cb(memoized.entry.integrity) + ev === 'size' && cb(memoized.entry.size) + }) + stream.end(memoized.data) + return stream +} + +function getStream (cache, key, opts) { + opts = GetOpts(opts) + const memoized = memo.get(cache, key, opts) + if (memoized && opts.memoize !== false) { + return getMemoizedStream(memoized) + } + + const stream = new Pipeline() + index + .find(cache, key) + .then((entry) => { + if (!entry) { + throw new index.NotFoundError(cache, key) + } + stream.emit('metadata', entry.metadata) + stream.emit('integrity', entry.integrity) + stream.emit('size', entry.size) + stream.on('newListener', function (ev, cb) { + ev === 'metadata' && cb(entry.metadata) + ev === 'integrity' && cb(entry.integrity) + ev === 'size' && cb(entry.size) + }) + + const src = read.readStream( + cache, + entry.integrity, + opts.concat({ + size: opts.size == null ? entry.size : opts.size + }) + ) + + if (opts.memoize) { + const memoStream = new Collect.PassThrough() + memoStream.on('collect', data => memo.put(cache, entry, data, opts)) + stream.unshift(memoStream) + } + stream.unshift(src) + }) + .catch((err) => stream.emit('error', err)) + + return stream +} + +module.exports.stream.byDigest = getStreamDigest + +function getStreamDigest (cache, integrity, opts) { + opts = GetOpts(opts) + const memoized = memo.get.byDigest(cache, integrity, opts) + if (memoized && opts.memoize !== false) { + const stream = new Minipass() + stream.end(memoized) + return stream + } else { + const stream = read.readStream(cache, integrity, opts) + if (!opts.memoize) { + return stream + } + const memoStream = new Collect.PassThrough() + memoStream.on('collect', data => memo.put.byDigest( + cache, + integrity, + data, + opts + )) + return new Pipeline(stream, memoStream) + } +} + +module.exports.info = info + +function info (cache, key, opts) { + opts = GetOpts(opts) + const memoized = memo.get(cache, key, opts) + if (memoized && opts.memoize !== false) { + return Promise.resolve(memoized.entry) + } else { + return index.find(cache, key) + } +} + +module.exports.hasContent = read.hasContent + +function cp (cache, key, dest, opts) { + return copy(false, cache, key, dest, opts) +} + +module.exports.copy = cp + +function cpDigest (cache, digest, dest, opts) { + return copy(true, cache, digest, dest, opts) +} + +module.exports.copy.byDigest = cpDigest + +function copy (byDigest, cache, key, dest, opts) { + opts = GetOpts(opts) + if (read.copy) { + return (byDigest + ? Promise.resolve(null) + : index.find(cache, key, opts) + ).then((entry) => { + if (!entry && !byDigest) { + throw new index.NotFoundError(cache, key) + } + return read + .copy(cache, byDigest ? key : entry.integrity, dest, opts) + .then(() => { + return byDigest + ? key + : { + metadata: entry.metadata, + size: entry.size, + integrity: entry.integrity + } + }) + }) + } + + return getData(byDigest, cache, key, opts).then((res) => { + return writeFile(dest, byDigest ? res : res.data).then(() => { + return byDigest + ? key + : { + metadata: res.metadata, + size: res.size, + integrity: res.integrity + } + }) + }) +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/index.js b/node_modules/npm-registry-fetch/node_modules/cacache/index.js new file mode 100644 index 000000000..08ba14835 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/index.js @@ -0,0 +1,41 @@ +'use strict' + +const ls = require('./ls.js') +const get = require('./get.js') +const put = require('./put.js') +const rm = require('./rm.js') +const verify = require('./verify.js') +const { clearMemoized } = require('./lib/memoization.js') +const tmp = require('./lib/util/tmp.js') + +module.exports.ls = ls +module.exports.ls.stream = ls.stream + +module.exports.get = get +module.exports.get.byDigest = get.byDigest +module.exports.get.sync = get.sync +module.exports.get.sync.byDigest = get.sync.byDigest +module.exports.get.stream = get.stream +module.exports.get.stream.byDigest = get.stream.byDigest +module.exports.get.copy = get.copy +module.exports.get.copy.byDigest = get.copy.byDigest +module.exports.get.info = get.info +module.exports.get.hasContent = get.hasContent +module.exports.get.hasContent.sync = get.hasContent.sync + +module.exports.put = put +module.exports.put.stream = put.stream + +module.exports.rm = rm.entry +module.exports.rm.all = rm.all +module.exports.rm.entry = module.exports.rm +module.exports.rm.content = rm.content + +module.exports.clearMemoized = clearMemoized + +module.exports.tmp = {} +module.exports.tmp.mkdir = tmp.mkdir +module.exports.tmp.withTmp = tmp.withTmp + +module.exports.verify = verify +module.exports.verify.lastRun = verify.lastRun diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/path.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/path.js new file mode 100644 index 000000000..ad5a76a4f --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/path.js @@ -0,0 +1,29 @@ +'use strict' + +const contentVer = require('../../package.json')['cache-version'].content +const hashToSegments = require('../util/hash-to-segments') +const path = require('path') +const ssri = require('ssri') + +// Current format of content file path: +// +// sha512-BaSE64Hex= -> +// ~/.my-cache/content-v2/sha512/ba/da/55deadbeefc0ffee +// +module.exports = contentPath + +function contentPath (cache, integrity) { + const sri = ssri.parse(integrity, { single: true }) + // contentPath is the *strongest* algo given + return path.join( + contentDir(cache), + sri.algorithm, + ...hashToSegments(sri.hexDigest()) + ) +} + +module.exports.contentDir = contentDir + +function contentDir (cache) { + return path.join(cache, `content-v${contentVer}`) +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/read.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/read.js new file mode 100644 index 000000000..153926dd1 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/read.js @@ -0,0 +1,258 @@ +'use strict' + +const util = require('util') + +const figgyPudding = require('figgy-pudding') +const fs = require('graceful-fs') +const fsm = require('fs-minipass') +const ssri = require('ssri') +const contentPath = require('./path') +const Pipeline = require('minipass-pipeline') + +const lstat = util.promisify(fs.lstat) +const readFile = util.promisify(fs.readFile) + +const ReadOpts = figgyPudding({ + size: {} +}) + +module.exports = read + +const MAX_SINGLE_READ_SIZE = 64 * 1024 * 1024 +function read (cache, integrity, opts) { + opts = ReadOpts(opts) + return withContentSri(cache, integrity, (cpath, sri) => { + // get size + return lstat(cpath).then(stat => ({ stat, cpath, sri })) + }).then(({ stat, cpath, sri }) => { + if (typeof opts.size === 'number' && stat.size !== opts.size) { + throw sizeError(opts.size, stat.size) + } + if (stat.size > MAX_SINGLE_READ_SIZE) { + return readPipeline(cpath, stat.size, sri, new Pipeline()).concat() + } + + return readFile(cpath, null).then((data) => { + if (!ssri.checkData(data, sri)) { + throw integrityError(sri, cpath) + } + return data + }) + }) +} + +const readPipeline = (cpath, size, sri, stream) => { + stream.push( + new fsm.ReadStream(cpath, { + size, + readSize: MAX_SINGLE_READ_SIZE + }), + ssri.integrityStream({ + integrity: sri, + size + }) + ) + return stream +} + +module.exports.sync = readSync + +function readSync (cache, integrity, opts) { + opts = ReadOpts(opts) + return withContentSriSync(cache, integrity, (cpath, sri) => { + const data = fs.readFileSync(cpath) + if (typeof opts.size === 'number' && opts.size !== data.length) { + throw sizeError(opts.size, data.length) + } + + if (ssri.checkData(data, sri)) { + return data + } + + throw integrityError(sri, cpath) + }) +} + +module.exports.stream = readStream +module.exports.readStream = readStream + +function readStream (cache, integrity, opts) { + opts = ReadOpts(opts) + + const stream = new Pipeline() + withContentSri(cache, integrity, (cpath, sri) => { + // just lstat to ensure it exists + return lstat(cpath).then((stat) => ({ stat, cpath, sri })) + }).then(({ stat, cpath, sri }) => { + if (typeof opts.size === 'number' && opts.size !== stat.size) { + return stream.emit('error', sizeError(opts.size, stat.size)) + } + readPipeline(cpath, stat.size, sri, stream) + }, er => stream.emit('error', er)) + + return stream +} + +let copyFile +if (fs.copyFile) { + module.exports.copy = copy + module.exports.copy.sync = copySync + copyFile = util.promisify(fs.copyFile) +} + +function copy (cache, integrity, dest, opts) { + opts = ReadOpts(opts) + return withContentSri(cache, integrity, (cpath, sri) => { + return copyFile(cpath, dest) + }) +} + +function copySync (cache, integrity, dest, opts) { + opts = ReadOpts(opts) + return withContentSriSync(cache, integrity, (cpath, sri) => { + return fs.copyFileSync(cpath, dest) + }) +} + +module.exports.hasContent = hasContent + +function hasContent (cache, integrity) { + if (!integrity) { + return Promise.resolve(false) + } + return withContentSri(cache, integrity, (cpath, sri) => { + return lstat(cpath).then((stat) => ({ size: stat.size, sri, stat })) + }).catch((err) => { + if (err.code === 'ENOENT') { + return false + } + if (err.code === 'EPERM') { + /* istanbul ignore else */ + if (process.platform !== 'win32') { + throw err + } else { + return false + } + } + }) +} + +module.exports.hasContent.sync = hasContentSync + +function hasContentSync (cache, integrity) { + if (!integrity) { + return false + } + return withContentSriSync(cache, integrity, (cpath, sri) => { + try { + const stat = fs.lstatSync(cpath) + return { size: stat.size, sri, stat } + } catch (err) { + if (err.code === 'ENOENT') { + return false + } + if (err.code === 'EPERM') { + /* istanbul ignore else */ + if (process.platform !== 'win32') { + throw err + } else { + return false + } + } + } + }) +} + +function withContentSri (cache, integrity, fn) { + const tryFn = () => { + const sri = ssri.parse(integrity) + // If `integrity` has multiple entries, pick the first digest + // with available local data. + const algo = sri.pickAlgorithm() + const digests = sri[algo] + + if (digests.length <= 1) { + const cpath = contentPath(cache, digests[0]) + return fn(cpath, digests[0]) + } else { + // Can't use race here because a generic error can happen before a ENOENT error, and can happen before a valid result + return Promise + .all(digests.map((meta) => { + return withContentSri(cache, meta, fn) + .catch((err) => { + if (err.code === 'ENOENT') { + return Object.assign( + new Error('No matching content found for ' + sri.toString()), + { code: 'ENOENT' } + ) + } + return err + }) + })) + .then((results) => { + // Return the first non error if it is found + const result = results.find((r) => !(r instanceof Error)) + if (result) { + return result + } + + // Throw the No matching content found error + const enoentError = results.find((r) => r.code === 'ENOENT') + if (enoentError) { + throw enoentError + } + + // Throw generic error + throw results.find((r) => r instanceof Error) + }) + } + } + + return new Promise((resolve, reject) => { + try { + tryFn() + .then(resolve) + .catch(reject) + } catch (err) { + reject(err) + } + }) +} + +function withContentSriSync (cache, integrity, fn) { + const sri = ssri.parse(integrity) + // If `integrity` has multiple entries, pick the first digest + // with available local data. + const algo = sri.pickAlgorithm() + const digests = sri[algo] + if (digests.length <= 1) { + const cpath = contentPath(cache, digests[0]) + return fn(cpath, digests[0]) + } else { + let lastErr = null + for (const meta of digests) { + try { + return withContentSriSync(cache, meta, fn) + } catch (err) { + lastErr = err + } + } + throw lastErr + } +} + +function sizeError (expected, found) { + const err = new Error(`Bad data size: expected inserted data to be ${expected} bytes, but got ${found} instead`) + err.expected = expected + err.found = found + err.code = 'EBADSIZE' + return err +} + +function integrityError (sri, path) { + const err = new Error(`Integrity verification failed for ${sri} (${path})`) + err.code = 'EINTEGRITY' + err.sri = sri + err.path = path + return err +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/rm.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/rm.js new file mode 100644 index 000000000..50612364e --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/rm.js @@ -0,0 +1,20 @@ +'use strict' + +const util = require('util') + +const contentPath = require('./path') +const { hasContent } = require('./read') +const rimraf = util.promisify(require('rimraf')) + +module.exports = rm + +function rm (cache, integrity) { + return hasContent(cache, integrity).then((content) => { + // ~pretty~ sure we can't end up with a content lacking sri, but be safe + if (content && content.sri) { + return rimraf(contentPath(cache, content.sri)).then(() => true) + } else { + return false + } + }) +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/write.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/write.js new file mode 100644 index 000000000..b585938ce --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/content/write.js @@ -0,0 +1,187 @@ +'use strict' + +const util = require('util') + +const contentPath = require('./path') +const fixOwner = require('../util/fix-owner') +const fs = require('graceful-fs') +const moveFile = require('../util/move-file') +const Minipass = require('minipass') +const Pipeline = require('minipass-pipeline') +const Flush = require('minipass-flush') +const path = require('path') +const rimraf = util.promisify(require('rimraf')) +const ssri = require('ssri') +const uniqueFilename = require('unique-filename') +const { disposer } = require('./../util/disposer') +const fsm = require('fs-minipass') + +const writeFile = util.promisify(fs.writeFile) + +module.exports = write + +function write (cache, data, opts) { + opts = opts || {} + if (opts.algorithms && opts.algorithms.length > 1) { + throw new Error('opts.algorithms only supports a single algorithm for now') + } + if (typeof opts.size === 'number' && data.length !== opts.size) { + return Promise.reject(sizeError(opts.size, data.length)) + } + const sri = ssri.fromData(data, { + algorithms: opts.algorithms + }) + if (opts.integrity && !ssri.checkData(data, opts.integrity, opts)) { + return Promise.reject(checksumError(opts.integrity, sri)) + } + + return disposer(makeTmp(cache, opts), makeTmpDisposer, + (tmp) => { + return writeFile(tmp.target, data, { flag: 'wx' }) + .then(() => moveToDestination(tmp, cache, sri, opts)) + }) + .then(() => ({ integrity: sri, size: data.length })) +} + +module.exports.stream = writeStream + +// writes proxied to the 'inputStream' that is passed to the Promise +// 'end' is deferred until content is handled. +class CacacheWriteStream extends Flush { + constructor (cache, opts) { + super() + this.opts = opts + this.cache = cache + this.inputStream = new Minipass() + this.inputStream.on('error', er => this.emit('error', er)) + this.inputStream.on('drain', () => this.emit('drain')) + this.handleContentP = null + } + + write (chunk, encoding, cb) { + if (!this.handleContentP) { + this.handleContentP = handleContent( + this.inputStream, + this.cache, + this.opts + ) + } + return this.inputStream.write(chunk, encoding, cb) + } + + flush (cb) { + this.inputStream.end(() => { + if (!this.handleContentP) { + const e = new Error('Cache input stream was empty') + e.code = 'ENODATA' + // empty streams are probably emitting end right away. + // defer this one tick by rejecting a promise on it. + return Promise.reject(e).catch(cb) + } + this.handleContentP.then( + (res) => { + res.integrity && this.emit('integrity', res.integrity) + res.size !== null && this.emit('size', res.size) + cb() + }, + (er) => cb(er) + ) + }) + } +} + +function writeStream (cache, opts) { + opts = opts || {} + return new CacacheWriteStream(cache, opts) +} + +function handleContent (inputStream, cache, opts) { + return disposer(makeTmp(cache, opts), makeTmpDisposer, (tmp) => { + return pipeToTmp(inputStream, cache, tmp.target, opts) + .then((res) => { + return moveToDestination( + tmp, + cache, + res.integrity, + opts + ).then(() => res) + }) + }) +} + +function pipeToTmp (inputStream, cache, tmpTarget, opts) { + let integrity + let size + const hashStream = ssri.integrityStream({ + integrity: opts.integrity, + algorithms: opts.algorithms, + size: opts.size + }) + hashStream.on('integrity', i => { integrity = i }) + hashStream.on('size', s => { size = s }) + + const outStream = new fsm.WriteStream(tmpTarget, { + flags: 'wx' + }) + + // NB: this can throw if the hashStream has a problem with + // it, and the data is fully written. but pipeToTmp is only + // called in promisory contexts where that is handled. + const pipeline = new Pipeline( + inputStream, + hashStream, + outStream + ) + + return pipeline.promise() + .then(() => ({ integrity, size })) + .catch(er => rimraf(tmpTarget).then(() => { throw er })) +} + +function makeTmp (cache, opts) { + const tmpTarget = uniqueFilename(path.join(cache, 'tmp'), opts.tmpPrefix) + return fixOwner.mkdirfix(cache, path.dirname(tmpTarget)).then(() => ({ + target: tmpTarget, + moved: false + })) +} + +function makeTmpDisposer (tmp) { + if (tmp.moved) { + return Promise.resolve() + } + return rimraf(tmp.target) +} + +function moveToDestination (tmp, cache, sri, opts) { + const destination = contentPath(cache, sri) + const destDir = path.dirname(destination) + + return fixOwner + .mkdirfix(cache, destDir) + .then(() => { + return moveFile(tmp.target, destination) + }) + .then(() => { + tmp.moved = true + return fixOwner.chownr(cache, destination) + }) +} + +function sizeError (expected, found) { + const err = new Error(`Bad data size: expected inserted data to be ${expected} bytes, but got ${found} instead`) + err.expected = expected + err.found = found + err.code = 'EBADSIZE' + return err +} + +function checksumError (expected, found) { + const err = new Error(`Integrity check failed: + Wanted: ${expected} + Found: ${found}`) + err.code = 'EINTEGRITY' + err.expected = expected + err.found = found + return err +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/entry-index.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/entry-index.js new file mode 100644 index 000000000..5e6798523 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/entry-index.js @@ -0,0 +1,311 @@ +'use strict' + +const util = require('util') + +const crypto = require('crypto') +const figgyPudding = require('figgy-pudding') +const fs = require('graceful-fs') +const Minipass = require('minipass') +const path = require('path') +const ssri = require('ssri') +const contentPath = require('./content/path') +const fixOwner = require('./util/fix-owner') +const hashToSegments = require('./util/hash-to-segments') +const indexV = require('../package.json')['cache-version'].index + +const appendFile = util.promisify(fs.appendFile) +const readFile = util.promisify(fs.readFile) +const readdir = util.promisify(fs.readdir) + +module.exports.NotFoundError = class NotFoundError extends Error { + constructor (cache, key) { + super(`No cache entry for ${key} found in ${cache}`) + this.code = 'ENOENT' + this.cache = cache + this.key = key + } +} + +const IndexOpts = figgyPudding({ + metadata: {}, + size: {} +}) + +module.exports.insert = insert + +function insert (cache, key, integrity, opts) { + opts = IndexOpts(opts) + const bucket = bucketPath(cache, key) + const entry = { + key, + integrity: integrity && ssri.stringify(integrity), + time: Date.now(), + size: opts.size, + metadata: opts.metadata + } + return fixOwner + .mkdirfix(cache, path.dirname(bucket)) + .then(() => { + const stringified = JSON.stringify(entry) + // NOTE - Cleverness ahoy! + // + // This works because it's tremendously unlikely for an entry to corrupt + // another while still preserving the string length of the JSON in + // question. So, we just slap the length in there and verify it on read. + // + // Thanks to @isaacs for the whiteboarding session that ended up with this. + return appendFile(bucket, `\n${hashEntry(stringified)}\t${stringified}`) + }) + .then(() => fixOwner.chownr(cache, bucket)) + .catch((err) => { + if (err.code === 'ENOENT') { + return undefined + } + throw err + // There's a class of race conditions that happen when things get deleted + // during fixOwner, or between the two mkdirfix/chownr calls. + // + // It's perfectly fine to just not bother in those cases and lie + // that the index entry was written. Because it's a cache. + }) + .then(() => { + return formatEntry(cache, entry) + }) +} + +module.exports.insert.sync = insertSync + +function insertSync (cache, key, integrity, opts) { + opts = IndexOpts(opts) + const bucket = bucketPath(cache, key) + const entry = { + key, + integrity: integrity && ssri.stringify(integrity), + time: Date.now(), + size: opts.size, + metadata: opts.metadata + } + fixOwner.mkdirfix.sync(cache, path.dirname(bucket)) + const stringified = JSON.stringify(entry) + fs.appendFileSync(bucket, `\n${hashEntry(stringified)}\t${stringified}`) + try { + fixOwner.chownr.sync(cache, bucket) + } catch (err) { + if (err.code !== 'ENOENT') { + throw err + } + } + return formatEntry(cache, entry) +} + +module.exports.find = find + +function find (cache, key) { + const bucket = bucketPath(cache, key) + return bucketEntries(bucket) + .then((entries) => { + return entries.reduce((latest, next) => { + if (next && next.key === key) { + return formatEntry(cache, next) + } else { + return latest + } + }, null) + }) + .catch((err) => { + if (err.code === 'ENOENT') { + return null + } else { + throw err + } + }) +} + +module.exports.find.sync = findSync + +function findSync (cache, key) { + const bucket = bucketPath(cache, key) + try { + return bucketEntriesSync(bucket).reduce((latest, next) => { + if (next && next.key === key) { + return formatEntry(cache, next) + } else { + return latest + } + }, null) + } catch (err) { + if (err.code === 'ENOENT') { + return null + } else { + throw err + } + } +} + +module.exports.delete = del + +function del (cache, key, opts) { + return insert(cache, key, null, opts) +} + +module.exports.delete.sync = delSync + +function delSync (cache, key, opts) { + return insertSync(cache, key, null, opts) +} + +module.exports.lsStream = lsStream + +function lsStream (cache) { + const indexDir = bucketDir(cache) + const stream = new Minipass({ objectMode: true }) + + readdirOrEmpty(indexDir).then(buckets => Promise.all( + buckets.map(bucket => { + const bucketPath = path.join(indexDir, bucket) + return readdirOrEmpty(bucketPath).then(subbuckets => Promise.all( + subbuckets.map(subbucket => { + const subbucketPath = path.join(bucketPath, subbucket) + + // "/cachename/<bucket 0xFF>/<bucket 0xFF>./*" + return readdirOrEmpty(subbucketPath).then(entries => Promise.all( + entries.map(entry => { + const entryPath = path.join(subbucketPath, entry) + return bucketEntries(entryPath).then(entries => + // using a Map here prevents duplicate keys from + // showing up twice, I guess? + entries.reduce((acc, entry) => { + acc.set(entry.key, entry) + return acc + }, new Map()) + ).then(reduced => { + // reduced is a map of key => entry + for (const entry of reduced.values()) { + const formatted = formatEntry(cache, entry) + if (formatted) { + stream.write(formatted) + } + } + }).catch(err => { + if (err.code === 'ENOENT') { return undefined } + throw err + }) + }) + )) + }) + )) + }) + )) + .then( + () => stream.end(), + err => stream.emit('error', err) + ) + + return stream +} + +module.exports.ls = ls + +function ls (cache) { + return lsStream(cache).collect().then(entries => + entries.reduce((acc, xs) => { + acc[xs.key] = xs + return acc + }, {}) + ) +} + +function bucketEntries (bucket, filter) { + return readFile(bucket, 'utf8').then((data) => _bucketEntries(data, filter)) +} + +function bucketEntriesSync (bucket, filter) { + const data = fs.readFileSync(bucket, 'utf8') + return _bucketEntries(data, filter) +} + +function _bucketEntries (data, filter) { + const entries = [] + data.split('\n').forEach((entry) => { + if (!entry) { + return + } + const pieces = entry.split('\t') + if (!pieces[1] || hashEntry(pieces[1]) !== pieces[0]) { + // Hash is no good! Corruption or malice? Doesn't matter! + // EJECT EJECT + return + } + let obj + try { + obj = JSON.parse(pieces[1]) + } catch (e) { + // Entry is corrupted! + return + } + if (obj) { + entries.push(obj) + } + }) + return entries +} + +module.exports.bucketDir = bucketDir + +function bucketDir (cache) { + return path.join(cache, `index-v${indexV}`) +} + +module.exports.bucketPath = bucketPath + +function bucketPath (cache, key) { + const hashed = hashKey(key) + return path.join.apply( + path, + [bucketDir(cache)].concat(hashToSegments(hashed)) + ) +} + +module.exports.hashKey = hashKey + +function hashKey (key) { + return hash(key, 'sha256') +} + +module.exports.hashEntry = hashEntry + +function hashEntry (str) { + return hash(str, 'sha1') +} + +function hash (str, digest) { + return crypto + .createHash(digest) + .update(str) + .digest('hex') +} + +function formatEntry (cache, entry) { + // Treat null digests as deletions. They'll shadow any previous entries. + if (!entry.integrity) { + return null + } + return { + key: entry.key, + integrity: entry.integrity, + path: contentPath(cache, entry.integrity), + size: entry.size, + time: entry.time, + metadata: entry.metadata + } +} + +function readdirOrEmpty (dir) { + return readdir(dir).catch((err) => { + if (err.code === 'ENOENT' || err.code === 'ENOTDIR') { + return [] + } + + throw err + }) +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/memoization.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/memoization.js new file mode 100644 index 000000000..185141d8e --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/memoization.js @@ -0,0 +1,74 @@ +'use strict' + +const LRU = require('lru-cache') + +const MAX_SIZE = 50 * 1024 * 1024 // 50MB +const MAX_AGE = 3 * 60 * 1000 + +const MEMOIZED = new LRU({ + max: MAX_SIZE, + maxAge: MAX_AGE, + length: (entry, key) => key.startsWith('key:') ? entry.data.length : entry.length +}) + +module.exports.clearMemoized = clearMemoized + +function clearMemoized () { + const old = {} + MEMOIZED.forEach((v, k) => { + old[k] = v + }) + MEMOIZED.reset() + return old +} + +module.exports.put = put + +function put (cache, entry, data, opts) { + pickMem(opts).set(`key:${cache}:${entry.key}`, { entry, data }) + putDigest(cache, entry.integrity, data, opts) +} + +module.exports.put.byDigest = putDigest + +function putDigest (cache, integrity, data, opts) { + pickMem(opts).set(`digest:${cache}:${integrity}`, data) +} + +module.exports.get = get + +function get (cache, key, opts) { + return pickMem(opts).get(`key:${cache}:${key}`) +} + +module.exports.get.byDigest = getDigest + +function getDigest (cache, integrity, opts) { + return pickMem(opts).get(`digest:${cache}:${integrity}`) +} + +class ObjProxy { + constructor (obj) { + this.obj = obj + } + + get (key) { + return this.obj[key] + } + + set (key, val) { + this.obj[key] = val + } +} + +function pickMem (opts) { + if (!opts || !opts.memoize) { + return MEMOIZED + } else if (opts.memoize.get && opts.memoize.set) { + return opts.memoize + } else if (typeof opts.memoize === 'object') { + return new ObjProxy(opts.memoize) + } else { + return MEMOIZED + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/disposer.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/disposer.js new file mode 100644 index 000000000..8a24ad2f2 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/disposer.js @@ -0,0 +1,30 @@ +'use strict' + +module.exports.disposer = disposer + +function disposer (creatorFn, disposerFn, fn) { + const runDisposer = (resource, result, shouldThrow = false) => { + return disposerFn(resource) + .then( + // disposer resolved, do something with original fn's promise + () => { + if (shouldThrow) { + throw result + } + return result + }, + // Disposer fn failed, crash process + (err) => { + throw err + // Or process.exit? + }) + } + + return creatorFn + .then((resource) => { + // fn(resource) can throw, so wrap in a promise here + return Promise.resolve().then(() => fn(resource)) + .then((result) => runDisposer(resource, result)) + .catch((err) => runDisposer(resource, err, true)) + }) +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/fix-owner.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/fix-owner.js new file mode 100644 index 000000000..9afa638a8 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/fix-owner.js @@ -0,0 +1,145 @@ +'use strict' + +const util = require('util') + +const chownr = util.promisify(require('chownr')) +const mkdirp = require('mkdirp') +const inflight = require('promise-inflight') +const inferOwner = require('infer-owner') + +// Memoize getuid()/getgid() calls. +// patch process.setuid/setgid to invalidate cached value on change +const self = { uid: null, gid: null } +const getSelf = () => { + if (typeof self.uid !== 'number') { + self.uid = process.getuid() + const setuid = process.setuid + process.setuid = (uid) => { + self.uid = null + process.setuid = setuid + return process.setuid(uid) + } + } + if (typeof self.gid !== 'number') { + self.gid = process.getgid() + const setgid = process.setgid + process.setgid = (gid) => { + self.gid = null + process.setgid = setgid + return process.setgid(gid) + } + } +} + +module.exports.chownr = fixOwner + +function fixOwner (cache, filepath) { + if (!process.getuid) { + // This platform doesn't need ownership fixing + return Promise.resolve() + } + + getSelf() + if (self.uid !== 0) { + // almost certainly can't chown anyway + return Promise.resolve() + } + + return Promise.resolve(inferOwner(cache)).then((owner) => { + const { uid, gid } = owner + + // No need to override if it's already what we used. + if (self.uid === uid && self.gid === gid) { + return + } + + return inflight('fixOwner: fixing ownership on ' + filepath, () => + chownr( + filepath, + typeof uid === 'number' ? uid : self.uid, + typeof gid === 'number' ? gid : self.gid + ).catch((err) => { + if (err.code === 'ENOENT') { + return null + } + throw err + }) + ) + }) +} + +module.exports.chownr.sync = fixOwnerSync + +function fixOwnerSync (cache, filepath) { + if (!process.getuid) { + // This platform doesn't need ownership fixing + return + } + const { uid, gid } = inferOwner.sync(cache) + getSelf() + if (self.uid !== 0) { + // almost certainly can't chown anyway + return + } + + if (self.uid === uid && self.gid === gid) { + // No need to override if it's already what we used. + return + } + try { + chownr.sync( + filepath, + typeof uid === 'number' ? uid : self.uid, + typeof gid === 'number' ? gid : self.gid + ) + } catch (err) { + // only catch ENOENT, any other error is a problem. + if (err.code === 'ENOENT') { + return null + } + throw err + } +} + +module.exports.mkdirfix = mkdirfix + +function mkdirfix (cache, p, cb) { + // we have to infer the owner _before_ making the directory, even though + // we aren't going to use the results, since the cache itself might not + // exist yet. If we mkdirp it, then our current uid/gid will be assumed + // to be correct if it creates the cache folder in the process. + return Promise.resolve(inferOwner(cache)).then(() => { + return mkdirp(p) + .then((made) => { + if (made) { + return fixOwner(cache, made).then(() => made) + } + }) + .catch((err) => { + if (err.code === 'EEXIST') { + return fixOwner(cache, p).then(() => null) + } + throw err + }) + }) +} + +module.exports.mkdirfix.sync = mkdirfixSync + +function mkdirfixSync (cache, p) { + try { + inferOwner.sync(cache) + const made = mkdirp.sync(p) + if (made) { + fixOwnerSync(cache, made) + return made + } + } catch (err) { + if (err.code === 'EEXIST') { + fixOwnerSync(cache, p) + return null + } else { + throw err + } + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/hash-to-segments.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/hash-to-segments.js new file mode 100644 index 000000000..445599b50 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/hash-to-segments.js @@ -0,0 +1,7 @@ +'use strict' + +module.exports = hashToSegments + +function hashToSegments (hash) { + return [hash.slice(0, 2), hash.slice(2, 4), hash.slice(4)] +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/move-file.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/move-file.js new file mode 100644 index 000000000..7f3ae917b --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/move-file.js @@ -0,0 +1,68 @@ +'use strict' + +const fs = require('graceful-fs') +const util = require('util') +const chmod = util.promisify(fs.chmod) +const unlink = util.promisify(fs.unlink) +const stat = util.promisify(fs.stat) +const move = require('move-concurrently') +const pinflight = require('promise-inflight') + +module.exports = moveFile + +function moveFile (src, dest) { + const isWindows = global.__CACACHE_TEST_FAKE_WINDOWS__ || + process.platform === 'win32' + + // This isn't quite an fs.rename -- the assumption is that + // if `dest` already exists, and we get certain errors while + // trying to move it, we should just not bother. + // + // In the case of cache corruption, users will receive an + // EINTEGRITY error elsewhere, and can remove the offending + // content their own way. + // + // Note that, as the name suggests, this strictly only supports file moves. + return new Promise((resolve, reject) => { + fs.link(src, dest, (err) => { + if (err) { + if (isWindows && err.code === 'EPERM') { + // XXX This is a really weird way to handle this situation, as it + // results in the src file being deleted even though the dest + // might not exist. Since we pretty much always write files to + // deterministic locations based on content hash, this is likely + // ok (or at worst, just ends in a future cache miss). But it would + // be worth investigating at some time in the future if this is + // really what we want to do here. + return resolve() + } else if (err.code === 'EEXIST' || err.code === 'EBUSY') { + // file already exists, so whatever + return resolve() + } else { + return reject(err) + } + } else { + return resolve() + } + }) + }) + .then(() => { + // content should never change for any reason, so make it read-only + return Promise.all([ + unlink(src), + !isWindows && chmod(dest, '0444') + ]) + }) + .catch(() => { + return pinflight('cacache-move-file:' + dest, () => { + return stat(dest).catch((err) => { + if (err.code !== 'ENOENT') { + // Something else is wrong here. Bail bail bail + throw err + } + // file doesn't already exist! let's try a rename -> copy fallback + return move(src, dest, { Promise, fs }) + }) + }) + }) +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/tmp.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/tmp.js new file mode 100644 index 000000000..8d0ba38ab --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/util/tmp.js @@ -0,0 +1,42 @@ +'use strict' + +const util = require('util') + +const figgyPudding = require('figgy-pudding') +const fixOwner = require('./fix-owner') +const path = require('path') +const rimraf = util.promisify(require('rimraf')) +const uniqueFilename = require('unique-filename') +const { disposer } = require('./disposer') + +const TmpOpts = figgyPudding({ + tmpPrefix: {} +}) + +module.exports.mkdir = mktmpdir + +function mktmpdir (cache, opts) { + opts = TmpOpts(opts) + const tmpTarget = uniqueFilename(path.join(cache, 'tmp'), opts.tmpPrefix) + return fixOwner.mkdirfix(cache, tmpTarget).then(() => { + return tmpTarget + }) +} + +module.exports.withTmp = withTmp + +function withTmp (cache, opts, cb) { + if (!cb) { + cb = opts + opts = null + } + opts = TmpOpts(opts) + + return disposer(mktmpdir(cache, opts), rimraf, cb) +} + +module.exports.fix = fixtmpdir + +function fixtmpdir (cache) { + return fixOwner(cache, path.join(cache, 'tmp')) +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/lib/verify.js b/node_modules/npm-registry-fetch/node_modules/cacache/lib/verify.js new file mode 100644 index 000000000..51c241f80 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/lib/verify.js @@ -0,0 +1,292 @@ +'use strict' + +const util = require('util') + +const pMap = require('p-map') +const contentPath = require('./content/path') +const figgyPudding = require('figgy-pudding') +const fixOwner = require('./util/fix-owner') +const fs = require('graceful-fs') +const fsm = require('fs-minipass') +const glob = util.promisify(require('glob')) +const index = require('./entry-index') +const path = require('path') +const rimraf = util.promisify(require('rimraf')) +const ssri = require('ssri') + +const hasOwnProperty = (obj, key) => + Object.prototype.hasOwnProperty.call(obj, key) + +const stat = util.promisify(fs.stat) +const truncate = util.promisify(fs.truncate) +const writeFile = util.promisify(fs.writeFile) +const readFile = util.promisify(fs.readFile) + +const VerifyOpts = figgyPudding({ + concurrency: { + default: 20 + }, + filter: {}, + log: { + default: { silly () {} } + } +}) + +module.exports = verify + +function verify (cache, opts) { + opts = VerifyOpts(opts) + opts.log.silly('verify', 'verifying cache at', cache) + + const steps = [ + markStartTime, + fixPerms, + garbageCollect, + rebuildIndex, + cleanTmp, + writeVerifile, + markEndTime + ] + + return steps + .reduce((promise, step, i) => { + const label = step.name + const start = new Date() + return promise.then((stats) => { + return step(cache, opts).then((s) => { + s && + Object.keys(s).forEach((k) => { + stats[k] = s[k] + }) + const end = new Date() + if (!stats.runTime) { + stats.runTime = {} + } + stats.runTime[label] = end - start + return Promise.resolve(stats) + }) + }) + }, Promise.resolve({})) + .then((stats) => { + stats.runTime.total = stats.endTime - stats.startTime + opts.log.silly( + 'verify', + 'verification finished for', + cache, + 'in', + `${stats.runTime.total}ms` + ) + return stats + }) +} + +function markStartTime (cache, opts) { + return Promise.resolve({ startTime: new Date() }) +} + +function markEndTime (cache, opts) { + return Promise.resolve({ endTime: new Date() }) +} + +function fixPerms (cache, opts) { + opts.log.silly('verify', 'fixing cache permissions') + return fixOwner + .mkdirfix(cache, cache) + .then(() => { + // TODO - fix file permissions too + return fixOwner.chownr(cache, cache) + }) + .then(() => null) +} + +// Implements a naive mark-and-sweep tracing garbage collector. +// +// The algorithm is basically as follows: +// 1. Read (and filter) all index entries ("pointers") +// 2. Mark each integrity value as "live" +// 3. Read entire filesystem tree in `content-vX/` dir +// 4. If content is live, verify its checksum and delete it if it fails +// 5. If content is not marked as live, rimraf it. +// +function garbageCollect (cache, opts) { + opts.log.silly('verify', 'garbage collecting content') + const indexStream = index.lsStream(cache) + const liveContent = new Set() + indexStream.on('data', (entry) => { + if (opts.filter && !opts.filter(entry)) { + return + } + liveContent.add(entry.integrity.toString()) + }) + return new Promise((resolve, reject) => { + indexStream.on('end', resolve).on('error', reject) + }).then(() => { + const contentDir = contentPath.contentDir(cache) + return glob(path.join(contentDir, '**'), { + follow: false, + nodir: true, + nosort: true + }).then((files) => { + return Promise.resolve({ + verifiedContent: 0, + reclaimedCount: 0, + reclaimedSize: 0, + badContentCount: 0, + keptSize: 0 + }).then((stats) => + pMap( + files, + (f) => { + const split = f.split(/[/\\]/) + const digest = split.slice(split.length - 3).join('') + const algo = split[split.length - 4] + const integrity = ssri.fromHex(digest, algo) + if (liveContent.has(integrity.toString())) { + return verifyContent(f, integrity).then((info) => { + if (!info.valid) { + stats.reclaimedCount++ + stats.badContentCount++ + stats.reclaimedSize += info.size + } else { + stats.verifiedContent++ + stats.keptSize += info.size + } + return stats + }) + } else { + // No entries refer to this content. We can delete. + stats.reclaimedCount++ + return stat(f).then((s) => { + return rimraf(f).then(() => { + stats.reclaimedSize += s.size + return stats + }) + }) + } + }, + { concurrency: opts.concurrency } + ).then(() => stats) + ) + }) + }) +} + +function verifyContent (filepath, sri) { + return stat(filepath) + .then((s) => { + const contentInfo = { + size: s.size, + valid: true + } + return ssri + .checkStream(new fsm.ReadStream(filepath), sri) + .catch((err) => { + if (err.code !== 'EINTEGRITY') { + throw err + } + return rimraf(filepath).then(() => { + contentInfo.valid = false + }) + }) + .then(() => contentInfo) + }) + .catch((err) => { + if (err.code === 'ENOENT') { + return { size: 0, valid: false } + } + throw err + }) +} + +function rebuildIndex (cache, opts) { + opts.log.silly('verify', 'rebuilding index') + return index.ls(cache).then((entries) => { + const stats = { + missingContent: 0, + rejectedEntries: 0, + totalEntries: 0 + } + const buckets = {} + for (const k in entries) { + /* istanbul ignore else */ + if (hasOwnProperty(entries, k)) { + const hashed = index.hashKey(k) + const entry = entries[k] + const excluded = opts.filter && !opts.filter(entry) + excluded && stats.rejectedEntries++ + if (buckets[hashed] && !excluded) { + buckets[hashed].push(entry) + } else if (buckets[hashed] && excluded) { + // skip + } else if (excluded) { + buckets[hashed] = [] + buckets[hashed]._path = index.bucketPath(cache, k) + } else { + buckets[hashed] = [entry] + buckets[hashed]._path = index.bucketPath(cache, k) + } + } + } + return pMap( + Object.keys(buckets), + (key) => { + return rebuildBucket(cache, buckets[key], stats, opts) + }, + { concurrency: opts.concurrency } + ).then(() => stats) + }) +} + +function rebuildBucket (cache, bucket, stats, opts) { + return truncate(bucket._path).then(() => { + // This needs to be serialized because cacache explicitly + // lets very racy bucket conflicts clobber each other. + return bucket.reduce((promise, entry) => { + return promise.then(() => { + const content = contentPath(cache, entry.integrity) + return stat(content) + .then(() => { + return index + .insert(cache, entry.key, entry.integrity, { + metadata: entry.metadata, + size: entry.size + }) + .then(() => { + stats.totalEntries++ + }) + }) + .catch((err) => { + if (err.code === 'ENOENT') { + stats.rejectedEntries++ + stats.missingContent++ + return + } + throw err + }) + }) + }, Promise.resolve()) + }) +} + +function cleanTmp (cache, opts) { + opts.log.silly('verify', 'cleaning tmp directory') + return rimraf(path.join(cache, 'tmp')) +} + +function writeVerifile (cache, opts) { + const verifile = path.join(cache, '_lastverified') + opts.log.silly('verify', 'writing verifile to ' + verifile) + try { + return writeFile(verifile, '' + +new Date()) + } finally { + fixOwner.chownr.sync(cache, verifile) + } +} + +module.exports.lastRun = lastRun + +function lastRun (cache) { + return readFile(path.join(cache, '_lastverified'), 'utf8').then( + (data) => new Date(+data) + ) +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/ls.js b/node_modules/npm-registry-fetch/node_modules/cacache/ls.js new file mode 100644 index 000000000..6006c99e3 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/ls.js @@ -0,0 +1,6 @@ +'use strict' + +const index = require('./lib/entry-index') + +module.exports = index.ls +module.exports.stream = index.lsStream diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/package.json b/node_modules/npm-registry-fetch/node_modules/cacache/package.json new file mode 100644 index 000000000..e0a2180d6 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/package.json @@ -0,0 +1,128 @@ +{ + "_from": "cacache@^14.0.0", + "_id": "cacache@14.0.0", + "_inBundle": false, + "_integrity": "sha512-+Nr/BnA/tjAUXza9gH8F+FSP+1HvWqCKt4c95dQr4EDVJVafbzmPZpLKCkLYexs6vSd2B/1TOXrAoNnqVPfvRA==", + "_location": "/npm-registry-fetch/cacache", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "cacache@^14.0.0", + "name": "cacache", + "escapedName": "cacache", + "rawSpec": "^14.0.0", + "saveSpec": null, + "fetchSpec": "^14.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/cacache/-/cacache-14.0.0.tgz", + "_shasum": "97c10fc87c4c7ee41d45e32631c26761c2687caa", + "_spec": "cacache@^14.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/make-fetch-happen", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/cacache/issues" + }, + "bundleDependencies": false, + "cache-version": { + "content": "2", + "index": "5" + }, + "contributors": [ + { + "name": "Charlotte Spencer", + "email": "charlottelaspencer@gmail.com" + }, + { + "name": "Rebecca Turner", + "email": "me@re-becca.org" + } + ], + "dependencies": { + "chownr": "^1.1.2", + "figgy-pudding": "^3.5.1", + "fs-minipass": "^2.0.0", + "glob": "^7.1.4", + "graceful-fs": "^4.2.2", + "infer-owner": "^1.0.4", + "lru-cache": "^5.1.1", + "minipass": "^3.0.0", + "minipass-collect": "^1.0.2", + "minipass-flush": "^1.0.5", + "minipass-pipeline": "^1.2.2", + "mkdirp": "^1.0.3", + "move-concurrently": "^1.0.1", + "p-map": "^3.0.0", + "promise-inflight": "^1.0.1", + "rimraf": "^2.7.1", + "ssri": "^7.0.0", + "tar": "^6.0.0", + "unique-filename": "^1.1.1" + }, + "deprecated": false, + "description": "Fast, fault-tolerant, cross-platform, disk-based, data-agnostic, content-addressable cache.", + "devDependencies": { + "benchmark": "^2.1.4", + "chalk": "^2.4.2", + "cross-env": "^5.2.1", + "require-inject": "^1.4.4", + "standard": "^14.3.0", + "standard-version": "^7.0.0", + "tacks": "^1.3.0", + "tap": "^14.6.9", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.9" + }, + "engines": { + "node": ">= 10" + }, + "files": [ + "*.js", + "lib", + "locales" + ], + "homepage": "https://github.com/npm/cacache#readme", + "keywords": [ + "cache", + "caching", + "content-addressable", + "sri", + "sri hash", + "subresource integrity", + "cache", + "storage", + "store", + "file store", + "filesystem", + "disk cache", + "disk storage" + ], + "license": "ISC", + "main": "index.js", + "name": "cacache", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/cacache.git" + }, + "scripts": { + "benchmarks": "node test/benchmarks", + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap test/*.js", + "test-docker": "docker run -it --rm --name pacotest -v \"$PWD\":/tmp -w /tmp node:latest npm test", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "tap": { + "100": true + }, + "version": "14.0.0" +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/put.js b/node_modules/npm-registry-fetch/node_modules/cacache/put.js new file mode 100644 index 000000000..3e535fedb --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/put.js @@ -0,0 +1,94 @@ +'use strict' + +const figgyPudding = require('figgy-pudding') +const index = require('./lib/entry-index') +const memo = require('./lib/memoization') +const write = require('./lib/content/write') +const Flush = require('minipass-flush') +const { PassThrough } = require('minipass-collect') +const Pipeline = require('minipass-pipeline') + +const PutOpts = figgyPudding({ + algorithms: { + default: ['sha512'] + }, + integrity: {}, + memoize: {}, + metadata: {}, + pickAlgorithm: {}, + size: {}, + tmpPrefix: {}, + single: {}, + sep: {}, + error: {}, + strict: {} +}) + +module.exports = putData + +function putData (cache, key, data, opts) { + opts = PutOpts(opts) + return write(cache, data, opts).then((res) => { + return index + .insert(cache, key, res.integrity, opts.concat({ size: res.size })) + .then((entry) => { + if (opts.memoize) { + memo.put(cache, entry, data, opts) + } + return res.integrity + }) + }) +} + +module.exports.stream = putStream + +function putStream (cache, key, opts) { + opts = PutOpts(opts) + let integrity + let size + + let memoData + const pipeline = new Pipeline() + // first item in the pipeline is the memoizer, because we need + // that to end first and get the collected data. + if (opts.memoize) { + const memoizer = new PassThrough().on('collect', data => { + memoData = data + }) + pipeline.push(memoizer) + } + + // contentStream is a write-only, not a passthrough + // no data comes out of it. + const contentStream = write.stream(cache, opts) + .on('integrity', (int) => { + integrity = int + }) + .on('size', (s) => { + size = s + }) + + pipeline.push(contentStream) + + // last but not least, we write the index and emit hash and size, + // and memoize if we're doing that + pipeline.push(new Flush({ + flush () { + return index + .insert(cache, key, integrity, opts.concat({ size })) + .then((entry) => { + if (opts.memoize && memoData) { + memo.put(cache, entry, memoData, opts) + } + if (integrity) { + pipeline.emit('integrity', integrity) + } + if (size) { + pipeline.emit('size', size) + } + }) + } + })) + + return pipeline +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/rm.js b/node_modules/npm-registry-fetch/node_modules/cacache/rm.js new file mode 100644 index 000000000..7dd4e8c8b --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/rm.js @@ -0,0 +1,31 @@ +'use strict' + +const util = require('util') + +const index = require('./lib/entry-index') +const memo = require('./lib/memoization') +const path = require('path') +const rimraf = util.promisify(require('rimraf')) +const rmContent = require('./lib/content/rm') + +module.exports = entry +module.exports.entry = entry + +function entry (cache, key) { + memo.clearMemoized() + return index.delete(cache, key) +} + +module.exports.content = content + +function content (cache, integrity) { + memo.clearMemoized() + return rmContent(cache, integrity) +} + +module.exports.all = all + +function all (cache) { + memo.clearMemoized() + return rimraf(path.join(cache, '*(content-*|index-*)')) +} diff --git a/node_modules/npm-registry-fetch/node_modules/cacache/verify.js b/node_modules/npm-registry-fetch/node_modules/cacache/verify.js new file mode 100644 index 000000000..db7763d7a --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/cacache/verify.js @@ -0,0 +1,3 @@ +'use strict' + +module.exports = require('./lib/verify') diff --git a/node_modules/npm-registry-fetch/node_modules/debug/CHANGELOG.md b/node_modules/npm-registry-fetch/node_modules/debug/CHANGELOG.md new file mode 100644 index 000000000..820d21e33 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/debug/CHANGELOG.md @@ -0,0 +1,395 @@ + +3.1.0 / 2017-09-26 +================== + + * Add `DEBUG_HIDE_DATE` env var (#486) + * Remove ReDoS regexp in %o formatter (#504) + * Remove "component" from package.json + * Remove `component.json` + * Ignore package-lock.json + * Examples: fix colors printout + * Fix: browser detection + * Fix: spelling mistake (#496, @EdwardBetts) + +3.0.1 / 2017-08-24 +================== + + * Fix: Disable colors in Edge and Internet Explorer (#489) + +3.0.0 / 2017-08-08 +================== + + * Breaking: Remove DEBUG_FD (#406) + * Breaking: Use `Date#toISOString()` instead to `Date#toUTCString()` when output is not a TTY (#418) + * Breaking: Make millisecond timer namespace specific and allow 'always enabled' output (#408) + * Addition: document `enabled` flag (#465) + * Addition: add 256 colors mode (#481) + * Addition: `enabled()` updates existing debug instances, add `destroy()` function (#440) + * Update: component: update "ms" to v2.0.0 + * Update: separate the Node and Browser tests in Travis-CI + * Update: refactor Readme, fixed documentation, added "Namespace Colors" section, redid screenshots + * Update: separate Node.js and web browser examples for organization + * Update: update "browserify" to v14.4.0 + * Fix: fix Readme typo (#473) + +2.6.9 / 2017-09-22 +================== + + * remove ReDoS regexp in %o formatter (#504) + +2.6.8 / 2017-05-18 +================== + + * Fix: Check for undefined on browser globals (#462, @marbemac) + +2.6.7 / 2017-05-16 +================== + + * Fix: Update ms to 2.0.0 to fix regular expression denial of service vulnerability (#458, @hubdotcom) + * Fix: Inline extend function in node implementation (#452, @dougwilson) + * Docs: Fix typo (#455, @msasad) + +2.6.5 / 2017-04-27 +================== + + * Fix: null reference check on window.documentElement.style.WebkitAppearance (#447, @thebigredgeek) + * Misc: clean up browser reference checks (#447, @thebigredgeek) + * Misc: add npm-debug.log to .gitignore (@thebigredgeek) + + +2.6.4 / 2017-04-20 +================== + + * Fix: bug that would occur if process.env.DEBUG is a non-string value. (#444, @LucianBuzzo) + * Chore: ignore bower.json in npm installations. (#437, @joaovieira) + * Misc: update "ms" to v0.7.3 (@tootallnate) + +2.6.3 / 2017-03-13 +================== + + * Fix: Electron reference to `process.env.DEBUG` (#431, @paulcbetts) + * Docs: Changelog fix (@thebigredgeek) + +2.6.2 / 2017-03-10 +================== + + * Fix: DEBUG_MAX_ARRAY_LENGTH (#420, @slavaGanzin) + * Docs: Add backers and sponsors from Open Collective (#422, @piamancini) + * Docs: Add Slackin invite badge (@tootallnate) + +2.6.1 / 2017-02-10 +================== + + * Fix: Module's `export default` syntax fix for IE8 `Expected identifier` error + * Fix: Whitelist DEBUG_FD for values 1 and 2 only (#415, @pi0) + * Fix: IE8 "Expected identifier" error (#414, @vgoma) + * Fix: Namespaces would not disable once enabled (#409, @musikov) + +2.6.0 / 2016-12-28 +================== + + * Fix: added better null pointer checks for browser useColors (@thebigredgeek) + * Improvement: removed explicit `window.debug` export (#404, @tootallnate) + * Improvement: deprecated `DEBUG_FD` environment variable (#405, @tootallnate) + +2.5.2 / 2016-12-25 +================== + + * Fix: reference error on window within webworkers (#393, @KlausTrainer) + * Docs: fixed README typo (#391, @lurch) + * Docs: added notice about v3 api discussion (@thebigredgeek) + +2.5.1 / 2016-12-20 +================== + + * Fix: babel-core compatibility + +2.5.0 / 2016-12-20 +================== + + * Fix: wrong reference in bower file (@thebigredgeek) + * Fix: webworker compatibility (@thebigredgeek) + * Fix: output formatting issue (#388, @kribblo) + * Fix: babel-loader compatibility (#383, @escwald) + * Misc: removed built asset from repo and publications (@thebigredgeek) + * Misc: moved source files to /src (#378, @yamikuronue) + * Test: added karma integration and replaced babel with browserify for browser tests (#378, @yamikuronue) + * Test: coveralls integration (#378, @yamikuronue) + * Docs: simplified language in the opening paragraph (#373, @yamikuronue) + +2.4.5 / 2016-12-17 +================== + + * Fix: `navigator` undefined in Rhino (#376, @jochenberger) + * Fix: custom log function (#379, @hsiliev) + * Improvement: bit of cleanup + linting fixes (@thebigredgeek) + * Improvement: rm non-maintainted `dist/` dir (#375, @freewil) + * Docs: simplified language in the opening paragraph. (#373, @yamikuronue) + +2.4.4 / 2016-12-14 +================== + + * Fix: work around debug being loaded in preload scripts for electron (#368, @paulcbetts) + +2.4.3 / 2016-12-14 +================== + + * Fix: navigation.userAgent error for react native (#364, @escwald) + +2.4.2 / 2016-12-14 +================== + + * Fix: browser colors (#367, @tootallnate) + * Misc: travis ci integration (@thebigredgeek) + * Misc: added linting and testing boilerplate with sanity check (@thebigredgeek) + +2.4.1 / 2016-12-13 +================== + + * Fix: typo that broke the package (#356) + +2.4.0 / 2016-12-13 +================== + + * Fix: bower.json references unbuilt src entry point (#342, @justmatt) + * Fix: revert "handle regex special characters" (@tootallnate) + * Feature: configurable util.inspect()`options for NodeJS (#327, @tootallnate) + * Feature: %O`(big O) pretty-prints objects (#322, @tootallnate) + * Improvement: allow colors in workers (#335, @botverse) + * Improvement: use same color for same namespace. (#338, @lchenay) + +2.3.3 / 2016-11-09 +================== + + * Fix: Catch `JSON.stringify()` errors (#195, Jovan Alleyne) + * Fix: Returning `localStorage` saved values (#331, Levi Thomason) + * Improvement: Don't create an empty object when no `process` (Nathan Rajlich) + +2.3.2 / 2016-11-09 +================== + + * Fix: be super-safe in index.js as well (@TooTallNate) + * Fix: should check whether process exists (Tom Newby) + +2.3.1 / 2016-11-09 +================== + + * Fix: Added electron compatibility (#324, @paulcbetts) + * Improvement: Added performance optimizations (@tootallnate) + * Readme: Corrected PowerShell environment variable example (#252, @gimre) + * Misc: Removed yarn lock file from source control (#321, @fengmk2) + +2.3.0 / 2016-11-07 +================== + + * Fix: Consistent placement of ms diff at end of output (#215, @gorangajic) + * Fix: Escaping of regex special characters in namespace strings (#250, @zacronos) + * Fix: Fixed bug causing crash on react-native (#282, @vkarpov15) + * Feature: Enabled ES6+ compatible import via default export (#212 @bucaran) + * Feature: Added %O formatter to reflect Chrome's console.log capability (#279, @oncletom) + * Package: Update "ms" to 0.7.2 (#315, @DevSide) + * Package: removed superfluous version property from bower.json (#207 @kkirsche) + * Readme: fix USE_COLORS to DEBUG_COLORS + * Readme: Doc fixes for format string sugar (#269, @mlucool) + * Readme: Updated docs for DEBUG_FD and DEBUG_COLORS environment variables (#232, @mattlyons0) + * Readme: doc fixes for PowerShell (#271 #243, @exoticknight @unreadable) + * Readme: better docs for browser support (#224, @matthewmueller) + * Tooling: Added yarn integration for development (#317, @thebigredgeek) + * Misc: Renamed History.md to CHANGELOG.md (@thebigredgeek) + * Misc: Added license file (#226 #274, @CantemoInternal @sdaitzman) + * Misc: Updated contributors (@thebigredgeek) + +2.2.0 / 2015-05-09 +================== + + * package: update "ms" to v0.7.1 (#202, @dougwilson) + * README: add logging to file example (#193, @DanielOchoa) + * README: fixed a typo (#191, @amir-s) + * browser: expose `storage` (#190, @stephenmathieson) + * Makefile: add a `distclean` target (#189, @stephenmathieson) + +2.1.3 / 2015-03-13 +================== + + * Updated stdout/stderr example (#186) + * Updated example/stdout.js to match debug current behaviour + * Renamed example/stderr.js to stdout.js + * Update Readme.md (#184) + * replace high intensity foreground color for bold (#182, #183) + +2.1.2 / 2015-03-01 +================== + + * dist: recompile + * update "ms" to v0.7.0 + * package: update "browserify" to v9.0.3 + * component: fix "ms.js" repo location + * changed bower package name + * updated documentation about using debug in a browser + * fix: security error on safari (#167, #168, @yields) + +2.1.1 / 2014-12-29 +================== + + * browser: use `typeof` to check for `console` existence + * browser: check for `console.log` truthiness (fix IE 8/9) + * browser: add support for Chrome apps + * Readme: added Windows usage remarks + * Add `bower.json` to properly support bower install + +2.1.0 / 2014-10-15 +================== + + * node: implement `DEBUG_FD` env variable support + * package: update "browserify" to v6.1.0 + * package: add "license" field to package.json (#135, @panuhorsmalahti) + +2.0.0 / 2014-09-01 +================== + + * package: update "browserify" to v5.11.0 + * node: use stderr rather than stdout for logging (#29, @stephenmathieson) + +1.0.4 / 2014-07-15 +================== + + * dist: recompile + * example: remove `console.info()` log usage + * example: add "Content-Type" UTF-8 header to browser example + * browser: place %c marker after the space character + * browser: reset the "content" color via `color: inherit` + * browser: add colors support for Firefox >= v31 + * debug: prefer an instance `log()` function over the global one (#119) + * Readme: update documentation about styled console logs for FF v31 (#116, @wryk) + +1.0.3 / 2014-07-09 +================== + + * Add support for multiple wildcards in namespaces (#122, @seegno) + * browser: fix lint + +1.0.2 / 2014-06-10 +================== + + * browser: update color palette (#113, @gscottolson) + * common: make console logging function configurable (#108, @timoxley) + * node: fix %o colors on old node <= 0.8.x + * Makefile: find node path using shell/which (#109, @timoxley) + +1.0.1 / 2014-06-06 +================== + + * browser: use `removeItem()` to clear localStorage + * browser, node: don't set DEBUG if namespaces is undefined (#107, @leedm777) + * package: add "contributors" section + * node: fix comment typo + * README: list authors + +1.0.0 / 2014-06-04 +================== + + * make ms diff be global, not be scope + * debug: ignore empty strings in enable() + * node: make DEBUG_COLORS able to disable coloring + * *: export the `colors` array + * npmignore: don't publish the `dist` dir + * Makefile: refactor to use browserify + * package: add "browserify" as a dev dependency + * Readme: add Web Inspector Colors section + * node: reset terminal color for the debug content + * node: map "%o" to `util.inspect()` + * browser: map "%j" to `JSON.stringify()` + * debug: add custom "formatters" + * debug: use "ms" module for humanizing the diff + * Readme: add "bash" syntax highlighting + * browser: add Firebug color support + * browser: add colors for WebKit browsers + * node: apply log to `console` + * rewrite: abstract common logic for Node & browsers + * add .jshintrc file + +0.8.1 / 2014-04-14 +================== + + * package: re-add the "component" section + +0.8.0 / 2014-03-30 +================== + + * add `enable()` method for nodejs. Closes #27 + * change from stderr to stdout + * remove unnecessary index.js file + +0.7.4 / 2013-11-13 +================== + + * remove "browserify" key from package.json (fixes something in browserify) + +0.7.3 / 2013-10-30 +================== + + * fix: catch localStorage security error when cookies are blocked (Chrome) + * add debug(err) support. Closes #46 + * add .browser prop to package.json. Closes #42 + +0.7.2 / 2013-02-06 +================== + + * fix package.json + * fix: Mobile Safari (private mode) is broken with debug + * fix: Use unicode to send escape character to shell instead of octal to work with strict mode javascript + +0.7.1 / 2013-02-05 +================== + + * add repository URL to package.json + * add DEBUG_COLORED to force colored output + * add browserify support + * fix component. Closes #24 + +0.7.0 / 2012-05-04 +================== + + * Added .component to package.json + * Added debug.component.js build + +0.6.0 / 2012-03-16 +================== + + * Added support for "-" prefix in DEBUG [Vinay Pulim] + * Added `.enabled` flag to the node version [TooTallNate] + +0.5.0 / 2012-02-02 +================== + + * Added: humanize diffs. Closes #8 + * Added `debug.disable()` to the CS variant + * Removed padding. Closes #10 + * Fixed: persist client-side variant again. Closes #9 + +0.4.0 / 2012-02-01 +================== + + * Added browser variant support for older browsers [TooTallNate] + * Added `debug.enable('project:*')` to browser variant [TooTallNate] + * Added padding to diff (moved it to the right) + +0.3.0 / 2012-01-26 +================== + + * Added millisecond diff when isatty, otherwise UTC string + +0.2.0 / 2012-01-22 +================== + + * Added wildcard support + +0.1.0 / 2011-12-02 +================== + + * Added: remove colors unless stderr isatty [TooTallNate] + +0.0.1 / 2010-01-03 +================== + + * Initial release diff --git a/node_modules/npm-registry-fetch/node_modules/debug/LICENSE b/node_modules/npm-registry-fetch/node_modules/debug/LICENSE new file mode 100644 index 000000000..658c933d2 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/debug/LICENSE @@ -0,0 +1,19 @@ +(The MIT License) + +Copyright (c) 2014 TJ Holowaychuk <tj@vision-media.ca> + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software +and associated documentation files (the 'Software'), to deal in the Software without restriction, +including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, +and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial +portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT +LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + diff --git a/node_modules/npm-registry-fetch/node_modules/debug/README.md b/node_modules/npm-registry-fetch/node_modules/debug/README.md new file mode 100644 index 000000000..88dae35d9 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/debug/README.md @@ -0,0 +1,455 @@ +# debug +[](https://travis-ci.org/visionmedia/debug) [](https://coveralls.io/github/visionmedia/debug?branch=master) [](https://visionmedia-community-slackin.now.sh/) [](#backers) +[](#sponsors) + +<img width="647" src="https://user-images.githubusercontent.com/71256/29091486-fa38524c-7c37-11e7-895f-e7ec8e1039b6.png"> + +A tiny JavaScript debugging utility modelled after Node.js core's debugging +technique. Works in Node.js and web browsers. + +## Installation + +```bash +$ npm install debug +``` + +## Usage + +`debug` exposes a function; simply pass this function the name of your module, and it will return a decorated version of `console.error` for you to pass debug statements to. This will allow you to toggle the debug output for different parts of your module as well as the module as a whole. + +Example [_app.js_](./examples/node/app.js): + +```js +var debug = require('debug')('http') + , http = require('http') + , name = 'My App'; + +// fake app + +debug('booting %o', name); + +http.createServer(function(req, res){ + debug(req.method + ' ' + req.url); + res.end('hello\n'); +}).listen(3000, function(){ + debug('listening'); +}); + +// fake worker of some kind + +require('./worker'); +``` + +Example [_worker.js_](./examples/node/worker.js): + +```js +var a = require('debug')('worker:a') + , b = require('debug')('worker:b'); + +function work() { + a('doing lots of uninteresting work'); + setTimeout(work, Math.random() * 1000); +} + +work(); + +function workb() { + b('doing some work'); + setTimeout(workb, Math.random() * 2000); +} + +workb(); +``` + +The `DEBUG` environment variable is then used to enable these based on space or +comma-delimited names. + +Here are some examples: + +<img width="647" alt="screen shot 2017-08-08 at 12 53 04 pm" src="https://user-images.githubusercontent.com/71256/29091703-a6302cdc-7c38-11e7-8304-7c0b3bc600cd.png"> +<img width="647" alt="screen shot 2017-08-08 at 12 53 38 pm" src="https://user-images.githubusercontent.com/71256/29091700-a62a6888-7c38-11e7-800b-db911291ca2b.png"> +<img width="647" alt="screen shot 2017-08-08 at 12 53 25 pm" src="https://user-images.githubusercontent.com/71256/29091701-a62ea114-7c38-11e7-826a-2692bedca740.png"> + +#### Windows command prompt notes + +##### CMD + +On Windows the environment variable is set using the `set` command. + +```cmd +set DEBUG=*,-not_this +``` + +Example: + +```cmd +set DEBUG=* & node app.js +``` + +##### PowerShell (VS Code default) + +PowerShell uses different syntax to set environment variables. + +```cmd +$env:DEBUG = "*,-not_this" +``` + +Example: + +```cmd +$env:DEBUG='app';node app.js +``` + +Then, run the program to be debugged as usual. + +npm script example: +```js + "windowsDebug": "@powershell -Command $env:DEBUG='*';node app.js", +``` + +## Namespace Colors + +Every debug instance has a color generated for it based on its namespace name. +This helps when visually parsing the debug output to identify which debug instance +a debug line belongs to. + +#### Node.js + +In Node.js, colors are enabled when stderr is a TTY. You also _should_ install +the [`supports-color`](https://npmjs.org/supports-color) module alongside debug, +otherwise debug will only use a small handful of basic colors. + +<img width="521" src="https://user-images.githubusercontent.com/71256/29092181-47f6a9e6-7c3a-11e7-9a14-1928d8a711cd.png"> + +#### Web Browser + +Colors are also enabled on "Web Inspectors" that understand the `%c` formatting +option. These are WebKit web inspectors, Firefox ([since version +31](https://hacks.mozilla.org/2014/05/editable-box-model-multiple-selection-sublime-text-keys-much-more-firefox-developer-tools-episode-31/)) +and the Firebug plugin for Firefox (any version). + +<img width="524" src="https://user-images.githubusercontent.com/71256/29092033-b65f9f2e-7c39-11e7-8e32-f6f0d8e865c1.png"> + + +## Millisecond diff + +When actively developing an application it can be useful to see when the time spent between one `debug()` call and the next. Suppose for example you invoke `debug()` before requesting a resource, and after as well, the "+NNNms" will show you how much time was spent between calls. + +<img width="647" src="https://user-images.githubusercontent.com/71256/29091486-fa38524c-7c37-11e7-895f-e7ec8e1039b6.png"> + +When stdout is not a TTY, `Date#toISOString()` is used, making it more useful for logging the debug information as shown below: + +<img width="647" src="https://user-images.githubusercontent.com/71256/29091956-6bd78372-7c39-11e7-8c55-c948396d6edd.png"> + + +## Conventions + +If you're using this in one or more of your libraries, you _should_ use the name of your library so that developers may toggle debugging as desired without guessing names. If you have more than one debuggers you _should_ prefix them with your library name and use ":" to separate features. For example "bodyParser" from Connect would then be "connect:bodyParser". If you append a "*" to the end of your name, it will always be enabled regardless of the setting of the DEBUG environment variable. You can then use it for normal output as well as debug output. + +## Wildcards + +The `*` character may be used as a wildcard. Suppose for example your library has +debuggers named "connect:bodyParser", "connect:compress", "connect:session", +instead of listing all three with +`DEBUG=connect:bodyParser,connect:compress,connect:session`, you may simply do +`DEBUG=connect:*`, or to run everything using this module simply use `DEBUG=*`. + +You can also exclude specific debuggers by prefixing them with a "-" character. +For example, `DEBUG=*,-connect:*` would include all debuggers except those +starting with "connect:". + +## Environment Variables + +When running through Node.js, you can set a few environment variables that will +change the behavior of the debug logging: + +| Name | Purpose | +|-----------|-------------------------------------------------| +| `DEBUG` | Enables/disables specific debugging namespaces. | +| `DEBUG_HIDE_DATE` | Hide date from debug output (non-TTY). | +| `DEBUG_COLORS`| Whether or not to use colors in the debug output. | +| `DEBUG_DEPTH` | Object inspection depth. | +| `DEBUG_SHOW_HIDDEN` | Shows hidden properties on inspected objects. | + + +__Note:__ The environment variables beginning with `DEBUG_` end up being +converted into an Options object that gets used with `%o`/`%O` formatters. +See the Node.js documentation for +[`util.inspect()`](https://nodejs.org/api/util.html#util_util_inspect_object_options) +for the complete list. + +## Formatters + +Debug uses [printf-style](https://wikipedia.org/wiki/Printf_format_string) formatting. +Below are the officially supported formatters: + +| Formatter | Representation | +|-----------|----------------| +| `%O` | Pretty-print an Object on multiple lines. | +| `%o` | Pretty-print an Object all on a single line. | +| `%s` | String. | +| `%d` | Number (both integer and float). | +| `%j` | JSON. Replaced with the string '[Circular]' if the argument contains circular references. | +| `%%` | Single percent sign ('%'). This does not consume an argument. | + + +### Custom formatters + +You can add custom formatters by extending the `debug.formatters` object. +For example, if you wanted to add support for rendering a Buffer as hex with +`%h`, you could do something like: + +```js +const createDebug = require('debug') +createDebug.formatters.h = (v) => { + return v.toString('hex') +} + +// …elsewhere +const debug = createDebug('foo') +debug('this is hex: %h', new Buffer('hello world')) +// foo this is hex: 68656c6c6f20776f726c6421 +0ms +``` + + +## Browser Support + +You can build a browser-ready script using [browserify](https://github.com/substack/node-browserify), +or just use the [browserify-as-a-service](https://wzrd.in/) [build](https://wzrd.in/standalone/debug@latest), +if you don't want to build it yourself. + +Debug's enable state is currently persisted by `localStorage`. +Consider the situation shown below where you have `worker:a` and `worker:b`, +and wish to debug both. You can enable this using `localStorage.debug`: + +```js +localStorage.debug = 'worker:*' +``` + +And then refresh the page. + +```js +a = debug('worker:a'); +b = debug('worker:b'); + +setInterval(function(){ + a('doing some work'); +}, 1000); + +setInterval(function(){ + b('doing some work'); +}, 1200); +``` + + +## Output streams + + By default `debug` will log to stderr, however this can be configured per-namespace by overriding the `log` method: + +Example [_stdout.js_](./examples/node/stdout.js): + +```js +var debug = require('debug'); +var error = debug('app:error'); + +// by default stderr is used +error('goes to stderr!'); + +var log = debug('app:log'); +// set this namespace to log via console.log +log.log = console.log.bind(console); // don't forget to bind to console! +log('goes to stdout'); +error('still goes to stderr!'); + +// set all output to go via console.info +// overrides all per-namespace log settings +debug.log = console.info.bind(console); +error('now goes to stdout via console.info'); +log('still goes to stdout, but via console.info now'); +``` + +## Extend +You can simply extend debugger +```js +const log = require('debug')('auth'); + +//creates new debug instance with extended namespace +const logSign = log.extend('sign'); +const logLogin = log.extend('login'); + +log('hello'); // auth hello +logSign('hello'); //auth:sign hello +logLogin('hello'); //auth:login hello +``` + +## Set dynamically + +You can also enable debug dynamically by calling the `enable()` method : + +```js +let debug = require('debug'); + +console.log(1, debug.enabled('test')); + +debug.enable('test'); +console.log(2, debug.enabled('test')); + +debug.disable(); +console.log(3, debug.enabled('test')); + +``` + +print : +``` +1 false +2 true +3 false +``` + +Usage : +`enable(namespaces)` +`namespaces` can include modes separated by a colon and wildcards. + +Note that calling `enable()` completely overrides previously set DEBUG variable : + +``` +$ DEBUG=foo node -e 'var dbg = require("debug"); dbg.enable("bar"); console.log(dbg.enabled("foo"))' +=> false +``` + +`disable()` + +Will disable all namespaces. The functions returns the namespaces currently +enabled (and skipped). This can be useful if you want to disable debugging +temporarily without knowing what was enabled to begin with. + +For example: + +```js +let debug = require('debug'); +debug.enable('foo:*,-foo:bar'); +let namespaces = debug.disable(); +debug.enable(namespaces); +``` + +Note: There is no guarantee that the string will be identical to the initial +enable string, but semantically they will be identical. + +## Checking whether a debug target is enabled + +After you've created a debug instance, you can determine whether or not it is +enabled by checking the `enabled` property: + +```javascript +const debug = require('debug')('http'); + +if (debug.enabled) { + // do stuff... +} +``` + +You can also manually toggle this property to force the debug instance to be +enabled or disabled. + + +## Authors + + - TJ Holowaychuk + - Nathan Rajlich + - Andrew Rhyne + +## Backers + +Support us with a monthly donation and help us continue our activities. [[Become a backer](https://opencollective.com/debug#backer)] + +<a href="https://opencollective.com/debug/backer/0/website" target="_blank"><img src="https://opencollective.com/debug/backer/0/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/1/website" target="_blank"><img src="https://opencollective.com/debug/backer/1/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/2/website" target="_blank"><img src="https://opencollective.com/debug/backer/2/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/3/website" target="_blank"><img src="https://opencollective.com/debug/backer/3/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/4/website" target="_blank"><img src="https://opencollective.com/debug/backer/4/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/5/website" target="_blank"><img src="https://opencollective.com/debug/backer/5/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/6/website" target="_blank"><img src="https://opencollective.com/debug/backer/6/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/7/website" target="_blank"><img src="https://opencollective.com/debug/backer/7/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/8/website" target="_blank"><img src="https://opencollective.com/debug/backer/8/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/9/website" target="_blank"><img src="https://opencollective.com/debug/backer/9/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/10/website" target="_blank"><img src="https://opencollective.com/debug/backer/10/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/11/website" target="_blank"><img src="https://opencollective.com/debug/backer/11/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/12/website" target="_blank"><img src="https://opencollective.com/debug/backer/12/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/13/website" target="_blank"><img src="https://opencollective.com/debug/backer/13/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/14/website" target="_blank"><img src="https://opencollective.com/debug/backer/14/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/15/website" target="_blank"><img src="https://opencollective.com/debug/backer/15/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/16/website" target="_blank"><img src="https://opencollective.com/debug/backer/16/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/17/website" target="_blank"><img src="https://opencollective.com/debug/backer/17/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/18/website" target="_blank"><img src="https://opencollective.com/debug/backer/18/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/19/website" target="_blank"><img src="https://opencollective.com/debug/backer/19/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/20/website" target="_blank"><img src="https://opencollective.com/debug/backer/20/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/21/website" target="_blank"><img src="https://opencollective.com/debug/backer/21/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/22/website" target="_blank"><img src="https://opencollective.com/debug/backer/22/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/23/website" target="_blank"><img src="https://opencollective.com/debug/backer/23/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/24/website" target="_blank"><img src="https://opencollective.com/debug/backer/24/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/25/website" target="_blank"><img src="https://opencollective.com/debug/backer/25/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/26/website" target="_blank"><img src="https://opencollective.com/debug/backer/26/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/27/website" target="_blank"><img src="https://opencollective.com/debug/backer/27/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/28/website" target="_blank"><img src="https://opencollective.com/debug/backer/28/avatar.svg"></a> +<a href="https://opencollective.com/debug/backer/29/website" target="_blank"><img src="https://opencollective.com/debug/backer/29/avatar.svg"></a> + + +## Sponsors + +Become a sponsor and get your logo on our README on Github with a link to your site. [[Become a sponsor](https://opencollective.com/debug#sponsor)] + +<a href="https://opencollective.com/debug/sponsor/0/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/0/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/1/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/1/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/2/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/2/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/3/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/3/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/4/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/4/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/5/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/5/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/6/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/6/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/7/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/7/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/8/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/8/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/9/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/9/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/10/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/10/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/11/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/11/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/12/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/12/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/13/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/13/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/14/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/14/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/15/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/15/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/16/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/16/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/17/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/17/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/18/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/18/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/19/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/19/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/20/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/20/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/21/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/21/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/22/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/22/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/23/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/23/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/24/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/24/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/25/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/25/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/26/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/26/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/27/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/27/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/28/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/28/avatar.svg"></a> +<a href="https://opencollective.com/debug/sponsor/29/website" target="_blank"><img src="https://opencollective.com/debug/sponsor/29/avatar.svg"></a> + +## License + +(The MIT License) + +Copyright (c) 2014-2017 TJ Holowaychuk <tj@vision-media.ca> + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +'Software'), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/debug/dist/debug.js b/node_modules/npm-registry-fetch/node_modules/debug/dist/debug.js new file mode 100644 index 000000000..89ad0c217 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/debug/dist/debug.js @@ -0,0 +1,912 @@ +"use strict"; + +function _toConsumableArray(arr) { return _arrayWithoutHoles(arr) || _iterableToArray(arr) || _nonIterableSpread(); } + +function _nonIterableSpread() { throw new TypeError("Invalid attempt to spread non-iterable instance"); } + +function _iterableToArray(iter) { if (Symbol.iterator in Object(iter) || Object.prototype.toString.call(iter) === "[object Arguments]") return Array.from(iter); } + +function _arrayWithoutHoles(arr) { if (Array.isArray(arr)) { for (var i = 0, arr2 = new Array(arr.length); i < arr.length; i++) { arr2[i] = arr[i]; } return arr2; } } + +function _typeof(obj) { if (typeof Symbol === "function" && typeof Symbol.iterator === "symbol") { _typeof = function _typeof(obj) { return typeof obj; }; } else { _typeof = function _typeof(obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; }; } return _typeof(obj); } + +(function (f) { + if ((typeof exports === "undefined" ? "undefined" : _typeof(exports)) === "object" && typeof module !== "undefined") { + module.exports = f(); + } else if (typeof define === "function" && define.amd) { + define([], f); + } else { + var g; + + if (typeof window !== "undefined") { + g = window; + } else if (typeof global !== "undefined") { + g = global; + } else if (typeof self !== "undefined") { + g = self; + } else { + g = this; + } + + g.debug = f(); + } +})(function () { + var define, module, exports; + return function () { + function r(e, n, t) { + function o(i, f) { + if (!n[i]) { + if (!e[i]) { + var c = "function" == typeof require && require; + if (!f && c) return c(i, !0); + if (u) return u(i, !0); + var a = new Error("Cannot find module '" + i + "'"); + throw a.code = "MODULE_NOT_FOUND", a; + } + + var p = n[i] = { + exports: {} + }; + e[i][0].call(p.exports, function (r) { + var n = e[i][1][r]; + return o(n || r); + }, p, p.exports, r, e, n, t); + } + + return n[i].exports; + } + + for (var u = "function" == typeof require && require, i = 0; i < t.length; i++) { + o(t[i]); + } + + return o; + } + + return r; + }()({ + 1: [function (require, module, exports) { + /** + * Helpers. + */ + var s = 1000; + var m = s * 60; + var h = m * 60; + var d = h * 24; + var w = d * 7; + var y = d * 365.25; + /** + * Parse or format the given `val`. + * + * Options: + * + * - `long` verbose formatting [false] + * + * @param {String|Number} val + * @param {Object} [options] + * @throws {Error} throw an error if val is not a non-empty string or a number + * @return {String|Number} + * @api public + */ + + module.exports = function (val, options) { + options = options || {}; + + var type = _typeof(val); + + if (type === 'string' && val.length > 0) { + return parse(val); + } else if (type === 'number' && isNaN(val) === false) { + return options.long ? fmtLong(val) : fmtShort(val); + } + + throw new Error('val is not a non-empty string or a valid number. val=' + JSON.stringify(val)); + }; + /** + * Parse the given `str` and return milliseconds. + * + * @param {String} str + * @return {Number} + * @api private + */ + + + function parse(str) { + str = String(str); + + if (str.length > 100) { + return; + } + + var match = /^((?:\d+)?\-?\d?\.?\d+) *(milliseconds?|msecs?|ms|seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)?$/i.exec(str); + + if (!match) { + return; + } + + var n = parseFloat(match[1]); + var type = (match[2] || 'ms').toLowerCase(); + + switch (type) { + case 'years': + case 'year': + case 'yrs': + case 'yr': + case 'y': + return n * y; + + case 'weeks': + case 'week': + case 'w': + return n * w; + + case 'days': + case 'day': + case 'd': + return n * d; + + case 'hours': + case 'hour': + case 'hrs': + case 'hr': + case 'h': + return n * h; + + case 'minutes': + case 'minute': + case 'mins': + case 'min': + case 'm': + return n * m; + + case 'seconds': + case 'second': + case 'secs': + case 'sec': + case 's': + return n * s; + + case 'milliseconds': + case 'millisecond': + case 'msecs': + case 'msec': + case 'ms': + return n; + + default: + return undefined; + } + } + /** + * Short format for `ms`. + * + * @param {Number} ms + * @return {String} + * @api private + */ + + + function fmtShort(ms) { + var msAbs = Math.abs(ms); + + if (msAbs >= d) { + return Math.round(ms / d) + 'd'; + } + + if (msAbs >= h) { + return Math.round(ms / h) + 'h'; + } + + if (msAbs >= m) { + return Math.round(ms / m) + 'm'; + } + + if (msAbs >= s) { + return Math.round(ms / s) + 's'; + } + + return ms + 'ms'; + } + /** + * Long format for `ms`. + * + * @param {Number} ms + * @return {String} + * @api private + */ + + + function fmtLong(ms) { + var msAbs = Math.abs(ms); + + if (msAbs >= d) { + return plural(ms, msAbs, d, 'day'); + } + + if (msAbs >= h) { + return plural(ms, msAbs, h, 'hour'); + } + + if (msAbs >= m) { + return plural(ms, msAbs, m, 'minute'); + } + + if (msAbs >= s) { + return plural(ms, msAbs, s, 'second'); + } + + return ms + ' ms'; + } + /** + * Pluralization helper. + */ + + + function plural(ms, msAbs, n, name) { + var isPlural = msAbs >= n * 1.5; + return Math.round(ms / n) + ' ' + name + (isPlural ? 's' : ''); + } + }, {}], + 2: [function (require, module, exports) { + // shim for using process in browser + var process = module.exports = {}; // cached from whatever global is present so that test runners that stub it + // don't break things. But we need to wrap it in a try catch in case it is + // wrapped in strict mode code which doesn't define any globals. It's inside a + // function because try/catches deoptimize in certain engines. + + var cachedSetTimeout; + var cachedClearTimeout; + + function defaultSetTimout() { + throw new Error('setTimeout has not been defined'); + } + + function defaultClearTimeout() { + throw new Error('clearTimeout has not been defined'); + } + + (function () { + try { + if (typeof setTimeout === 'function') { + cachedSetTimeout = setTimeout; + } else { + cachedSetTimeout = defaultSetTimout; + } + } catch (e) { + cachedSetTimeout = defaultSetTimout; + } + + try { + if (typeof clearTimeout === 'function') { + cachedClearTimeout = clearTimeout; + } else { + cachedClearTimeout = defaultClearTimeout; + } + } catch (e) { + cachedClearTimeout = defaultClearTimeout; + } + })(); + + function runTimeout(fun) { + if (cachedSetTimeout === setTimeout) { + //normal enviroments in sane situations + return setTimeout(fun, 0); + } // if setTimeout wasn't available but was latter defined + + + if ((cachedSetTimeout === defaultSetTimout || !cachedSetTimeout) && setTimeout) { + cachedSetTimeout = setTimeout; + return setTimeout(fun, 0); + } + + try { + // when when somebody has screwed with setTimeout but no I.E. maddness + return cachedSetTimeout(fun, 0); + } catch (e) { + try { + // When we are in I.E. but the script has been evaled so I.E. doesn't trust the global object when called normally + return cachedSetTimeout.call(null, fun, 0); + } catch (e) { + // same as above but when it's a version of I.E. that must have the global object for 'this', hopfully our context correct otherwise it will throw a global error + return cachedSetTimeout.call(this, fun, 0); + } + } + } + + function runClearTimeout(marker) { + if (cachedClearTimeout === clearTimeout) { + //normal enviroments in sane situations + return clearTimeout(marker); + } // if clearTimeout wasn't available but was latter defined + + + if ((cachedClearTimeout === defaultClearTimeout || !cachedClearTimeout) && clearTimeout) { + cachedClearTimeout = clearTimeout; + return clearTimeout(marker); + } + + try { + // when when somebody has screwed with setTimeout but no I.E. maddness + return cachedClearTimeout(marker); + } catch (e) { + try { + // When we are in I.E. but the script has been evaled so I.E. doesn't trust the global object when called normally + return cachedClearTimeout.call(null, marker); + } catch (e) { + // same as above but when it's a version of I.E. that must have the global object for 'this', hopfully our context correct otherwise it will throw a global error. + // Some versions of I.E. have different rules for clearTimeout vs setTimeout + return cachedClearTimeout.call(this, marker); + } + } + } + + var queue = []; + var draining = false; + var currentQueue; + var queueIndex = -1; + + function cleanUpNextTick() { + if (!draining || !currentQueue) { + return; + } + + draining = false; + + if (currentQueue.length) { + queue = currentQueue.concat(queue); + } else { + queueIndex = -1; + } + + if (queue.length) { + drainQueue(); + } + } + + function drainQueue() { + if (draining) { + return; + } + + var timeout = runTimeout(cleanUpNextTick); + draining = true; + var len = queue.length; + + while (len) { + currentQueue = queue; + queue = []; + + while (++queueIndex < len) { + if (currentQueue) { + currentQueue[queueIndex].run(); + } + } + + queueIndex = -1; + len = queue.length; + } + + currentQueue = null; + draining = false; + runClearTimeout(timeout); + } + + process.nextTick = function (fun) { + var args = new Array(arguments.length - 1); + + if (arguments.length > 1) { + for (var i = 1; i < arguments.length; i++) { + args[i - 1] = arguments[i]; + } + } + + queue.push(new Item(fun, args)); + + if (queue.length === 1 && !draining) { + runTimeout(drainQueue); + } + }; // v8 likes predictible objects + + + function Item(fun, array) { + this.fun = fun; + this.array = array; + } + + Item.prototype.run = function () { + this.fun.apply(null, this.array); + }; + + process.title = 'browser'; + process.browser = true; + process.env = {}; + process.argv = []; + process.version = ''; // empty string to avoid regexp issues + + process.versions = {}; + + function noop() {} + + process.on = noop; + process.addListener = noop; + process.once = noop; + process.off = noop; + process.removeListener = noop; + process.removeAllListeners = noop; + process.emit = noop; + process.prependListener = noop; + process.prependOnceListener = noop; + + process.listeners = function (name) { + return []; + }; + + process.binding = function (name) { + throw new Error('process.binding is not supported'); + }; + + process.cwd = function () { + return '/'; + }; + + process.chdir = function (dir) { + throw new Error('process.chdir is not supported'); + }; + + process.umask = function () { + return 0; + }; + }, {}], + 3: [function (require, module, exports) { + /** + * This is the common logic for both the Node.js and web browser + * implementations of `debug()`. + */ + function setup(env) { + createDebug.debug = createDebug; + createDebug.default = createDebug; + createDebug.coerce = coerce; + createDebug.disable = disable; + createDebug.enable = enable; + createDebug.enabled = enabled; + createDebug.humanize = require('ms'); + Object.keys(env).forEach(function (key) { + createDebug[key] = env[key]; + }); + /** + * Active `debug` instances. + */ + + createDebug.instances = []; + /** + * The currently active debug mode names, and names to skip. + */ + + createDebug.names = []; + createDebug.skips = []; + /** + * Map of special "%n" handling functions, for the debug "format" argument. + * + * Valid key names are a single, lower or upper-case letter, i.e. "n" and "N". + */ + + createDebug.formatters = {}; + /** + * Selects a color for a debug namespace + * @param {String} namespace The namespace string for the for the debug instance to be colored + * @return {Number|String} An ANSI color code for the given namespace + * @api private + */ + + function selectColor(namespace) { + var hash = 0; + + for (var i = 0; i < namespace.length; i++) { + hash = (hash << 5) - hash + namespace.charCodeAt(i); + hash |= 0; // Convert to 32bit integer + } + + return createDebug.colors[Math.abs(hash) % createDebug.colors.length]; + } + + createDebug.selectColor = selectColor; + /** + * Create a debugger with the given `namespace`. + * + * @param {String} namespace + * @return {Function} + * @api public + */ + + function createDebug(namespace) { + var prevTime; + + function debug() { + for (var _len = arguments.length, args = new Array(_len), _key = 0; _key < _len; _key++) { + args[_key] = arguments[_key]; + } + + // Disabled? + if (!debug.enabled) { + return; + } + + var self = debug; // Set `diff` timestamp + + var curr = Number(new Date()); + var ms = curr - (prevTime || curr); + self.diff = ms; + self.prev = prevTime; + self.curr = curr; + prevTime = curr; + args[0] = createDebug.coerce(args[0]); + + if (typeof args[0] !== 'string') { + // Anything else let's inspect with %O + args.unshift('%O'); + } // Apply any `formatters` transformations + + + var index = 0; + args[0] = args[0].replace(/%([a-zA-Z%])/g, function (match, format) { + // If we encounter an escaped % then don't increase the array index + if (match === '%%') { + return match; + } + + index++; + var formatter = createDebug.formatters[format]; + + if (typeof formatter === 'function') { + var val = args[index]; + match = formatter.call(self, val); // Now we need to remove `args[index]` since it's inlined in the `format` + + args.splice(index, 1); + index--; + } + + return match; + }); // Apply env-specific formatting (colors, etc.) + + createDebug.formatArgs.call(self, args); + var logFn = self.log || createDebug.log; + logFn.apply(self, args); + } + + debug.namespace = namespace; + debug.enabled = createDebug.enabled(namespace); + debug.useColors = createDebug.useColors(); + debug.color = selectColor(namespace); + debug.destroy = destroy; + debug.extend = extend; // Debug.formatArgs = formatArgs; + // debug.rawLog = rawLog; + // env-specific initialization logic for debug instances + + if (typeof createDebug.init === 'function') { + createDebug.init(debug); + } + + createDebug.instances.push(debug); + return debug; + } + + function destroy() { + var index = createDebug.instances.indexOf(this); + + if (index !== -1) { + createDebug.instances.splice(index, 1); + return true; + } + + return false; + } + + function extend(namespace, delimiter) { + var newDebug = createDebug(this.namespace + (typeof delimiter === 'undefined' ? ':' : delimiter) + namespace); + newDebug.log = this.log; + return newDebug; + } + /** + * Enables a debug mode by namespaces. This can include modes + * separated by a colon and wildcards. + * + * @param {String} namespaces + * @api public + */ + + + function enable(namespaces) { + createDebug.save(namespaces); + createDebug.names = []; + createDebug.skips = []; + var i; + var split = (typeof namespaces === 'string' ? namespaces : '').split(/[\s,]+/); + var len = split.length; + + for (i = 0; i < len; i++) { + if (!split[i]) { + // ignore empty strings + continue; + } + + namespaces = split[i].replace(/\*/g, '.*?'); + + if (namespaces[0] === '-') { + createDebug.skips.push(new RegExp('^' + namespaces.substr(1) + '$')); + } else { + createDebug.names.push(new RegExp('^' + namespaces + '$')); + } + } + + for (i = 0; i < createDebug.instances.length; i++) { + var instance = createDebug.instances[i]; + instance.enabled = createDebug.enabled(instance.namespace); + } + } + /** + * Disable debug output. + * + * @return {String} namespaces + * @api public + */ + + + function disable() { + var namespaces = [].concat(_toConsumableArray(createDebug.names.map(toNamespace)), _toConsumableArray(createDebug.skips.map(toNamespace).map(function (namespace) { + return '-' + namespace; + }))).join(','); + createDebug.enable(''); + return namespaces; + } + /** + * Returns true if the given mode name is enabled, false otherwise. + * + * @param {String} name + * @return {Boolean} + * @api public + */ + + + function enabled(name) { + if (name[name.length - 1] === '*') { + return true; + } + + var i; + var len; + + for (i = 0, len = createDebug.skips.length; i < len; i++) { + if (createDebug.skips[i].test(name)) { + return false; + } + } + + for (i = 0, len = createDebug.names.length; i < len; i++) { + if (createDebug.names[i].test(name)) { + return true; + } + } + + return false; + } + /** + * Convert regexp to namespace + * + * @param {RegExp} regxep + * @return {String} namespace + * @api private + */ + + + function toNamespace(regexp) { + return regexp.toString().substring(2, regexp.toString().length - 2).replace(/\.\*\?$/, '*'); + } + /** + * Coerce `val`. + * + * @param {Mixed} val + * @return {Mixed} + * @api private + */ + + + function coerce(val) { + if (val instanceof Error) { + return val.stack || val.message; + } + + return val; + } + + createDebug.enable(createDebug.load()); + return createDebug; + } + + module.exports = setup; + }, { + "ms": 1 + }], + 4: [function (require, module, exports) { + (function (process) { + /* eslint-env browser */ + + /** + * This is the web browser implementation of `debug()`. + */ + exports.log = log; + exports.formatArgs = formatArgs; + exports.save = save; + exports.load = load; + exports.useColors = useColors; + exports.storage = localstorage(); + /** + * Colors. + */ + + exports.colors = ['#0000CC', '#0000FF', '#0033CC', '#0033FF', '#0066CC', '#0066FF', '#0099CC', '#0099FF', '#00CC00', '#00CC33', '#00CC66', '#00CC99', '#00CCCC', '#00CCFF', '#3300CC', '#3300FF', '#3333CC', '#3333FF', '#3366CC', '#3366FF', '#3399CC', '#3399FF', '#33CC00', '#33CC33', '#33CC66', '#33CC99', '#33CCCC', '#33CCFF', '#6600CC', '#6600FF', '#6633CC', '#6633FF', '#66CC00', '#66CC33', '#9900CC', '#9900FF', '#9933CC', '#9933FF', '#99CC00', '#99CC33', '#CC0000', '#CC0033', '#CC0066', '#CC0099', '#CC00CC', '#CC00FF', '#CC3300', '#CC3333', '#CC3366', '#CC3399', '#CC33CC', '#CC33FF', '#CC6600', '#CC6633', '#CC9900', '#CC9933', '#CCCC00', '#CCCC33', '#FF0000', '#FF0033', '#FF0066', '#FF0099', '#FF00CC', '#FF00FF', '#FF3300', '#FF3333', '#FF3366', '#FF3399', '#FF33CC', '#FF33FF', '#FF6600', '#FF6633', '#FF9900', '#FF9933', '#FFCC00', '#FFCC33']; + /** + * Currently only WebKit-based Web Inspectors, Firefox >= v31, + * and the Firebug extension (any Firefox version) are known + * to support "%c" CSS customizations. + * + * TODO: add a `localStorage` variable to explicitly enable/disable colors + */ + // eslint-disable-next-line complexity + + function useColors() { + // NB: In an Electron preload script, document will be defined but not fully + // initialized. Since we know we're in Chrome, we'll just detect this case + // explicitly + if (typeof window !== 'undefined' && window.process && (window.process.type === 'renderer' || window.process.__nwjs)) { + return true; + } // Internet Explorer and Edge do not support colors. + + + if (typeof navigator !== 'undefined' && navigator.userAgent && navigator.userAgent.toLowerCase().match(/(edge|trident)\/(\d+)/)) { + return false; + } // Is webkit? http://stackoverflow.com/a/16459606/376773 + // document is undefined in react-native: https://github.com/facebook/react-native/pull/1632 + + + return typeof document !== 'undefined' && document.documentElement && document.documentElement.style && document.documentElement.style.WebkitAppearance || // Is firebug? http://stackoverflow.com/a/398120/376773 + typeof window !== 'undefined' && window.console && (window.console.firebug || window.console.exception && window.console.table) || // Is firefox >= v31? + // https://developer.mozilla.org/en-US/docs/Tools/Web_Console#Styling_messages + typeof navigator !== 'undefined' && navigator.userAgent && navigator.userAgent.toLowerCase().match(/firefox\/(\d+)/) && parseInt(RegExp.$1, 10) >= 31 || // Double check webkit in userAgent just in case we are in a worker + typeof navigator !== 'undefined' && navigator.userAgent && navigator.userAgent.toLowerCase().match(/applewebkit\/(\d+)/); + } + /** + * Colorize log arguments if enabled. + * + * @api public + */ + + + function formatArgs(args) { + args[0] = (this.useColors ? '%c' : '') + this.namespace + (this.useColors ? ' %c' : ' ') + args[0] + (this.useColors ? '%c ' : ' ') + '+' + module.exports.humanize(this.diff); + + if (!this.useColors) { + return; + } + + var c = 'color: ' + this.color; + args.splice(1, 0, c, 'color: inherit'); // The final "%c" is somewhat tricky, because there could be other + // arguments passed either before or after the %c, so we need to + // figure out the correct index to insert the CSS into + + var index = 0; + var lastC = 0; + args[0].replace(/%[a-zA-Z%]/g, function (match) { + if (match === '%%') { + return; + } + + index++; + + if (match === '%c') { + // We only are interested in the *last* %c + // (the user may have provided their own) + lastC = index; + } + }); + args.splice(lastC, 0, c); + } + /** + * Invokes `console.log()` when available. + * No-op when `console.log` is not a "function". + * + * @api public + */ + + + function log() { + var _console; + + // This hackery is required for IE8/9, where + // the `console.log` function doesn't have 'apply' + return (typeof console === "undefined" ? "undefined" : _typeof(console)) === 'object' && console.log && (_console = console).log.apply(_console, arguments); + } + /** + * Save `namespaces`. + * + * @param {String} namespaces + * @api private + */ + + + function save(namespaces) { + try { + if (namespaces) { + exports.storage.setItem('debug', namespaces); + } else { + exports.storage.removeItem('debug'); + } + } catch (error) {// Swallow + // XXX (@Qix-) should we be logging these? + } + } + /** + * Load `namespaces`. + * + * @return {String} returns the previously persisted debug modes + * @api private + */ + + + function load() { + var r; + + try { + r = exports.storage.getItem('debug'); + } catch (error) {} // Swallow + // XXX (@Qix-) should we be logging these? + // If debug isn't set in LS, and we're in Electron, try to load $DEBUG + + + if (!r && typeof process !== 'undefined' && 'env' in process) { + r = process.env.DEBUG; + } + + return r; + } + /** + * Localstorage attempts to return the localstorage. + * + * This is necessary because safari throws + * when a user disables cookies/localstorage + * and you attempt to access it. + * + * @return {LocalStorage} + * @api private + */ + + + function localstorage() { + try { + // TVMLKit (Apple TV JS Runtime) does not have a window object, just localStorage in the global context + // The Browser also has localStorage in the global context. + return localStorage; + } catch (error) {// Swallow + // XXX (@Qix-) should we be logging these? + } + } + + module.exports = require('./common')(exports); + var formatters = module.exports.formatters; + /** + * Map %j to `JSON.stringify()`, since no Web Inspectors do that by default. + */ + + formatters.j = function (v) { + try { + return JSON.stringify(v); + } catch (error) { + return '[UnexpectedJSONParseError]: ' + error.message; + } + }; + }).call(this, require('_process')); + }, { + "./common": 3, + "_process": 2 + }] + }, {}, [4])(4); +}); diff --git a/node_modules/npm-registry-fetch/node_modules/debug/package.json b/node_modules/npm-registry-fetch/node_modules/debug/package.json new file mode 100644 index 000000000..05aa24f7a --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/debug/package.json @@ -0,0 +1,104 @@ +{ + "_from": "debug@^4.1.0", + "_id": "debug@4.1.1", + "_inBundle": false, + "_integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "_location": "/npm-registry-fetch/debug", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "debug@^4.1.0", + "name": "debug", + "escapedName": "debug", + "rawSpec": "^4.1.0", + "saveSpec": null, + "fetchSpec": "^4.1.0" + }, + "_requiredBy": [ + "/npm-registry-fetch/agentkeepalive", + "/npm-registry-fetch/http-proxy-agent", + "/npm-registry-fetch/https-proxy-agent" + ], + "_resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "_shasum": "3b72260255109c6b589cee050f1d516139664791", + "_spec": "debug@^4.1.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/agentkeepalive", + "author": { + "name": "TJ Holowaychuk", + "email": "tj@vision-media.ca" + }, + "browser": "./src/browser.js", + "bugs": { + "url": "https://github.com/visionmedia/debug/issues" + }, + "bundleDependencies": false, + "contributors": [ + { + "name": "Nathan Rajlich", + "email": "nathan@tootallnate.net", + "url": "http://n8.io" + }, + { + "name": "Andrew Rhyne", + "email": "rhyneandrew@gmail.com" + } + ], + "dependencies": { + "ms": "^2.1.1" + }, + "deprecated": false, + "description": "small debugging utility", + "devDependencies": { + "@babel/cli": "^7.0.0", + "@babel/core": "^7.0.0", + "@babel/preset-env": "^7.0.0", + "browserify": "14.4.0", + "chai": "^3.5.0", + "concurrently": "^3.1.0", + "coveralls": "^3.0.2", + "istanbul": "^0.4.5", + "karma": "^3.0.0", + "karma-chai": "^0.1.0", + "karma-mocha": "^1.3.0", + "karma-phantomjs-launcher": "^1.0.2", + "mocha": "^5.2.0", + "mocha-lcov-reporter": "^1.2.0", + "rimraf": "^2.5.4", + "xo": "^0.23.0" + }, + "files": [ + "src", + "dist/debug.js", + "LICENSE", + "README.md" + ], + "homepage": "https://github.com/visionmedia/debug#readme", + "keywords": [ + "debug", + "log", + "debugger" + ], + "license": "MIT", + "main": "./src/index.js", + "name": "debug", + "repository": { + "type": "git", + "url": "git://github.com/visionmedia/debug.git" + }, + "scripts": { + "build": "npm run build:debug && npm run build:test", + "build:debug": "babel -o dist/debug.js dist/debug.es6.js > dist/debug.js", + "build:test": "babel -d dist test.js", + "clean": "rimraf dist coverage", + "lint": "xo", + "prebuild:debug": "mkdir -p dist && browserify --standalone debug -o dist/debug.es6.js .", + "pretest:browser": "npm run build", + "test": "npm run test:node && npm run test:browser", + "test:browser": "karma start --single-run", + "test:coverage": "cat ./coverage/lcov.info | coveralls", + "test:node": "istanbul cover _mocha -- test.js" + }, + "unpkg": "./dist/debug.js", + "version": "4.1.1" +} diff --git a/node_modules/npm-registry-fetch/node_modules/debug/src/browser.js b/node_modules/npm-registry-fetch/node_modules/debug/src/browser.js new file mode 100644 index 000000000..5f34c0d0a --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/debug/src/browser.js @@ -0,0 +1,264 @@ +/* eslint-env browser */ + +/** + * This is the web browser implementation of `debug()`. + */ + +exports.log = log; +exports.formatArgs = formatArgs; +exports.save = save; +exports.load = load; +exports.useColors = useColors; +exports.storage = localstorage(); + +/** + * Colors. + */ + +exports.colors = [ + '#0000CC', + '#0000FF', + '#0033CC', + '#0033FF', + '#0066CC', + '#0066FF', + '#0099CC', + '#0099FF', + '#00CC00', + '#00CC33', + '#00CC66', + '#00CC99', + '#00CCCC', + '#00CCFF', + '#3300CC', + '#3300FF', + '#3333CC', + '#3333FF', + '#3366CC', + '#3366FF', + '#3399CC', + '#3399FF', + '#33CC00', + '#33CC33', + '#33CC66', + '#33CC99', + '#33CCCC', + '#33CCFF', + '#6600CC', + '#6600FF', + '#6633CC', + '#6633FF', + '#66CC00', + '#66CC33', + '#9900CC', + '#9900FF', + '#9933CC', + '#9933FF', + '#99CC00', + '#99CC33', + '#CC0000', + '#CC0033', + '#CC0066', + '#CC0099', + '#CC00CC', + '#CC00FF', + '#CC3300', + '#CC3333', + '#CC3366', + '#CC3399', + '#CC33CC', + '#CC33FF', + '#CC6600', + '#CC6633', + '#CC9900', + '#CC9933', + '#CCCC00', + '#CCCC33', + '#FF0000', + '#FF0033', + '#FF0066', + '#FF0099', + '#FF00CC', + '#FF00FF', + '#FF3300', + '#FF3333', + '#FF3366', + '#FF3399', + '#FF33CC', + '#FF33FF', + '#FF6600', + '#FF6633', + '#FF9900', + '#FF9933', + '#FFCC00', + '#FFCC33' +]; + +/** + * Currently only WebKit-based Web Inspectors, Firefox >= v31, + * and the Firebug extension (any Firefox version) are known + * to support "%c" CSS customizations. + * + * TODO: add a `localStorage` variable to explicitly enable/disable colors + */ + +// eslint-disable-next-line complexity +function useColors() { + // NB: In an Electron preload script, document will be defined but not fully + // initialized. Since we know we're in Chrome, we'll just detect this case + // explicitly + if (typeof window !== 'undefined' && window.process && (window.process.type === 'renderer' || window.process.__nwjs)) { + return true; + } + + // Internet Explorer and Edge do not support colors. + if (typeof navigator !== 'undefined' && navigator.userAgent && navigator.userAgent.toLowerCase().match(/(edge|trident)\/(\d+)/)) { + return false; + } + + // Is webkit? http://stackoverflow.com/a/16459606/376773 + // document is undefined in react-native: https://github.com/facebook/react-native/pull/1632 + return (typeof document !== 'undefined' && document.documentElement && document.documentElement.style && document.documentElement.style.WebkitAppearance) || + // Is firebug? http://stackoverflow.com/a/398120/376773 + (typeof window !== 'undefined' && window.console && (window.console.firebug || (window.console.exception && window.console.table))) || + // Is firefox >= v31? + // https://developer.mozilla.org/en-US/docs/Tools/Web_Console#Styling_messages + (typeof navigator !== 'undefined' && navigator.userAgent && navigator.userAgent.toLowerCase().match(/firefox\/(\d+)/) && parseInt(RegExp.$1, 10) >= 31) || + // Double check webkit in userAgent just in case we are in a worker + (typeof navigator !== 'undefined' && navigator.userAgent && navigator.userAgent.toLowerCase().match(/applewebkit\/(\d+)/)); +} + +/** + * Colorize log arguments if enabled. + * + * @api public + */ + +function formatArgs(args) { + args[0] = (this.useColors ? '%c' : '') + + this.namespace + + (this.useColors ? ' %c' : ' ') + + args[0] + + (this.useColors ? '%c ' : ' ') + + '+' + module.exports.humanize(this.diff); + + if (!this.useColors) { + return; + } + + const c = 'color: ' + this.color; + args.splice(1, 0, c, 'color: inherit'); + + // The final "%c" is somewhat tricky, because there could be other + // arguments passed either before or after the %c, so we need to + // figure out the correct index to insert the CSS into + let index = 0; + let lastC = 0; + args[0].replace(/%[a-zA-Z%]/g, match => { + if (match === '%%') { + return; + } + index++; + if (match === '%c') { + // We only are interested in the *last* %c + // (the user may have provided their own) + lastC = index; + } + }); + + args.splice(lastC, 0, c); +} + +/** + * Invokes `console.log()` when available. + * No-op when `console.log` is not a "function". + * + * @api public + */ +function log(...args) { + // This hackery is required for IE8/9, where + // the `console.log` function doesn't have 'apply' + return typeof console === 'object' && + console.log && + console.log(...args); +} + +/** + * Save `namespaces`. + * + * @param {String} namespaces + * @api private + */ +function save(namespaces) { + try { + if (namespaces) { + exports.storage.setItem('debug', namespaces); + } else { + exports.storage.removeItem('debug'); + } + } catch (error) { + // Swallow + // XXX (@Qix-) should we be logging these? + } +} + +/** + * Load `namespaces`. + * + * @return {String} returns the previously persisted debug modes + * @api private + */ +function load() { + let r; + try { + r = exports.storage.getItem('debug'); + } catch (error) { + // Swallow + // XXX (@Qix-) should we be logging these? + } + + // If debug isn't set in LS, and we're in Electron, try to load $DEBUG + if (!r && typeof process !== 'undefined' && 'env' in process) { + r = process.env.DEBUG; + } + + return r; +} + +/** + * Localstorage attempts to return the localstorage. + * + * This is necessary because safari throws + * when a user disables cookies/localstorage + * and you attempt to access it. + * + * @return {LocalStorage} + * @api private + */ + +function localstorage() { + try { + // TVMLKit (Apple TV JS Runtime) does not have a window object, just localStorage in the global context + // The Browser also has localStorage in the global context. + return localStorage; + } catch (error) { + // Swallow + // XXX (@Qix-) should we be logging these? + } +} + +module.exports = require('./common')(exports); + +const {formatters} = module.exports; + +/** + * Map %j to `JSON.stringify()`, since no Web Inspectors do that by default. + */ + +formatters.j = function (v) { + try { + return JSON.stringify(v); + } catch (error) { + return '[UnexpectedJSONParseError]: ' + error.message; + } +}; diff --git a/node_modules/npm-registry-fetch/node_modules/debug/src/common.js b/node_modules/npm-registry-fetch/node_modules/debug/src/common.js new file mode 100644 index 000000000..2f82b8dc7 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/debug/src/common.js @@ -0,0 +1,266 @@ + +/** + * This is the common logic for both the Node.js and web browser + * implementations of `debug()`. + */ + +function setup(env) { + createDebug.debug = createDebug; + createDebug.default = createDebug; + createDebug.coerce = coerce; + createDebug.disable = disable; + createDebug.enable = enable; + createDebug.enabled = enabled; + createDebug.humanize = require('ms'); + + Object.keys(env).forEach(key => { + createDebug[key] = env[key]; + }); + + /** + * Active `debug` instances. + */ + createDebug.instances = []; + + /** + * The currently active debug mode names, and names to skip. + */ + + createDebug.names = []; + createDebug.skips = []; + + /** + * Map of special "%n" handling functions, for the debug "format" argument. + * + * Valid key names are a single, lower or upper-case letter, i.e. "n" and "N". + */ + createDebug.formatters = {}; + + /** + * Selects a color for a debug namespace + * @param {String} namespace The namespace string for the for the debug instance to be colored + * @return {Number|String} An ANSI color code for the given namespace + * @api private + */ + function selectColor(namespace) { + let hash = 0; + + for (let i = 0; i < namespace.length; i++) { + hash = ((hash << 5) - hash) + namespace.charCodeAt(i); + hash |= 0; // Convert to 32bit integer + } + + return createDebug.colors[Math.abs(hash) % createDebug.colors.length]; + } + createDebug.selectColor = selectColor; + + /** + * Create a debugger with the given `namespace`. + * + * @param {String} namespace + * @return {Function} + * @api public + */ + function createDebug(namespace) { + let prevTime; + + function debug(...args) { + // Disabled? + if (!debug.enabled) { + return; + } + + const self = debug; + + // Set `diff` timestamp + const curr = Number(new Date()); + const ms = curr - (prevTime || curr); + self.diff = ms; + self.prev = prevTime; + self.curr = curr; + prevTime = curr; + + args[0] = createDebug.coerce(args[0]); + + if (typeof args[0] !== 'string') { + // Anything else let's inspect with %O + args.unshift('%O'); + } + + // Apply any `formatters` transformations + let index = 0; + args[0] = args[0].replace(/%([a-zA-Z%])/g, (match, format) => { + // If we encounter an escaped % then don't increase the array index + if (match === '%%') { + return match; + } + index++; + const formatter = createDebug.formatters[format]; + if (typeof formatter === 'function') { + const val = args[index]; + match = formatter.call(self, val); + + // Now we need to remove `args[index]` since it's inlined in the `format` + args.splice(index, 1); + index--; + } + return match; + }); + + // Apply env-specific formatting (colors, etc.) + createDebug.formatArgs.call(self, args); + + const logFn = self.log || createDebug.log; + logFn.apply(self, args); + } + + debug.namespace = namespace; + debug.enabled = createDebug.enabled(namespace); + debug.useColors = createDebug.useColors(); + debug.color = selectColor(namespace); + debug.destroy = destroy; + debug.extend = extend; + // Debug.formatArgs = formatArgs; + // debug.rawLog = rawLog; + + // env-specific initialization logic for debug instances + if (typeof createDebug.init === 'function') { + createDebug.init(debug); + } + + createDebug.instances.push(debug); + + return debug; + } + + function destroy() { + const index = createDebug.instances.indexOf(this); + if (index !== -1) { + createDebug.instances.splice(index, 1); + return true; + } + return false; + } + + function extend(namespace, delimiter) { + const newDebug = createDebug(this.namespace + (typeof delimiter === 'undefined' ? ':' : delimiter) + namespace); + newDebug.log = this.log; + return newDebug; + } + + /** + * Enables a debug mode by namespaces. This can include modes + * separated by a colon and wildcards. + * + * @param {String} namespaces + * @api public + */ + function enable(namespaces) { + createDebug.save(namespaces); + + createDebug.names = []; + createDebug.skips = []; + + let i; + const split = (typeof namespaces === 'string' ? namespaces : '').split(/[\s,]+/); + const len = split.length; + + for (i = 0; i < len; i++) { + if (!split[i]) { + // ignore empty strings + continue; + } + + namespaces = split[i].replace(/\*/g, '.*?'); + + if (namespaces[0] === '-') { + createDebug.skips.push(new RegExp('^' + namespaces.substr(1) + '$')); + } else { + createDebug.names.push(new RegExp('^' + namespaces + '$')); + } + } + + for (i = 0; i < createDebug.instances.length; i++) { + const instance = createDebug.instances[i]; + instance.enabled = createDebug.enabled(instance.namespace); + } + } + + /** + * Disable debug output. + * + * @return {String} namespaces + * @api public + */ + function disable() { + const namespaces = [ + ...createDebug.names.map(toNamespace), + ...createDebug.skips.map(toNamespace).map(namespace => '-' + namespace) + ].join(','); + createDebug.enable(''); + return namespaces; + } + + /** + * Returns true if the given mode name is enabled, false otherwise. + * + * @param {String} name + * @return {Boolean} + * @api public + */ + function enabled(name) { + if (name[name.length - 1] === '*') { + return true; + } + + let i; + let len; + + for (i = 0, len = createDebug.skips.length; i < len; i++) { + if (createDebug.skips[i].test(name)) { + return false; + } + } + + for (i = 0, len = createDebug.names.length; i < len; i++) { + if (createDebug.names[i].test(name)) { + return true; + } + } + + return false; + } + + /** + * Convert regexp to namespace + * + * @param {RegExp} regxep + * @return {String} namespace + * @api private + */ + function toNamespace(regexp) { + return regexp.toString() + .substring(2, regexp.toString().length - 2) + .replace(/\.\*\?$/, '*'); + } + + /** + * Coerce `val`. + * + * @param {Mixed} val + * @return {Mixed} + * @api private + */ + function coerce(val) { + if (val instanceof Error) { + return val.stack || val.message; + } + return val; + } + + createDebug.enable(createDebug.load()); + + return createDebug; +} + +module.exports = setup; diff --git a/node_modules/npm-registry-fetch/node_modules/debug/src/index.js b/node_modules/npm-registry-fetch/node_modules/debug/src/index.js new file mode 100644 index 000000000..bf4c57f25 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/debug/src/index.js @@ -0,0 +1,10 @@ +/** + * Detect Electron renderer / nwjs process, which is node, but we should + * treat as a browser. + */ + +if (typeof process === 'undefined' || process.type === 'renderer' || process.browser === true || process.__nwjs) { + module.exports = require('./browser.js'); +} else { + module.exports = require('./node.js'); +} diff --git a/node_modules/npm-registry-fetch/node_modules/debug/src/node.js b/node_modules/npm-registry-fetch/node_modules/debug/src/node.js new file mode 100644 index 000000000..5e1f1541a --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/debug/src/node.js @@ -0,0 +1,257 @@ +/** + * Module dependencies. + */ + +const tty = require('tty'); +const util = require('util'); + +/** + * This is the Node.js implementation of `debug()`. + */ + +exports.init = init; +exports.log = log; +exports.formatArgs = formatArgs; +exports.save = save; +exports.load = load; +exports.useColors = useColors; + +/** + * Colors. + */ + +exports.colors = [6, 2, 3, 4, 5, 1]; + +try { + // Optional dependency (as in, doesn't need to be installed, NOT like optionalDependencies in package.json) + // eslint-disable-next-line import/no-extraneous-dependencies + const supportsColor = require('supports-color'); + + if (supportsColor && (supportsColor.stderr || supportsColor).level >= 2) { + exports.colors = [ + 20, + 21, + 26, + 27, + 32, + 33, + 38, + 39, + 40, + 41, + 42, + 43, + 44, + 45, + 56, + 57, + 62, + 63, + 68, + 69, + 74, + 75, + 76, + 77, + 78, + 79, + 80, + 81, + 92, + 93, + 98, + 99, + 112, + 113, + 128, + 129, + 134, + 135, + 148, + 149, + 160, + 161, + 162, + 163, + 164, + 165, + 166, + 167, + 168, + 169, + 170, + 171, + 172, + 173, + 178, + 179, + 184, + 185, + 196, + 197, + 198, + 199, + 200, + 201, + 202, + 203, + 204, + 205, + 206, + 207, + 208, + 209, + 214, + 215, + 220, + 221 + ]; + } +} catch (error) { + // Swallow - we only care if `supports-color` is available; it doesn't have to be. +} + +/** + * Build up the default `inspectOpts` object from the environment variables. + * + * $ DEBUG_COLORS=no DEBUG_DEPTH=10 DEBUG_SHOW_HIDDEN=enabled node script.js + */ + +exports.inspectOpts = Object.keys(process.env).filter(key => { + return /^debug_/i.test(key); +}).reduce((obj, key) => { + // Camel-case + const prop = key + .substring(6) + .toLowerCase() + .replace(/_([a-z])/g, (_, k) => { + return k.toUpperCase(); + }); + + // Coerce string value into JS value + let val = process.env[key]; + if (/^(yes|on|true|enabled)$/i.test(val)) { + val = true; + } else if (/^(no|off|false|disabled)$/i.test(val)) { + val = false; + } else if (val === 'null') { + val = null; + } else { + val = Number(val); + } + + obj[prop] = val; + return obj; +}, {}); + +/** + * Is stdout a TTY? Colored output is enabled when `true`. + */ + +function useColors() { + return 'colors' in exports.inspectOpts ? + Boolean(exports.inspectOpts.colors) : + tty.isatty(process.stderr.fd); +} + +/** + * Adds ANSI color escape codes if enabled. + * + * @api public + */ + +function formatArgs(args) { + const {namespace: name, useColors} = this; + + if (useColors) { + const c = this.color; + const colorCode = '\u001B[3' + (c < 8 ? c : '8;5;' + c); + const prefix = ` ${colorCode};1m${name} \u001B[0m`; + + args[0] = prefix + args[0].split('\n').join('\n' + prefix); + args.push(colorCode + 'm+' + module.exports.humanize(this.diff) + '\u001B[0m'); + } else { + args[0] = getDate() + name + ' ' + args[0]; + } +} + +function getDate() { + if (exports.inspectOpts.hideDate) { + return ''; + } + return new Date().toISOString() + ' '; +} + +/** + * Invokes `util.format()` with the specified arguments and writes to stderr. + */ + +function log(...args) { + return process.stderr.write(util.format(...args) + '\n'); +} + +/** + * Save `namespaces`. + * + * @param {String} namespaces + * @api private + */ +function save(namespaces) { + if (namespaces) { + process.env.DEBUG = namespaces; + } else { + // If you set a process.env field to null or undefined, it gets cast to the + // string 'null' or 'undefined'. Just delete instead. + delete process.env.DEBUG; + } +} + +/** + * Load `namespaces`. + * + * @return {String} returns the previously persisted debug modes + * @api private + */ + +function load() { + return process.env.DEBUG; +} + +/** + * Init logic for `debug` instances. + * + * Create a new `inspectOpts` object in case `useColors` is set + * differently for a particular `debug` instance. + */ + +function init(debug) { + debug.inspectOpts = {}; + + const keys = Object.keys(exports.inspectOpts); + for (let i = 0; i < keys.length; i++) { + debug.inspectOpts[keys[i]] = exports.inspectOpts[keys[i]]; + } +} + +module.exports = require('./common')(exports); + +const {formatters} = module.exports; + +/** + * Map %o to `util.inspect()`, all on a single line. + */ + +formatters.o = function (v) { + this.inspectOpts.colors = this.useColors; + return util.inspect(v, this.inspectOpts) + .replace(/\s*\n\s*/g, ' '); +}; + +/** + * Map %O to `util.inspect()`, allowing multiple lines if needed. + */ + +formatters.O = function (v) { + this.inspectOpts.colors = this.useColors; + return util.inspect(v, this.inspectOpts); +}; diff --git a/node_modules/npm-registry-fetch/node_modules/fs-minipass/LICENSE b/node_modules/npm-registry-fetch/node_modules/fs-minipass/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/fs-minipass/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/fs-minipass/README.md b/node_modules/npm-registry-fetch/node_modules/fs-minipass/README.md new file mode 100644 index 000000000..1e61241cf --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/fs-minipass/README.md @@ -0,0 +1,70 @@ +# fs-minipass + +Filesystem streams based on [minipass](http://npm.im/minipass). + +4 classes are exported: + +- ReadStream +- ReadStreamSync +- WriteStream +- WriteStreamSync + +When using `ReadStreamSync`, all of the data is made available +immediately upon consuming the stream. Nothing is buffered in memory +when the stream is constructed. If the stream is piped to a writer, +then it will synchronously `read()` and emit data into the writer as +fast as the writer can consume it. (That is, it will respect +backpressure.) If you call `stream.read()` then it will read the +entire file and return the contents. + +When using `WriteStreamSync`, every write is flushed to the file +synchronously. If your writes all come in a single tick, then it'll +write it all out in a single tick. It's as synchronous as you are. + +The async versions work much like their node builtin counterparts, +with the exception of introducing significantly less Stream machinery +overhead. + +## USAGE + +It's just streams, you pipe them or read() them or write() to them. + +```js +const fsm = require('fs-minipass') +const readStream = new fsm.ReadStream('file.txt') +const writeStream = new fsm.WriteStream('output.txt') +writeStream.write('some file header or whatever\n') +readStream.pipe(writeStream) +``` + +## ReadStream(path, options) + +Path string is required, but somewhat irrelevant if an open file +descriptor is passed in as an option. + +Options: + +- `fd` Pass in a numeric file descriptor, if the file is already open. +- `readSize` The size of reads to do, defaults to 16MB +- `size` The size of the file, if known. Prevents zero-byte read() + call at the end. +- `autoClose` Set to `false` to prevent the file descriptor from being + closed when the file is done being read. + +## WriteStream(path, options) + +Path string is required, but somewhat irrelevant if an open file +descriptor is passed in as an option. + +Options: + +- `fd` Pass in a numeric file descriptor, if the file is already open. +- `mode` The mode to create the file with. Defaults to `0o666`. +- `start` The position in the file to start reading. If not + specified, then the file will start writing at position zero, and be + truncated by default. +- `autoClose` Set to `false` to prevent the file descriptor from being + closed when the stream is ended. +- `flags` Flags to use when opening the file. Irrelevant if `fd` is + passed in, since file won't be opened in that case. Defaults to + `'a'` if a `pos` is specified, or `'w'` otherwise. diff --git a/node_modules/npm-registry-fetch/node_modules/fs-minipass/index.js b/node_modules/npm-registry-fetch/node_modules/fs-minipass/index.js new file mode 100644 index 000000000..9b0779c80 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/fs-minipass/index.js @@ -0,0 +1,422 @@ +'use strict' +const MiniPass = require('minipass') +const EE = require('events').EventEmitter +const fs = require('fs') + +let writev = fs.writev +/* istanbul ignore next */ +if (!writev) { + // This entire block can be removed if support for earlier than Node.js + // 12.9.0 is not needed. + const binding = process.binding('fs') + const FSReqWrap = binding.FSReqWrap || binding.FSReqCallback + + writev = (fd, iovec, pos, cb) => { + const done = (er, bw) => cb(er, bw, iovec) + const req = new FSReqWrap() + req.oncomplete = done + binding.writeBuffers(fd, iovec, pos, req) + } +} + +const _autoClose = Symbol('_autoClose') +const _close = Symbol('_close') +const _ended = Symbol('_ended') +const _fd = Symbol('_fd') +const _finished = Symbol('_finished') +const _flags = Symbol('_flags') +const _flush = Symbol('_flush') +const _handleChunk = Symbol('_handleChunk') +const _makeBuf = Symbol('_makeBuf') +const _mode = Symbol('_mode') +const _needDrain = Symbol('_needDrain') +const _onerror = Symbol('_onerror') +const _onopen = Symbol('_onopen') +const _onread = Symbol('_onread') +const _onwrite = Symbol('_onwrite') +const _open = Symbol('_open') +const _path = Symbol('_path') +const _pos = Symbol('_pos') +const _queue = Symbol('_queue') +const _read = Symbol('_read') +const _readSize = Symbol('_readSize') +const _reading = Symbol('_reading') +const _remain = Symbol('_remain') +const _size = Symbol('_size') +const _write = Symbol('_write') +const _writing = Symbol('_writing') +const _defaultFlag = Symbol('_defaultFlag') +const _errored = Symbol('_errored') + +class ReadStream extends MiniPass { + constructor (path, opt) { + opt = opt || {} + super(opt) + + this.readable = true + this.writable = false + + if (typeof path !== 'string') + throw new TypeError('path must be a string') + + this[_errored] = false + this[_fd] = typeof opt.fd === 'number' ? opt.fd : null + this[_path] = path + this[_readSize] = opt.readSize || 16*1024*1024 + this[_reading] = false + this[_size] = typeof opt.size === 'number' ? opt.size : Infinity + this[_remain] = this[_size] + this[_autoClose] = typeof opt.autoClose === 'boolean' ? + opt.autoClose : true + + if (typeof this[_fd] === 'number') + this[_read]() + else + this[_open]() + } + + get fd () { return this[_fd] } + get path () { return this[_path] } + + write () { + throw new TypeError('this is a readable stream') + } + + end () { + throw new TypeError('this is a readable stream') + } + + [_open] () { + fs.open(this[_path], 'r', (er, fd) => this[_onopen](er, fd)) + } + + [_onopen] (er, fd) { + if (er) + this[_onerror](er) + else { + this[_fd] = fd + this.emit('open', fd) + this[_read]() + } + } + + [_makeBuf] () { + return Buffer.allocUnsafe(Math.min(this[_readSize], this[_remain])) + } + + [_read] () { + if (!this[_reading]) { + this[_reading] = true + const buf = this[_makeBuf]() + /* istanbul ignore if */ + if (buf.length === 0) + return process.nextTick(() => this[_onread](null, 0, buf)) + fs.read(this[_fd], buf, 0, buf.length, null, (er, br, buf) => + this[_onread](er, br, buf)) + } + } + + [_onread] (er, br, buf) { + this[_reading] = false + if (er) + this[_onerror](er) + else if (this[_handleChunk](br, buf)) + this[_read]() + } + + [_close] () { + if (this[_autoClose] && typeof this[_fd] === 'number') { + const fd = this[_fd] + this[_fd] = null + fs.close(fd, er => er ? this.emit('error', er) : this.emit('close')) + } + } + + [_onerror] (er) { + this[_reading] = true + this[_close]() + this.emit('error', er) + } + + [_handleChunk] (br, buf) { + let ret = false + // no effect if infinite + this[_remain] -= br + if (br > 0) + ret = super.write(br < buf.length ? buf.slice(0, br) : buf) + + if (br === 0 || this[_remain] <= 0) { + ret = false + this[_close]() + super.end() + } + + return ret + } + + emit (ev, data) { + switch (ev) { + case 'prefinish': + case 'finish': + break + + case 'drain': + if (typeof this[_fd] === 'number') + this[_read]() + break + + case 'error': + if (this[_errored]) + return + this[_errored] = true + return super.emit(ev, data) + + default: + return super.emit(ev, data) + } + } +} + +class ReadStreamSync extends ReadStream { + [_open] () { + let threw = true + try { + this[_onopen](null, fs.openSync(this[_path], 'r')) + threw = false + } finally { + if (threw) + this[_close]() + } + } + + [_read] () { + let threw = true + try { + if (!this[_reading]) { + this[_reading] = true + do { + const buf = this[_makeBuf]() + /* istanbul ignore next */ + const br = buf.length === 0 ? 0 + : fs.readSync(this[_fd], buf, 0, buf.length, null) + if (!this[_handleChunk](br, buf)) + break + } while (true) + this[_reading] = false + } + threw = false + } finally { + if (threw) + this[_close]() + } + } + + [_close] () { + if (this[_autoClose] && typeof this[_fd] === 'number') { + const fd = this[_fd] + this[_fd] = null + fs.closeSync(fd) + this.emit('close') + } + } +} + +class WriteStream extends EE { + constructor (path, opt) { + opt = opt || {} + super(opt) + this.readable = false + this.writable = true + this[_errored] = false + this[_writing] = false + this[_ended] = false + this[_needDrain] = false + this[_queue] = [] + this[_path] = path + this[_fd] = typeof opt.fd === 'number' ? opt.fd : null + this[_mode] = opt.mode === undefined ? 0o666 : opt.mode + this[_pos] = typeof opt.start === 'number' ? opt.start : null + this[_autoClose] = typeof opt.autoClose === 'boolean' ? + opt.autoClose : true + + // truncating makes no sense when writing into the middle + const defaultFlag = this[_pos] !== null ? 'r+' : 'w' + this[_defaultFlag] = opt.flags === undefined + this[_flags] = this[_defaultFlag] ? defaultFlag : opt.flags + + if (this[_fd] === null) + this[_open]() + } + + emit (ev, data) { + if (ev === 'error') { + if (this[_errored]) + return + this[_errored] = true + } + return super.emit(ev, data) + } + + + get fd () { return this[_fd] } + get path () { return this[_path] } + + [_onerror] (er) { + this[_close]() + this[_writing] = true + this.emit('error', er) + } + + [_open] () { + fs.open(this[_path], this[_flags], this[_mode], + (er, fd) => this[_onopen](er, fd)) + } + + [_onopen] (er, fd) { + if (this[_defaultFlag] && + this[_flags] === 'r+' && + er && er.code === 'ENOENT') { + this[_flags] = 'w' + this[_open]() + } else if (er) + this[_onerror](er) + else { + this[_fd] = fd + this.emit('open', fd) + this[_flush]() + } + } + + end (buf, enc) { + if (buf) + this.write(buf, enc) + + this[_ended] = true + + // synthetic after-write logic, where drain/finish live + if (!this[_writing] && !this[_queue].length && + typeof this[_fd] === 'number') + this[_onwrite](null, 0) + return this + } + + write (buf, enc) { + if (typeof buf === 'string') + buf = Buffer.from(buf, enc) + + if (this[_ended]) { + this.emit('error', new Error('write() after end()')) + return false + } + + if (this[_fd] === null || this[_writing] || this[_queue].length) { + this[_queue].push(buf) + this[_needDrain] = true + return false + } + + this[_writing] = true + this[_write](buf) + return true + } + + [_write] (buf) { + fs.write(this[_fd], buf, 0, buf.length, this[_pos], (er, bw) => + this[_onwrite](er, bw)) + } + + [_onwrite] (er, bw) { + if (er) + this[_onerror](er) + else { + if (this[_pos] !== null) + this[_pos] += bw + if (this[_queue].length) + this[_flush]() + else { + this[_writing] = false + + if (this[_ended] && !this[_finished]) { + this[_finished] = true + this[_close]() + this.emit('finish') + } else if (this[_needDrain]) { + this[_needDrain] = false + this.emit('drain') + } + } + } + } + + [_flush] () { + if (this[_queue].length === 0) { + if (this[_ended]) + this[_onwrite](null, 0) + } else if (this[_queue].length === 1) + this[_write](this[_queue].pop()) + else { + const iovec = this[_queue] + this[_queue] = [] + writev(this[_fd], iovec, this[_pos], + (er, bw) => this[_onwrite](er, bw)) + } + } + + [_close] () { + if (this[_autoClose] && typeof this[_fd] === 'number') { + const fd = this[_fd] + this[_fd] = null + fs.close(fd, er => er ? this.emit('error', er) : this.emit('close')) + } + } +} + +class WriteStreamSync extends WriteStream { + [_open] () { + let fd + // only wrap in a try{} block if we know we'll retry, to avoid + // the rethrow obscuring the error's source frame in most cases. + if (this[_defaultFlag] && this[_flags] === 'r+') { + try { + fd = fs.openSync(this[_path], this[_flags], this[_mode]) + } catch (er) { + if (er.code === 'ENOENT') { + this[_flags] = 'w' + return this[_open]() + } else + throw er + } + } else + fd = fs.openSync(this[_path], this[_flags], this[_mode]) + + this[_onopen](null, fd) + } + + [_close] () { + if (this[_autoClose] && typeof this[_fd] === 'number') { + const fd = this[_fd] + this[_fd] = null + fs.closeSync(fd) + this.emit('close') + } + } + + [_write] (buf) { + // throw the original, but try to close if it fails + let threw = true + try { + this[_onwrite](null, + fs.writeSync(this[_fd], buf, 0, buf.length, this[_pos])) + threw = false + } finally { + if (threw) + try { this[_close]() } catch (_) {} + } + } +} + +exports.ReadStream = ReadStream +exports.ReadStreamSync = ReadStreamSync + +exports.WriteStream = WriteStream +exports.WriteStreamSync = WriteStreamSync diff --git a/node_modules/npm-registry-fetch/node_modules/fs-minipass/package.json b/node_modules/npm-registry-fetch/node_modules/fs-minipass/package.json new file mode 100644 index 000000000..04ab59132 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/fs-minipass/package.json @@ -0,0 +1,69 @@ +{ + "_from": "fs-minipass@^2.0.0", + "_id": "fs-minipass@2.1.0", + "_inBundle": false, + "_integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", + "_location": "/npm-registry-fetch/fs-minipass", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "fs-minipass@^2.0.0", + "name": "fs-minipass", + "escapedName": "fs-minipass", + "rawSpec": "^2.0.0", + "saveSpec": null, + "fetchSpec": "^2.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch/cacache", + "/npm-registry-fetch/tar" + ], + "_resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", + "_shasum": "7f5036fdbf12c63c169190cbe4199c852271f9fb", + "_spec": "fs-minipass@^2.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/cacache", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/npm/fs-minipass/issues" + }, + "bundleDependencies": false, + "dependencies": { + "minipass": "^3.0.0" + }, + "deprecated": false, + "description": "fs read and write streams based on minipass", + "devDependencies": { + "mutate-fs": "^2.0.1", + "tap": "^14.6.4" + }, + "engines": { + "node": ">= 8" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/npm/fs-minipass#readme", + "keywords": [], + "license": "ISC", + "main": "index.js", + "name": "fs-minipass", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/fs-minipass.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "2.1.0" +} diff --git a/node_modules/npm-registry-fetch/node_modules/hosted-git-info/CHANGELOG.md b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/CHANGELOG.md new file mode 100644 index 000000000..9bc6cae2e --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/CHANGELOG.md @@ -0,0 +1,135 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="3.0.2"></a> +## [3.0.2](https://github.com/npm/hosted-git-info/compare/v3.0.1...v3.0.2) (2019-10-08) + + +### Bug Fixes + +* do not encodeURIComponent the domain ([3e5fbec](https://github.com/npm/hosted-git-info/commit/3e5fbec)), closes [#53](https://github.com/npm/hosted-git-info/issues/53) + + + +<a name="3.0.1"></a> +## [3.0.1](https://github.com/npm/hosted-git-info/compare/v3.0.0...v3.0.1) (2019-10-07) + + +### Bug Fixes + +* update pathmatch for gitlab ([e3e3054](https://github.com/npm/hosted-git-info/commit/e3e3054)), closes [#52](https://github.com/npm/hosted-git-info/issues/52) +* updated pathmatch for gitlab ([fa87af7](https://github.com/npm/hosted-git-info/commit/fa87af7)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/hosted-git-info/compare/v2.8.3...v3.0.0) (2019-08-12) + + +### Bug Fixes + +* **cache:** Switch to lru-cache to save ourselves from unlimited memory consumption ([37c2891](https://github.com/npm/hosted-git-info/commit/37c2891)), closes [#38](https://github.com/npm/hosted-git-info/issues/38) + + +### BREAKING CHANGES + +* **cache:** Drop support for node 0.x + + + +<a name="2.8.3"></a> +## [2.8.3](https://github.com/npm/hosted-git-info/compare/v2.8.2...v2.8.3) (2019-08-12) + + + +<a name="2.8.2"></a> +## [2.8.2](https://github.com/npm/hosted-git-info/compare/v2.8.1...v2.8.2) (2019-08-05) + + +### Bug Fixes + +* http protocol use sshurl by default ([3b1d629](https://github.com/npm/hosted-git-info/commit/3b1d629)), closes [#48](https://github.com/npm/hosted-git-info/issues/48) + + + +<a name="2.8.1"></a> +## [2.8.1](https://github.com/npm/hosted-git-info/compare/v2.8.0...v2.8.1) (2019-08-05) + + +### Bug Fixes + +* ignore noCommittish on tarball url generation ([5d4a8d7](https://github.com/npm/hosted-git-info/commit/5d4a8d7)) +* use gist tarball url that works for anonymous gists ([1692435](https://github.com/npm/hosted-git-info/commit/1692435)) + + + +<a name="2.8.0"></a> +# [2.8.0](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.0) (2019-08-05) + + +### Bug Fixes + +* Allow slashes in gitlab project section ([bbcf7b2](https://github.com/npm/hosted-git-info/commit/bbcf7b2)), closes [#46](https://github.com/npm/hosted-git-info/issues/46) [#43](https://github.com/npm/hosted-git-info/issues/43) +* **git-host:** disallow URI-encoded slash (%2F) in `path` ([3776fa5](https://github.com/npm/hosted-git-info/commit/3776fa5)), closes [#44](https://github.com/npm/hosted-git-info/issues/44) +* **gitlab:** Do not URL encode slashes in project name for GitLab https URL ([cbf04f9](https://github.com/npm/hosted-git-info/commit/cbf04f9)), closes [#47](https://github.com/npm/hosted-git-info/issues/47) +* do not allow invalid gist urls ([d5cf830](https://github.com/npm/hosted-git-info/commit/d5cf830)) +* **cache:** Switch to lru-cache to save ourselves from unlimited memory consumption ([e518222](https://github.com/npm/hosted-git-info/commit/e518222)), closes [#38](https://github.com/npm/hosted-git-info/issues/38) + + +### Features + +* give these objects a name ([60abaea](https://github.com/npm/hosted-git-info/commit/60abaea)) + + + +<a name="2.7.1"></a> +## [2.7.1](https://github.com/npm/hosted-git-info/compare/v2.7.0...v2.7.1) (2018-07-07) + + +### Bug Fixes + +* **index:** Guard against non-string types ([5bc580d](https://github.com/npm/hosted-git-info/commit/5bc580d)) +* **parse:** Crash on strings that parse to having no host ([c931482](https://github.com/npm/hosted-git-info/commit/c931482)), closes [#35](https://github.com/npm/hosted-git-info/issues/35) + + + +<a name="2.7.0"></a> +# [2.7.0](https://github.com/npm/hosted-git-info/compare/v2.6.1...v2.7.0) (2018-07-06) + + +### Bug Fixes + +* **github tarball:** update github tarballtemplate ([6efd582](https://github.com/npm/hosted-git-info/commit/6efd582)), closes [#34](https://github.com/npm/hosted-git-info/issues/34) +* **gitlab docs:** switched to lowercase anchors for readmes ([701bcd1](https://github.com/npm/hosted-git-info/commit/701bcd1)) + + +### Features + +* **all:** Support www. prefixes on hostnames ([3349575](https://github.com/npm/hosted-git-info/commit/3349575)), closes [#32](https://github.com/npm/hosted-git-info/issues/32) + + + +<a name="2.6.1"></a> +## [2.6.1](https://github.com/npm/hosted-git-info/compare/v2.6.0...v2.6.1) (2018-06-25) + +### Bug Fixes + +* **Revert:** "compat: remove Object.assign fallback ([#25](https://github.com/npm/hosted-git-info/issues/25))" ([cce5a62](https://github.com/npm/hosted-git-info/commit/cce5a62)) +* **Revert:** "git-host: fix forgotten extend()" ([a815ec9](https://github.com/npm/hosted-git-info/commit/a815ec9)) + + + +<a name="2.6.0"></a> +# [2.6.0](https://github.com/npm/hosted-git-info/compare/v2.5.0...v2.6.0) (2018-03-07) + + +### Bug Fixes + +* **compat:** remove Object.assign fallback ([#25](https://github.com/npm/hosted-git-info/issues/25)) ([627ab55](https://github.com/npm/hosted-git-info/commit/627ab55)) +* **git-host:** fix forgotten extend() ([eba1f7b](https://github.com/npm/hosted-git-info/commit/eba1f7b)) + + +### Features + +* **browse:** fragment support for browse() ([#28](https://github.com/npm/hosted-git-info/issues/28)) ([cd5e5bb](https://github.com/npm/hosted-git-info/commit/cd5e5bb)) diff --git a/node_modules/npm-registry-fetch/node_modules/hosted-git-info/LICENSE b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/LICENSE new file mode 100644 index 000000000..45055763d --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/LICENSE @@ -0,0 +1,13 @@ +Copyright (c) 2015, Rebecca Turner + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH +REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, +INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR +OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/hosted-git-info/README.md b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/README.md new file mode 100644 index 000000000..7b723f6b9 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/README.md @@ -0,0 +1,133 @@ +# hosted-git-info + +This will let you identify and transform various git hosts URLs between +protocols. It also can tell you what the URL is for the raw path for +particular file for direct access without git. + +## Example + +```javascript +var hostedGitInfo = require("hosted-git-info") +var info = hostedGitInfo.fromUrl("git@github.com:npm/hosted-git-info.git", opts) +/* info looks like: +{ + type: "github", + domain: "github.com", + user: "npm", + project: "hosted-git-info" +} +*/ +``` + +If the URL can't be matched with a git host, `null` will be returned. We +can match git, ssh and https urls. Additionally, we can match ssh connect +strings (`git@github.com:npm/hosted-git-info`) and shortcuts (eg, +`github:npm/hosted-git-info`). Github specifically, is detected in the case +of a third, unprefixed, form: `npm/hosted-git-info`. + +If it does match, the returned object has properties of: + +* info.type -- The short name of the service +* info.domain -- The domain for git protocol use +* info.user -- The name of the user/org on the git host +* info.project -- The name of the project on the git host + +## Version Contract + +The major version will be bumped any time… + +* The constructor stops accepting URLs that it previously accepted. +* A method is removed. +* A method can no longer accept the number and type of arguments it previously accepted. +* A method can return a different type than it currently returns. + +Implications: + +* I do not consider the specific format of the urls returned from, say + `.https()` to be a part of the contract. The contract is that it will + return a string that can be used to fetch the repo via HTTPS. But what + that string looks like, specifically, can change. +* Dropping support for a hosted git provider would constitute a breaking + change. + +## Usage + +### var info = hostedGitInfo.fromUrl(gitSpecifier[, options]) + +* *gitSpecifer* is a URL of a git repository or a SCP-style specifier of one. +* *options* is an optional object. It can have the following properties: + * *noCommittish* — If true then committishes won't be included in generated URLs. + * *noGitPlus* — If true then `git+` won't be prefixed on URLs. + +## Methods + +All of the methods take the same options as the `fromUrl` factory. Options +provided to a method override those provided to the constructor. + +* info.file(path, opts) + +Given the path of a file relative to the repository, returns a URL for +directly fetching it from the githost. If no committish was set then +`master` will be used as the default. + +For example `hostedGitInfo.fromUrl("git@github.com:npm/hosted-git-info.git#v1.0.0").file("package.json")` +would return `https://raw.githubusercontent.com/npm/hosted-git-info/v1.0.0/package.json` + +* info.shortcut(opts) + +eg, `github:npm/hosted-git-info` + +* info.browse(path, fragment, opts) + +eg, `https://github.com/npm/hosted-git-info/tree/v1.2.0`, +`https://github.com/npm/hosted-git-info/tree/v1.2.0/package.json`, +`https://github.com/npm/hosted-git-info/tree/v1.2.0/REAMDE.md#supported-hosts` + +* info.bugs(opts) + +eg, `https://github.com/npm/hosted-git-info/issues` + +* info.docs(opts) + +eg, `https://github.com/npm/hosted-git-info/tree/v1.2.0#readme` + +* info.https(opts) + +eg, `git+https://github.com/npm/hosted-git-info.git` + +* info.sshurl(opts) + +eg, `git+ssh://git@github.com/npm/hosted-git-info.git` + +* info.ssh(opts) + +eg, `git@github.com:npm/hosted-git-info.git` + +* info.path(opts) + +eg, `npm/hosted-git-info` + +* info.tarball(opts) + +eg, `https://github.com/npm/hosted-git-info/archive/v1.2.0.tar.gz` + +* info.getDefaultRepresentation() + +Returns the default output type. The default output type is based on the +string you passed in to be parsed + +* info.toString(opts) + +Uses the getDefaultRepresentation to call one of the other methods to get a URL for +this resource. As such `hostedGitInfo.fromUrl(url).toString()` will give +you a normalized version of the URL that still uses the same protocol. + +Shortcuts will still be returned as shortcuts, but the special case github +form of `org/project` will be normalized to `github:org/project`. + +SSH connect strings will be normalized into `git+ssh` URLs. + +## Supported hosts + +Currently this supports Github, Bitbucket and Gitlab. Pull requests for +additional hosts welcome. diff --git a/node_modules/npm-registry-fetch/node_modules/hosted-git-info/git-host-info.js b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/git-host-info.js new file mode 100644 index 000000000..8147e3348 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/git-host-info.js @@ -0,0 +1,79 @@ +'use strict' + +var gitHosts = module.exports = { + github: { + // First two are insecure and generally shouldn't be used any more, but + // they are still supported. + 'protocols': [ 'git', 'http', 'git+ssh', 'git+https', 'ssh', 'https' ], + 'domain': 'github.com', + 'treepath': 'tree', + 'filetemplate': 'https://{auth@}raw.githubusercontent.com/{user}/{project}/{committish}/{path}', + 'bugstemplate': 'https://{domain}/{user}/{project}/issues', + 'gittemplate': 'git://{auth@}{domain}/{user}/{project}.git{#committish}', + 'tarballtemplate': 'https://codeload.{domain}/{user}/{project}/tar.gz/{committish}' + }, + bitbucket: { + 'protocols': [ 'git+ssh', 'git+https', 'ssh', 'https' ], + 'domain': 'bitbucket.org', + 'treepath': 'src', + 'tarballtemplate': 'https://{domain}/{user}/{project}/get/{committish}.tar.gz' + }, + gitlab: { + 'protocols': [ 'git+ssh', 'git+https', 'ssh', 'https' ], + 'domain': 'gitlab.com', + 'treepath': 'tree', + 'bugstemplate': 'https://{domain}/{user}/{project}/issues', + 'httpstemplate': 'git+https://{auth@}{domain}/{user}/{projectPath}.git{#committish}', + 'tarballtemplate': 'https://{domain}/{user}/{project}/repository/archive.tar.gz?ref={committish}', + 'pathmatch': /^[/]([^/]+)[/]((?!.*(\/-\/|\/repository\/archive\.tar\.gz\?=.*|\/repository\/[^/]+\/archive.tar.gz$)).*?)(?:[.]git|[/])?$/ + }, + gist: { + 'protocols': [ 'git', 'git+ssh', 'git+https', 'ssh', 'https' ], + 'domain': 'gist.github.com', + 'pathmatch': /^[/](?:([^/]+)[/])?([a-z0-9]{32,})(?:[.]git)?$/, + 'filetemplate': 'https://gist.githubusercontent.com/{user}/{project}/raw{/committish}/{path}', + 'bugstemplate': 'https://{domain}/{project}', + 'gittemplate': 'git://{domain}/{project}.git{#committish}', + 'sshtemplate': 'git@{domain}:/{project}.git{#committish}', + 'sshurltemplate': 'git+ssh://git@{domain}/{project}.git{#committish}', + 'browsetemplate': 'https://{domain}/{project}{/committish}', + 'browsefiletemplate': 'https://{domain}/{project}{/committish}{#path}', + 'docstemplate': 'https://{domain}/{project}{/committish}', + 'httpstemplate': 'git+https://{domain}/{project}.git{#committish}', + 'shortcuttemplate': '{type}:{project}{#committish}', + 'pathtemplate': '{project}{#committish}', + 'tarballtemplate': 'https://codeload.github.com/gist/{project}/tar.gz/{committish}', + 'hashformat': function (fragment) { + return 'file-' + formatHashFragment(fragment) + } + } +} + +var gitHostDefaults = { + 'sshtemplate': 'git@{domain}:{user}/{project}.git{#committish}', + 'sshurltemplate': 'git+ssh://git@{domain}/{user}/{project}.git{#committish}', + 'browsetemplate': 'https://{domain}/{user}/{project}{/tree/committish}', + 'browsefiletemplate': 'https://{domain}/{user}/{project}/{treepath}/{committish}/{path}{#fragment}', + 'docstemplate': 'https://{domain}/{user}/{project}{/tree/committish}#readme', + 'httpstemplate': 'git+https://{auth@}{domain}/{user}/{project}.git{#committish}', + 'filetemplate': 'https://{domain}/{user}/{project}/raw/{committish}/{path}', + 'shortcuttemplate': '{type}:{user}/{project}{#committish}', + 'pathtemplate': '{user}/{project}{#committish}', + 'pathmatch': /^[/]([^/]+)[/]([^/]+?)(?:[.]git|[/])?$/, + 'hashformat': formatHashFragment +} + +Object.keys(gitHosts).forEach(function (name) { + Object.keys(gitHostDefaults).forEach(function (key) { + if (gitHosts[name][key]) return + gitHosts[name][key] = gitHostDefaults[key] + }) + gitHosts[name].protocols_re = RegExp('^(' + + gitHosts[name].protocols.map(function (protocol) { + return protocol.replace(/([\\+*{}()[\]$^|])/g, '\\$1') + }).join('|') + '):$') +}) + +function formatHashFragment (fragment) { + return fragment.toLowerCase().replace(/^\W+|\/|\W+$/g, '').replace(/\W+/g, '-') +} diff --git a/node_modules/npm-registry-fetch/node_modules/hosted-git-info/git-host.js b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/git-host.js new file mode 100644 index 000000000..f9b1ec745 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/git-host.js @@ -0,0 +1,156 @@ +'use strict' +var gitHosts = require('./git-host-info.js') +/* eslint-disable node/no-deprecated-api */ + +// copy-pasta util._extend from node's source, to avoid pulling +// the whole util module into peoples' webpack bundles. +/* istanbul ignore next */ +var extend = Object.assign || function _extend (target, source) { + // Don't do anything if source isn't an object + if (source === null || typeof source !== 'object') return target + + const keys = Object.keys(source) + let i = keys.length + while (i--) { + target[keys[i]] = source[keys[i]] + } + return target +} + +module.exports = GitHost +function GitHost (type, user, auth, project, committish, defaultRepresentation, opts) { + var gitHostInfo = this + gitHostInfo.type = type + Object.keys(gitHosts[type]).forEach(function (key) { + gitHostInfo[key] = gitHosts[type][key] + }) + gitHostInfo.user = user + gitHostInfo.auth = auth + gitHostInfo.project = project + gitHostInfo.committish = committish + gitHostInfo.default = defaultRepresentation + gitHostInfo.opts = opts || {} +} + +GitHost.prototype.hash = function () { + return this.committish ? '#' + this.committish : '' +} + +GitHost.prototype._fill = function (template, opts) { + if (!template) return + var vars = extend({}, opts) + vars.path = vars.path ? vars.path.replace(/^[/]+/g, '') : '' + opts = extend(extend({}, this.opts), opts) + var self = this + Object.keys(this).forEach(function (key) { + if (self[key] != null && vars[key] == null) vars[key] = self[key] + }) + var rawAuth = vars.auth + var rawcommittish = vars.committish + var rawFragment = vars.fragment + var rawPath = vars.path + var rawProject = vars.project + Object.keys(vars).forEach(function (key) { + var value = vars[key] + if ((key === 'path' || key === 'project') && typeof value === 'string') { + vars[key] = value.split('/').map(function (pathComponent) { + return encodeURIComponent(pathComponent) + }).join('/') + } else if (key !== 'domain') { + vars[key] = encodeURIComponent(value) + } + }) + vars['auth@'] = rawAuth ? rawAuth + '@' : '' + vars['#fragment'] = rawFragment ? '#' + this.hashformat(rawFragment) : '' + vars.fragment = vars.fragment ? vars.fragment : '' + vars['#path'] = rawPath ? '#' + this.hashformat(rawPath) : '' + vars['/path'] = vars.path ? '/' + vars.path : '' + vars.projectPath = rawProject.split('/').map(encodeURIComponent).join('/') + if (opts.noCommittish) { + vars['#committish'] = '' + vars['/tree/committish'] = '' + vars['/committish'] = '' + vars.committish = '' + } else { + vars['#committish'] = rawcommittish ? '#' + rawcommittish : '' + vars['/tree/committish'] = vars.committish + ? '/' + vars.treepath + '/' + vars.committish + : '' + vars['/committish'] = vars.committish ? '/' + vars.committish : '' + vars.committish = vars.committish || 'master' + } + var res = template + Object.keys(vars).forEach(function (key) { + res = res.replace(new RegExp('[{]' + key + '[}]', 'g'), vars[key]) + }) + if (opts.noGitPlus) { + return res.replace(/^git[+]/, '') + } else { + return res + } +} + +GitHost.prototype.ssh = function (opts) { + return this._fill(this.sshtemplate, opts) +} + +GitHost.prototype.sshurl = function (opts) { + return this._fill(this.sshurltemplate, opts) +} + +GitHost.prototype.browse = function (P, F, opts) { + if (typeof P === 'string') { + if (typeof F !== 'string') { + opts = F + F = null + } + return this._fill(this.browsefiletemplate, extend({ + fragment: F, + path: P + }, opts)) + } else { + return this._fill(this.browsetemplate, P) + } +} + +GitHost.prototype.docs = function (opts) { + return this._fill(this.docstemplate, opts) +} + +GitHost.prototype.bugs = function (opts) { + return this._fill(this.bugstemplate, opts) +} + +GitHost.prototype.https = function (opts) { + return this._fill(this.httpstemplate, opts) +} + +GitHost.prototype.git = function (opts) { + return this._fill(this.gittemplate, opts) +} + +GitHost.prototype.shortcut = function (opts) { + return this._fill(this.shortcuttemplate, opts) +} + +GitHost.prototype.path = function (opts) { + return this._fill(this.pathtemplate, opts) +} + +GitHost.prototype.tarball = function (opts_) { + var opts = extend({}, opts_, { noCommittish: false }) + return this._fill(this.tarballtemplate, opts) +} + +GitHost.prototype.file = function (P, opts) { + return this._fill(this.filetemplate, extend({ path: P }, opts)) +} + +GitHost.prototype.getDefaultRepresentation = function () { + return this.default +} + +GitHost.prototype.toString = function (opts) { + if (this.default && typeof this[this.default] === 'function') return this[this.default](opts) + return this.sshurl(opts) +} diff --git a/node_modules/npm-registry-fetch/node_modules/hosted-git-info/index.js b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/index.js new file mode 100644 index 000000000..2ccb1d69c --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/index.js @@ -0,0 +1,125 @@ +'use strict' +var url = require('url') +var gitHosts = require('./git-host-info.js') +var GitHost = module.exports = require('./git-host.js') +var LRU = require('lru-cache') +var cache = new LRU({max: 1000}) + +var protocolToRepresentationMap = { + 'git+ssh:': 'sshurl', + 'git+https:': 'https', + 'ssh:': 'sshurl', + 'git:': 'git' +} + +function protocolToRepresentation (protocol) { + return protocolToRepresentationMap[protocol] || protocol.slice(0, -1) +} + +var authProtocols = { + 'git:': true, + 'https:': true, + 'git+https:': true, + 'http:': true, + 'git+http:': true +} + +module.exports.fromUrl = function (giturl, opts) { + if (typeof giturl !== 'string') return + var key = giturl + JSON.stringify(opts || {}) + + if (!cache.has(key)) { + cache.set(key, fromUrl(giturl, opts)) + } + + return cache.get(key) +} + +function fromUrl (giturl, opts) { + if (giturl == null || giturl === '') return + var url = fixupUnqualifiedGist( + isGitHubShorthand(giturl) ? 'github:' + giturl : giturl + ) + var parsed = parseGitUrl(url) + var shortcutMatch = url.match(new RegExp('^([^:]+):(?:(?:[^@:]+(?:[^@]+)?@)?([^/]*))[/](.+?)(?:[.]git)?($|#)')) + var matches = Object.keys(gitHosts).map(function (gitHostName) { + try { + var gitHostInfo = gitHosts[gitHostName] + var auth = null + if (parsed.auth && authProtocols[parsed.protocol]) { + auth = decodeURIComponent(parsed.auth) + } + var committish = parsed.hash ? decodeURIComponent(parsed.hash.substr(1)) : null + var user = null + var project = null + var defaultRepresentation = null + if (shortcutMatch && shortcutMatch[1] === gitHostName) { + user = shortcutMatch[2] && decodeURIComponent(shortcutMatch[2]) + project = decodeURIComponent(shortcutMatch[3]) + defaultRepresentation = 'shortcut' + } else { + if (parsed.host && parsed.host !== gitHostInfo.domain && parsed.host.replace(/^www[.]/, '') !== gitHostInfo.domain) return + if (!gitHostInfo.protocols_re.test(parsed.protocol)) return + if (!parsed.path) return + var pathmatch = gitHostInfo.pathmatch + var matched = parsed.path.match(pathmatch) + if (!matched) return + /* istanbul ignore else */ + if (matched[1] !== null && matched[1] !== undefined) { + user = decodeURIComponent(matched[1].replace(/^:/, '')) + } + project = decodeURIComponent(matched[2]) + defaultRepresentation = protocolToRepresentation(parsed.protocol) + } + return new GitHost(gitHostName, user, auth, project, committish, defaultRepresentation, opts) + } catch (ex) { + /* istanbul ignore else */ + if (ex instanceof URIError) { + } else throw ex + } + }).filter(function (gitHostInfo) { return gitHostInfo }) + if (matches.length !== 1) return + return matches[0] +} + +function isGitHubShorthand (arg) { + // Note: This does not fully test the git ref format. + // See https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html + // + // The only way to do this properly would be to shell out to + // git-check-ref-format, and as this is a fast sync function, + // we don't want to do that. Just let git fail if it turns + // out that the commit-ish is invalid. + // GH usernames cannot start with . or - + return /^[^:@%/\s.-][^:@%/\s]*[/][^:@\s/%]+(?:#.*)?$/.test(arg) +} + +function fixupUnqualifiedGist (giturl) { + // necessary for round-tripping gists + var parsed = url.parse(giturl) + if (parsed.protocol === 'gist:' && parsed.host && !parsed.path) { + return parsed.protocol + '/' + parsed.host + } else { + return giturl + } +} + +function parseGitUrl (giturl) { + var matched = giturl.match(/^([^@]+)@([^:/]+):[/]?((?:[^/]+[/])?[^/]+?)(?:[.]git)?(#.*)?$/) + if (!matched) return url.parse(giturl) + return { + protocol: 'git+ssh:', + slashes: true, + auth: matched[1], + host: matched[2], + port: null, + hostname: matched[2], + hash: matched[4], + search: null, + query: null, + pathname: '/' + matched[3], + path: '/' + matched[3], + href: 'git+ssh://' + matched[1] + '@' + matched[2] + + '/' + matched[3] + (matched[4] || '') + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/hosted-git-info/package.json b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/package.json new file mode 100644 index 000000000..fa6ea4f81 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/hosted-git-info/package.json @@ -0,0 +1,72 @@ +{ + "_from": "hosted-git-info@^3.0.2", + "_id": "hosted-git-info@3.0.2", + "_inBundle": false, + "_integrity": "sha512-ezZMWtHXm7Eb7Rq4Mwnx2vs79WUx2QmRg3+ZqeGroKzfDO+EprOcgRPYghsOP9JuYBfK18VojmRTGCg8Ma+ktw==", + "_location": "/npm-registry-fetch/hosted-git-info", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "hosted-git-info@^3.0.2", + "name": "hosted-git-info", + "escapedName": "hosted-git-info", + "rawSpec": "^3.0.2", + "saveSpec": null, + "fetchSpec": "^3.0.2" + }, + "_requiredBy": [ + "/npm-registry-fetch/npm-package-arg" + ], + "_resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-3.0.2.tgz", + "_shasum": "8b7e3bd114b59b51786f8bade0f39ddc80275a97", + "_spec": "hosted-git-info@^3.0.2", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/npm-package-arg", + "author": { + "name": "Rebecca Turner", + "email": "me@re-becca.org", + "url": "http://re-becca.org" + }, + "bugs": { + "url": "https://github.com/npm/hosted-git-info/issues" + }, + "bundleDependencies": false, + "dependencies": { + "lru-cache": "^5.1.1" + }, + "deprecated": false, + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "devDependencies": { + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.7.0" + }, + "files": [ + "index.js", + "git-host.js", + "git-host-info.js" + ], + "homepage": "https://github.com/npm/hosted-git-info", + "keywords": [ + "git", + "github", + "bitbucket", + "gitlab" + ], + "license": "ISC", + "main": "index.js", + "name": "hosted-git-info", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/hosted-git-info.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --100 --no-esm test/*.js", + "test:coverage": "tap --coverage-report=html -J --100 --no-esm test/*.js" + }, + "version": "3.0.2" +} diff --git a/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/LICENSE b/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/LICENSE new file mode 100644 index 000000000..493d2ea29 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/LICENSE @@ -0,0 +1,9 @@ +Copyright 2016-2018 Kornel Lesiński + +Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/README.md b/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/README.md new file mode 100644 index 000000000..a9d689d85 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/README.md @@ -0,0 +1,193 @@ +# Can I cache this? [](https://travis-ci.org/kornelski/http-cache-semantics) + +`CachePolicy` tells when responses can be reused from a cache, taking into account [HTTP RFC 7234](http://httpwg.org/specs/rfc7234.html) rules for user agents and shared caches. It's aware of many tricky details such as the `Vary` header, proxy revalidation, and authenticated responses. + +## Usage + +Cacheability of an HTTP response depends on how it was requested, so both `request` and `response` are required to create the policy. + +```js +const policy = new CachePolicy(request, response, options); + +if (!policy.storable()) { + // throw the response away, it's not usable at all + return; +} + +// Cache the data AND the policy object in your cache +// (this is pseudocode, roll your own cache (lru-cache package works)) +letsPretendThisIsSomeCache.set( + request.url, + { policy, response }, + policy.timeToLive() +); +``` + +```js +// And later, when you receive a new request: +const { policy, response } = letsPretendThisIsSomeCache.get(newRequest.url); + +// It's not enough that it exists in the cache, it has to match the new request, too: +if (policy && policy.satisfiesWithoutRevalidation(newRequest)) { + // OK, the previous response can be used to respond to the `newRequest`. + // Response headers have to be updated, e.g. to add Age and remove uncacheable headers. + response.headers = policy.responseHeaders(); + return response; +} +``` + +It may be surprising, but it's not enough for an HTTP response to be [fresh](#yo-fresh) to satisfy a request. It may need to match request headers specified in `Vary`. Even a matching fresh response may still not be usable if the new request restricted cacheability, etc. + +The key method is `satisfiesWithoutRevalidation(newRequest)`, which checks whether the `newRequest` is compatible with the original request and whether all caching conditions are met. + +### Constructor options + +Request and response must have a `headers` property with all header names in lower case. `url`, `status` and `method` are optional (defaults are any URL, status `200`, and `GET` method). + +```js +const request = { + url: '/', + method: 'GET', + headers: { + accept: '*/*', + }, +}; + +const response = { + status: 200, + headers: { + 'cache-control': 'public, max-age=7234', + }, +}; + +const options = { + shared: true, + cacheHeuristic: 0.1, + immutableMinTimeToLive: 24 * 3600 * 1000, // 24h + ignoreCargoCult: false, + trustServerDate: true, +}; +``` + +If `options.shared` is `true` (default), then the response is evaluated from a perspective of a shared cache (i.e. `private` is not cacheable and `s-maxage` is respected). If `options.shared` is `false`, then the response is evaluated from a perspective of a single-user cache (i.e. `private` is cacheable and `s-maxage` is ignored). `shared: true` is recommended for HTTP clients. + +`options.cacheHeuristic` is a fraction of response's age that is used as a fallback cache duration. The default is 0.1 (10%), e.g. if a file hasn't been modified for 100 days, it'll be cached for 100\*0.1 = 10 days. + +`options.immutableMinTimeToLive` is a number of milliseconds to assume as the default time to cache responses with `Cache-Control: immutable`. Note that [per RFC](http://httpwg.org/http-extensions/immutable.html) these can become stale, so `max-age` still overrides the default. + +If `options.ignoreCargoCult` is true, common anti-cache directives will be completely ignored if the non-standard `pre-check` and `post-check` directives are present. These two useless directives are most commonly found in bad StackOverflow answers and PHP's "session limiter" defaults. + +If `options.trustServerDate` is false, then server's `Date` header won't be used as the base for `max-age`. This is against the RFC, but it's useful if you want to cache responses with very short `max-age`, but your local clock is not exactly in sync with the server's. + +### `storable()` + +Returns `true` if the response can be stored in a cache. If it's `false` then you MUST NOT store either the request or the response. + +### `satisfiesWithoutRevalidation(newRequest)` + +This is the most important method. Use this method to check whether the cached response is still fresh in the context of the new request. + +If it returns `true`, then the given `request` matches the original response this cache policy has been created with, and the response can be reused without contacting the server. Note that the old response can't be returned without being updated, see `responseHeaders()`. + +If it returns `false`, then the response may not be matching at all (e.g. it's for a different URL or method), or may require to be refreshed first (see `revalidationHeaders()`). + +### `responseHeaders()` + +Returns updated, filtered set of response headers to return to clients receiving the cached response. This function is necessary, because proxies MUST always remove hop-by-hop headers (such as `TE` and `Connection`) and update response's `Age` to avoid doubling cache time. + +```js +cachedResponse.headers = cachePolicy.responseHeaders(cachedResponse); +``` + +### `timeToLive()` + +Returns approximate time in _milliseconds_ until the response becomes stale (i.e. not fresh). + +After that time (when `timeToLive() <= 0`) the response might not be usable without revalidation. However, there are exceptions, e.g. a client can explicitly allow stale responses, so always check with `satisfiesWithoutRevalidation()`. + +### `toObject()`/`fromObject(json)` + +Chances are you'll want to store the `CachePolicy` object along with the cached response. `obj = policy.toObject()` gives a plain JSON-serializable object. `policy = CachePolicy.fromObject(obj)` creates an instance from it. + +### Refreshing stale cache (revalidation) + +When a cached response has expired, it can be made fresh again by making a request to the origin server. The server may respond with status 304 (Not Modified) without sending the response body again, saving bandwidth. + +The following methods help perform the update efficiently and correctly. + +#### `revalidationHeaders(newRequest)` + +Returns updated, filtered set of request headers to send to the origin server to check if the cached response can be reused. These headers allow the origin server to return status 304 indicating the response is still fresh. All headers unrelated to caching are passed through as-is. + +Use this method when updating cache from the origin server. + +```js +updateRequest.headers = cachePolicy.revalidationHeaders(updateRequest); +``` + +#### `revalidatedPolicy(revalidationRequest, revalidationResponse)` + +Use this method to update the cache after receiving a new response from the origin server. It returns an object with two keys: + +- `policy` — A new `CachePolicy` with HTTP headers updated from `revalidationResponse`. You can always replace the old cached `CachePolicy` with the new one. +- `modified` — Boolean indicating whether the response body has changed. + - If `false`, then a valid 304 Not Modified response has been received, and you can reuse the old cached response body. + - If `true`, you should use new response's body (if present), or make another request to the origin server without any conditional headers (i.e. don't use `revalidationHeaders()` this time) to get the new resource. + +```js +// When serving requests from cache: +const { oldPolicy, oldResponse } = letsPretendThisIsSomeCache.get( + newRequest.url +); + +if (!oldPolicy.satisfiesWithoutRevalidation(newRequest)) { + // Change the request to ask the origin server if the cached response can be used + newRequest.headers = oldPolicy.revalidationHeaders(newRequest); + + // Send request to the origin server. The server may respond with status 304 + const newResponse = await makeRequest(newResponse); + + // Create updated policy and combined response from the old and new data + const { policy, modified } = oldPolicy.revalidatedPolicy( + newRequest, + newResponse + ); + const response = modified ? newResponse : oldResponse; + + // Update the cache with the newer/fresher response + letsPretendThisIsSomeCache.set( + newRequest.url, + { policy, response }, + policy.timeToLive() + ); + + // And proceed returning cached response as usual + response.headers = policy.responseHeaders(); + return response; +} +``` + +# Yo, FRESH + + + +## Used by + +- [ImageOptim API](https://imageoptim.com/api), [make-fetch-happen](https://github.com/zkat/make-fetch-happen), [cacheable-request](https://www.npmjs.com/package/cacheable-request) ([got](https://www.npmjs.com/package/got)), [npm/registry-fetch](https://github.com/npm/registry-fetch), [etc.](https://github.com/kornelski/http-cache-semantics/network/dependents) + +## Implemented + +- `Cache-Control` response header with all the quirks. +- `Expires` with check for bad clocks. +- `Pragma` response header. +- `Age` response header. +- `Vary` response header. +- Default cacheability of statuses and methods. +- Requests for stale data. +- Filtering of hop-by-hop headers. +- Basic revalidation request + +## Unimplemented + +- Merging of range requests, If-Range (but correctly supports them as non-cacheable) +- Revalidation of multiple representations diff --git a/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/index.js b/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/index.js new file mode 100644 index 000000000..957721296 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/index.js @@ -0,0 +1,653 @@ +'use strict'; +// rfc7231 6.1 +const statusCodeCacheableByDefault = [ + 200, + 203, + 204, + 206, + 300, + 301, + 404, + 405, + 410, + 414, + 501, +]; + +// This implementation does not understand partial responses (206) +const understoodStatuses = [ + 200, + 203, + 204, + 300, + 301, + 302, + 303, + 307, + 308, + 404, + 405, + 410, + 414, + 501, +]; + +const hopByHopHeaders = { + date: true, // included, because we add Age update Date + connection: true, + 'keep-alive': true, + 'proxy-authenticate': true, + 'proxy-authorization': true, + te: true, + trailer: true, + 'transfer-encoding': true, + upgrade: true, +}; +const excludedFromRevalidationUpdate = { + // Since the old body is reused, it doesn't make sense to change properties of the body + 'content-length': true, + 'content-encoding': true, + 'transfer-encoding': true, + 'content-range': true, +}; + +function parseCacheControl(header) { + const cc = {}; + if (!header) return cc; + + // TODO: When there is more than one value present for a given directive (e.g., two Expires header fields, multiple Cache-Control: max-age directives), + // the directive's value is considered invalid. Caches are encouraged to consider responses that have invalid freshness information to be stale + const parts = header.trim().split(/\s*,\s*/); // TODO: lame parsing + for (const part of parts) { + const [k, v] = part.split(/\s*=\s*/, 2); + cc[k] = v === undefined ? true : v.replace(/^"|"$/g, ''); // TODO: lame unquoting + } + + return cc; +} + +function formatCacheControl(cc) { + let parts = []; + for (const k in cc) { + const v = cc[k]; + parts.push(v === true ? k : k + '=' + v); + } + if (!parts.length) { + return undefined; + } + return parts.join(', '); +} + +module.exports = class CachePolicy { + constructor( + req, + res, + { + shared, + cacheHeuristic, + immutableMinTimeToLive, + ignoreCargoCult, + trustServerDate, + _fromObject, + } = {} + ) { + if (_fromObject) { + this._fromObject(_fromObject); + return; + } + + if (!res || !res.headers) { + throw Error('Response headers missing'); + } + this._assertRequestHasHeaders(req); + + this._responseTime = this.now(); + this._isShared = shared !== false; + this._trustServerDate = + undefined !== trustServerDate ? trustServerDate : true; + this._cacheHeuristic = + undefined !== cacheHeuristic ? cacheHeuristic : 0.1; // 10% matches IE + this._immutableMinTtl = + undefined !== immutableMinTimeToLive + ? immutableMinTimeToLive + : 24 * 3600 * 1000; + + this._status = 'status' in res ? res.status : 200; + this._resHeaders = res.headers; + this._rescc = parseCacheControl(res.headers['cache-control']); + this._method = 'method' in req ? req.method : 'GET'; + this._url = req.url; + this._host = req.headers.host; + this._noAuthorization = !req.headers.authorization; + this._reqHeaders = res.headers.vary ? req.headers : null; // Don't keep all request headers if they won't be used + this._reqcc = parseCacheControl(req.headers['cache-control']); + + // Assume that if someone uses legacy, non-standard uncecessary options they don't understand caching, + // so there's no point stricly adhering to the blindly copy&pasted directives. + if ( + ignoreCargoCult && + 'pre-check' in this._rescc && + 'post-check' in this._rescc + ) { + delete this._rescc['pre-check']; + delete this._rescc['post-check']; + delete this._rescc['no-cache']; + delete this._rescc['no-store']; + delete this._rescc['must-revalidate']; + this._resHeaders = Object.assign({}, this._resHeaders, { + 'cache-control': formatCacheControl(this._rescc), + }); + delete this._resHeaders.expires; + delete this._resHeaders.pragma; + } + + // When the Cache-Control header field is not present in a request, caches MUST consider the no-cache request pragma-directive + // as having the same effect as if "Cache-Control: no-cache" were present (see Section 5.2.1). + if ( + res.headers['cache-control'] == null && + /no-cache/.test(res.headers.pragma) + ) { + this._rescc['no-cache'] = true; + } + } + + now() { + return Date.now(); + } + + storable() { + // The "no-store" request directive indicates that a cache MUST NOT store any part of either this request or any response to it. + return !!( + !this._reqcc['no-store'] && + // A cache MUST NOT store a response to any request, unless: + // The request method is understood by the cache and defined as being cacheable, and + ('GET' === this._method || + 'HEAD' === this._method || + ('POST' === this._method && this._hasExplicitExpiration())) && + // the response status code is understood by the cache, and + understoodStatuses.indexOf(this._status) !== -1 && + // the "no-store" cache directive does not appear in request or response header fields, and + !this._rescc['no-store'] && + // the "private" response directive does not appear in the response, if the cache is shared, and + (!this._isShared || !this._rescc.private) && + // the Authorization header field does not appear in the request, if the cache is shared, + (!this._isShared || + this._noAuthorization || + this._allowsStoringAuthenticated()) && + // the response either: + // contains an Expires header field, or + (this._resHeaders.expires || + // contains a max-age response directive, or + // contains a s-maxage response directive and the cache is shared, or + // contains a public response directive. + this._rescc.public || + this._rescc['max-age'] || + this._rescc['s-maxage'] || + // has a status code that is defined as cacheable by default + statusCodeCacheableByDefault.indexOf(this._status) !== -1) + ); + } + + _hasExplicitExpiration() { + // 4.2.1 Calculating Freshness Lifetime + return ( + (this._isShared && this._rescc['s-maxage']) || + this._rescc['max-age'] || + this._resHeaders.expires + ); + } + + _assertRequestHasHeaders(req) { + if (!req || !req.headers) { + throw Error('Request headers missing'); + } + } + + satisfiesWithoutRevalidation(req) { + this._assertRequestHasHeaders(req); + + // When presented with a request, a cache MUST NOT reuse a stored response, unless: + // the presented request does not contain the no-cache pragma (Section 5.4), nor the no-cache cache directive, + // unless the stored response is successfully validated (Section 4.3), and + const requestCC = parseCacheControl(req.headers['cache-control']); + if (requestCC['no-cache'] || /no-cache/.test(req.headers.pragma)) { + return false; + } + + if (requestCC['max-age'] && this.age() > requestCC['max-age']) { + return false; + } + + if ( + requestCC['min-fresh'] && + this.timeToLive() < 1000 * requestCC['min-fresh'] + ) { + return false; + } + + // the stored response is either: + // fresh, or allowed to be served stale + if (this.stale()) { + const allowsStale = + requestCC['max-stale'] && + !this._rescc['must-revalidate'] && + (true === requestCC['max-stale'] || + requestCC['max-stale'] > this.age() - this.maxAge()); + if (!allowsStale) { + return false; + } + } + + return this._requestMatches(req, false); + } + + _requestMatches(req, allowHeadMethod) { + // The presented effective request URI and that of the stored response match, and + return ( + (!this._url || this._url === req.url) && + this._host === req.headers.host && + // the request method associated with the stored response allows it to be used for the presented request, and + (!req.method || + this._method === req.method || + (allowHeadMethod && 'HEAD' === req.method)) && + // selecting header fields nominated by the stored response (if any) match those presented, and + this._varyMatches(req) + ); + } + + _allowsStoringAuthenticated() { + // following Cache-Control response directives (Section 5.2.2) have such an effect: must-revalidate, public, and s-maxage. + return ( + this._rescc['must-revalidate'] || + this._rescc.public || + this._rescc['s-maxage'] + ); + } + + _varyMatches(req) { + if (!this._resHeaders.vary) { + return true; + } + + // A Vary header field-value of "*" always fails to match + if (this._resHeaders.vary === '*') { + return false; + } + + const fields = this._resHeaders.vary + .trim() + .toLowerCase() + .split(/\s*,\s*/); + for (const name of fields) { + if (req.headers[name] !== this._reqHeaders[name]) return false; + } + return true; + } + + _copyWithoutHopByHopHeaders(inHeaders) { + const headers = {}; + for (const name in inHeaders) { + if (hopByHopHeaders[name]) continue; + headers[name] = inHeaders[name]; + } + // 9.1. Connection + if (inHeaders.connection) { + const tokens = inHeaders.connection.trim().split(/\s*,\s*/); + for (const name of tokens) { + delete headers[name]; + } + } + if (headers.warning) { + const warnings = headers.warning.split(/,/).filter(warning => { + return !/^\s*1[0-9][0-9]/.test(warning); + }); + if (!warnings.length) { + delete headers.warning; + } else { + headers.warning = warnings.join(',').trim(); + } + } + return headers; + } + + responseHeaders() { + const headers = this._copyWithoutHopByHopHeaders(this._resHeaders); + const age = this.age(); + + // A cache SHOULD generate 113 warning if it heuristically chose a freshness + // lifetime greater than 24 hours and the response's age is greater than 24 hours. + if ( + age > 3600 * 24 && + !this._hasExplicitExpiration() && + this.maxAge() > 3600 * 24 + ) { + headers.warning = + (headers.warning ? `${headers.warning}, ` : '') + + '113 - "rfc7234 5.5.4"'; + } + headers.age = `${Math.round(age)}`; + headers.date = new Date(this.now()).toUTCString(); + return headers; + } + + /** + * Value of the Date response header or current time if Date was demed invalid + * @return timestamp + */ + date() { + if (this._trustServerDate) { + return this._serverDate(); + } + return this._responseTime; + } + + _serverDate() { + const dateValue = Date.parse(this._resHeaders.date); + if (isFinite(dateValue)) { + const maxClockDrift = 8 * 3600 * 1000; + const clockDrift = Math.abs(this._responseTime - dateValue); + if (clockDrift < maxClockDrift) { + return dateValue; + } + } + return this._responseTime; + } + + /** + * Value of the Age header, in seconds, updated for the current time. + * May be fractional. + * + * @return Number + */ + age() { + let age = Math.max(0, (this._responseTime - this.date()) / 1000); + if (this._resHeaders.age) { + let ageValue = this._ageValue(); + if (ageValue > age) age = ageValue; + } + + const residentTime = (this.now() - this._responseTime) / 1000; + return age + residentTime; + } + + _ageValue() { + const ageValue = parseInt(this._resHeaders.age); + return isFinite(ageValue) ? ageValue : 0; + } + + /** + * Value of applicable max-age (or heuristic equivalent) in seconds. This counts since response's `Date`. + * + * For an up-to-date value, see `timeToLive()`. + * + * @return Number + */ + maxAge() { + if (!this.storable() || this._rescc['no-cache']) { + return 0; + } + + // Shared responses with cookies are cacheable according to the RFC, but IMHO it'd be unwise to do so by default + // so this implementation requires explicit opt-in via public header + if ( + this._isShared && + (this._resHeaders['set-cookie'] && + !this._rescc.public && + !this._rescc.immutable) + ) { + return 0; + } + + if (this._resHeaders.vary === '*') { + return 0; + } + + if (this._isShared) { + if (this._rescc['proxy-revalidate']) { + return 0; + } + // if a response includes the s-maxage directive, a shared cache recipient MUST ignore the Expires field. + if (this._rescc['s-maxage']) { + return parseInt(this._rescc['s-maxage'], 10); + } + } + + // If a response includes a Cache-Control field with the max-age directive, a recipient MUST ignore the Expires field. + if (this._rescc['max-age']) { + return parseInt(this._rescc['max-age'], 10); + } + + const defaultMinTtl = this._rescc.immutable ? this._immutableMinTtl : 0; + + const dateValue = this._serverDate(); + if (this._resHeaders.expires) { + const expires = Date.parse(this._resHeaders.expires); + // A cache recipient MUST interpret invalid date formats, especially the value "0", as representing a time in the past (i.e., "already expired"). + if (Number.isNaN(expires) || expires < dateValue) { + return 0; + } + return Math.max(defaultMinTtl, (expires - dateValue) / 1000); + } + + if (this._resHeaders['last-modified']) { + const lastModified = Date.parse(this._resHeaders['last-modified']); + if (isFinite(lastModified) && dateValue > lastModified) { + return Math.max( + defaultMinTtl, + ((dateValue - lastModified) / 1000) * this._cacheHeuristic + ); + } + } + + return defaultMinTtl; + } + + timeToLive() { + return Math.max(0, this.maxAge() - this.age()) * 1000; + } + + stale() { + return this.maxAge() <= this.age(); + } + + static fromObject(obj) { + return new this(undefined, undefined, { _fromObject: obj }); + } + + _fromObject(obj) { + if (this._responseTime) throw Error('Reinitialized'); + if (!obj || obj.v !== 1) throw Error('Invalid serialization'); + + this._responseTime = obj.t; + this._isShared = obj.sh; + this._cacheHeuristic = obj.ch; + this._immutableMinTtl = + obj.imm !== undefined ? obj.imm : 24 * 3600 * 1000; + this._status = obj.st; + this._resHeaders = obj.resh; + this._rescc = obj.rescc; + this._method = obj.m; + this._url = obj.u; + this._host = obj.h; + this._noAuthorization = obj.a; + this._reqHeaders = obj.reqh; + this._reqcc = obj.reqcc; + } + + toObject() { + return { + v: 1, + t: this._responseTime, + sh: this._isShared, + ch: this._cacheHeuristic, + imm: this._immutableMinTtl, + st: this._status, + resh: this._resHeaders, + rescc: this._rescc, + m: this._method, + u: this._url, + h: this._host, + a: this._noAuthorization, + reqh: this._reqHeaders, + reqcc: this._reqcc, + }; + } + + /** + * Headers for sending to the origin server to revalidate stale response. + * Allows server to return 304 to allow reuse of the previous response. + * + * Hop by hop headers are always stripped. + * Revalidation headers may be added or removed, depending on request. + */ + revalidationHeaders(incomingReq) { + this._assertRequestHasHeaders(incomingReq); + const headers = this._copyWithoutHopByHopHeaders(incomingReq.headers); + + // This implementation does not understand range requests + delete headers['if-range']; + + if (!this._requestMatches(incomingReq, true) || !this.storable()) { + // revalidation allowed via HEAD + // not for the same resource, or wasn't allowed to be cached anyway + delete headers['if-none-match']; + delete headers['if-modified-since']; + return headers; + } + + /* MUST send that entity-tag in any cache validation request (using If-Match or If-None-Match) if an entity-tag has been provided by the origin server. */ + if (this._resHeaders.etag) { + headers['if-none-match'] = headers['if-none-match'] + ? `${headers['if-none-match']}, ${this._resHeaders.etag}` + : this._resHeaders.etag; + } + + // Clients MAY issue simple (non-subrange) GET requests with either weak validators or strong validators. Clients MUST NOT use weak validators in other forms of request. + const forbidsWeakValidators = + headers['accept-ranges'] || + headers['if-match'] || + headers['if-unmodified-since'] || + (this._method && this._method != 'GET'); + + /* SHOULD send the Last-Modified value in non-subrange cache validation requests (using If-Modified-Since) if only a Last-Modified value has been provided by the origin server. + Note: This implementation does not understand partial responses (206) */ + if (forbidsWeakValidators) { + delete headers['if-modified-since']; + + if (headers['if-none-match']) { + const etags = headers['if-none-match'] + .split(/,/) + .filter(etag => { + return !/^\s*W\//.test(etag); + }); + if (!etags.length) { + delete headers['if-none-match']; + } else { + headers['if-none-match'] = etags.join(',').trim(); + } + } + } else if ( + this._resHeaders['last-modified'] && + !headers['if-modified-since'] + ) { + headers['if-modified-since'] = this._resHeaders['last-modified']; + } + + return headers; + } + + /** + * Creates new CachePolicy with information combined from the previews response, + * and the new revalidation response. + * + * Returns {policy, modified} where modified is a boolean indicating + * whether the response body has been modified, and old cached body can't be used. + * + * @return {Object} {policy: CachePolicy, modified: Boolean} + */ + revalidatedPolicy(request, response) { + this._assertRequestHasHeaders(request); + if (!response || !response.headers) { + throw Error('Response headers missing'); + } + + // These aren't going to be supported exactly, since one CachePolicy object + // doesn't know about all the other cached objects. + let matches = false; + if (response.status !== undefined && response.status != 304) { + matches = false; + } else if ( + response.headers.etag && + !/^\s*W\//.test(response.headers.etag) + ) { + // "All of the stored responses with the same strong validator are selected. + // If none of the stored responses contain the same strong validator, + // then the cache MUST NOT use the new response to update any stored responses." + matches = + this._resHeaders.etag && + this._resHeaders.etag.replace(/^\s*W\//, '') === + response.headers.etag; + } else if (this._resHeaders.etag && response.headers.etag) { + // "If the new response contains a weak validator and that validator corresponds + // to one of the cache's stored responses, + // then the most recent of those matching stored responses is selected for update." + matches = + this._resHeaders.etag.replace(/^\s*W\//, '') === + response.headers.etag.replace(/^\s*W\//, ''); + } else if (this._resHeaders['last-modified']) { + matches = + this._resHeaders['last-modified'] === + response.headers['last-modified']; + } else { + // If the new response does not include any form of validator (such as in the case where + // a client generates an If-Modified-Since request from a source other than the Last-Modified + // response header field), and there is only one stored response, and that stored response also + // lacks a validator, then that stored response is selected for update. + if ( + !this._resHeaders.etag && + !this._resHeaders['last-modified'] && + !response.headers.etag && + !response.headers['last-modified'] + ) { + matches = true; + } + } + + if (!matches) { + return { + policy: new this.constructor(request, response), + // Client receiving 304 without body, even if it's invalid/mismatched has no option + // but to reuse a cached body. We don't have a good way to tell clients to do + // error recovery in such case. + modified: response.status != 304, + matches: false, + }; + } + + // use other header fields provided in the 304 (Not Modified) response to replace all instances + // of the corresponding header fields in the stored response. + const headers = {}; + for (const k in this._resHeaders) { + headers[k] = + k in response.headers && !excludedFromRevalidationUpdate[k] + ? response.headers[k] + : this._resHeaders[k]; + } + + const newResponse = Object.assign({}, response, { + status: this._status, + method: this._method, + headers, + }); + return { + policy: new this.constructor(request, newResponse, { + shared: this._isShared, + cacheHeuristic: this._cacheHeuristic, + immutableMinTimeToLive: this._immutableMinTtl, + trustServerDate: this._trustServerDate, + }), + modified: false, + matches: true, + }; + } +}; diff --git a/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/package.json b/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/package.json new file mode 100644 index 000000000..54b79fde5 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/http-cache-semantics/package.json @@ -0,0 +1,60 @@ +{ + "_from": "http-cache-semantics@^4.0.3", + "_id": "http-cache-semantics@4.0.3", + "_inBundle": false, + "_integrity": "sha512-TcIMG3qeVLgDr1TEd2XvHaTnMPwYQUQMIBLy+5pLSDKYFc7UIqj39w8EGzZkaxoLv/l2K8HaI0t5AVA+YYgUew==", + "_location": "/npm-registry-fetch/http-cache-semantics", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "http-cache-semantics@^4.0.3", + "name": "http-cache-semantics", + "escapedName": "http-cache-semantics", + "rawSpec": "^4.0.3", + "saveSpec": null, + "fetchSpec": "^4.0.3" + }, + "_requiredBy": [ + "/npm-registry-fetch/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.0.3.tgz", + "_shasum": "495704773277eeef6e43f9ab2c2c7d259dda25c5", + "_spec": "http-cache-semantics@^4.0.3", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/make-fetch-happen", + "author": { + "name": "Kornel Lesiński", + "email": "kornel@geekhood.net", + "url": "https://kornel.ski/" + }, + "bugs": { + "url": "https://github.com/kornelski/http-cache-semantics/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies", + "devDependencies": { + "eslint": "^5.13.0", + "eslint-plugin-prettier": "^3.0.1", + "husky": "^0.14.3", + "lint-staged": "^8.1.3", + "mocha": "^5.1.0", + "prettier": "^1.14.3", + "prettier-eslint-cli": "^4.7.1" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/kornelski/http-cache-semantics#readme", + "license": "BSD-2-Clause", + "main": "index.js", + "name": "http-cache-semantics", + "repository": { + "type": "git", + "url": "git+https://github.com/kornelski/http-cache-semantics.git" + }, + "scripts": { + "test": "mocha" + }, + "version": "4.0.3" +} diff --git a/node_modules/npm-registry-fetch/node_modules/http-proxy-agent/README.md b/node_modules/npm-registry-fetch/node_modules/http-proxy-agent/README.md new file mode 100644 index 000000000..4f1fc372b --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/http-proxy-agent/README.md @@ -0,0 +1,74 @@ +http-proxy-agent +================ +### An HTTP(s) proxy `http.Agent` implementation for HTTP +[](https://travis-ci.org/TooTallNate/node-http-proxy-agent) + +This module provides an `http.Agent` implementation that connects to a specified +HTTP or HTTPS proxy server, and can be used with the built-in `http` module. + +__Note:__ For HTTP proxy usage with the `https` module, check out +[`node-https-proxy-agent`](https://github.com/TooTallNate/node-https-proxy-agent). + +Installation +------------ + +Install with `npm`: + +``` bash +$ npm install http-proxy-agent +``` + + +Example +------- + +``` js +var url = require('url'); +var http = require('http'); +var HttpProxyAgent = require('http-proxy-agent'); + +// HTTP/HTTPS proxy to connect to +var proxy = process.env.http_proxy || 'http://168.63.76.32:3128'; +console.log('using proxy server %j', proxy); + +// HTTP endpoint for the proxy to connect to +var endpoint = process.argv[2] || 'http://nodejs.org/api/'; +console.log('attempting to GET %j', endpoint); +var opts = url.parse(endpoint); + +// create an instance of the `HttpProxyAgent` class with the proxy server information +var agent = new HttpProxyAgent(proxy); +opts.agent = agent; + +http.get(opts, function (res) { + console.log('"response" event!', res.headers); + res.pipe(process.stdout); +}); +``` + + +License +------- + +(The MIT License) + +Copyright (c) 2013 Nathan Rajlich <nathan@tootallnate.net> + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +'Software'), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/http-proxy-agent/index.js b/node_modules/npm-registry-fetch/node_modules/http-proxy-agent/index.js new file mode 100644 index 000000000..6c2909f23 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/http-proxy-agent/index.js @@ -0,0 +1,129 @@ +/** + * Module dependencies. + */ + +var net = require('net'); +var tls = require('tls'); +var url = require('url'); +var Agent = require('agent-base'); +var inherits = require('util').inherits; +var debug = require('debug')('http-proxy-agent'); + +/** + * Module exports. + */ + +module.exports = HttpProxyAgent; + +/** + * The `HttpProxyAgent` implements an HTTP Agent subclass that connects to the + * specified "HTTP proxy server" in order to proxy HTTP requests. + * + * @api public + */ + +function HttpProxyAgent(opts) { + if (!(this instanceof HttpProxyAgent)) return new HttpProxyAgent(opts); + if ('string' == typeof opts) opts = url.parse(opts); + if (!opts) + throw new Error( + 'an HTTP(S) proxy server `host` and `port` must be specified!' + ); + debug('creating new HttpProxyAgent instance: %o', opts); + Agent.call(this, opts); + + var proxy = Object.assign({}, opts); + + // if `true`, then connect to the proxy server over TLS. defaults to `false`. + this.secureProxy = proxy.protocol + ? /^https:?$/i.test(proxy.protocol) + : false; + + // prefer `hostname` over `host`, and set the `port` if needed + proxy.host = proxy.hostname || proxy.host; + proxy.port = +proxy.port || (this.secureProxy ? 443 : 80); + + if (proxy.host && proxy.path) { + // if both a `host` and `path` are specified then it's most likely the + // result of a `url.parse()` call... we need to remove the `path` portion so + // that `net.connect()` doesn't attempt to open that as a unix socket file. + delete proxy.path; + delete proxy.pathname; + } + + this.proxy = proxy; +} +inherits(HttpProxyAgent, Agent); + +/** + * Called when the node-core HTTP client library is creating a new HTTP request. + * + * @api public + */ + +HttpProxyAgent.prototype.callback = function connect(req, opts, fn) { + var proxy = this.proxy; + + // change the `http.ClientRequest` instance's "path" field + // to the absolute path of the URL that will be requested + var parsed = url.parse(req.path); + if (null == parsed.protocol) parsed.protocol = 'http:'; + if (null == parsed.hostname) parsed.hostname = opts.hostname || opts.host; + if (null == parsed.port) parsed.port = opts.port; + if (parsed.port == 80) { + // if port is 80, then we can remove the port so that the + // ":80" portion is not on the produced URL + delete parsed.port; + } + var absolute = url.format(parsed); + req.path = absolute; + + // inject the `Proxy-Authorization` header if necessary + if (proxy.auth) { + req.setHeader( + 'Proxy-Authorization', + 'Basic ' + Buffer.from(proxy.auth).toString('base64') + ); + } + + // create a socket connection to the proxy server + var socket; + if (this.secureProxy) { + socket = tls.connect(proxy); + } else { + socket = net.connect(proxy); + } + + // at this point, the http ClientRequest's internal `_header` field might have + // already been set. If this is the case then we'll need to re-generate the + // string since we just changed the `req.path` + if (req._header) { + debug('regenerating stored HTTP header string for request'); + req._header = null; + req._implicitHeader(); + if (req.output && req.output.length > 0) { + // Node < 12 + debug( + 'patching connection write() output buffer with updated header' + ); + // the _header has already been queued to be written to the socket + var first = req.output[0]; + var endOfHeaders = first.indexOf('\r\n\r\n') + 4; + req.output[0] = req._header + first.substring(endOfHeaders); + debug('output buffer: %o', req.output); + } else if (req.outputData && req.outputData.length > 0) { + // Node >= 12 + debug( + 'patching connection write() output buffer with updated header' + ); + var first = req.outputData[0].data; + // the _header has already been queued to be written to the socket + var endOfHeaders = first.indexOf('\r\n\r\n') + 4; + req.outputData[0].data = + req._header + first.substring(endOfHeaders); + debug('output buffer: %o', req.outputData[0].data); + } + } + + fn(null, socket); +}; diff --git a/node_modules/npm-registry-fetch/node_modules/http-proxy-agent/package.json b/node_modules/npm-registry-fetch/node_modules/http-proxy-agent/package.json new file mode 100644 index 000000000..9a3e5b595 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/http-proxy-agent/package.json @@ -0,0 +1,68 @@ +{ + "_from": "http-proxy-agent@^3.0.0", + "_id": "http-proxy-agent@3.0.0", + "_inBundle": false, + "_integrity": "sha512-uGuJaBWQWDQCJI5ip0d/VTYZW0nRrlLWXA4A7P1jrsa+f77rW2yXz315oBt6zGCF6l8C2tlMxY7ffULCj+5FhA==", + "_location": "/npm-registry-fetch/http-proxy-agent", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "http-proxy-agent@^3.0.0", + "name": "http-proxy-agent", + "escapedName": "http-proxy-agent", + "rawSpec": "^3.0.0", + "saveSpec": null, + "fetchSpec": "^3.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-3.0.0.tgz", + "_shasum": "598f42dc815949a11e2c6dbfdf24cd8a4c165327", + "_spec": "http-proxy-agent@^3.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/make-fetch-happen", + "author": { + "name": "Nathan Rajlich", + "email": "nathan@tootallnate.net", + "url": "http://n8.io/" + }, + "bugs": { + "url": "https://github.com/TooTallNate/node-http-proxy-agent/issues" + }, + "bundleDependencies": false, + "dependencies": { + "agent-base": "5", + "debug": "4" + }, + "deprecated": false, + "description": "An HTTP(s) proxy `http.Agent` implementation for HTTP", + "devDependencies": { + "mocha": "3", + "proxy": "1" + }, + "engines": { + "node": ">= 6" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/TooTallNate/node-http-proxy-agent#readme", + "keywords": [ + "http", + "proxy", + "endpoint", + "agent" + ], + "license": "MIT", + "main": "./index.js", + "name": "http-proxy-agent", + "repository": { + "type": "git", + "url": "git://github.com/TooTallNate/node-http-proxy-agent.git" + }, + "scripts": { + "test": "mocha --reporter spec" + }, + "version": "3.0.0" +} diff --git a/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/.editorconfig b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/.editorconfig new file mode 100644 index 000000000..12b4b9a3b --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/.editorconfig @@ -0,0 +1,37 @@ +root = true + +[*] +indent_style = tab +indent_size = 4 +tab_width = 4 +end_of_line = lf +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = true + +[{*.json,*.json.example,*.gyp,*.yml,*.yaml,*.workflow}] +indent_style = space +indent_size = 2 + +[{*.py,*.asm}] +indent_style = space + +[*.py] +indent_size = 4 + +[*.asm] +indent_size = 8 + +[*.md] +trim_trailing_whitespace = false + +# Ideal settings - some plugins might support these. +[*.js] +quote_type = single + +[{*.c,*.cc,*.h,*.hh,*.cpp,*.hpp,*.m,*.mm,*.mpp,*.js,*.java,*.go,*.rs,*.php,*.ng,*.jsx,*.ts,*.d,*.cs,*.swift}] +curly_bracket_next_line = false +spaces_around_operators = true +spaces_around_brackets = outside +# close enough to 1TB +indent_brace_style = K&R diff --git a/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/.eslintrc.js b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/.eslintrc.js new file mode 100644 index 000000000..62743f2c4 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/.eslintrc.js @@ -0,0 +1,86 @@ +module.exports = { + 'extends': [ + 'airbnb', + 'prettier' + ], + 'parser': '@typescript-eslint/parser', + 'parserOptions': { + 'ecmaVersion': 2018, + 'sourceType': 'module', + 'modules': true + }, + 'plugins': [ + '@typescript-eslint' + ], + 'settings': { + 'import/resolver': { + 'typescript': { + } + } + }, + 'rules': { + 'quotes': [ + 2, + 'single', + { + 'allowTemplateLiterals': true + } + ], + 'class-methods-use-this': 0, + 'consistent-return': 0, + 'func-names': 0, + 'global-require': 0, + 'guard-for-in': 0, + 'import/no-duplicates': 0, + 'import/no-dynamic-require': 0, + 'import/no-extraneous-dependencies': 0, + 'import/prefer-default-export': 0, + 'lines-between-class-members': 0, + 'no-await-in-loop': 0, + 'no-bitwise': 0, + 'no-console': 0, + 'no-continue': 0, + 'no-control-regex': 0, + 'no-empty': 0, + 'no-loop-func': 0, + 'no-nested-ternary': 0, + 'no-param-reassign': 0, + 'no-plusplus': 0, + 'no-restricted-globals': 0, + 'no-restricted-syntax': 0, + 'no-shadow': 0, + 'no-underscore-dangle': 0, + 'no-use-before-define': 0, + 'prefer-const': 0, + 'prefer-destructuring': 0, + 'camelcase': 0, + 'no-unused-vars': 0, // in favor of '@typescript-eslint/no-unused-vars' + // 'indent': 0 // in favor of '@typescript-eslint/indent' + '@typescript-eslint/no-unused-vars': 'warn', + // '@typescript-eslint/indent': ['error', 2] // this might conflict with a lot ongoing changes + '@typescript-eslint/no-array-constructor': 'error', + '@typescript-eslint/adjacent-overload-signatures': 'error', + '@typescript-eslint/class-name-casing': 'error', + '@typescript-eslint/interface-name-prefix': 'error', + '@typescript-eslint/no-empty-interface': 'error', + '@typescript-eslint/no-inferrable-types': 'error', + '@typescript-eslint/no-misused-new': 'error', + '@typescript-eslint/no-namespace': 'error', + '@typescript-eslint/no-non-null-assertion': 'error', + '@typescript-eslint/no-parameter-properties': 'error', + '@typescript-eslint/no-triple-slash-reference': 'error', + '@typescript-eslint/prefer-namespace-keyword': 'error', + '@typescript-eslint/type-annotation-spacing': 'error', + // '@typescript-eslint/array-type': 'error', + // '@typescript-eslint/ban-types': 'error', + // '@typescript-eslint/explicit-function-return-type': 'warn', + // '@typescript-eslint/explicit-member-accessibility': 'error', + // '@typescript-eslint/member-delimiter-style': 'error', + // '@typescript-eslint/no-angle-bracket-type-assertion': 'error', + // '@typescript-eslint/no-explicit-any': 'warn', + // '@typescript-eslint/no-object-literal-type-assertion': 'error', + // '@typescript-eslint/no-use-before-define': 'error', + // '@typescript-eslint/no-var-requires': 'error', + // '@typescript-eslint/prefer-interface': 'error' + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/.github/workflows/test.yml b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/.github/workflows/test.yml new file mode 100644 index 000000000..329914f92 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/.github/workflows/test.yml @@ -0,0 +1,46 @@ +name: Node CI + +on: + push: + branches: + - master + tags: + - '!*' + pull_request: + +jobs: + build: + name: Test Node.js ${{ matrix.node-version }} on ${{ matrix.os }} + + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] + node-version: [6.x, 8.x, 10.x, 12.x] + + runs-on: ${{ matrix.os }} + + steps: + - uses: actions/checkout@v1 + + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v1 + with: + node-version: ${{ matrix.node-version }} + + - name: Print Node.js Version + run: node --version + + - name: Install Dependencies + run: npm install + env: + CI: true + + - name: Run "build" step + run: npm run build --if-present + env: + CI: true + + - name: Run tests + run: npm test + env: + CI: true diff --git a/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/README.md b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/README.md new file mode 100644 index 000000000..328656a9e --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/README.md @@ -0,0 +1,137 @@ +https-proxy-agent +================ +### An HTTP(s) proxy `http.Agent` implementation for HTTPS +[](https://github.com/TooTallNate/node-https-proxy-agent/actions?workflow=Node+CI) + +This module provides an `http.Agent` implementation that connects to a specified +HTTP or HTTPS proxy server, and can be used with the built-in `https` module. + +Specifically, this `Agent` implementation connects to an intermediary "proxy" +server and issues the [CONNECT HTTP method][CONNECT], which tells the proxy to +open a direct TCP connection to the destination server. + +Since this agent implements the CONNECT HTTP method, it also works with other +protocols that use this method when connecting over proxies (i.e. WebSockets). +See the "Examples" section below for more. + + +Installation +------------ + +Install with `npm`: + +``` bash +$ npm install https-proxy-agent +``` + + +Examples +-------- + +#### `https` module example + +``` js +var url = require('url'); +var https = require('https'); +var HttpsProxyAgent = require('https-proxy-agent'); + +// HTTP/HTTPS proxy to connect to +var proxy = process.env.http_proxy || 'http://168.63.76.32:3128'; +console.log('using proxy server %j', proxy); + +// HTTPS endpoint for the proxy to connect to +var endpoint = process.argv[2] || 'https://graph.facebook.com/tootallnate'; +console.log('attempting to GET %j', endpoint); +var options = url.parse(endpoint); + +// create an instance of the `HttpsProxyAgent` class with the proxy server information +var agent = new HttpsProxyAgent(proxy); +options.agent = agent; + +https.get(options, function (res) { + console.log('"response" event!', res.headers); + res.pipe(process.stdout); +}); +``` + +#### `ws` WebSocket connection example + +``` js +var url = require('url'); +var WebSocket = require('ws'); +var HttpsProxyAgent = require('https-proxy-agent'); + +// HTTP/HTTPS proxy to connect to +var proxy = process.env.http_proxy || 'http://168.63.76.32:3128'; +console.log('using proxy server %j', proxy); + +// WebSocket endpoint for the proxy to connect to +var endpoint = process.argv[2] || 'ws://echo.websocket.org'; +var parsed = url.parse(endpoint); +console.log('attempting to connect to WebSocket %j', endpoint); + +// create an instance of the `HttpsProxyAgent` class with the proxy server information +var options = url.parse(proxy); + +var agent = new HttpsProxyAgent(options); + +// finally, initiate the WebSocket connection +var socket = new WebSocket(endpoint, { agent: agent }); + +socket.on('open', function () { + console.log('"open" event!'); + socket.send('hello world'); +}); + +socket.on('message', function (data, flags) { + console.log('"message" event! %j %j', data, flags); + socket.close(); +}); +``` + +API +--- + +### new HttpsProxyAgent(Object options) + +The `HttpsProxyAgent` class implements an `http.Agent` subclass that connects +to the specified "HTTP(s) proxy server" in order to proxy HTTPS and/or WebSocket +requests. This is achieved by using the [HTTP `CONNECT` method][CONNECT]. + +The `options` argument may either be a string URI of the proxy server to use, or an +"options" object with more specific properties: + + * `host` - String - Proxy host to connect to (may use `hostname` as well). Required. + * `port` - Number - Proxy port to connect to. Required. + * `protocol` - String - If `https:`, then use TLS to connect to the proxy. + * `headers` - Object - Additional HTTP headers to be sent on the HTTP CONNECT method. + * Any other options given are passed to the `net.connect()`/`tls.connect()` functions. + + +License +------- + +(The MIT License) + +Copyright (c) 2013 Nathan Rajlich <nathan@tootallnate.net> + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +'Software'), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +[CONNECT]: http://en.wikipedia.org/wiki/HTTP_tunnel#HTTP_CONNECT_Tunneling diff --git a/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/index.d.ts b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/index.d.ts new file mode 100644 index 000000000..cec35d85e --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/index.d.ts @@ -0,0 +1,22 @@ +declare module 'https-proxy-agent' { + import * as https from 'https'; + + namespace HttpsProxyAgent { + interface HttpsProxyAgentOptions { + host: string; + port: number | string; + secureProxy?: boolean; + headers?: { + [key: string]: string; + }; + [key: string]: any; + } + } + + // HttpsProxyAgent doesnt *actually* extend https.Agent, but for my purposes I want it to pretend that it does + class HttpsProxyAgent extends https.Agent { + constructor(opts: HttpsProxyAgent.HttpsProxyAgentOptions | string); + } + + export = HttpsProxyAgent; +} diff --git a/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/index.js b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/index.js new file mode 100644 index 000000000..aa3021e2e --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/index.js @@ -0,0 +1,239 @@ +/** + * Module dependencies. + */ + +var net = require('net'); +var tls = require('tls'); +var url = require('url'); +var assert = require('assert'); +var Agent = require('agent-base'); +var inherits = require('util').inherits; +var debug = require('debug')('https-proxy-agent'); + +/** + * Module exports. + */ + +module.exports = HttpsProxyAgent; + +/** + * The `HttpsProxyAgent` implements an HTTP Agent subclass that connects to the + * specified "HTTP(s) proxy server" in order to proxy HTTPS requests. + * + * @api public + */ + +function HttpsProxyAgent(opts) { + if (!(this instanceof HttpsProxyAgent)) return new HttpsProxyAgent(opts); + if ('string' == typeof opts) opts = url.parse(opts); + if (!opts) + throw new Error( + 'an HTTP(S) proxy server `host` and `port` must be specified!' + ); + debug('creating new HttpsProxyAgent instance: %o', opts); + Agent.call(this, opts); + + var proxy = Object.assign({}, opts); + + // if `true`, then connect to the proxy server over TLS. defaults to `false`. + this.secureProxy = proxy.protocol + ? /^https:?$/i.test(proxy.protocol) + : false; + + // prefer `hostname` over `host`, and set the `port` if needed + proxy.host = proxy.hostname || proxy.host; + proxy.port = +proxy.port || (this.secureProxy ? 443 : 80); + + // ALPN is supported by Node.js >= v5. + // attempt to negotiate http/1.1 for proxy servers that support http/2 + if (this.secureProxy && !('ALPNProtocols' in proxy)) { + proxy.ALPNProtocols = ['http 1.1']; + } + + if (proxy.host && proxy.path) { + // if both a `host` and `path` are specified then it's most likely the + // result of a `url.parse()` call... we need to remove the `path` portion so + // that `net.connect()` doesn't attempt to open that as a unix socket file. + delete proxy.path; + delete proxy.pathname; + } + + this.proxy = proxy; +} +inherits(HttpsProxyAgent, Agent); + +/** + * Called when the node-core HTTP client library is creating a new HTTP request. + * + * @api public + */ + +HttpsProxyAgent.prototype.callback = function connect(req, opts, fn) { + var proxy = this.proxy; + + // create a socket connection to the proxy server + var socket; + if (this.secureProxy) { + socket = tls.connect(proxy); + } else { + socket = net.connect(proxy); + } + + // we need to buffer any HTTP traffic that happens with the proxy before we get + // the CONNECT response, so that if the response is anything other than an "200" + // response code, then we can re-play the "data" events on the socket once the + // HTTP parser is hooked up... + var buffers = []; + var buffersLength = 0; + + function read() { + var b = socket.read(); + if (b) ondata(b); + else socket.once('readable', read); + } + + function cleanup() { + socket.removeListener('end', onend); + socket.removeListener('error', onerror); + socket.removeListener('close', onclose); + socket.removeListener('readable', read); + } + + function onclose(err) { + debug('onclose had error %o', err); + } + + function onend() { + debug('onend'); + } + + function onerror(err) { + cleanup(); + fn(err); + } + + function ondata(b) { + buffers.push(b); + buffersLength += b.length; + var buffered = Buffer.concat(buffers, buffersLength); + var str = buffered.toString('ascii'); + + if (!~str.indexOf('\r\n\r\n')) { + // keep buffering + debug('have not received end of HTTP headers yet...'); + read(); + return; + } + + var firstLine = str.substring(0, str.indexOf('\r\n')); + var statusCode = +firstLine.split(' ')[1]; + debug('got proxy server response: %o', firstLine); + + if (200 == statusCode) { + // 200 Connected status code! + var sock = socket; + + // nullify the buffered data since we won't be needing it + buffers = buffered = null; + + if (opts.secureEndpoint) { + // since the proxy is connecting to an SSL server, we have + // to upgrade this socket connection to an SSL connection + debug( + 'upgrading proxy-connected socket to TLS connection: %o', + opts.host + ); + opts.socket = socket; + opts.servername = opts.servername || opts.host; + opts.host = null; + opts.hostname = null; + opts.port = null; + sock = tls.connect(opts); + } + + cleanup(); + req.once('socket', resume); + fn(null, sock); + } else { + // some other status code that's not 200... need to re-play the HTTP header + // "data" events onto the socket once the HTTP machinery is attached so + // that the node core `http` can parse and handle the error status code + cleanup(); + + // the original socket is closed, and a new closed socket is + // returned instead, so that the proxy doesn't get the HTTP request + // written to it (which may contain `Authorization` headers or other + // sensitive data). + // + // See: https://hackerone.com/reports/541502 + socket.destroy(); + socket = new net.Socket(); + socket.readable = true; + + // save a reference to the concat'd Buffer for the `onsocket` callback + buffers = buffered; + + // need to wait for the "socket" event to re-play the "data" events + req.once('socket', onsocket); + + fn(null, socket); + } + } + + function onsocket(socket) { + debug('replaying proxy buffer for failed request'); + assert(socket.listenerCount('data') > 0); + + // replay the "buffers" Buffer onto the `socket`, since at this point + // the HTTP module machinery has been hooked up for the user + socket.push(buffers); + + // nullify the cached Buffer instance + buffers = null; + } + + socket.on('error', onerror); + socket.on('close', onclose); + socket.on('end', onend); + + read(); + + var hostname = opts.host + ':' + opts.port; + var msg = 'CONNECT ' + hostname + ' HTTP/1.1\r\n'; + + var headers = Object.assign({}, proxy.headers); + if (proxy.auth) { + headers['Proxy-Authorization'] = + 'Basic ' + Buffer.from(proxy.auth).toString('base64'); + } + + // the Host header should only include the port + // number when it is a non-standard port + var host = opts.host; + if (!isDefaultPort(opts.port, opts.secureEndpoint)) { + host += ':' + opts.port; + } + headers['Host'] = host; + + headers['Connection'] = 'close'; + Object.keys(headers).forEach(function(name) { + msg += name + ': ' + headers[name] + '\r\n'; + }); + + socket.write(msg + '\r\n'); +}; + +/** + * Resumes a socket. + * + * @param {(net.Socket|tls.Socket)} socket The socket to resume + * @api public + */ + +function resume(socket) { + socket.resume(); +} + +function isDefaultPort(port, secure) { + return Boolean((!secure && port === 80) || (secure && port === 443)); +} diff --git a/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/package.json b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/package.json new file mode 100644 index 000000000..a03953e16 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/https-proxy-agent/package.json @@ -0,0 +1,66 @@ +{ + "_from": "https-proxy-agent@^4.0.0", + "_id": "https-proxy-agent@4.0.0", + "_inBundle": false, + "_integrity": "sha512-zoDhWrkR3of1l9QAL8/scJZyLu8j/gBkcwcaQOZh7Gyh/+uJQzGVETdgT30akuwkpL8HTRfssqI3BZuV18teDg==", + "_location": "/npm-registry-fetch/https-proxy-agent", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "https-proxy-agent@^4.0.0", + "name": "https-proxy-agent", + "escapedName": "https-proxy-agent", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-4.0.0.tgz", + "_shasum": "702b71fb5520a132a66de1f67541d9e62154d82b", + "_spec": "https-proxy-agent@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/make-fetch-happen", + "author": { + "name": "Nathan Rajlich", + "email": "nathan@tootallnate.net", + "url": "http://n8.io/" + }, + "bugs": { + "url": "https://github.com/TooTallNate/node-https-proxy-agent/issues" + }, + "bundleDependencies": false, + "dependencies": { + "agent-base": "5", + "debug": "4" + }, + "deprecated": false, + "description": "An HTTP(s) proxy `http.Agent` implementation for HTTPS", + "devDependencies": { + "mocha": "6", + "proxy": "1" + }, + "engines": { + "node": ">= 6.0.0" + }, + "homepage": "https://github.com/TooTallNate/node-https-proxy-agent#readme", + "keywords": [ + "https", + "proxy", + "endpoint", + "agent" + ], + "license": "MIT", + "main": "./index.js", + "name": "https-proxy-agent", + "repository": { + "type": "git", + "url": "git://github.com/TooTallNate/node-https-proxy-agent.git" + }, + "scripts": { + "test": "mocha --reporter spec" + }, + "types": "./index.d.ts", + "version": "4.0.0" +} diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/CHANGELOG.md b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/CHANGELOG.md new file mode 100644 index 000000000..7ed6cb7f2 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/CHANGELOG.md @@ -0,0 +1,635 @@ +# Changelog + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +### [7.1.1](https://github.com/npm/make-fetch-happen/compare/v7.1.0...v7.1.1) (2020-01-28) + +## [7.1.0](https://github.com/npm/make-fetch-happen/compare/v7.0.0...v7.1.0) (2019-12-17) + + +### Features + +* use globalAgent when in lambda ([bd9409d](https://github.com/npm/make-fetch-happen/commit/bd9409da246a979b665ebd23967ec01dd928ce47)), closes [#4](https://github.com/npm/make-fetch-happen/issues/4) + +## [7.0.0](https://github.com/npm/make-fetch-happen/compare/v6.1.0...v7.0.0) (2019-12-17) + + +### ⚠ BREAKING CHANGES + +* drops support for node v8, since it's EOL as of 2020-01-01 + +### Features + +* **github:** added github actions with coveralls integration ([1913c1b](https://github.com/npm/make-fetch-happen/commit/1913c1b51aaac6044b4dab65b3d19ec943a35f39)) +* updated fetch module; linting mostly; based on testing ([063f28e](https://github.com/npm/make-fetch-happen/commit/063f28ea1ac23f7e9d9d79e15949ca82b634ce97)) +* **utils:** fixed configure-options based on testing ([9dd4f6f](https://github.com/npm/make-fetch-happen/commit/9dd4f6f108442dc247de44e1ddc0341edcb84c9b)) +* fixed test dep requires; added mockRequire function to mock tests properly ([95de7a1](https://github.com/npm/make-fetch-happen/commit/95de7a171110907e30f41f489e4be983cd8184a5)) +* refactored functions into utilities ([74620dd](https://github.com/npm/make-fetch-happen/commit/74620dd7c2262ac46d9b4f6ac2dc9ff45a4f19ee)) +* updated dev deps; update tap; updated standard ([dce6eec](https://github.com/npm/make-fetch-happen/commit/dce6eece130fb20164a62eeabc6090811d8f14a4)) +* updated fetch tests; linting, logic, added tests ([d50aeaf](https://github.com/npm/make-fetch-happen/commit/d50aeafebeb5d8f7118d7f6660208f40ac487804)) + + +### Bug Fixes + +* format cache key with new URL object shape ([21cb6cc](https://github.com/npm/make-fetch-happen/commit/21cb6cc968aabff8b5c5c02e3666fb093fd6578c)) +* polish out an unnecessary URL object creation ([67a01d4](https://github.com/npm/make-fetch-happen/commit/67a01d46b2cacbadc22f49604ee524526cee3912)), closes [#14](https://github.com/npm/make-fetch-happen/issues/14) +* support user without password in proxy auth ([e24bbf9](https://github.com/npm/make-fetch-happen/commit/e24bbf935bc8a2c49070cdb2518e5ee290143191)) +* updated 'files' property in package file ([945e40c](https://github.com/npm/make-fetch-happen/commit/945e40c7fbb59333e0c632c490683e4babc68dc1)) +* Use WhatWG URL objects over deprecated legacy url API ([28aca97](https://github.com/npm/make-fetch-happen/commit/28aca97dfb63ca003ebf62d1b961771cfbb2481d)) + + +* drop node 8 ([9fa7944](https://github.com/npm/make-fetch-happen/commit/9fa7944cbc603f3a194dfb440f519a7d5265653e)) + +## [6.1.0](https://github.com/npm/make-fetch-happen/compare/v6.0.1...v6.1.0) (2019-11-14) + + +### Bug Fixes + +* **streams:** change condition/logic of fitInMemory used when defining memoize ([c173723](https://github.com/npm/make-fetch-happen/commit/c173723)) + +### [6.0.1](https://github.com/npm/make-fetch-happen/compare/v6.0.0...v6.0.1) (2019-10-23) + +<a name="6.0.0"></a> +# [6.0.0](https://github.com/npm/make-fetch-happen/compare/v5.0.0...v6.0.0) (2019-10-01) + +### Bug Fixes + +* preserve rfc7234 5.5.4 warnings ([001b91e](https://github.com/npm/make-fetch-happen/commit/001b91e)) +* properly detect thrown HTTP "error" objects ([d7cbeb4](https://github.com/npm/make-fetch-happen/commit/d7cbeb4)) +* safely create synthetic response body for 304 ([bc70f88](https://github.com/npm/make-fetch-happen/commit/bc70f88)) + +### Features + +* **promises:** refactor bluebird with native promises ([7482d54](https://github.com/npm/make-fetch-happen/commit/7482d54)) + +### BREAKING CHANGES + +* **streams:** refactor node streams with minipass ([1d7f5a3](https://github.com/npm/make-fetch-happen/commit/1d7f5a3)) + +<a name="5.0.0"></a> +# [5.0.0](https://github.com/npm/make-fetch-happen/compare/v4.0.2...v5.0.0) (2019-07-15) + + +### Features + +* cacache@12, no need for uid/gid opts ([fdb956f](https://github.com/npm/make-fetch-happen/commit/fdb956f)) + + +### BREAKING CHANGES + +* cache uid and gid are inferred from the cache folder itself, +not passed in as options. + + + +<a name="4.0.2"></a> +## [4.0.2](https://github.com/npm/make-fetch-happen/compare/v4.0.1...v4.0.2) (2019-07-02) + + + +<a name="4.0.1"></a> +## [4.0.1](https://github.com/npm/make-fetch-happen/compare/v4.0.0...v4.0.1) (2018-04-12) + + +### Bug Fixes + +* **integrity:** use new sri.match() for verification ([4f371a0](https://github.com/npm/make-fetch-happen/commit/4f371a0)) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/make-fetch-happen/compare/v3.0.0...v4.0.0) (2018-04-09) + + +### meta + +* drop node@4, add node@9 ([7b0191a](https://github.com/npm/make-fetch-happen/commit/7b0191a)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/make-fetch-happen/compare/v2.6.0...v3.0.0) (2018-03-12) + + +### Bug Fixes + +* **license:** switch to ISC ([#49](https://github.com/npm/make-fetch-happen/issues/49)) ([bf90c6d](https://github.com/npm/make-fetch-happen/commit/bf90c6d)) +* **standard:** standard@11 update ([ff0aa70](https://github.com/npm/make-fetch-happen/commit/ff0aa70)) + + +### BREAKING CHANGES + +* **license:** license changed from CC0 to ISC. + + + +<a name="2.6.0"></a> +# [2.6.0](https://github.com/npm/make-fetch-happen/compare/v2.5.0...v2.6.0) (2017-11-14) + + +### Bug Fixes + +* **integrity:** disable node-fetch compress when checking integrity (#42) ([a7cc74c](https://github.com/npm/make-fetch-happen/commit/a7cc74c)) + + +### Features + +* **onretry:** Add `options.onRetry` (#48) ([f90ccff](https://github.com/npm/make-fetch-happen/commit/f90ccff)) + + + +<a name="2.5.0"></a> +# [2.5.0](https://github.com/npm/make-fetch-happen/compare/v2.4.13...v2.5.0) (2017-08-24) + + +### Bug Fixes + +* **agent:** support timeout durations greater than 30 seconds ([04875ae](https://github.com/npm/make-fetch-happen/commit/04875ae)), closes [#35](https://github.com/npm/make-fetch-happen/issues/35) + + +### Features + +* **cache:** export cache deletion functionality (#40) ([3da4250](https://github.com/npm/make-fetch-happen/commit/3da4250)) + + + +<a name="2.4.13"></a> +## [2.4.13](https://github.com/npm/make-fetch-happen/compare/v2.4.12...v2.4.13) (2017-06-29) + + +### Bug Fixes + +* **deps:** bump other deps for bugfixes ([eab8297](https://github.com/npm/make-fetch-happen/commit/eab8297)) +* **proxy:** bump proxy deps with bugfixes (#32) ([632f860](https://github.com/npm/make-fetch-happen/commit/632f860)), closes [#32](https://github.com/npm/make-fetch-happen/issues/32) + + + +<a name="2.4.12"></a> +## [2.4.12](https://github.com/npm/make-fetch-happen/compare/v2.4.11...v2.4.12) (2017-06-06) + + +### Bug Fixes + +* **cache:** encode x-local-cache-etc headers to be header-safe ([dc9fb1b](https://github.com/npm/make-fetch-happen/commit/dc9fb1b)) + + + +<a name="2.4.11"></a> +## [2.4.11](https://github.com/npm/make-fetch-happen/compare/v2.4.10...v2.4.11) (2017-06-05) + + +### Bug Fixes + +* **deps:** bump deps with ssri fix ([bef1994](https://github.com/npm/make-fetch-happen/commit/bef1994)) + + + +<a name="2.4.10"></a> +## [2.4.10](https://github.com/npm/make-fetch-happen/compare/v2.4.9...v2.4.10) (2017-05-31) + + +### Bug Fixes + +* **deps:** bump dep versions with bugfixes ([0af4003](https://github.com/npm/make-fetch-happen/commit/0af4003)) +* **proxy:** use auth parameter for proxy authentication (#30) ([c687306](https://github.com/npm/make-fetch-happen/commit/c687306)) + + + +<a name="2.4.9"></a> +## [2.4.9](https://github.com/npm/make-fetch-happen/compare/v2.4.8...v2.4.9) (2017-05-25) + + +### Bug Fixes + +* **cache:** use the passed-in promise for resolving cache stuff ([4c46257](https://github.com/npm/make-fetch-happen/commit/4c46257)) + + + +<a name="2.4.8"></a> +## [2.4.8](https://github.com/npm/make-fetch-happen/compare/v2.4.7...v2.4.8) (2017-05-25) + + +### Bug Fixes + +* **cache:** pass uid/gid/Promise through to cache ([a847c92](https://github.com/npm/make-fetch-happen/commit/a847c92)) + + + +<a name="2.4.7"></a> +## [2.4.7](https://github.com/npm/make-fetch-happen/compare/v2.4.6...v2.4.7) (2017-05-24) + + +### Bug Fixes + +* **deps:** pull in various fixes from deps ([fc2a587](https://github.com/npm/make-fetch-happen/commit/fc2a587)) + + + +<a name="2.4.6"></a> +## [2.4.6](https://github.com/npm/make-fetch-happen/compare/v2.4.5...v2.4.6) (2017-05-24) + + +### Bug Fixes + +* **proxy:** choose agent for http(s)-proxy by protocol of destUrl ([ea4832a](https://github.com/npm/make-fetch-happen/commit/ea4832a)) +* **proxy:** make socks proxy working ([1de810a](https://github.com/npm/make-fetch-happen/commit/1de810a)) +* **proxy:** revert previous proxy solution ([563b0d8](https://github.com/npm/make-fetch-happen/commit/563b0d8)) + + + +<a name="2.4.5"></a> +## [2.4.5](https://github.com/npm/make-fetch-happen/compare/v2.4.4...v2.4.5) (2017-05-24) + + +### Bug Fixes + +* **proxy:** use the destination url when determining agent ([1a714e7](https://github.com/npm/make-fetch-happen/commit/1a714e7)) + + + +<a name="2.4.4"></a> +## [2.4.4](https://github.com/npm/make-fetch-happen/compare/v2.4.3...v2.4.4) (2017-05-23) + + +### Bug Fixes + +* **redirect:** handle redirects explicitly (#27) ([4c4af54](https://github.com/npm/make-fetch-happen/commit/4c4af54)) + + + +<a name="2.4.3"></a> +## [2.4.3](https://github.com/npm/make-fetch-happen/compare/v2.4.2...v2.4.3) (2017-05-06) + + +### Bug Fixes + +* **redirect:** redirects now delete authorization if hosts fail to match ([c071805](https://github.com/npm/make-fetch-happen/commit/c071805)) + + + +<a name="2.4.2"></a> +## [2.4.2](https://github.com/npm/make-fetch-happen/compare/v2.4.1...v2.4.2) (2017-05-04) + + +### Bug Fixes + +* **cache:** reduce race condition window by checking for content ([24544b1](https://github.com/npm/make-fetch-happen/commit/24544b1)) +* **match:** Rewrite the conditional stream logic (#25) ([66bba4b](https://github.com/npm/make-fetch-happen/commit/66bba4b)) + + + +<a name="2.4.1"></a> +## [2.4.1](https://github.com/npm/make-fetch-happen/compare/v2.4.0...v2.4.1) (2017-04-28) + + +### Bug Fixes + +* **memoization:** missed spots + allow passthrough of memo objs ([ac0cd12](https://github.com/npm/make-fetch-happen/commit/ac0cd12)) + + + +<a name="2.4.0"></a> +# [2.4.0](https://github.com/npm/make-fetch-happen/compare/v2.3.0...v2.4.0) (2017-04-28) + + +### Bug Fixes + +* **memoize:** cacache had a broken memoizer ([8a9ed4c](https://github.com/npm/make-fetch-happen/commit/8a9ed4c)) + + +### Features + +* **memoization:** only slurp stuff into memory if opts.memoize is not false ([0744adc](https://github.com/npm/make-fetch-happen/commit/0744adc)) + + + +<a name="2.3.0"></a> +# [2.3.0](https://github.com/npm/make-fetch-happen/compare/v2.2.6...v2.3.0) (2017-04-27) + + +### Features + +* **agent:** added opts.strictSSL and opts.localAddress ([c35015a](https://github.com/npm/make-fetch-happen/commit/c35015a)) +* **proxy:** Added opts.noProxy and NO_PROXY support ([f45c915](https://github.com/npm/make-fetch-happen/commit/f45c915)) + + + +<a name="2.2.6"></a> +## [2.2.6](https://github.com/npm/make-fetch-happen/compare/v2.2.5...v2.2.6) (2017-04-26) + + +### Bug Fixes + +* **agent:** check uppercase & lowercase proxy env (#24) ([acf2326](https://github.com/npm/make-fetch-happen/commit/acf2326)), closes [#22](https://github.com/npm/make-fetch-happen/issues/22) +* **deps:** switch to node-fetch-npm and stop bundling ([3db603b](https://github.com/npm/make-fetch-happen/commit/3db603b)) + + + +<a name="2.2.5"></a> +## [2.2.5](https://github.com/npm/make-fetch-happen/compare/v2.2.4...v2.2.5) (2017-04-23) + + +### Bug Fixes + +* **deps:** bump cacache and use its size feature ([926c1d3](https://github.com/npm/make-fetch-happen/commit/926c1d3)) + + + +<a name="2.2.4"></a> +## [2.2.4](https://github.com/npm/make-fetch-happen/compare/v2.2.3...v2.2.4) (2017-04-18) + + +### Bug Fixes + +* **integrity:** hash verification issues fixed ([07f9402](https://github.com/npm/make-fetch-happen/commit/07f9402)) + + + +<a name="2.2.3"></a> +## [2.2.3](https://github.com/npm/make-fetch-happen/compare/v2.2.2...v2.2.3) (2017-04-18) + + +### Bug Fixes + +* **staleness:** responses older than 8h were never stale :< ([b54dd75](https://github.com/npm/make-fetch-happen/commit/b54dd75)) +* **warning:** remove spurious warning, make format more spec-compliant ([2e4f6bb](https://github.com/npm/make-fetch-happen/commit/2e4f6bb)) + + + +<a name="2.2.2"></a> +## [2.2.2](https://github.com/npm/make-fetch-happen/compare/v2.2.1...v2.2.2) (2017-04-12) + + +### Bug Fixes + +* **retry:** stop retrying 404s ([6fafd53](https://github.com/npm/make-fetch-happen/commit/6fafd53)) + + + +<a name="2.2.1"></a> +## [2.2.1](https://github.com/npm/make-fetch-happen/compare/v2.2.0...v2.2.1) (2017-04-10) + + +### Bug Fixes + +* **deps:** move test-only deps to devDeps ([2daaf80](https://github.com/npm/make-fetch-happen/commit/2daaf80)) + + + +<a name="2.2.0"></a> +# [2.2.0](https://github.com/npm/make-fetch-happen/compare/v2.1.0...v2.2.0) (2017-04-09) + + +### Bug Fixes + +* **cache:** treat caches as private ([57b7dc2](https://github.com/npm/make-fetch-happen/commit/57b7dc2)) + + +### Features + +* **retry:** accept shorthand retry settings ([dfed69d](https://github.com/npm/make-fetch-happen/commit/dfed69d)) + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/npm/make-fetch-happen/compare/v2.0.4...v2.1.0) (2017-04-09) + + +### Features + +* **cache:** cache now obeys Age and a variety of other things (#13) ([7b9652d](https://github.com/npm/make-fetch-happen/commit/7b9652d)) + + + +<a name="2.0.4"></a> +## [2.0.4](https://github.com/npm/make-fetch-happen/compare/v2.0.3...v2.0.4) (2017-04-09) + + +### Bug Fixes + +* **agent:** accept Request as fetch input, not just strings ([b71669a](https://github.com/npm/make-fetch-happen/commit/b71669a)) + + + +<a name="2.0.3"></a> +## [2.0.3](https://github.com/npm/make-fetch-happen/compare/v2.0.2...v2.0.3) (2017-04-09) + + +### Bug Fixes + +* **deps:** seriously ([c29e7e7](https://github.com/npm/make-fetch-happen/commit/c29e7e7)) + + + +<a name="2.0.2"></a> +## [2.0.2](https://github.com/npm/make-fetch-happen/compare/v2.0.1...v2.0.2) (2017-04-09) + + +### Bug Fixes + +* **deps:** use bundleDeps instead ([c36ebf0](https://github.com/npm/make-fetch-happen/commit/c36ebf0)) + + + +<a name="2.0.1"></a> +## [2.0.1](https://github.com/npm/make-fetch-happen/compare/v2.0.0...v2.0.1) (2017-04-09) + + +### Bug Fixes + +* **deps:** make sure node-fetch tarball included in release ([3bf49d1](https://github.com/npm/make-fetch-happen/commit/3bf49d1)) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/make-fetch-happen/compare/v1.7.0...v2.0.0) (2017-04-09) + + +### Bug Fixes + +* **deps:** manually pull in newer node-fetch to avoid babel prod dep ([66e5e87](https://github.com/npm/make-fetch-happen/commit/66e5e87)) +* **retry:** be more specific about when we retry ([a47b782](https://github.com/npm/make-fetch-happen/commit/a47b782)) + + +### Features + +* **agent:** add ca/cert/key support to auto-agent (#15) ([57585a7](https://github.com/npm/make-fetch-happen/commit/57585a7)) + + +### BREAKING CHANGES + +* **agent:** pac proxies are no longer supported. +* **retry:** Retry logic has changes. + +* 404s, 420s, and 429s all retry now. +* ENOTFOUND no longer retries. +* Only ECONNRESET, ECONNREFUSED, EADDRINUSE, ETIMEDOUT, and `request-timeout` errors are retried. + + + +<a name="1.7.0"></a> +# [1.7.0](https://github.com/npm/make-fetch-happen/compare/v1.6.0...v1.7.0) (2017-04-08) + + +### Features + +* **cache:** add useful headers to inform users about cached data ([9bd7b00](https://github.com/npm/make-fetch-happen/commit/9bd7b00)) + + + +<a name="1.6.0"></a> +# [1.6.0](https://github.com/npm/make-fetch-happen/compare/v1.5.1...v1.6.0) (2017-04-06) + + +### Features + +* **agent:** better, keepalive-supporting, default http agents ([16277f6](https://github.com/npm/make-fetch-happen/commit/16277f6)) + + + +<a name="1.5.1"></a> +## [1.5.1](https://github.com/npm/make-fetch-happen/compare/v1.5.0...v1.5.1) (2017-04-05) + + +### Bug Fixes + +* **cache:** bump cacache for its fixed error messages ([2f2b916](https://github.com/npm/make-fetch-happen/commit/2f2b916)) +* **cache:** fix handling of errors in cache reads ([5729222](https://github.com/npm/make-fetch-happen/commit/5729222)) + + + +<a name="1.5.0"></a> +# [1.5.0](https://github.com/npm/make-fetch-happen/compare/v1.4.0...v1.5.0) (2017-04-04) + + +### Features + +* **retry:** retry requests on 408 timeouts, too ([8d8b5bd](https://github.com/npm/make-fetch-happen/commit/8d8b5bd)) + + + +<a name="1.4.0"></a> +# [1.4.0](https://github.com/npm/make-fetch-happen/compare/v1.3.1...v1.4.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** stop relying on BB.catch ([2b04494](https://github.com/npm/make-fetch-happen/commit/2b04494)) + + +### Features + +* **retry:** report retry attempt number as extra header ([fd50927](https://github.com/npm/make-fetch-happen/commit/fd50927)) + + + +<a name="1.3.1"></a> +## [1.3.1](https://github.com/npm/make-fetch-happen/compare/v1.3.0...v1.3.1) (2017-04-04) + + +### Bug Fixes + +* **cache:** pretend cache entry is missing on ENOENT ([9c2bb26](https://github.com/npm/make-fetch-happen/commit/9c2bb26)) + + + +<a name="1.3.0"></a> +# [1.3.0](https://github.com/npm/make-fetch-happen/compare/v1.2.1...v1.3.0) (2017-04-04) + + +### Bug Fixes + +* **cache:** if metadata is missing for some odd reason, ignore the entry ([a021a6b](https://github.com/npm/make-fetch-happen/commit/a021a6b)) + + +### Features + +* **cache:** add special headers when request was loaded straight from cache ([8a7dbd1](https://github.com/npm/make-fetch-happen/commit/8a7dbd1)) +* **cache:** allow configuring algorithms to be calculated on insertion ([bf4a0f2](https://github.com/npm/make-fetch-happen/commit/bf4a0f2)) + + + +<a name="1.2.1"></a> +## [1.2.1](https://github.com/npm/make-fetch-happen/compare/v1.2.0...v1.2.1) (2017-04-03) + + +### Bug Fixes + +* **integrity:** update cacache and ssri and change EBADCHECKSUM -> EINTEGRITY ([b6cf6f6](https://github.com/npm/make-fetch-happen/commit/b6cf6f6)) + + + +<a name="1.2.0"></a> +# [1.2.0](https://github.com/npm/make-fetch-happen/compare/v1.1.0...v1.2.0) (2017-04-03) + + +### Features + +* **integrity:** full Subresource Integrity support (#10) ([a590159](https://github.com/npm/make-fetch-happen/commit/a590159)) + + + +<a name="1.1.0"></a> +# [1.1.0](https://github.com/npm/make-fetch-happen/compare/v1.0.1...v1.1.0) (2017-04-01) + + +### Features + +* **opts:** fetch.defaults() for default options ([522a65e](https://github.com/npm/make-fetch-happen/commit/522a65e)) + + + +<a name="1.0.1"></a> +## [1.0.1](https://github.com/npm/make-fetch-happen/compare/v1.0.0...v1.0.1) (2017-04-01) + + + +<a name="1.0.0"></a> +# 1.0.0 (2017-04-01) + + +### Bug Fixes + +* **cache:** default on cache-control header ([b872a2c](https://github.com/npm/make-fetch-happen/commit/b872a2c)) +* standard stuff and cache matching ([753f2c2](https://github.com/npm/make-fetch-happen/commit/753f2c2)) +* **agent:** nudge around things with opts.agent ([ed62b57](https://github.com/npm/make-fetch-happen/commit/ed62b57)) +* **agent:** {agent: false} has special behavior ([b8cc923](https://github.com/npm/make-fetch-happen/commit/b8cc923)) +* **cache:** invalidation on non-GET ([fe78fac](https://github.com/npm/make-fetch-happen/commit/fe78fac)) +* **cache:** make force-cache and only-if-cached work as expected ([f50e9df](https://github.com/npm/make-fetch-happen/commit/f50e9df)) +* **cache:** more spec compliance ([d5a56db](https://github.com/npm/make-fetch-happen/commit/d5a56db)) +* **cache:** only cache 200 gets ([0abb25a](https://github.com/npm/make-fetch-happen/commit/0abb25a)) +* **cache:** only load cache code if cache opt is a string ([250fcd5](https://github.com/npm/make-fetch-happen/commit/250fcd5)) +* **cache:** oops ([e3fa15a](https://github.com/npm/make-fetch-happen/commit/e3fa15a)) +* **cache:** refactored warning removal into main file ([5b0a9f9](https://github.com/npm/make-fetch-happen/commit/5b0a9f9)) +* **cache:** req constructor no longer needed in Cache ([5b74cbc](https://github.com/npm/make-fetch-happen/commit/5b74cbc)) +* **cache:** standard fetch api calls cacheMode "cache" ([6fba805](https://github.com/npm/make-fetch-happen/commit/6fba805)) +* **cache:** was using wrong method for non-GET/HEAD cache invalidation ([810763a](https://github.com/npm/make-fetch-happen/commit/810763a)) +* **caching:** a bunch of cache-related fixes ([8ebda1d](https://github.com/npm/make-fetch-happen/commit/8ebda1d)) +* **deps:** `cacache[@6](https://github.com/6).3.0` - race condition fixes ([9528442](https://github.com/npm/make-fetch-happen/commit/9528442)) +* **freshness:** fix regex for cacheControl matching ([070db86](https://github.com/npm/make-fetch-happen/commit/070db86)) +* **freshness:** fixed default freshness heuristic value ([5d29e88](https://github.com/npm/make-fetch-happen/commit/5d29e88)) +* **logging:** remove console.log calls ([a1d0a47](https://github.com/npm/make-fetch-happen/commit/a1d0a47)) +* **method:** node-fetch guarantees uppercase ([a1d68d6](https://github.com/npm/make-fetch-happen/commit/a1d68d6)) +* **opts:** simplified opts handling ([516fd6e](https://github.com/npm/make-fetch-happen/commit/516fd6e)) +* **proxy:** pass proxy option directly to ProxyAgent ([3398460](https://github.com/npm/make-fetch-happen/commit/3398460)) +* **retry:** false -> {retries: 0} ([297fbb6](https://github.com/npm/make-fetch-happen/commit/297fbb6)) +* **retry:** only retry put if body is not a stream ([a24e599](https://github.com/npm/make-fetch-happen/commit/a24e599)) +* **retry:** skip retries if body is a stream for ANY method ([780c0f8](https://github.com/npm/make-fetch-happen/commit/780c0f8)) + + +### Features + +* **api:** initial implementation -- can make and cache requests ([7d55b49](https://github.com/npm/make-fetch-happen/commit/7d55b49)) +* **fetch:** injectable cache, and retry support ([87b84bf](https://github.com/npm/make-fetch-happen/commit/87b84bf)) + + +### BREAKING CHANGES + +* **cache:** opts.cache -> opts.cacheManager; opts.cacheMode -> opts.cache +* **fetch:** opts.cache accepts a Cache-like obj or a path. Requests are now retried. +* **api:** actual api implemented diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/LICENSE b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/LICENSE new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/LICENSE @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/README.md b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/README.md new file mode 100644 index 000000000..fa151103b --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/README.md @@ -0,0 +1,404 @@ +# make-fetch-happen +[](https://npm.im/make-fetch-happen) [](https://npm.im/make-fetch-happen) [](https://travis-ci.org/npm/make-fetch-happen) [](https://coveralls.io/github/npm/make-fetch-happen?branch=latest) + +[`make-fetch-happen`](https://github.com/npm/make-fetch-happen) is a Node.js +library that wraps [`node-fetch-npm`](https://github.com/npm/node-fetch-npm) with additional +features [`node-fetch`](https://github.com/bitinn/node-fetch) doesn't intend to include, including HTTP Cache support, request +pooling, proxies, retries, [and more](#features)! + +## Install + +`$ npm install --save make-fetch-happen` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.defaults`](#fetch-defaults) + * [`node-fetch` options](#node-fetch-options) + * [`make-fetch-happen` options](#extra-options) + * [`opts.cacheManager`](#opts-cache-manager) + * [`opts.cache`](#opts-cache) + * [`opts.proxy`](#opts-proxy) + * [`opts.noProxy`](#opts-no-proxy) + * [`opts.ca, opts.cert, opts.key`](#https-opts) + * [`opts.maxSockets`](#opts-max-sockets) + * [`opts.retry`](#opts-retry) + * [`opts.onRetry`](#opts-onretry) + * [`opts.integrity`](#opts-integrity) +* [Message From Our Sponsors](#wow) + +### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' // path where cache will be written (and read) +}) + +fetch('https://registry.npmjs.org/make-fetch-happen').then(res => { + return res.json() // download the body as JSON +}).then(body => { + console.log(`got ${body.name} from web`) + return fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'no-cache' // forces a conditional request + }) +}).then(res => { + console.log(res.status) // 304! cache validated! + return res.json().then(body => { + console.log(`got ${body.name} from cache`) + }) +}) +``` + +### Features + +* Builds around [`node-fetch`](https://npm.im/node-fetch) for the core [`fetch` API](https://fetch.spec.whatwg.org) implementation +* Request pooling out of the box +* Quite fast, really +* Automatic HTTP-semantics-aware request retries +* Cache-fallback automatic "offline mode" +* Proxy support (http, https, socks, socks4, socks5) +* Built-in request caching following full HTTP caching rules (`Cache-Control`, `ETag`, `304`s, cache fallback on error, etc). +* Customize cache storage with any [Cache API](https://developer.mozilla.org/en-US/docs/Web/API/Cache)-compliant `Cache` instance. Cache to Redis! +* Node.js Stream support +* Transparent gzip and deflate support +* [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) support +* Literally punches nazis +* (PENDING) Range request caching and resuming + +### Contributing + +The make-fetch-happen team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The [Contributor Guide](https://github.com/npm/cli/blob/latest/CONTRIBUTING.md) outlines the process for community interaction and contribution. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow the [npm Code of Conduct](https://www.npmjs.com/policies/conduct), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### <a name="fetch"></a> `> fetch(uriOrRequest, [opts]) -> Promise<Response>` + +This function implements most of the [`fetch` API](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch): given a `uri` string or a `Request` instance, it will fire off an http request and return a Promise containing the relevant response. + +If `opts` is provided, the [`node-fetch`-specific options](#node-fetch-options) will be passed to that library. There are also [additional options](#extra-options) specific to make-fetch-happen that add various features, such as HTTP caching, integrity verification, proxy support, and more. + +##### Example + +```javascript +fetch('https://google.com').then(res => res.buffer()) +``` + +#### <a name="fetch-defaults"></a> `> fetch.defaults([defaultUrl], [defaultOpts])` + +Returns a new `fetch` function that will call `make-fetch-happen` using `defaultUrl` and `defaultOpts` as default values to any calls. + +A defaulted `fetch` will also have a `.defaults()` method, so they can be chained. + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-local-cache' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen') // will always use the cache +``` + +#### <a name="node-fetch-options"></a> `> node-fetch options` + +The following options for `node-fetch` are used as-is: + +* method +* body +* redirect +* follow +* timeout +* compress +* size + +These other options are modified or augmented by make-fetch-happen: + +* headers - Default `User-Agent` set to make-fetch happen. `Connection` is set to `keep-alive` or `close` automatically depending on `opts.agent`. +* agent + * If agent is null, an http or https Agent will be automatically used. By default, these will be `http.globalAgent` and `https.globalAgent`. + * If [`opts.proxy`](#opts-proxy) is provided and `opts.agent` is null, the agent will be set to an appropriate proxy-handling agent. + * If `opts.agent` is an object, it will be used as the request-pooling agent argument for this request. + * If `opts.agent` is `false`, it will be passed as-is to the underlying request library. This causes a new Agent to be spawned for every request. + +For more details, see [the documentation for `node-fetch` itself](https://github.com/bitinn/node-fetch#options). + +#### <a name="extra-options"></a> `> make-fetch-happen options` + +make-fetch-happen augments the `node-fetch` API with additional features available through extra options. The following extra options are available: + +* [`opts.cacheManager`](#opts-cache-manager) - Cache target to read/write +* [`opts.cache`](#opts-cache) - `fetch` cache mode. Controls cache *behavior*. +* [`opts.proxy`](#opts-proxy) - Proxy agent +* [`opts.noProxy`](#opts-no-proxy) - Domain segments to disable proxying for. +* [`opts.ca, opts.cert, opts.key, opts.strictSSL`](#https-opts) +* [`opts.localAddress`](#opts-local-address) +* [`opts.maxSockets`](#opts-max-sockets) +* [`opts.retry`](#opts-retry) - Request retry settings +* [`opts.onRetry`](#opts-onretry) - a function called whenever a retry is attempted +* [`opts.integrity`](#opts-integrity) - [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. + +#### <a name="opts-cache-manager"></a> `> opts.cacheManager` + +Either a `String` or a `Cache`. If the former, it will be assumed to be a `Path` to be used as the cache root for [`cacache`](https://npm.im/cacache). + +If an object is provided, it will be assumed to be a compliant [`Cache` instance](https://developer.mozilla.org/en-US/docs/Web/API/Cache). Only `Cache.match()`, `Cache.put()`, and `Cache.delete()` are required. Options objects will not be passed in to `match()` or `delete()`. + +By implementing this API, you can customize the storage backend for make-fetch-happen itself -- for example, you could implement a cache that uses `redis` for caching, or simply keeps everything in memory. Most of the caching logic exists entirely on the make-fetch-happen side, so the only thing you need to worry about is reading, writing, and deleting, as well as making sure `fetch.Response` objects are what gets returned. + +You can refer to `cache.js` in the make-fetch-happen source code for a reference implementation. + +**NOTE**: Requests will not be cached unless their response bodies are consumed. You will need to use one of the `res.json()`, `res.buffer()`, etc methods on the response, or drain the `res.body` stream, in order for it to be written. + +The default cache manager also adds the following headers to cached responses: + +* `X-Local-Cache`: Path to the cache the content was found in +* `X-Local-Cache-Key`: Unique cache entry key for this response +* `X-Local-Cache-Hash`: Specific integrity hash for the cached entry +* `X-Local-Cache-Time`: UTCString of the cache insertion time for the entry + +Using [`cacache`](https://npm.im/cacache), a call like this may be used to +manually fetch the cached entry: + +```javascript +const h = response.headers +cacache.get(h.get('x-local-cache'), h.get('x-local-cache-key')) + +// grab content only, directly: +cacache.get.byDigest(h.get('x-local-cache'), h.get('x-local-cache-hash')) +``` + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + cacheManager: './my-local-cache' +}) // -> 200-level response will be written to disk + +fetch('https://npm.im/cacache', { + cacheManager: new MyCustomRedisCache(process.env.PORT) +}) // -> 200-level response will be written to redis +``` + +A possible (minimal) implementation for `MyCustomRedisCache`: + +```javascript +const bluebird = require('bluebird') +const redis = require("redis") +bluebird.promisifyAll(redis.RedisClient.prototype) +class MyCustomRedisCache { + constructor (opts) { + this.redis = redis.createClient(opts) + } + match (req) { + return this.redis.getAsync(req.url).then(res => { + if (res) { + const parsed = JSON.parse(res) + return new fetch.Response(parsed.body, { + url: req.url, + headers: parsed.headers, + status: 200 + }) + } + }) + } + put (req, res) { + return res.buffer().then(body => { + return this.redis.setAsync(req.url, JSON.stringify({ + body: body, + headers: res.headers.raw() + })) + }).then(() => { + // return the response itself + return res + }) + } + 'delete' (req) { + return this.redis.unlinkAsync(req.url) + } +} +``` + +#### <a name="opts-cache"></a> `> opts.cache` + +This option follows the standard `fetch` API cache option. This option will do nothing if [`opts.cacheManager`](#opts-cache-manager) is null. The following values are accepted (as strings): + +* `default` - Fetch will inspect the HTTP cache on the way to the network. If there is a fresh response it will be used. If there is a stale response a conditional request will be created, and a normal request otherwise. It then updates the HTTP cache with the response. If the revalidation request fails (for example, on a 500 or if you're offline), the stale response will be returned. +* `no-store` - Fetch behaves as if there is no HTTP cache at all. +* `reload` - Fetch behaves as if there is no HTTP cache on the way to the network. Ergo, it creates a normal request and updates the HTTP cache with the response. +* `no-cache` - Fetch creates a conditional request if there is a response in the HTTP cache and a normal request otherwise. It then updates the HTTP cache with the response. +* `force-cache` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it creates a normal request and updates the HTTP cache with the response. +* `only-if-cached` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it returns a network error. (Can only be used when request’s mode is "same-origin". Any cached redirects will be followed assuming request’s redirect mode is "follow" and the redirects do not violate request’s mode.) + +(Note: option descriptions are taken from https://fetch.spec.whatwg.org/#http-network-or-cache-fetch) + +##### Example + +```javascript +const fetch = require('make-fetch-happen').defaults({ + cacheManager: './my-cache' +}) + +// Will error with ENOTCACHED if we haven't already cached this url +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'only-if-cached' +}) + +// Will refresh any local content and cache the new response +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'reload' +}) + +// Will use any local data, even if stale. Otherwise, will hit network. +fetch('https://registry.npmjs.org/make-fetch-happen', { + cache: 'force-cache' +}) +``` + +#### <a name="opts-proxy"></a> `> opts.proxy` + +A string or `new url.URL()`-d URI to proxy through. Different Proxy handlers will be +used depending on the proxy's protocol. + +Additionally, `process.env.HTTP_PROXY`, `process.env.HTTPS_PROXY`, and +`process.env.PROXY` are used if present and no `opts.proxy` value is provided. + +(Pending) `process.env.NO_PROXY` may also be configured to skip proxying requests for all, or specific domains. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: 'https://corporate.yourcompany.proxy:4445' +}) + +fetch('https://registry.npmjs.org/make-fetch-happen', { + proxy: { + protocol: 'https:', + hostname: 'corporate.yourcompany.proxy', + port: 4445 + } +}) +``` + +#### <a name="opts-no-proxy"></a> `> opts.noProxy` + +If present, should be a comma-separated string or an array of domain extensions +that a proxy should _not_ be used for. + +This option may also be provided through `process.env.NO_PROXY`. + +#### <a name="https-opts"></a> `> opts.ca, opts.cert, opts.key, opts.strictSSL` + +These values are passed in directly to the HTTPS agent and will be used for both +proxied and unproxied outgoing HTTPS requests. They mostly correspond to the +same options the `https` module accepts, which will be themselves passed to +`tls.connect()`. `opts.strictSSL` corresponds to `rejectUnauthorized`. + +#### <a name="opts-local-address"></a> `> opts.localAddress` + +Passed directly to `http` and `https` request calls. Determines the local +address to bind to. + +#### <a name="opts-max-sockets"></a> `> opts.maxSockets` + +Default: 15 + +Maximum number of active concurrent sockets to use for the underlying +Http/Https/Proxy agents. This setting applies once per spawned agent. + +15 is probably a _pretty good value_ for most use-cases, and balances speed +with, uh, not knocking out people's routers. 🤓 + +#### <a name="opts-retry"></a> `> opts.retry` + +An object that can be used to tune request retry settings. Retries will only be attempted on the following conditions: + +* Request method is NOT `POST` AND +* Request status is one of: `408`, `420`, `429`, or any status in the 500-range. OR +* Request errored with `ECONNRESET`, `ECONNREFUSED`, `EADDRINUSE`, `ETIMEDOUT`, or the `fetch` error `request-timeout`. + +The following are worth noting as explicitly not retried: + +* `getaddrinfo ENOTFOUND` and will be assumed to be either an unreachable domain or the user will be assumed offline. If a response is cached, it will be returned immediately. +* `ECONNRESET` currently has no support for restarting. It will eventually be supported but requires a bit more juggling due to streaming. + +If `opts.retry` is `false`, it is equivalent to `{retries: 0}` + +If `opts.retry` is a number, it is equivalent to `{retries: num}` + +The following retry options are available if you want more control over it: + +* retries +* factor +* minTimeout +* maxTimeout +* randomize + +For details on what each of these do, refer to the [`retry`](https://npm.im/retry) documentation. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + retry: { + retries: 10, + randomize: true + } +}) + +fetch('http://reliable.site.com', { + retry: false +}) + +fetch('http://one-more.site.com', { + retry: 3 +}) +``` + +#### <a name="opts-onretry"></a> `> opts.onRetry` + +A function called whenever a retry is attempted. + +##### Example + +```javascript +fetch('https://flaky.site.com', { + onRetry() { + console.log('we will retry!') + } +}) +``` + +#### <a name="opts-integrity"></a> `> opts.integrity` + +Matches the response body against the given [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. If verification fails, the request will fail with an `EINTEGRITY` error. + +`integrity` may either be a string or an [`ssri`](https://npm.im/ssri) `Integrity`-like. + +##### Example + +```javascript +fetch('https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // -> ok + +fetch('https://malicious-registry.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', { + integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q=' +}) // Error: EINTEGRITY +``` + +### <a name="wow"></a> Message From Our Sponsors + + + + diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/agent.js b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/agent.js new file mode 100644 index 000000000..66ca886be --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/agent.js @@ -0,0 +1,213 @@ +'use strict' +const LRU = require('lru-cache') +const url = require('url') +const isLambda = require('is-lambda') + +const AGENT_CACHE = new LRU({ max: 50 }) +let HttpsAgent +let HttpAgent + +module.exports = getAgent + +const getAgentTimeout = timeout => + typeof timeout !== 'number' || !timeout ? 0 : timeout + 1 + +const getMaxSockets = maxSockets => maxSockets || 15 + +function getAgent (uri, opts) { + const parsedUri = new url.URL(typeof uri === 'string' ? uri : uri.url) + const isHttps = parsedUri.protocol === 'https:' + const pxuri = getProxyUri(parsedUri.href, opts) + + // If opts.timeout is zero, set the agentTimeout to zero as well. A timeout + // of zero disables the timeout behavior (OS limits still apply). Else, if + // opts.timeout is a non-zero value, set it to timeout + 1, to ensure that + // the node-fetch-npm timeout will always fire first, giving us more + // consistent errors. + const agentTimeout = getAgentTimeout(opts.timeout) + const agentMaxSockets = getMaxSockets(opts.maxSockets) + + const key = [ + `https:${isHttps}`, + pxuri + ? `proxy:${pxuri.protocol}//${pxuri.host}:${pxuri.port}` + : '>no-proxy<', + `local-address:${opts.localAddress || '>no-local-address<'}`, + `strict-ssl:${isHttps ? !!opts.strictSSL : '>no-strict-ssl<'}`, + `ca:${(isHttps && opts.ca) || '>no-ca<'}`, + `cert:${(isHttps && opts.cert) || '>no-cert<'}`, + `key:${(isHttps && opts.key) || '>no-key<'}`, + `timeout:${agentTimeout}`, + `maxSockets:${agentMaxSockets}` + ].join(':') + + if (opts.agent != null) { // `agent: false` has special behavior! + return opts.agent + } + + // keep alive in AWS lambda makes no sense + const lambdaAgent = !isLambda ? null + : isHttps ? require('https').globalAgent + : require('http').globalAgent + + if (isLambda && !pxuri) { + return lambdaAgent + } + + if (AGENT_CACHE.peek(key)) { + return AGENT_CACHE.get(key) + } + + if (pxuri) { + const pxopts = isLambda ? { + ...opts, + agent: lambdaAgent + } : opts + const proxy = getProxy(pxuri, pxopts, isHttps) + AGENT_CACHE.set(key, proxy) + return proxy + } + + if (!HttpsAgent) { + HttpAgent = require('agentkeepalive') + HttpsAgent = HttpAgent.HttpsAgent + } + + const agent = isHttps ? new HttpsAgent({ + maxSockets: agentMaxSockets, + ca: opts.ca, + cert: opts.cert, + key: opts.key, + localAddress: opts.localAddress, + rejectUnauthorized: opts.strictSSL, + timeout: agentTimeout + }) : new HttpAgent({ + maxSockets: agentMaxSockets, + localAddress: opts.localAddress, + timeout: agentTimeout + }) + AGENT_CACHE.set(key, agent) + return agent +} + +function checkNoProxy (uri, opts) { + const host = new url.URL(uri).hostname.split('.').reverse() + let noproxy = (opts.noProxy || getProcessEnv('no_proxy')) + if (typeof noproxy === 'string') { + noproxy = noproxy.split(/\s*,\s*/g) + } + return noproxy && noproxy.some(no => { + const noParts = no.split('.').filter(x => x).reverse() + if (!noParts.length) { return false } + for (let i = 0; i < noParts.length; i++) { + if (host[i] !== noParts[i]) { + return false + } + } + return true + }) +} + +module.exports.getProcessEnv = getProcessEnv + +function getProcessEnv (env) { + if (!env) { + return + } + + let value + + if (Array.isArray(env)) { + for (const e of env) { + value = process.env[e] || + process.env[e.toUpperCase()] || + process.env[e.toLowerCase()] + if (typeof value !== 'undefined') { break } + } + } + + if (typeof env === 'string') { + value = process.env[env] || + process.env[env.toUpperCase()] || + process.env[env.toLowerCase()] + } + + return value +} + +module.exports.getProxyUri = getProxyUri +function getProxyUri (uri, opts) { + const protocol = new url.URL(uri).protocol + + const proxy = opts.proxy || + ( + protocol === 'https:' && + getProcessEnv('https_proxy') + ) || + ( + protocol === 'http:' && + getProcessEnv(['https_proxy', 'http_proxy', 'proxy']) + ) + if (!proxy) { return null } + + const parsedProxy = (typeof proxy === 'string') ? new url.URL(proxy) : proxy + + return !checkNoProxy(uri, opts) && parsedProxy +} + +const getAuth = u => + u.username && u.password ? `${u.username}:${u.password}` + : u.username ? u.username + : null + +const getPath = u => u.pathname + u.search + u.hash + +let HttpProxyAgent +let HttpsProxyAgent +let SocksProxyAgent +module.exports.getProxy = getProxy +function getProxy (proxyUrl, opts, isHttps) { + const popts = { + host: proxyUrl.hostname, + port: proxyUrl.port, + protocol: proxyUrl.protocol, + path: getPath(proxyUrl), + auth: getAuth(proxyUrl), + ca: opts.ca, + cert: opts.cert, + key: opts.key, + timeout: getAgentTimeout(opts.timeout), + localAddress: opts.localAddress, + maxSockets: getMaxSockets(opts.maxSockets), + rejectUnauthorized: opts.strictSSL + } + + if (proxyUrl.protocol === 'http:' || proxyUrl.protocol === 'https:') { + if (!isHttps) { + if (!HttpProxyAgent) { + HttpProxyAgent = require('http-proxy-agent') + } + + return new HttpProxyAgent(popts) + } else { + if (!HttpsProxyAgent) { + HttpsProxyAgent = require('https-proxy-agent') + } + + return new HttpsProxyAgent(popts) + } + } else if (proxyUrl.protocol.startsWith('socks')) { + if (!SocksProxyAgent) { + SocksProxyAgent = require('socks-proxy-agent') + } + + return new SocksProxyAgent(popts) + } else { + throw Object.assign( + new Error(`unsupported proxy protocol: '${proxyUrl.protocol}'`), + { + url: proxyUrl.href + } + ) + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/cache.js b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/cache.js new file mode 100644 index 000000000..1b7f0db1b --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/cache.js @@ -0,0 +1,235 @@ +'use strict' + +const fetch = require('minipass-fetch') +const cacache = require('cacache') +const ssri = require('ssri') +const url = require('url') + +const Minipass = require('minipass') +const MinipassFlush = require('minipass-flush') +const MinipassCollect = require('minipass-collect') +const MinipassPipeline = require('minipass-pipeline') + +const MAX_MEM_SIZE = 5 * 1024 * 1024 // 5MB + +function cacheKey (req) { + const parsed = new url.URL(req.url) + return `make-fetch-happen:request-cache:${ + url.format({ + protocol: parsed.protocol, + slashes: true, + port: parsed.port, + hostname: parsed.hostname, + pathname: parsed.pathname + }) + }` +} + +// This is a cacache-based implementation of the Cache standard, +// using node-fetch. +// docs: https://developer.mozilla.org/en-US/docs/Web/API/Cache +// +module.exports = class Cache { + constructor (path, opts) { + this._path = path + this.Promise = (opts && opts.Promise) || Promise + } + + // Returns a Promise that resolves to the response associated with the first + // matching request in the Cache object. + match (req, opts) { + const key = cacheKey(req) + return cacache.get.info(this._path, key).then(info => { + return info && cacache.get.hasContent( + this._path, info.integrity, opts + ).then(exists => exists && info) + }).then(info => { + if (info && info.metadata && matchDetails(req, { + url: info.metadata.url, + reqHeaders: new fetch.Headers(info.metadata.reqHeaders), + resHeaders: new fetch.Headers(info.metadata.resHeaders), + cacheIntegrity: info.integrity, + integrity: opts && opts.integrity + })) { + const resHeaders = new fetch.Headers(info.metadata.resHeaders) + addCacheHeaders(resHeaders, this._path, key, info.integrity, info.time) + if (req.method === 'HEAD') { + return new fetch.Response(null, { + url: req.url, + headers: resHeaders, + status: 200 + }) + } + const cachePath = this._path + // avoid opening cache file handles until a user actually tries to + // read from it. + const body = new Minipass() + const fitInMemory = info.size < MAX_MEM_SIZE + const removeOnResume = () => body.removeListener('resume', onResume) + const onResume = + opts.memoize !== false && fitInMemory + ? () => { + const c = cacache.get.stream.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }) + c.on('error', /* istanbul ignore next */ err => { + body.emit('error', err) + }) + c.pipe(body) + } + : () => { + removeOnResume() + cacache.get.byDigest(cachePath, info.integrity, { + memoize: opts.memoize + }) + .then(data => body.end(data)) + .catch(/* istanbul ignore next */ err => { + body.emit('error', err) + }) + } + body.once('resume', onResume) + body.once('end', () => removeOnResume) + return this.Promise.resolve(new fetch.Response(body, { + url: req.url, + headers: resHeaders, + status: 200, + size: info.size + })) + } + }) + } + + // Takes both a request and its response and adds it to the given cache. + put (req, response, opts) { + opts = opts || {} + const size = response.headers.get('content-length') + const fitInMemory = !!size && opts.memoize !== false && size < MAX_MEM_SIZE + const ckey = cacheKey(req) + const cacheOpts = { + algorithms: opts.algorithms, + metadata: { + url: req.url, + reqHeaders: req.headers.raw(), + resHeaders: response.headers.raw() + }, + size, + memoize: fitInMemory && opts.memoize + } + if (req.method === 'HEAD' || response.status === 304) { + // Update metadata without writing + return cacache.get.info(this._path, ckey).then(info => { + // Providing these will bypass content write + cacheOpts.integrity = info.integrity + addCacheHeaders( + response.headers, this._path, ckey, info.integrity, info.time + ) + + return new MinipassPipeline( + cacache.get.stream.byDigest(this._path, info.integrity, cacheOpts), + cacache.put.stream(this._path, ckey, cacheOpts) + ).promise().then(() => { + return response + }) + }) + } + const oldBody = response.body + // the flush is the last thing in the pipeline. Build the pipeline + // back-to-front so we don't consume the data before we use it! + // We unshift in either a tee-stream to the cache put stream, + // or a collecter that dumps it to cache in one go, then the + // old body to bring in the data. + const newBody = new MinipassPipeline(new MinipassFlush({ + flush () { + return cacheWritePromise + } + })) + + let cacheWriteResolve, cacheWriteReject + const cacheWritePromise = new Promise((resolve, reject) => { + cacheWriteResolve = resolve + cacheWriteReject = reject + }) + const cachePath = this._path + + if (fitInMemory) { + const collecter = new MinipassCollect.PassThrough() + collecter.on('collect', data => { + cacache.put( + cachePath, + ckey, + data, + cacheOpts + ).then(cacheWriteResolve, cacheWriteReject) + }) + newBody.unshift(collecter) + } else { + const tee = new Minipass() + const cacheStream = cacache.put.stream( + cachePath, + ckey, + cacheOpts + ) + tee.pipe(cacheStream) + cacheStream.promise().then(cacheWriteResolve, cacheWriteReject) + newBody.unshift(tee) + } + + newBody.unshift(oldBody) + return Promise.resolve(new fetch.Response(newBody, response)) + } + + // Finds the Cache entry whose key is the request, and if found, deletes the + // Cache entry and returns a Promise that resolves to true. If no Cache entry + // is found, it returns false. + 'delete' (req, opts) { + opts = opts || {} + if (typeof opts.memoize === 'object') { + if (opts.memoize.reset) { + opts.memoize.reset() + } else if (opts.memoize.clear) { + opts.memoize.clear() + } else { + Object.keys(opts.memoize).forEach(k => { + opts.memoize[k] = null + }) + } + } + return cacache.rm.entry( + this._path, + cacheKey(req) + // TODO - true/false + ).then(() => false) + } +} + +function matchDetails (req, cached) { + const reqUrl = new url.URL(req.url) + const cacheUrl = new url.URL(cached.url) + const vary = cached.resHeaders.get('Vary') + // https://tools.ietf.org/html/rfc7234#section-4.1 + if (vary) { + if (vary.match(/\*/)) { + return false + } else { + const fieldsMatch = vary.split(/\s*,\s*/).every(field => { + return cached.reqHeaders.get(field) === req.headers.get(field) + }) + if (!fieldsMatch) { + return false + } + } + } + if (cached.integrity) { + return ssri.parse(cached.integrity).match(cached.cacheIntegrity) + } + reqUrl.hash = null + cacheUrl.hash = null + return url.format(reqUrl) === url.format(cacheUrl) +} + +function addCacheHeaders (resHeaders, path, key, hash, time) { + resHeaders.set('X-Local-Cache', encodeURIComponent(path)) + resHeaders.set('X-Local-Cache-Key', encodeURIComponent(key)) + resHeaders.set('X-Local-Cache-Hash', encodeURIComponent(hash)) + resHeaders.set('X-Local-Cache-Time', new Date(time).toUTCString()) +} diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/index.js b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/index.js new file mode 100644 index 000000000..de81de81b --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/index.js @@ -0,0 +1,444 @@ +'use strict' + +const url = require('url') +const fetch = require('minipass-fetch') +const pkg = require('./package.json') +const retry = require('promise-retry') +let ssri + +const Minipass = require('minipass') +const MinipassPipeline = require('minipass-pipeline') +const getAgent = require('./agent') +const setWarning = require('./warning') + +const configureOptions = require('./utils/configure-options') +const iterableToObject = require('./utils/iterable-to-object') +const makePolicy = require('./utils/make-policy') + +const isURL = /^https?:/ +const USER_AGENT = `${pkg.name}/${pkg.version} (+https://npm.im/${pkg.name})` + +const RETRY_ERRORS = [ + 'ECONNRESET', // remote socket closed on us + 'ECONNREFUSED', // remote host refused to open connection + 'EADDRINUSE', // failed to bind to a local port (proxy?) + 'ETIMEDOUT' // someone in the transaction is WAY TOO SLOW + // Known codes we do NOT retry on: + // ENOTFOUND (getaddrinfo failure. Either bad hostname, or offline) +] + +const RETRY_TYPES = [ + 'request-timeout' +] + +// https://fetch.spec.whatwg.org/#http-network-or-cache-fetch +module.exports = cachingFetch +cachingFetch.defaults = function (_uri, _opts) { + const fetch = this + if (typeof _uri === 'object') { + _opts = _uri + _uri = null + } + + function defaultedFetch (uri, opts) { + const finalOpts = Object.assign({}, _opts || {}, opts || {}) + return fetch(uri || _uri, finalOpts) + } + + defaultedFetch.defaults = fetch.defaults + defaultedFetch.delete = fetch.delete + return defaultedFetch +} + +cachingFetch.delete = cacheDelete +function cacheDelete (uri, opts) { + opts = configureOptions(opts) + if (opts.cacheManager) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + return opts.cacheManager.delete(req, opts) + } +} + +function initializeSsri () { + if (!ssri) { + ssri = require('ssri') + } +} + +function cachingFetch (uri, _opts) { + const opts = configureOptions(_opts) + + if (opts.integrity) { + initializeSsri() + // if verifying integrity, fetch must not decompress + opts.compress = false + } + + const isCachable = ( + ( + opts.method === 'GET' || + opts.method === 'HEAD' + ) && + Boolean(opts.cacheManager) && + opts.cache !== 'no-store' && + opts.cache !== 'reload' + ) + + if (isCachable) { + const req = new fetch.Request(uri, { + method: opts.method, + headers: opts.headers + }) + + return opts.cacheManager.match(req, opts).then(res => { + if (res) { + const warningCode = (res.headers.get('Warning') || '').match(/^\d+/) + if (warningCode && +warningCode >= 100 && +warningCode < 200) { + // https://tools.ietf.org/html/rfc7234#section-4.3.4 + // + // If a stored response is selected for update, the cache MUST: + // + // * delete any Warning header fields in the stored response with + // warn-code 1xx (see Section 5.5); + // + // * retain any Warning header fields in the stored response with + // warn-code 2xx; + // + res.headers.delete('Warning') + } + + if (opts.cache === 'default' && !isStale(req, res)) { + return res + } + + if (opts.cache === 'default' || opts.cache === 'no-cache') { + return conditionalFetch(req, res, opts) + } + + if (opts.cache === 'force-cache' || opts.cache === 'only-if-cached') { + // 112 Disconnected operation + // SHOULD be included if the cache is intentionally disconnected from + // the rest of the network for a period of time. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(res, 112, 'Disconnected operation') + return res + } + } + + if (!res && opts.cache === 'only-if-cached') { + const errorMsg = `request to ${ + uri + } failed: cache mode is 'only-if-cached' but no cached response available.` + + const err = new Error(errorMsg) + err.code = 'ENOTCACHED' + throw err + } + + // Missing cache entry, or mode is default (if stale), reload, no-store + return remoteFetch(req.url, opts) + }) + } + return remoteFetch(uri, opts) +} + +// https://tools.ietf.org/html/rfc7234#section-4.2 +function isStale (req, res) { + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + + const policy = makePolicy(req, res) + + const responseTime = res.headers.get('x-local-cache-time') || + /* istanbul ignore next - would be weird to get a 'stale' + * response that didn't come from cache with a cache time header */ + (res.headers.get('date') || 0) + + policy._responseTime = new Date(responseTime) + + const bool = !policy.satisfiesWithoutRevalidation(_req) + const headers = policy.responseHeaders() + if (headers.warning && /^113\b/.test(headers.warning)) { + // Possible to pick up a rfc7234 warning at this point. + // This is kind of a weird place to stick this, should probably go + // in cachingFetch. But by putting it here, we save an extra + // CachePolicy object construction. + res.headers.append('warning', headers.warning) + } + return bool +} + +function mustRevalidate (res) { + return (res.headers.get('cache-control') || '').match(/must-revalidate/i) +} + +function conditionalFetch (req, cachedRes, opts) { + const _req = { + url: req.url, + method: req.method, + headers: Object.assign({}, opts.headers || {}) + } + + const policy = makePolicy(req, cachedRes) + opts.headers = policy.revalidationHeaders(_req) + + return remoteFetch(req.url, opts) + .then(condRes => { + const revalidatedPolicy = policy.revalidatedPolicy(_req, { + status: condRes.status, + headers: iterableToObject(condRes.headers) + }) + + if (condRes.status >= 500 && !mustRevalidate(cachedRes)) { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + return cachedRes + } + + if (condRes.status === 304) { // 304 Not Modified + // Create a synthetic response from the cached body and original req + const synthRes = new fetch.Response(cachedRes.body, condRes) + return opts.cacheManager.put(req, synthRes, opts) + .then(newRes => { + // Get the list first, because if we delete while iterating, + // it'll throw off the count and not make it through all + // of them. + const newHeaders = revalidatedPolicy.policy.responseHeaders() + const toDelete = [...newRes.headers.keys()] + .filter(k => !newHeaders[k]) + for (const key of toDelete) { + newRes.headers.delete(key) + } + for (const [key, val] of Object.entries(newHeaders)) { + newRes.headers.set(key, val) + } + return newRes + }) + } + + return condRes + }) + .then(res => res) + .catch(err => { + if (mustRevalidate(cachedRes)) { + throw err + } else { + // 111 Revalidation failed + // MUST be included if a cache returns a stale response because an + // attempt to revalidate the response failed, due to an inability to + // reach the server. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning(cachedRes, 111, 'Revalidation failed') + // 199 Miscellaneous warning + // The warning text MAY include arbitrary information to be presented to + // a human user, or logged. A system receiving this warning MUST NOT take + // any automated action, besides presenting the warning to the user. + // (https://tools.ietf.org/html/rfc2616#section-14.46) + setWarning( + cachedRes, + 199, + `Miscellaneous Warning ${err.code}: ${err.message}` + ) + + return cachedRes + } + }) +} + +function remoteFetchHandleIntegrity (res, integrity) { + const oldBod = res.body + const newBod = ssri.integrityStream({ + integrity + }) + return new fetch.Response(new MinipassPipeline(oldBod, newBod), res) +} + +function remoteFetch (uri, opts) { + const agent = getAgent(uri, opts) + const headers = Object.assign({ + connection: agent ? 'keep-alive' : 'close', + 'user-agent': USER_AGENT + }, opts.headers || {}) + + const reqOpts = { + agent, + body: opts.body, + compress: opts.compress, + follow: opts.follow, + headers: new fetch.Headers(headers), + method: opts.method, + redirect: 'manual', + size: opts.size, + counter: opts.counter, + timeout: opts.timeout + } + + return retry( + (retryHandler, attemptNum) => { + const req = new fetch.Request(uri, reqOpts) + return fetch(req) + .then((res) => { + if (opts.integrity) { + res = remoteFetchHandleIntegrity(res, opts.integrity) + } + + res.headers.set('x-fetch-attempts', attemptNum) + + const isStream = Minipass.isStream(req.body) + + if (opts.cacheManager) { + const isMethodGetHead = ( + req.method === 'GET' || + req.method === 'HEAD' + ) + + const isCachable = ( + opts.cache !== 'no-store' && + isMethodGetHead && + makePolicy(req, res).storable() && + res.status === 200 // No other statuses should be stored! + ) + + if (isCachable) { + return opts.cacheManager.put(req, res, opts) + } + + if (!isMethodGetHead) { + return opts.cacheManager.delete(req).then(() => { + if (res.status >= 500 && req.method !== 'POST' && !isStream) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + return res + }) + } + } + + const isRetriable = ( + req.method !== 'POST' && + !isStream && + ( + res.status === 408 || // Request Timeout + res.status === 420 || // Enhance Your Calm (usually Twitter rate-limit) + res.status === 429 || // Too Many Requests ("standard" rate-limiting) + res.status >= 500 // Assume server errors are momentary hiccups + ) + ) + + if (isRetriable) { + if (typeof opts.onRetry === 'function') { + opts.onRetry(res) + } + + return retryHandler(res) + } + + if (!fetch.isRedirect(res.status)) { + return res + } + if (opts.redirect === 'manual') { + return res + } + // if (!fetch.isRedirect(res.status) || opts.redirect === 'manual') { + // return res + // } + + // handle redirects - matches behavior of fetch: https://github.com/bitinn/node-fetch + if (opts.redirect === 'error') { + const err = new fetch.FetchError(`redirect mode is set to error: ${uri}`, 'no-redirect', { code: 'ENOREDIRECT' }) + throw err + } + + if (!res.headers.get('location')) { + const err = new fetch.FetchError(`redirect location header missing at: ${uri}`, 'no-location', { code: 'EINVALIDREDIRECT' }) + throw err + } + + if (req.counter >= req.follow) { + const err = new fetch.FetchError(`maximum redirect reached at: ${uri}`, 'max-redirect', { code: 'EMAXREDIRECT' }) + throw err + } + + const resolvedUrlParsed = new url.URL(res.headers.get('location'), req.url) + const resolvedUrl = url.format(resolvedUrlParsed) + const redirectURL = (isURL.test(res.headers.get('location'))) + ? new url.URL(res.headers.get('location')) + : resolvedUrlParsed + + // Remove authorization if changing hostnames (but not if just + // changing ports or protocols). This matches the behavior of request: + // https://github.com/request/request/blob/b12a6245/lib/redirect.js#L134-L138 + if (new url.URL(req.url).hostname !== redirectURL.hostname) { + req.headers.delete('authorization') + } + + // for POST request with 301/302 response, or any request with 303 response, + // use GET when following redirect + if ( + res.status === 303 || + ( + req.method === 'POST' && + ( + res.status === 301 || + res.status === 302 + ) + ) + ) { + opts.method = 'GET' + opts.body = null + req.headers.delete('content-length') + } + + opts.headers = {} + req.headers.forEach((value, name) => { + opts.headers[name] = value + }) + + opts.counter = ++req.counter + return cachingFetch(resolvedUrl, opts) + }) + .catch(err => { + const code = (err.code === 'EPROMISERETRY') + ? err.retried.code + : err.code + + const isRetryError = ( + RETRY_ERRORS.indexOf(code) === -1 && + RETRY_TYPES.indexOf(err.type) === -1 + ) + + if (req.method === 'POST' || isRetryError) { + throw err + } + + if (typeof opts.onRetry === 'function') { + opts.onRetry(err) + } + + return retryHandler(err) + }) + }, + opts.retry + ).catch(err => { + if (err.status >= 400 && err.type !== 'system') { + // this is an HTTP response "error" that we care about + return err + } + + throw err + }) +} diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/package.json b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/package.json new file mode 100644 index 000000000..aec9d77fa --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/package.json @@ -0,0 +1,98 @@ +{ + "_from": "make-fetch-happen@^7.1.0", + "_id": "make-fetch-happen@7.1.1", + "_inBundle": false, + "_integrity": "sha512-7fNjiOXNZhNGQzG5P15nU97aZQtzPU2GVgVd7pnqnl5gnpLzMAD8bAe5YG4iW2s0PTqaZy9xGv4Wfqe872kRNQ==", + "_location": "/npm-registry-fetch/make-fetch-happen", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "make-fetch-happen@^7.1.0", + "name": "make-fetch-happen", + "escapedName": "make-fetch-happen", + "rawSpec": "^7.1.0", + "saveSpec": null, + "fetchSpec": "^7.1.0" + }, + "_requiredBy": [ + "/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-7.1.1.tgz", + "_shasum": "89ac8112eaa9d4361541deb591329e9238a531b1", + "_spec": "make-fetch-happen@^7.1.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch", + "author": { + "name": "Kat Marchán", + "email": "kzm@zkat.tech" + }, + "bugs": { + "url": "https://github.com/npm/make-fetch-happen/issues" + }, + "bundleDependencies": false, + "dependencies": { + "agentkeepalive": "^4.1.0", + "cacache": "^14.0.0", + "http-cache-semantics": "^4.0.3", + "http-proxy-agent": "^3.0.0", + "https-proxy-agent": "^4.0.0", + "is-lambda": "^1.0.1", + "lru-cache": "^5.1.1", + "minipass": "^3.0.0", + "minipass-collect": "^1.0.2", + "minipass-fetch": "^1.1.2", + "minipass-flush": "^1.0.5", + "minipass-pipeline": "^1.2.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^7.0.1" + }, + "deprecated": false, + "description": "Opinionated, caching, retrying fetch client", + "devDependencies": { + "mkdirp": "^1.0.3", + "nock": "^11.7.0", + "npmlog": "^4.1.2", + "require-inject": "^1.4.2", + "rimraf": "^2.7.1", + "safe-buffer": "^5.2.0", + "standard": "^14.3.1", + "standard-version": "^7.0.1", + "tacks": "^1.2.6", + "tap": "^14.10.2" + }, + "engines": { + "node": ">= 10" + }, + "files": [ + "*.js", + "lib", + "utils" + ], + "homepage": "https://github.com/npm/make-fetch-happen#readme", + "keywords": [ + "http", + "request", + "fetch", + "mean girls", + "caching", + "cache", + "subresource integrity" + ], + "license": "ISC", + "main": "index.js", + "name": "make-fetch-happen", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/make-fetch-happen.git" + }, + "scripts": { + "postrelease": "npm publish", + "posttest": "standard", + "prepublishOnly": "git push --follow-tags", + "prerelease": "npm t", + "release": "standard-version -s", + "test": "tap test/*.js" + }, + "version": "7.1.1" +} diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/configure-options.js b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/configure-options.js new file mode 100644 index 000000000..d55fec439 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/configure-options.js @@ -0,0 +1,33 @@ +'use strict' + +const initializeCache = require('./initialize-cache') + +module.exports = function configureOptions (_opts) { + const opts = Object.assign({}, _opts || {}) + opts.method = (opts.method || 'GET').toUpperCase() + + if (!opts.retry) { + // opts.retry was falsy; set default + opts.retry = { retries: 0 } + } else { + if (typeof opts.retry !== 'object') { + // Shorthand + if (typeof opts.retry === 'number') { + opts.retry = { retries: opts.retry } + } + if (typeof opts.retry === 'string') { + const value = parseInt(opts.retry, 10) + opts.retry = (value) ? { retries: value } : { retries: 0 } + } + } else { + // Set default retries + opts.retry = Object.assign({}, { retries: 0 }, opts.retry) + } + } + + if (opts.cacheManager) { + initializeCache(opts) + } + + return opts +} diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/initialize-cache.js b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/initialize-cache.js new file mode 100644 index 000000000..9f96bf562 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/initialize-cache.js @@ -0,0 +1,26 @@ +'use strict' + +const isHeaderConditional = require('./is-header-conditional') +// Default cacache-based cache +const Cache = require('../cache') + +module.exports = function initializeCache (opts) { + /** + * NOTE: `opts.cacheManager` is the path to cache + * We're making the assumption that if `opts.cacheManager` *isn't* a string, + * it's a cache object + */ + if (typeof opts.cacheManager === 'string') { + // Need to make a cache object + opts.cacheManager = new Cache(opts.cacheManager, opts) + } + + opts.cache = opts.cache || 'default' + + if (opts.cache === 'default' && isHeaderConditional(opts.headers)) { + // If header list contains `If-Modified-Since`, `If-None-Match`, + // `If-Unmodified-Since`, `If-Match`, or `If-Range`, fetch will set cache + // mode to "no-store" if it is "default". + opts.cache = 'no-store' + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/is-header-conditional.js b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/is-header-conditional.js new file mode 100644 index 000000000..c2e70d5ea --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/is-header-conditional.js @@ -0,0 +1,18 @@ +'use strict' + +module.exports = function isHeaderConditional (headers) { + if (!headers || typeof headers !== 'object') { + return false + } + + const modifiers = [ + 'if-modified-since', + 'if-none-match', + 'if-unmodified-since', + 'if-match', + 'if-range' + ] + + return Object.keys(headers) + .some(h => modifiers.indexOf(h.toLowerCase()) !== -1) +} diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/iterable-to-object.js b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/iterable-to-object.js new file mode 100644 index 000000000..6b844c4f2 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/iterable-to-object.js @@ -0,0 +1,9 @@ +'use strict' + +module.exports = function iterableToObject (iter) { + const obj = {} + for (const k of iter.keys()) { + obj[k] = iter.get(k) + } + return obj +} diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/make-policy.js b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/make-policy.js new file mode 100644 index 000000000..b7dd3d29a --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/utils/make-policy.js @@ -0,0 +1,19 @@ +'use strict' + +const CachePolicy = require('http-cache-semantics') + +const iterableToObject = require('./iterable-to-object') + +module.exports = function makePolicy (req, res) { + const _req = { + url: req.url, + method: req.method, + headers: iterableToObject(req.headers) + } + const _res = { + status: res.status, + headers: iterableToObject(res.headers) + } + + return new CachePolicy(_req, _res, { shared: false }) +} diff --git a/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/warning.js b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/warning.js new file mode 100644 index 000000000..2b9602471 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/make-fetch-happen/warning.js @@ -0,0 +1,24 @@ +const url = require('url') + +module.exports = setWarning + +function setWarning (reqOrRes, code, message, replace) { + // Warning = "Warning" ":" 1#warning-value + // warning-value = warn-code SP warn-agent SP warn-text [SP warn-date] + // warn-code = 3DIGIT + // warn-agent = ( host [ ":" port ] ) | pseudonym + // ; the name or pseudonym of the server adding + // ; the Warning header, for use in debugging + // warn-text = quoted-string + // warn-date = <"> HTTP-date <"> + // (https://tools.ietf.org/html/rfc2616#section-14.46) + const host = new url.URL(reqOrRes.url).host + const jsonMessage = JSON.stringify(message) + const jsonDate = JSON.stringify(new Date().toUTCString()) + const header = replace ? 'set' : 'append' + + reqOrRes.headers[header]( + 'Warning', + `${code} ${host} ${jsonMessage} ${jsonDate}` + ) +} diff --git a/node_modules/npm-registry-fetch/node_modules/minipass/LICENSE b/node_modules/npm-registry-fetch/node_modules/minipass/LICENSE new file mode 100644 index 000000000..20a476254 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/minipass/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) npm, Inc. and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/minipass/README.md b/node_modules/npm-registry-fetch/node_modules/minipass/README.md new file mode 100644 index 000000000..32ace2fb9 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/minipass/README.md @@ -0,0 +1,606 @@ +# minipass + +A _very_ minimal implementation of a [PassThrough +stream](https://nodejs.org/api/stream.html#stream_class_stream_passthrough) + +[It's very +fast](https://docs.google.com/spreadsheets/d/1oObKSrVwLX_7Ut4Z6g3fZW-AX1j1-k6w-cDsrkaSbHM/edit#gid=0) +for objects, strings, and buffers. + +Supports pipe()ing (including multi-pipe() and backpressure transmission), +buffering data until either a `data` event handler or `pipe()` is added (so +you don't lose the first chunk), and most other cases where PassThrough is +a good idea. + +There is a `read()` method, but it's much more efficient to consume data +from this stream via `'data'` events or by calling `pipe()` into some other +stream. Calling `read()` requires the buffer to be flattened in some +cases, which requires copying memory. + +There is also no `unpipe()` method. Once you start piping, there is no +stopping it! + +If you set `objectMode: true` in the options, then whatever is written will +be emitted. Otherwise, it'll do a minimal amount of Buffer copying to +ensure proper Streams semantics when `read(n)` is called. + +`objectMode` can also be set by doing `stream.objectMode = true`, or by +writing any non-string/non-buffer data. `objectMode` cannot be set to +false once it is set. + +This is not a `through` or `through2` stream. It doesn't transform the +data, it just passes it right through. If you want to transform the data, +extend the class, and override the `write()` method. Once you're done +transforming the data however you want, call `super.write()` with the +transform output. + +For some examples of streams that extend Minipass in various ways, check +out: + +- [minizlib](http://npm.im/minizlib) +- [fs-minipass](http://npm.im/fs-minipass) +- [tar](http://npm.im/tar) +- [minipass-collect](http://npm.im/minipass-collect) +- [minipass-flush](http://npm.im/minipass-flush) +- [minipass-pipeline](http://npm.im/minipass-pipeline) +- [tap](http://npm.im/tap) +- [tap-parser](http://npm.im/tap) +- [treport](http://npm.im/tap) +- [minipass-fetch](http://npm.im/minipass-fetch) + +## Differences from Node.js Streams + +There are several things that make Minipass streams different from (and in +some ways superior to) Node.js core streams. + +Please read these caveats if you are familiar with noode-core streams and +intend to use Minipass streams in your programs. + +### Timing + +Minipass streams are designed to support synchronous use-cases. Thus, data +is emitted as soon as it is available, always. It is buffered until read, +but no longer. Another way to look at it is that Minipass streams are +exactly as synchronous as the logic that writes into them. + +This can be surprising if your code relies on `PassThrough.write()` always +providing data on the next tick rather than the current one, or being able +to call `resume()` and not have the entire buffer disappear immediately. + +However, without this synchronicity guarantee, there would be no way for +Minipass to achieve the speeds it does, or support the synchronous use +cases that it does. Simply put, waiting takes time. + +This non-deferring approach makes Minipass streams much easier to reason +about, especially in the context of Promises and other flow-control +mechanisms. + +### No High/Low Water Marks + +Node.js core streams will optimistically fill up a buffer, returning `true` +on all writes until the limit is hit, even if the data has nowhere to go. +Then, they will not attempt to draw more data in until the buffer size dips +below a minimum value. + +Minipass streams are much simpler. The `write()` method will return `true` +if the data has somewhere to go (which is to say, given the timing +guarantees, that the data is already there by the time `write()` returns). + +If the data has nowhere to go, then `write()` returns false, and the data +sits in a buffer, to be drained out immediately as soon as anyone consumes +it. + +### Hazards of Buffering (or: Why Minipass Is So Fast) + +Since data written to a Minipass stream is immediately written all the way +through the pipeline, and `write()` always returns true/false based on +whether the data was fully flushed, backpressure is communicated +immediately to the upstream caller. This minimizes buffering. + +Consider this case: + +```js +const {PassThrough} = require('stream') +const p1 = new PassThrough({ highWaterMark: 1024 }) +const p2 = new PassThrough({ highWaterMark: 1024 }) +const p3 = new PassThrough({ highWaterMark: 1024 }) +const p4 = new PassThrough({ highWaterMark: 1024 }) + +p1.pipe(p2).pipe(p3).pipe(p4) +p4.on('data', () => console.log('made it through')) + +// this returns false and buffers, then writes to p2 on next tick (1) +// p2 returns false and buffers, pausing p1, then writes to p3 on next tick (2) +// p3 returns false and buffers, pausing p2, then writes to p4 on next tick (3) +// p4 returns false and buffers, pausing p3, then emits 'data' and 'drain' +// on next tick (4) +// p3 sees p4's 'drain' event, and calls resume(), emitting 'resume' and +// 'drain' on next tick (5) +// p2 sees p3's 'drain', calls resume(), emits 'resume' and 'drain' on next tick (6) +// p1 sees p2's 'drain', calls resume(), emits 'resume' and 'drain' on next +// tick (7) + +p1.write(Buffer.alloc(2048)) // returns false +``` + +Along the way, the data was buffered and deferred at each stage, and +multiple event deferrals happened, for an unblocked pipeline where it was +perfectly safe to write all the way through! + +Furthermore, setting a `highWaterMark` of `1024` might lead someone reading +the code to think an advisory maximum of 1KiB is being set for the +pipeline. However, the actual advisory buffering level is the _sum_ of +`highWaterMark` values, since each one has its own bucket. + +Consider the Minipass case: + +```js +const m1 = new Minipass() +const m2 = new Minipass() +const m3 = new Minipass() +const m4 = new Minipass() + +m1.pipe(m2).pipe(m3).pipe(m4) +m4.on('data', () => console.log('made it through')) + +// m1 is flowing, so it writes the data to m2 immediately +// m2 is flowing, so it writes the data to m3 immediately +// m3 is flowing, so it writes the data to m4 immediately +// m4 is flowing, so it fires the 'data' event immediately, returns true +// m4's write returned true, so m3 is still flowing, returns true +// m3's write returned true, so m2 is still flowing, returns true +// m2's write returned true, so m1 is still flowing, returns true +// No event deferrals or buffering along the way! + +m1.write(Buffer.alloc(2048)) // returns true +``` + +It is extremely unlikely that you _don't_ want to buffer any data written, +or _ever_ buffer data that can be flushed all the way through. Neither +node-core streams nor Minipass ever fail to buffer written data, but +node-core streams do a lot of unnecessary buffering and pausing. + +As always, the faster implementation is the one that does less stuff and +waits less time to do it. + +### Immediately emit `end` for empty streams (when not paused) + +If a stream is not paused, and `end()` is called before writing any data +into it, then it will emit `end` immediately. + +If you have logic that occurs on the `end` event which you don't want to +potentially happen immediately (for example, closing file descriptors, +moving on to the next entry in an archive parse stream, etc.) then be sure +to call `stream.pause()` on creation, and then `stream.resume()` once you +are ready to respond to the `end` event. + +### Emit `end` When Asked + +One hazard of immediately emitting `'end'` is that you may not yet have had +a chance to add a listener. In order to avoid this hazard, Minipass +streams safely re-emit the `'end'` event if a new listener is added after +`'end'` has been emitted. + +Ie, if you do `stream.on('end', someFunction)`, and the stream has already +emitted `end`, then it will call the handler right away. (You can think of +this somewhat like attaching a new `.then(fn)` to a previously-resolved +Promise.) + +To prevent calling handlers multiple times who would not expect multiple +ends to occur, all listeners are removed from the `'end'` event whenever it +is emitted. + +### Impact of "immediate flow" on Tee-streams + +A "tee stream" is a stream piping to multiple destinations: + +```js +const tee = new Minipass() +t.pipe(dest1) +t.pipe(dest2) +t.write('foo') // goes to both destinations +``` + +Since Minipass streams _immediately_ process any pending data through the +pipeline when a new pipe destination is added, this can have surprising +effects, especially when a stream comes in from some other function and may +or may not have data in its buffer. + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.pipe(dest1) // 'foo' chunk flows to dest1 immediately, and is gone +src.pipe(dest2) // gets nothing! +``` + +The solution is to create a dedicated tee-stream junction that pipes to +both locations, and then pipe to _that_ instead. + +```js +// Safe example: tee to both places +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.pipe(dest1) +tee.pipe(dest2) +stream.pipe(tee) // tee gets 'foo', pipes to both locations +``` + +The same caveat applies to `on('data')` event listeners. The first one +added will _immediately_ receive all of the data, leaving nothing for the +second: + +```js +// WARNING! WILL LOSE DATA! +const src = new Minipass() +src.write('foo') +src.on('data', handler1) // receives 'foo' right away +src.on('data', handler2) // nothing to see here! +``` + +Using a dedicated tee-stream can be used in this case as well: + +```js +// Safe example: tee to both data handlers +const src = new Minipass() +src.write('foo') +const tee = new Minipass() +tee.on('data', handler1) +tee.on('data', handler2) +src.pipe(tee) +``` + +## USAGE + +It's a stream! Use it like a stream and it'll most likely do what you +want. + +```js +const Minipass = require('minipass') +const mp = new Minipass(options) // optional: { encoding, objectMode } +mp.write('foo') +mp.pipe(someOtherStream) +mp.end('bar') +``` + +### OPTIONS + +* `encoding` How would you like the data coming _out_ of the stream to be + encoded? Accepts any values that can be passed to `Buffer.toString()`. +* `objectMode` Emit data exactly as it comes in. This will be flipped on + by default if you write() something other than a string or Buffer at any + point. Setting `objectMode: true` will prevent setting any encoding + value. + +### API + +Implements the user-facing portions of Node.js's `Readable` and `Writable` +streams. + +### Methods + +* `write(chunk, [encoding], [callback])` - Put data in. (Note that, in the + base Minipass class, the same data will come out.) Returns `false` if + the stream will buffer the next write, or true if it's still in "flowing" + mode. +* `end([chunk, [encoding]], [callback])` - Signal that you have no more + data to write. This will queue an `end` event to be fired when all the + data has been consumed. +* `setEncoding(encoding)` - Set the encoding for data coming of the stream. + This can only be done once. +* `pause()` - No more data for a while, please. This also prevents `end` + from being emitted for empty streams until the stream is resumed. +* `resume()` - Resume the stream. If there's data in the buffer, it is all + discarded. Any buffered events are immediately emitted. +* `pipe(dest)` - Send all output to the stream provided. There is no way + to unpipe. When data is emitted, it is immediately written to any and + all pipe destinations. +* `on(ev, fn)`, `emit(ev, fn)` - Minipass streams are EventEmitters. Some + events are given special treatment, however. (See below under "events".) +* `promise()` - Returns a Promise that resolves when the stream emits + `end`, or rejects if the stream emits `error`. +* `collect()` - Return a Promise that resolves on `end` with an array + containing each chunk of data that was emitted, or rejects if the stream + emits `error`. Note that this consumes the stream data. +* `concat()` - Same as `collect()`, but concatenates the data into a single + Buffer object. Will reject the returned promise if the stream is in + objectMode, or if it goes into objectMode by the end of the data. +* `read(n)` - Consume `n` bytes of data out of the buffer. If `n` is not + provided, then consume all of it. If `n` bytes are not available, then + it returns null. **Note** consuming streams in this way is less + efficient, and can lead to unnecessary Buffer copying. +* `destroy([er])` - Destroy the stream. If an error is provided, then an + `'error'` event is emitted. If the stream has a `close()` method, and + has not emitted a `'close'` event yet, then `stream.close()` will be + called. Any Promises returned by `.promise()`, `.collect()` or + `.concat()` will be rejected. After being destroyed, writing to the + stream will emit an error. No more data will be emitted if the stream is + destroyed, even if it was previously buffered. + +### Properties + +* `bufferLength` Read-only. Total number of bytes buffered, or in the case + of objectMode, the total number of objects. +* `encoding` The encoding that has been set. (Setting this is equivalent + to calling `setEncoding(enc)` and has the same prohibition against + setting multiple times.) +* `flowing` Read-only. Boolean indicating whether a chunk written to the + stream will be immediately emitted. +* `emittedEnd` Read-only. Boolean indicating whether the end-ish events + (ie, `end`, `prefinish`, `finish`) have been emitted. Note that + listening on any end-ish event will immediateyl re-emit it if it has + already been emitted. +* `writable` Whether the stream is writable. Default `true`. Set to + `false` when `end()` +* `readable` Whether the stream is readable. Default `true`. +* `buffer` A [yallist](http://npm.im/yallist) linked list of chunks written + to the stream that have not yet been emitted. (It's probably a bad idea + to mess with this.) +* `pipes` A [yallist](http://npm.im/yallist) linked list of streams that + this stream is piping into. (It's probably a bad idea to mess with + this.) +* `destroyed` A getter that indicates whether the stream was destroyed. +* `paused` True if the stream has been explicitly paused, otherwise false. +* `objectMode` Indicates whether the stream is in `objectMode`. Once set + to `true`, it cannot be set to `false`. + +### Events + +* `data` Emitted when there's data to read. Argument is the data to read. + This is never emitted while not flowing. If a listener is attached, that + will resume the stream. +* `end` Emitted when there's no more data to read. This will be emitted + immediately for empty streams when `end()` is called. If a listener is + attached, and `end` was already emitted, then it will be emitted again. + All listeners are removed when `end` is emitted. +* `prefinish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'end'`. +* `finish` An end-ish event that follows the same logic as `end` and is + emitted in the same conditions where `end` is emitted. Emitted after + `'prefinish'`. +* `close` An indication that an underlying resource has been released. + Minipass does not emit this event, but will defer it until after `end` + has been emitted, since it throws off some stream libraries otherwise. +* `drain` Emitted when the internal buffer empties, and it is again + suitable to `write()` into the stream. +* `readable` Emitted when data is buffered and ready to be read by a + consumer. +* `resume` Emitted when stream changes state from buffering to flowing + mode. (Ie, when `resume` is called, `pipe` is called, or a `data` event + listener is added.) + +### Static Methods + +* `Minipass.isStream(stream)` Returns `true` if the argument is a stream, + and false otherwise. To be considered a stream, the object must be + either an instance of Minipass, or an EventEmitter that has either a + `pipe()` method, or both `write()` and `end()` methods. (Pretty much any + stream in node-land will return `true` for this.) + +## EXAMPLES + +Here are some examples of things you can do with Minipass streams. + +### simple "are you done yet" promise + +```js +mp.promise().then(() => { + // stream is finished +}, er => { + // stream emitted an error +}) +``` + +### collecting + +```js +mp.collect().then(all => { + // all is an array of all the data emitted + // encoding is supported in this case, so + // so the result will be a collection of strings if + // an encoding is specified, or buffers/objects if not. + // + // In an async function, you may do + // const data = await stream.collect() +}) +``` + +### collecting into a single blob + +This is a bit slower because it concatenates the data into one chunk for +you, but if you're going to do it yourself anyway, it's convenient this +way: + +```js +mp.concat().then(onebigchunk => { + // onebigchunk is a string if the stream + // had an encoding set, or a buffer otherwise. +}) +``` + +### iteration + +You can iterate over streams synchronously or asynchronously in platforms +that support it. + +Synchronous iteration will end when the currently available data is +consumed, even if the `end` event has not been reached. In string and +buffer mode, the data is concatenated, so unless multiple writes are +occurring in the same tick as the `read()`, sync iteration loops will +generally only have a single iteration. + +To consume chunks in this way exactly as they have been written, with no +flattening, create the stream with the `{ objectMode: true }` option. + +```js +const mp = new Minipass({ objectMode: true }) +mp.write('a') +mp.write('b') +for (let letter of mp) { + console.log(letter) // a, b +} +mp.write('c') +mp.write('d') +for (let letter of mp) { + console.log(letter) // c, d +} +mp.write('e') +mp.end() +for (let letter of mp) { + console.log(letter) // e +} +for (let letter of mp) { + console.log(letter) // nothing +} +``` + +Asynchronous iteration will continue until the end event is reached, +consuming all of the data. + +```js +const mp = new Minipass({ encoding: 'utf8' }) + +// some source of some data +let i = 5 +const inter = setInterval(() => { + if (i --> 0) + mp.write(Buffer.from('foo\n', 'utf8')) + else { + mp.end() + clearInterval(inter) + } +}, 100) + +// consume the data with asynchronous iteration +async function consume () { + for await (let chunk of mp) { + console.log(chunk) + } + return 'ok' +} + +consume().then(res => console.log(res)) +// logs `foo\n` 5 times, and then `ok` +``` + +### subclass that `console.log()`s everything written into it + +```js +class Logger extends Minipass { + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } +} + +someSource.pipe(new Logger()).pipe(someDest) +``` + +### same thing, but using an inline anonymous class + +```js +// js classes are fun +someSource + .pipe(new (class extends Minipass { + emit (ev, ...data) { + // let's also log events, because debugging some weird thing + console.log('EMIT', ev) + return super.emit(ev, ...data) + } + write (chunk, encoding, callback) { + console.log('WRITE', chunk, encoding) + return super.write(chunk, encoding, callback) + } + end (chunk, encoding, callback) { + console.log('END', chunk, encoding) + return super.end(chunk, encoding, callback) + } + })) + .pipe(someDest) +``` + +### subclass that defers 'end' for some reason + +```js +class SlowEnd extends Minipass { + emit (ev, ...args) { + if (ev === 'end') { + console.log('going to end, hold on a sec') + setTimeout(() => { + console.log('ok, ready to end now') + super.emit('end', ...args) + }, 100) + } else { + return super.emit(ev, ...args) + } + } +} +``` + +### transform that creates newline-delimited JSON + +```js +class NDJSONEncode extends Minipass { + write (obj, cb) { + try { + // JSON.stringify can throw, emit an error on that + return super.write(JSON.stringify(obj) + '\n', 'utf8', cb) + } catch (er) { + this.emit('error', er) + } + } + end (obj, cb) { + if (typeof obj === 'function') { + cb = obj + obj = undefined + } + if (obj !== undefined) { + this.write(obj) + } + return super.end(cb) + } +} +``` + +### transform that parses newline-delimited JSON + +```js +class NDJSONDecode extends Minipass { + constructor (options) { + // always be in object mode, as far as Minipass is concerned + super({ objectMode: true }) + this._jsonBuffer = '' + } + write (chunk, encoding, cb) { + if (typeof chunk === 'string' && + typeof encoding === 'string' && + encoding !== 'utf8') { + chunk = Buffer.from(chunk, encoding).toString() + } else if (Buffer.isBuffer(chunk)) + chunk = chunk.toString() + } + if (typeof encoding === 'function') { + cb = encoding + } + const jsonData = (this._jsonBuffer + chunk).split('\n') + this._jsonBuffer = jsonData.pop() + for (let i = 0; i < jsonData.length; i++) { + let parsed + try { + super.write(parsed) + } catch (er) { + this.emit('error', er) + continue + } + } + if (cb) + cb() + } +} +``` diff --git a/node_modules/npm-registry-fetch/node_modules/minipass/index.js b/node_modules/npm-registry-fetch/node_modules/minipass/index.js new file mode 100644 index 000000000..55ea0f3dd --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/minipass/index.js @@ -0,0 +1,538 @@ +'use strict' +const EE = require('events') +const Stream = require('stream') +const Yallist = require('yallist') +const SD = require('string_decoder').StringDecoder + +const EOF = Symbol('EOF') +const MAYBE_EMIT_END = Symbol('maybeEmitEnd') +const EMITTED_END = Symbol('emittedEnd') +const EMITTING_END = Symbol('emittingEnd') +const CLOSED = Symbol('closed') +const READ = Symbol('read') +const FLUSH = Symbol('flush') +const FLUSHCHUNK = Symbol('flushChunk') +const ENCODING = Symbol('encoding') +const DECODER = Symbol('decoder') +const FLOWING = Symbol('flowing') +const PAUSED = Symbol('paused') +const RESUME = Symbol('resume') +const BUFFERLENGTH = Symbol('bufferLength') +const BUFFERPUSH = Symbol('bufferPush') +const BUFFERSHIFT = Symbol('bufferShift') +const OBJECTMODE = Symbol('objectMode') +const DESTROYED = Symbol('destroyed') + +// TODO remove when Node v8 support drops +const doIter = global._MP_NO_ITERATOR_SYMBOLS_ !== '1' +const ASYNCITERATOR = doIter && Symbol.asyncIterator + || Symbol('asyncIterator not implemented') +const ITERATOR = doIter && Symbol.iterator + || Symbol('iterator not implemented') + +// events that mean 'the stream is over' +// these are treated specially, and re-emitted +// if they are listened for after emitting. +const isEndish = ev => + ev === 'end' || + ev === 'finish' || + ev === 'prefinish' + +const isArrayBuffer = b => b instanceof ArrayBuffer || + typeof b === 'object' && + b.constructor && + b.constructor.name === 'ArrayBuffer' && + b.byteLength >= 0 + +const isArrayBufferView = b => !Buffer.isBuffer(b) && ArrayBuffer.isView(b) + +module.exports = class Minipass extends Stream { + constructor (options) { + super() + this[FLOWING] = false + // whether we're explicitly paused + this[PAUSED] = false + this.pipes = new Yallist() + this.buffer = new Yallist() + this[OBJECTMODE] = options && options.objectMode || false + if (this[OBJECTMODE]) + this[ENCODING] = null + else + this[ENCODING] = options && options.encoding || null + if (this[ENCODING] === 'buffer') + this[ENCODING] = null + this[DECODER] = this[ENCODING] ? new SD(this[ENCODING]) : null + this[EOF] = false + this[EMITTED_END] = false + this[EMITTING_END] = false + this[CLOSED] = false + this.writable = true + this.readable = true + this[BUFFERLENGTH] = 0 + this[DESTROYED] = false + } + + get bufferLength () { return this[BUFFERLENGTH] } + + get encoding () { return this[ENCODING] } + set encoding (enc) { + if (this[OBJECTMODE]) + throw new Error('cannot set encoding in objectMode') + + if (this[ENCODING] && enc !== this[ENCODING] && + (this[DECODER] && this[DECODER].lastNeed || this[BUFFERLENGTH])) + throw new Error('cannot change encoding') + + if (this[ENCODING] !== enc) { + this[DECODER] = enc ? new SD(enc) : null + if (this.buffer.length) + this.buffer = this.buffer.map(chunk => this[DECODER].write(chunk)) + } + + this[ENCODING] = enc + } + + setEncoding (enc) { + this.encoding = enc + } + + get objectMode () { return this[OBJECTMODE] } + set objectMode (ॐ ) { this[OBJECTMODE] = this[OBJECTMODE] || !!ॐ } + + write (chunk, encoding, cb) { + if (this[EOF]) + throw new Error('write after end') + + if (this[DESTROYED]) { + this.emit('error', Object.assign( + new Error('Cannot call write after a stream was destroyed'), + { code: 'ERR_STREAM_DESTROYED' } + )) + return true + } + + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + + if (!encoding) + encoding = 'utf8' + + // convert array buffers and typed array views into buffers + // at some point in the future, we may want to do the opposite! + // leave strings and buffers as-is + // anything else switches us into object mode + if (!this[OBJECTMODE] && !Buffer.isBuffer(chunk)) { + if (isArrayBufferView(chunk)) + chunk = Buffer.from(chunk.buffer, chunk.byteOffset, chunk.byteLength) + else if (isArrayBuffer(chunk)) + chunk = Buffer.from(chunk) + else if (typeof chunk !== 'string') + // use the setter so we throw if we have encoding set + this.objectMode = true + } + + // this ensures at this point that the chunk is a buffer or string + // don't buffer it up or send it to the decoder + if (!this.objectMode && !chunk.length) { + const ret = this.flowing + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + return ret + } + + // fast-path writing strings of same encoding to a stream with + // an empty buffer, skipping the buffer/decoder dance + if (typeof chunk === 'string' && !this[OBJECTMODE] && + // unless it is a string already ready for us to use + !(encoding === this[ENCODING] && !this[DECODER].lastNeed)) { + chunk = Buffer.from(chunk, encoding) + } + + if (Buffer.isBuffer(chunk) && this[ENCODING]) + chunk = this[DECODER].write(chunk) + + try { + return this.flowing + ? (this.emit('data', chunk), this.flowing) + : (this[BUFFERPUSH](chunk), false) + } finally { + if (this[BUFFERLENGTH] !== 0) + this.emit('readable') + if (cb) + cb() + } + } + + read (n) { + if (this[DESTROYED]) + return null + + try { + if (this[BUFFERLENGTH] === 0 || n === 0 || n > this[BUFFERLENGTH]) + return null + + if (this[OBJECTMODE]) + n = null + + if (this.buffer.length > 1 && !this[OBJECTMODE]) { + if (this.encoding) + this.buffer = new Yallist([ + Array.from(this.buffer).join('') + ]) + else + this.buffer = new Yallist([ + Buffer.concat(Array.from(this.buffer), this[BUFFERLENGTH]) + ]) + } + + return this[READ](n || null, this.buffer.head.value) + } finally { + this[MAYBE_EMIT_END]() + } + } + + [READ] (n, chunk) { + if (n === chunk.length || n === null) + this[BUFFERSHIFT]() + else { + this.buffer.head.value = chunk.slice(n) + chunk = chunk.slice(0, n) + this[BUFFERLENGTH] -= n + } + + this.emit('data', chunk) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + + return chunk + } + + end (chunk, encoding, cb) { + if (typeof chunk === 'function') + cb = chunk, chunk = null + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + if (chunk) + this.write(chunk, encoding) + if (cb) + this.once('end', cb) + this[EOF] = true + this.writable = false + + // if we haven't written anything, then go ahead and emit, + // even if we're not reading. + // we'll re-emit if a new 'end' listener is added anyway. + // This makes MP more suitable to write-only use cases. + if (this.flowing || !this[PAUSED]) + this[MAYBE_EMIT_END]() + return this + } + + // don't let the internal resume be overwritten + [RESUME] () { + if (this[DESTROYED]) + return + + this[PAUSED] = false + this[FLOWING] = true + this.emit('resume') + if (this.buffer.length) + this[FLUSH]() + else if (this[EOF]) + this[MAYBE_EMIT_END]() + else + this.emit('drain') + } + + resume () { + return this[RESUME]() + } + + pause () { + this[FLOWING] = false + this[PAUSED] = true + } + + get destroyed () { + return this[DESTROYED] + } + + get flowing () { + return this[FLOWING] + } + + get paused () { + return this[PAUSED] + } + + [BUFFERPUSH] (chunk) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] += 1 + else + this[BUFFERLENGTH] += chunk.length + return this.buffer.push(chunk) + } + + [BUFFERSHIFT] () { + if (this.buffer.length) { + if (this[OBJECTMODE]) + this[BUFFERLENGTH] -= 1 + else + this[BUFFERLENGTH] -= this.buffer.head.value.length + } + return this.buffer.shift() + } + + [FLUSH] () { + do {} while (this[FLUSHCHUNK](this[BUFFERSHIFT]())) + + if (!this.buffer.length && !this[EOF]) + this.emit('drain') + } + + [FLUSHCHUNK] (chunk) { + return chunk ? (this.emit('data', chunk), this.flowing) : false + } + + pipe (dest, opts) { + if (this[DESTROYED]) + return + + const ended = this[EMITTED_END] + opts = opts || {} + if (dest === process.stdout || dest === process.stderr) + opts.end = false + else + opts.end = opts.end !== false + + const p = { dest: dest, opts: opts, ondrain: _ => this[RESUME]() } + this.pipes.push(p) + + dest.on('drain', p.ondrain) + this[RESUME]() + // piping an ended stream ends immediately + if (ended && p.opts.end) + p.dest.end() + return dest + } + + addListener (ev, fn) { + return this.on(ev, fn) + } + + on (ev, fn) { + try { + return super.on(ev, fn) + } finally { + if (ev === 'data' && !this.pipes.length && !this.flowing) + this[RESUME]() + else if (isEndish(ev) && this[EMITTED_END]) { + super.emit(ev) + this.removeAllListeners(ev) + } + } + } + + get emittedEnd () { + return this[EMITTED_END] + } + + [MAYBE_EMIT_END] () { + if (!this[EMITTING_END] && + !this[EMITTED_END] && + !this[DESTROYED] && + this.buffer.length === 0 && + this[EOF]) { + this[EMITTING_END] = true + this.emit('end') + this.emit('prefinish') + this.emit('finish') + if (this[CLOSED]) + this.emit('close') + this[EMITTING_END] = false + } + } + + emit (ev, data) { + // error and close are only events allowed after calling destroy() + if (ev !== 'error' && ev !== 'close' && ev !== DESTROYED && this[DESTROYED]) + return + else if (ev === 'data') { + if (!data) + return + + if (this.pipes.length) + this.pipes.forEach(p => + p.dest.write(data) === false && this.pause()) + } else if (ev === 'end') { + // only actual end gets this treatment + if (this[EMITTED_END] === true) + return + + this[EMITTED_END] = true + this.readable = false + + if (this[DECODER]) { + data = this[DECODER].end() + if (data) { + this.pipes.forEach(p => p.dest.write(data)) + super.emit('data', data) + } + } + + this.pipes.forEach(p => { + p.dest.removeListener('drain', p.ondrain) + if (p.opts.end) + p.dest.end() + }) + } else if (ev === 'close') { + this[CLOSED] = true + // don't emit close before 'end' and 'finish' + if (!this[EMITTED_END] && !this[DESTROYED]) + return + } + + // TODO: replace with a spread operator when Node v4 support drops + const args = new Array(arguments.length) + args[0] = ev + args[1] = data + if (arguments.length > 2) { + for (let i = 2; i < arguments.length; i++) { + args[i] = arguments[i] + } + } + + try { + return super.emit.apply(this, args) + } finally { + if (!isEndish(ev)) + this[MAYBE_EMIT_END]() + else + this.removeAllListeners(ev) + } + } + + // const all = await stream.collect() + collect () { + const buf = [] + if (!this[OBJECTMODE]) + buf.dataLength = 0 + // set the promise first, in case an error is raised + // by triggering the flow here. + const p = this.promise() + this.on('data', c => { + buf.push(c) + if (!this[OBJECTMODE]) + buf.dataLength += c.length + }) + return p.then(() => buf) + } + + // const data = await stream.concat() + concat () { + return this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this.collect().then(buf => + this[OBJECTMODE] + ? Promise.reject(new Error('cannot concat in objectMode')) + : this[ENCODING] ? buf.join('') : Buffer.concat(buf, buf.dataLength)) + } + + // stream.promise().then(() => done, er => emitted error) + promise () { + return new Promise((resolve, reject) => { + this.on(DESTROYED, () => reject(new Error('stream destroyed'))) + this.on('end', () => resolve()) + this.on('error', er => reject(er)) + }) + } + + // for await (let chunk of stream) + [ASYNCITERATOR] () { + const next = () => { + const res = this.read() + if (res !== null) + return Promise.resolve({ done: false, value: res }) + + if (this[EOF]) + return Promise.resolve({ done: true }) + + let resolve = null + let reject = null + const onerr = er => { + this.removeListener('data', ondata) + this.removeListener('end', onend) + reject(er) + } + const ondata = value => { + this.removeListener('error', onerr) + this.removeListener('end', onend) + this.pause() + resolve({ value: value, done: !!this[EOF] }) + } + const onend = () => { + this.removeListener('error', onerr) + this.removeListener('data', ondata) + resolve({ done: true }) + } + const ondestroy = () => onerr(new Error('stream destroyed')) + return new Promise((res, rej) => { + reject = rej + resolve = res + this.once(DESTROYED, ondestroy) + this.once('error', onerr) + this.once('end', onend) + this.once('data', ondata) + }) + } + + return { next } + } + + // for (let chunk of stream) + [ITERATOR] () { + const next = () => { + const value = this.read() + const done = value === null + return { value, done } + } + return { next } + } + + destroy (er) { + if (this[DESTROYED]) { + if (er) + this.emit('error', er) + else + this.emit(DESTROYED) + return this + } + + this[DESTROYED] = true + + // throw away all buffered data, it's never coming out + this.buffer = new Yallist() + this[BUFFERLENGTH] = 0 + + if (typeof this.close === 'function' && !this[CLOSED]) + this.close() + + if (er) + this.emit('error', er) + else // if no error to emit, still reject pending promises + this.emit(DESTROYED) + + return this + } + + static isStream (s) { + return !!s && (s instanceof Minipass || s instanceof Stream || + s instanceof EE && ( + typeof s.pipe === 'function' || // readable + (typeof s.write === 'function' && typeof s.end === 'function') // writable + )) + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/minipass/package.json b/node_modules/npm-registry-fetch/node_modules/minipass/package.json new file mode 100644 index 000000000..ea5c27f74 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/minipass/package.json @@ -0,0 +1,78 @@ +{ + "_from": "minipass@^3.0.0", + "_id": "minipass@3.1.1", + "_inBundle": false, + "_integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "_location": "/npm-registry-fetch/minipass", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minipass@^3.0.0", + "name": "minipass", + "escapedName": "minipass", + "rawSpec": "^3.0.0", + "saveSpec": null, + "fetchSpec": "^3.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch", + "/npm-registry-fetch/cacache", + "/npm-registry-fetch/fs-minipass", + "/npm-registry-fetch/make-fetch-happen", + "/npm-registry-fetch/minizlib", + "/npm-registry-fetch/ssri", + "/npm-registry-fetch/tar" + ], + "_resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "_shasum": "7607ce778472a185ad6d89082aa2070f79cedcd5", + "_spec": "minipass@^3.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/minipass/issues" + }, + "bundleDependencies": false, + "dependencies": { + "yallist": "^4.0.0" + }, + "deprecated": false, + "description": "minimal implementation of a PassThrough stream", + "devDependencies": { + "end-of-stream": "^1.4.0", + "tap": "^14.6.5", + "through2": "^2.0.3" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js" + ], + "homepage": "https://github.com/isaacs/minipass#readme", + "keywords": [ + "passthrough", + "stream" + ], + "license": "ISC", + "main": "index.js", + "name": "minipass", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/minipass.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish --tag=next", + "preversion": "npm test", + "test": "tap" + }, + "tap": { + "check-coverage": true + }, + "version": "3.1.1" +} diff --git a/node_modules/npm-registry-fetch/node_modules/minizlib/LICENSE b/node_modules/npm-registry-fetch/node_modules/minizlib/LICENSE new file mode 100644 index 000000000..ffce7383f --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/minizlib/LICENSE @@ -0,0 +1,26 @@ +Minizlib was created by Isaac Z. Schlueter. +It is a derivative work of the Node.js project. + +""" +Copyright Isaac Z. Schlueter and Contributors +Copyright Node.js contributors. All rights reserved. +Copyright Joyent, Inc. and other Node contributors. All rights reserved. + +Permission is hereby granted, free of charge, to any person obtaining a +copy of this software and associated documentation files (the "Software"), +to deal in the Software without restriction, including without limitation +the rights to use, copy, modify, merge, publish, distribute, sublicense, +and/or sell copies of the Software, and to permit persons to whom the +Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +""" diff --git a/node_modules/npm-registry-fetch/node_modules/minizlib/README.md b/node_modules/npm-registry-fetch/node_modules/minizlib/README.md new file mode 100644 index 000000000..80e067ab3 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/minizlib/README.md @@ -0,0 +1,60 @@ +# minizlib + +A fast zlib stream built on [minipass](http://npm.im/minipass) and +Node.js's zlib binding. + +This module was created to serve the needs of +[node-tar](http://npm.im/tar) and +[minipass-fetch](http://npm.im/minipass-fetch). + +Brotli is supported in versions of node with a Brotli binding. + +## How does this differ from the streams in `require('zlib')`? + +First, there are no convenience methods to compress or decompress a +buffer. If you want those, use the built-in `zlib` module. This is +only streams. That being said, Minipass streams to make it fairly easy to +use as one-liners: `new zlib.Deflate().end(data).read()` will return the +deflate compressed result. + +This module compresses and decompresses the data as fast as you feed +it in. It is synchronous, and runs on the main process thread. Zlib +and Brotli operations can be high CPU, but they're very fast, and doing it +this way means much less bookkeeping and artificial deferral. + +Node's built in zlib streams are built on top of `stream.Transform`. +They do the maximally safe thing with respect to consistent +asynchrony, buffering, and backpressure. + +See [Minipass](http://npm.im/minipass) for more on the differences between +Node.js core streams and Minipass streams, and the convenience methods +provided by that class. + +## Classes + +- Deflate +- Inflate +- Gzip +- Gunzip +- DeflateRaw +- InflateRaw +- Unzip +- BrotliCompress (Node v10 and higher) +- BrotliDecompress (Node v10 and higher) + +## USAGE + +```js +const zlib = require('minizlib') +const input = sourceOfCompressedData() +const decode = new zlib.BrotliDecompress() +const output = whereToWriteTheDecodedData() +input.pipe(decode).pipe(output) +``` + +## REPRODUCIBLE BUILDS + +To create reproducible gzip compressed files across different operating +systems, set `portable: true` in the options. This causes minizlib to set +the `OS` indicator in byte 9 of the extended gzip header to `0xFF` for +'unknown'. diff --git a/node_modules/npm-registry-fetch/node_modules/minizlib/constants.js b/node_modules/npm-registry-fetch/node_modules/minizlib/constants.js new file mode 100644 index 000000000..641ebc731 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/minizlib/constants.js @@ -0,0 +1,115 @@ +// Update with any zlib constants that are added or changed in the future. +// Node v6 didn't export this, so we just hard code the version and rely +// on all the other hard-coded values from zlib v4736. When node v6 +// support drops, we can just export the realZlibConstants object. +const realZlibConstants = require('zlib').constants || + /* istanbul ignore next */ { ZLIB_VERNUM: 4736 } + +module.exports = Object.freeze(Object.assign(Object.create(null), { + Z_NO_FLUSH: 0, + Z_PARTIAL_FLUSH: 1, + Z_SYNC_FLUSH: 2, + Z_FULL_FLUSH: 3, + Z_FINISH: 4, + Z_BLOCK: 5, + Z_OK: 0, + Z_STREAM_END: 1, + Z_NEED_DICT: 2, + Z_ERRNO: -1, + Z_STREAM_ERROR: -2, + Z_DATA_ERROR: -3, + Z_MEM_ERROR: -4, + Z_BUF_ERROR: -5, + Z_VERSION_ERROR: -6, + Z_NO_COMPRESSION: 0, + Z_BEST_SPEED: 1, + Z_BEST_COMPRESSION: 9, + Z_DEFAULT_COMPRESSION: -1, + Z_FILTERED: 1, + Z_HUFFMAN_ONLY: 2, + Z_RLE: 3, + Z_FIXED: 4, + Z_DEFAULT_STRATEGY: 0, + DEFLATE: 1, + INFLATE: 2, + GZIP: 3, + GUNZIP: 4, + DEFLATERAW: 5, + INFLATERAW: 6, + UNZIP: 7, + BROTLI_DECODE: 8, + BROTLI_ENCODE: 9, + Z_MIN_WINDOWBITS: 8, + Z_MAX_WINDOWBITS: 15, + Z_DEFAULT_WINDOWBITS: 15, + Z_MIN_CHUNK: 64, + Z_MAX_CHUNK: Infinity, + Z_DEFAULT_CHUNK: 16384, + Z_MIN_MEMLEVEL: 1, + Z_MAX_MEMLEVEL: 9, + Z_DEFAULT_MEMLEVEL: 8, + Z_MIN_LEVEL: -1, + Z_MAX_LEVEL: 9, + Z_DEFAULT_LEVEL: -1, + BROTLI_OPERATION_PROCESS: 0, + BROTLI_OPERATION_FLUSH: 1, + BROTLI_OPERATION_FINISH: 2, + BROTLI_OPERATION_EMIT_METADATA: 3, + BROTLI_MODE_GENERIC: 0, + BROTLI_MODE_TEXT: 1, + BROTLI_MODE_FONT: 2, + BROTLI_DEFAULT_MODE: 0, + BROTLI_MIN_QUALITY: 0, + BROTLI_MAX_QUALITY: 11, + BROTLI_DEFAULT_QUALITY: 11, + BROTLI_MIN_WINDOW_BITS: 10, + BROTLI_MAX_WINDOW_BITS: 24, + BROTLI_LARGE_MAX_WINDOW_BITS: 30, + BROTLI_DEFAULT_WINDOW: 22, + BROTLI_MIN_INPUT_BLOCK_BITS: 16, + BROTLI_MAX_INPUT_BLOCK_BITS: 24, + BROTLI_PARAM_MODE: 0, + BROTLI_PARAM_QUALITY: 1, + BROTLI_PARAM_LGWIN: 2, + BROTLI_PARAM_LGBLOCK: 3, + BROTLI_PARAM_DISABLE_LITERAL_CONTEXT_MODELING: 4, + BROTLI_PARAM_SIZE_HINT: 5, + BROTLI_PARAM_LARGE_WINDOW: 6, + BROTLI_PARAM_NPOSTFIX: 7, + BROTLI_PARAM_NDIRECT: 8, + BROTLI_DECODER_RESULT_ERROR: 0, + BROTLI_DECODER_RESULT_SUCCESS: 1, + BROTLI_DECODER_RESULT_NEEDS_MORE_INPUT: 2, + BROTLI_DECODER_RESULT_NEEDS_MORE_OUTPUT: 3, + BROTLI_DECODER_PARAM_DISABLE_RING_BUFFER_REALLOCATION: 0, + BROTLI_DECODER_PARAM_LARGE_WINDOW: 1, + BROTLI_DECODER_NO_ERROR: 0, + BROTLI_DECODER_SUCCESS: 1, + BROTLI_DECODER_NEEDS_MORE_INPUT: 2, + BROTLI_DECODER_NEEDS_MORE_OUTPUT: 3, + BROTLI_DECODER_ERROR_FORMAT_EXUBERANT_NIBBLE: -1, + BROTLI_DECODER_ERROR_FORMAT_RESERVED: -2, + BROTLI_DECODER_ERROR_FORMAT_EXUBERANT_META_NIBBLE: -3, + BROTLI_DECODER_ERROR_FORMAT_SIMPLE_HUFFMAN_ALPHABET: -4, + BROTLI_DECODER_ERROR_FORMAT_SIMPLE_HUFFMAN_SAME: -5, + BROTLI_DECODER_ERROR_FORMAT_CL_SPACE: -6, + BROTLI_DECODER_ERROR_FORMAT_HUFFMAN_SPACE: -7, + BROTLI_DECODER_ERROR_FORMAT_CONTEXT_MAP_REPEAT: -8, + BROTLI_DECODER_ERROR_FORMAT_BLOCK_LENGTH_1: -9, + BROTLI_DECODER_ERROR_FORMAT_BLOCK_LENGTH_2: -10, + BROTLI_DECODER_ERROR_FORMAT_TRANSFORM: -11, + BROTLI_DECODER_ERROR_FORMAT_DICTIONARY: -12, + BROTLI_DECODER_ERROR_FORMAT_WINDOW_BITS: -13, + BROTLI_DECODER_ERROR_FORMAT_PADDING_1: -14, + BROTLI_DECODER_ERROR_FORMAT_PADDING_2: -15, + BROTLI_DECODER_ERROR_FORMAT_DISTANCE: -16, + BROTLI_DECODER_ERROR_DICTIONARY_NOT_SET: -19, + BROTLI_DECODER_ERROR_INVALID_ARGUMENTS: -20, + BROTLI_DECODER_ERROR_ALLOC_CONTEXT_MODES: -21, + BROTLI_DECODER_ERROR_ALLOC_TREE_GROUPS: -22, + BROTLI_DECODER_ERROR_ALLOC_CONTEXT_MAP: -25, + BROTLI_DECODER_ERROR_ALLOC_RING_BUFFER_1: -26, + BROTLI_DECODER_ERROR_ALLOC_RING_BUFFER_2: -27, + BROTLI_DECODER_ERROR_ALLOC_BLOCK_TYPE_TREES: -30, + BROTLI_DECODER_ERROR_UNREACHABLE: -31, +}, realZlibConstants)) diff --git a/node_modules/npm-registry-fetch/node_modules/minizlib/index.js b/node_modules/npm-registry-fetch/node_modules/minizlib/index.js new file mode 100644 index 000000000..c84bda1b5 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/minizlib/index.js @@ -0,0 +1,338 @@ +'use strict' + +const assert = require('assert') +const Buffer = require('buffer').Buffer +const realZlib = require('zlib') + +const constants = exports.constants = require('./constants.js') +const Minipass = require('minipass') + +const OriginalBufferConcat = Buffer.concat + +const _superWrite = Symbol('_superWrite') +class ZlibError extends Error { + constructor (err) { + super('zlib: ' + err.message) + this.code = err.code + this.errno = err.errno + /* istanbul ignore if */ + if (!this.code) + this.code = 'ZLIB_ERROR' + + this.message = 'zlib: ' + err.message + Error.captureStackTrace(this, this.constructor) + } + + get name () { + return 'ZlibError' + } +} + +// the Zlib class they all inherit from +// This thing manages the queue of requests, and returns +// true or false if there is anything in the queue when +// you call the .write() method. +const _opts = Symbol('opts') +const _flushFlag = Symbol('flushFlag') +const _finishFlushFlag = Symbol('finishFlushFlag') +const _fullFlushFlag = Symbol('fullFlushFlag') +const _handle = Symbol('handle') +const _onError = Symbol('onError') +const _sawError = Symbol('sawError') +const _level = Symbol('level') +const _strategy = Symbol('strategy') +const _ended = Symbol('ended') +const _defaultFullFlush = Symbol('_defaultFullFlush') + +class ZlibBase extends Minipass { + constructor (opts, mode) { + if (!opts || typeof opts !== 'object') + throw new TypeError('invalid options for ZlibBase constructor') + + super(opts) + this[_ended] = false + this[_opts] = opts + + this[_flushFlag] = opts.flush + this[_finishFlushFlag] = opts.finishFlush + // this will throw if any options are invalid for the class selected + try { + this[_handle] = new realZlib[mode](opts) + } catch (er) { + // make sure that all errors get decorated properly + throw new ZlibError(er) + } + + this[_onError] = (err) => { + this[_sawError] = true + // there is no way to cleanly recover. + // continuing only obscures problems. + this.close() + this.emit('error', err) + } + + this[_handle].on('error', er => this[_onError](new ZlibError(er))) + this.once('end', () => this.close) + } + + close () { + if (this[_handle]) { + this[_handle].close() + this[_handle] = null + this.emit('close') + } + } + + reset () { + if (!this[_sawError]) { + assert(this[_handle], 'zlib binding closed') + return this[_handle].reset() + } + } + + flush (flushFlag) { + if (this.ended) + return + + if (typeof flushFlag !== 'number') + flushFlag = this[_fullFlushFlag] + this.write(Object.assign(Buffer.alloc(0), { [_flushFlag]: flushFlag })) + } + + end (chunk, encoding, cb) { + if (chunk) + this.write(chunk, encoding) + this.flush(this[_finishFlushFlag]) + this[_ended] = true + return super.end(null, null, cb) + } + + get ended () { + return this[_ended] + } + + write (chunk, encoding, cb) { + // process the chunk using the sync process + // then super.write() all the outputted chunks + if (typeof encoding === 'function') + cb = encoding, encoding = 'utf8' + + if (typeof chunk === 'string') + chunk = Buffer.from(chunk, encoding) + + if (this[_sawError]) + return + assert(this[_handle], 'zlib binding closed') + + // _processChunk tries to .close() the native handle after it's done, so we + // intercept that by temporarily making it a no-op. + const nativeHandle = this[_handle]._handle + const originalNativeClose = nativeHandle.close + nativeHandle.close = () => {} + const originalClose = this[_handle].close + this[_handle].close = () => {} + // It also calls `Buffer.concat()` at the end, which may be convenient + // for some, but which we are not interested in as it slows us down. + Buffer.concat = (args) => args + let result + try { + const flushFlag = typeof chunk[_flushFlag] === 'number' + ? chunk[_flushFlag] : this[_flushFlag] + result = this[_handle]._processChunk(chunk, flushFlag) + // if we don't throw, reset it back how it was + Buffer.concat = OriginalBufferConcat + } catch (err) { + // or if we do, put Buffer.concat() back before we emit error + // Error events call into user code, which may call Buffer.concat() + Buffer.concat = OriginalBufferConcat + this[_onError](new ZlibError(err)) + } finally { + if (this[_handle]) { + // Core zlib resets `_handle` to null after attempting to close the + // native handle. Our no-op handler prevented actual closure, but we + // need to restore the `._handle` property. + this[_handle]._handle = nativeHandle + nativeHandle.close = originalNativeClose + this[_handle].close = originalClose + // `_processChunk()` adds an 'error' listener. If we don't remove it + // after each call, these handlers start piling up. + this[_handle].removeAllListeners('error') + } + } + + let writeReturn + if (result) { + if (Array.isArray(result) && result.length > 0) { + // The first buffer is always `handle._outBuffer`, which would be + // re-used for later invocations; so, we always have to copy that one. + writeReturn = this[_superWrite](Buffer.from(result[0])) + for (let i = 1; i < result.length; i++) { + writeReturn = this[_superWrite](result[i]) + } + } else { + writeReturn = this[_superWrite](Buffer.from(result)) + } + } + + if (cb) + cb() + return writeReturn + } + + [_superWrite] (data) { + return super.write(data) + } +} + +class Zlib extends ZlibBase { + constructor (opts, mode) { + opts = opts || {} + + opts.flush = opts.flush || constants.Z_NO_FLUSH + opts.finishFlush = opts.finishFlush || constants.Z_FINISH + super(opts, mode) + + this[_fullFlushFlag] = constants.Z_FULL_FLUSH + this[_level] = opts.level + this[_strategy] = opts.strategy + } + + params (level, strategy) { + if (this[_sawError]) + return + + if (!this[_handle]) + throw new Error('cannot switch params when binding is closed') + + // no way to test this without also not supporting params at all + /* istanbul ignore if */ + if (!this[_handle].params) + throw new Error('not supported in this implementation') + + if (this[_level] !== level || this[_strategy] !== strategy) { + this.flush(constants.Z_SYNC_FLUSH) + assert(this[_handle], 'zlib binding closed') + // .params() calls .flush(), but the latter is always async in the + // core zlib. We override .flush() temporarily to intercept that and + // flush synchronously. + const origFlush = this[_handle].flush + this[_handle].flush = (flushFlag, cb) => { + this.flush(flushFlag) + cb() + } + try { + this[_handle].params(level, strategy) + } finally { + this[_handle].flush = origFlush + } + /* istanbul ignore else */ + if (this[_handle]) { + this[_level] = level + this[_strategy] = strategy + } + } + } +} + +// minimal 2-byte header +class Deflate extends Zlib { + constructor (opts) { + super(opts, 'Deflate') + } +} + +class Inflate extends Zlib { + constructor (opts) { + super(opts, 'Inflate') + } +} + +// gzip - bigger header, same deflate compression +const _portable = Symbol('_portable') +class Gzip extends Zlib { + constructor (opts) { + super(opts, 'Gzip') + this[_portable] = opts && !!opts.portable + } + + [_superWrite] (data) { + if (!this[_portable]) + return super[_superWrite](data) + + // we'll always get the header emitted in one first chunk + // overwrite the OS indicator byte with 0xFF + this[_portable] = false + data[9] = 255 + return super[_superWrite](data) + } +} + +class Gunzip extends Zlib { + constructor (opts) { + super(opts, 'Gunzip') + } +} + +// raw - no header +class DeflateRaw extends Zlib { + constructor (opts) { + super(opts, 'DeflateRaw') + } +} + +class InflateRaw extends Zlib { + constructor (opts) { + super(opts, 'InflateRaw') + } +} + +// auto-detect header. +class Unzip extends Zlib { + constructor (opts) { + super(opts, 'Unzip') + } +} + +class Brotli extends ZlibBase { + constructor (opts, mode) { + opts = opts || {} + + opts.flush = opts.flush || constants.BROTLI_OPERATION_PROCESS + opts.finishFlush = opts.finishFlush || constants.BROTLI_OPERATION_FINISH + + super(opts, mode) + + this[_fullFlushFlag] = constants.BROTLI_OPERATION_FLUSH + } +} + +class BrotliCompress extends Brotli { + constructor (opts) { + super(opts, 'BrotliCompress') + } +} + +class BrotliDecompress extends Brotli { + constructor (opts) { + super(opts, 'BrotliDecompress') + } +} + +exports.Deflate = Deflate +exports.Inflate = Inflate +exports.Gzip = Gzip +exports.Gunzip = Gunzip +exports.DeflateRaw = DeflateRaw +exports.InflateRaw = InflateRaw +exports.Unzip = Unzip +/* istanbul ignore else */ +if (typeof realZlib.BrotliCompress === 'function') { + exports.BrotliCompress = BrotliCompress + exports.BrotliDecompress = BrotliDecompress +} else { + exports.BrotliCompress = exports.BrotliDecompress = class { + constructor () { + throw new Error('Brotli is not supported in this version of Node.js') + } + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/minizlib/package.json b/node_modules/npm-registry-fetch/node_modules/minizlib/package.json new file mode 100644 index 000000000..d790ac908 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/minizlib/package.json @@ -0,0 +1,76 @@ +{ + "_from": "minizlib@^2.0.0", + "_id": "minizlib@2.1.0", + "_inBundle": false, + "_integrity": "sha512-EzTZN/fjSvifSX0SlqUERCN39o6T40AMarPbv0MrarSFtIITCBh7bi+dU8nxGFHuqs9jdIAeoYoKuQAAASsPPA==", + "_location": "/npm-registry-fetch/minizlib", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "minizlib@^2.0.0", + "name": "minizlib", + "escapedName": "minizlib", + "rawSpec": "^2.0.0", + "saveSpec": null, + "fetchSpec": "^2.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch", + "/npm-registry-fetch/tar" + ], + "_resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.0.tgz", + "_shasum": "fd52c645301ef09a63a2c209697c294c6ce02cf3", + "_spec": "minizlib@^2.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/minizlib/issues" + }, + "bundleDependencies": false, + "dependencies": { + "minipass": "^3.0.0", + "yallist": "^4.0.0" + }, + "deprecated": false, + "description": "A small fast zlib stream built on [minipass](http://npm.im/minipass) and Node.js's zlib binding.", + "devDependencies": { + "tap": "^14.6.9" + }, + "engines": { + "node": ">= 8" + }, + "files": [ + "index.js", + "constants.js" + ], + "homepage": "https://github.com/isaacs/minizlib#readme", + "keywords": [ + "zlib", + "gzip", + "gunzip", + "deflate", + "inflate", + "compression", + "zip", + "unzip" + ], + "license": "MIT", + "main": "index.js", + "name": "minizlib", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/minizlib.git" + }, + "scripts": { + "postpublish": "git push origin --all; git push origin --tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap test/*.js --100 -J" + }, + "version": "2.1.0" +} diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/CHANGELOG.md b/node_modules/npm-registry-fetch/node_modules/mkdirp/CHANGELOG.md new file mode 100644 index 000000000..81458380b --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/CHANGELOG.md @@ -0,0 +1,15 @@ +# Changers Lorgs! + +## 1.0 + +Full rewrite. Essentially a brand new module. + +- Return a promise instead of taking a callback. +- Use native `fs.mkdir(path, { recursive: true })` when available. +- Drop support for outdated Node.js versions. (Technically still works on + Node.js v8, but only 10 and above are officially supported.) + +## 0.x + +Original and most widely used recursive directory creation implementation +in JavaScript, dating back to 2010. diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/LICENSE b/node_modules/npm-registry-fetch/node_modules/mkdirp/LICENSE new file mode 100644 index 000000000..13fcd15f0 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/LICENSE @@ -0,0 +1,21 @@ +Copyright James Halliday (mail@substack.net) and Isaac Z. Schlueter (i@izs.me) + +This project is free software released under the MIT license: + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/bin/cmd.js b/node_modules/npm-registry-fetch/node_modules/mkdirp/bin/cmd.js new file mode 100755 index 000000000..6e0aa8dc4 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/bin/cmd.js @@ -0,0 +1,68 @@ +#!/usr/bin/env node + +const usage = () => ` +usage: mkdirp [DIR1,DIR2..] {OPTIONS} + + Create each supplied directory including any necessary parent directories + that don't yet exist. + + If the directory already exists, do nothing. + +OPTIONS are: + + -m<mode> If a directory needs to be created, set the mode as an octal + --mode=<mode> permission string. + + -v --version Print the mkdirp version number + + -h --help Print this helpful banner + + -p --print Print the first directories created for each path provided + + --manual Use manual implementation, even if native is available +` + +const dirs = [] +const opts = {} +let print = false +let dashdash = false +let manual = false +for (const arg of process.argv.slice(2)) { + if (dashdash) + dirs.push(arg) + else if (arg === '--') + dashdash = true + else if (arg === '--manual') + manual = true + else if (/^-h/.test(arg) || /^--help/.test(arg)) { + console.log(usage()) + process.exit(0) + } else if (arg === '-v' || arg === '--version') { + console.log(require('../package.json').version) + process.exit(0) + } else if (arg === '-p' || arg === '--print') { + print = true + } else if (/^-m/.test(arg) || /^--mode=/.test(arg)) { + const mode = parseInt(arg.replace(/^(-m|--mode=)/, ''), 8) + if (isNaN(mode)) { + console.error(`invalid mode argument: ${arg}\nMust be an octal number.`) + process.exit(1) + } + opts.mode = mode + } else + dirs.push(arg) +} + +const mkdirp = require('../') +const impl = manual ? mkdirp.manual : mkdirp +if (dirs.length === 0) + console.error(usage()) + +Promise.all(dirs.map(dir => impl(dir, opts))) + .then(made => print ? made.forEach(m => m && console.log(m)) : null) + .catch(er => { + console.error(er.message) + if (er.code) + console.error(' code: ' + er.code) + process.exit(1) + }) diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/index.js b/node_modules/npm-registry-fetch/node_modules/mkdirp/index.js new file mode 100644 index 000000000..ad7a16c9f --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/index.js @@ -0,0 +1,31 @@ +const optsArg = require('./lib/opts-arg.js') +const pathArg = require('./lib/path-arg.js') + +const {mkdirpNative, mkdirpNativeSync} = require('./lib/mkdirp-native.js') +const {mkdirpManual, mkdirpManualSync} = require('./lib/mkdirp-manual.js') +const {useNative, useNativeSync} = require('./lib/use-native.js') + + +const mkdirp = (path, opts) => { + path = pathArg(path) + opts = optsArg(opts) + return useNative(opts) + ? mkdirpNative(path, opts) + : mkdirpManual(path, opts) +} + +const mkdirpSync = (path, opts) => { + path = pathArg(path) + opts = optsArg(opts) + return useNativeSync(opts) + ? mkdirpNativeSync(path, opts) + : mkdirpManualSync(path, opts) +} + +mkdirp.sync = mkdirpSync +mkdirp.native = (path, opts) => mkdirpNative(pathArg(path), optsArg(opts)) +mkdirp.manual = (path, opts) => mkdirpManual(pathArg(path), optsArg(opts)) +mkdirp.nativeSync = (path, opts) => mkdirpNativeSync(pathArg(path), optsArg(opts)) +mkdirp.manualSync = (path, opts) => mkdirpManualSync(pathArg(path), optsArg(opts)) + +module.exports = mkdirp diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/find-made.js b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/find-made.js new file mode 100644 index 000000000..022e492c0 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/find-made.js @@ -0,0 +1,29 @@ +const {dirname} = require('path') + +const findMade = (opts, parent, path = undefined) => { + // we never want the 'made' return value to be a root directory + if (path === parent) + return Promise.resolve() + + return opts.statAsync(parent).then( + st => st.isDirectory() ? path : undefined, // will fail later + er => er.code === 'ENOENT' + ? findMade(opts, dirname(parent), parent) + : undefined + ) +} + +const findMadeSync = (opts, parent, path = undefined) => { + if (path === parent) + return undefined + + try { + return opts.statSync(parent).isDirectory() ? path : undefined + } catch (er) { + return er.code === 'ENOENT' + ? findMadeSync(opts, dirname(parent), parent) + : undefined + } +} + +module.exports = {findMade, findMadeSync} diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/mkdirp-manual.js b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/mkdirp-manual.js new file mode 100644 index 000000000..2eb18cd64 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/mkdirp-manual.js @@ -0,0 +1,64 @@ +const {dirname} = require('path') + +const mkdirpManual = (path, opts, made) => { + opts.recursive = false + const parent = dirname(path) + if (parent === path) { + return opts.mkdirAsync(path, opts).catch(er => { + // swallowed by recursive implementation on posix systems + // any other error is a failure + if (er.code !== 'EISDIR') + throw er + }) + } + + return opts.mkdirAsync(path, opts).then(() => made || path, er => { + if (er.code === 'ENOENT') + return mkdirpManual(parent, opts) + .then(made => mkdirpManual(path, opts, made)) + if (er.code !== 'EEXIST' && er.code !== 'EROFS') + throw er + return opts.statAsync(path).then(st => { + if (st.isDirectory()) + return made + else + throw er + }, () => { throw er }) + }) +} + +const mkdirpManualSync = (path, opts, made) => { + const parent = dirname(path) + opts.recursive = false + + if (parent === path) { + try { + return opts.mkdirSync(path, opts) + } catch (er) { + // swallowed by recursive implementation on posix systems + // any other error is a failure + if (er.code !== 'EISDIR') + throw er + else + return + } + } + + try { + opts.mkdirSync(path, opts) + return made || path + } catch (er) { + if (er.code === 'ENOENT') + return mkdirpManualSync(path, opts, mkdirpManualSync(parent, opts, made)) + if (er.code !== 'EEXIST' && er.code !== 'EROFS') + throw er + try { + if (!opts.statSync(path).isDirectory()) + throw er + } catch (_) { + throw er + } + } +} + +module.exports = {mkdirpManual, mkdirpManualSync} diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/mkdirp-native.js b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/mkdirp-native.js new file mode 100644 index 000000000..c7a6b6980 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/mkdirp-native.js @@ -0,0 +1,39 @@ +const {dirname} = require('path') +const {findMade, findMadeSync} = require('./find-made.js') +const {mkdirpManual, mkdirpManualSync} = require('./mkdirp-manual.js') + +const mkdirpNative = (path, opts) => { + opts.recursive = true + const parent = dirname(path) + if (parent === path) + return opts.mkdirAsync(path, opts) + + return findMade(opts, path).then(made => + opts.mkdirAsync(path, opts).then(() => made) + .catch(er => { + if (er.code === 'ENOENT') + return mkdirpManual(path, opts) + else + throw er + })) +} + +const mkdirpNativeSync = (path, opts) => { + opts.recursive = true + const parent = dirname(path) + if (parent === path) + return opts.mkdirSync(path, opts) + + const made = findMadeSync(opts, path) + try { + opts.mkdirSync(path, opts) + return made + } catch (er) { + if (er.code === 'ENOENT') + return mkdirpManualSync(path, opts) + else + throw er + } +} + +module.exports = {mkdirpNative, mkdirpNativeSync} diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/opts-arg.js b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/opts-arg.js new file mode 100644 index 000000000..488bd44c3 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/opts-arg.js @@ -0,0 +1,23 @@ +const { promisify } = require('util') +const fs = require('fs') +const optsArg = opts => { + if (!opts) + opts = { mode: 0o777 & (~process.umask()), fs } + else if (typeof opts === 'object') + opts = { mode: 0o777 & (~process.umask()), fs, ...opts } + else if (typeof opts === 'number') + opts = { mode: opts, fs } + else if (typeof opts === 'string') + opts = { mode: parseInt(opts, 8), fs } + else + throw new TypeError('invalid options argument') + + opts.mkdir = opts.mkdir || opts.fs.mkdir || fs.mkdir + opts.mkdirAsync = promisify(opts.mkdir) + opts.stat = opts.stat || opts.fs.stat || fs.stat + opts.statAsync = promisify(opts.stat) + opts.statSync = opts.statSync || opts.fs.statSync || fs.statSync + opts.mkdirSync = opts.mkdirSync || opts.fs.mkdirSync || fs.mkdirSync + return opts +} +module.exports = optsArg diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/path-arg.js b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/path-arg.js new file mode 100644 index 000000000..cc07de5a6 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/path-arg.js @@ -0,0 +1,29 @@ +const platform = process.env.__TESTING_MKDIRP_PLATFORM__ || process.platform +const { resolve, parse } = require('path') +const pathArg = path => { + if (/\0/.test(path)) { + // simulate same failure that node raises + throw Object.assign( + new TypeError('path must be a string without null bytes'), + { + path, + code: 'ERR_INVALID_ARG_VALUE', + } + ) + } + + path = resolve(path) + if (platform === 'win32') { + const badWinChars = /[*|"<>?:]/ + const {root} = parse(path) + if (badWinChars.test(path.substr(root.length))) { + throw Object.assign(new Error('Illegal characters in path.'), { + path, + code: 'EINVAL', + }) + } + } + + return path +} +module.exports = pathArg diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/use-native.js b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/use-native.js new file mode 100644 index 000000000..079361de1 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/lib/use-native.js @@ -0,0 +1,10 @@ +const fs = require('fs') + +const version = process.env.__TESTING_MKDIRP_NODE_VERSION__ || process.version +const versArr = version.replace(/^v/, '').split('.') +const hasNative = +versArr[0] > 10 || +versArr[0] === 10 && +versArr[1] >= 12 + +const useNative = !hasNative ? () => false : opts => opts.mkdir === fs.mkdir +const useNativeSync = !hasNative ? () => false : opts => opts.mkdirSync === fs.mkdirSync + +module.exports = {useNative, useNativeSync} diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/package.json b/node_modules/npm-registry-fetch/node_modules/mkdirp/package.json new file mode 100644 index 000000000..02f12fd59 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/package.json @@ -0,0 +1,76 @@ +{ + "_from": "mkdirp@^1.0.3", + "_id": "mkdirp@1.0.3", + "_inBundle": false, + "_integrity": "sha512-6uCP4Qc0sWsgMLy1EOqqS/3rjDHOEnsStVr/4vtAIK2Y5i2kA7lFFejYrpIyiN9w0pYf4ckeCYT9f1r1P9KX5g==", + "_location": "/npm-registry-fetch/mkdirp", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "mkdirp@^1.0.3", + "name": "mkdirp", + "escapedName": "mkdirp", + "rawSpec": "^1.0.3", + "saveSpec": null, + "fetchSpec": "^1.0.3" + }, + "_requiredBy": [ + "/npm-registry-fetch/cacache", + "/npm-registry-fetch/tar" + ], + "_resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.3.tgz", + "_shasum": "4cf2e30ad45959dddea53ad97d518b6c8205e1ea", + "_spec": "mkdirp@^1.0.3", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/cacache", + "bin": { + "mkdirp": "bin/cmd.js" + }, + "bugs": { + "url": "https://github.com/isaacs/node-mkdirp/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Recursively mkdir, like `mkdir -p`", + "devDependencies": { + "require-inject": "^1.4.4", + "tap": "^14.10.6" + }, + "engines": { + "node": ">=10" + }, + "files": [ + "bin", + "lib", + "index.js" + ], + "homepage": "https://github.com/isaacs/node-mkdirp#readme", + "keywords": [ + "mkdir", + "directory", + "make dir", + "make", + "dir", + "recursive", + "native" + ], + "license": "MIT", + "main": "index.js", + "name": "mkdirp", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/node-mkdirp.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "snap": "tap", + "test": "tap" + }, + "tap": { + "check-coverage": true, + "coverage-map": "map.js" + }, + "version": "1.0.3" +} diff --git a/node_modules/npm-registry-fetch/node_modules/mkdirp/readme.markdown b/node_modules/npm-registry-fetch/node_modules/mkdirp/readme.markdown new file mode 100644 index 000000000..827de5905 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/mkdirp/readme.markdown @@ -0,0 +1,266 @@ +# mkdirp + +Like `mkdir -p`, but in Node.js! + +Now with a modern API and no\* bugs! + +<small>\* may contain some bugs</small> + +# example + +## pow.js + +```js +const mkdirp = require('mkdirp') + +// return value is a Promise resolving to the first directory created +mkdirp('/tmp/foo/bar/baz').then(made => + console.log(`made directories, starting with ${made}`)) +``` + +Output (where `/tmp/foo` already exists) + +``` +made directories, starting with /tmp/foo/bar +``` + +Or, if you don't have time to wait around for promises: + +```js +const mkdirp = require('mkdirp') + +// return value is the first directory created +const made = mkdirp.sync('/tmp/foo/bar/baz') +console.log(`made directories, starting with ${made}`) +``` + +And now /tmp/foo/bar/baz exists, huzzah! + +# methods + +```js +const mkdirp = require('mkdirp') +``` + +## mkdirp(dir, [opts]) -> Promise<String | undefined> + +Create a new directory and any necessary subdirectories at `dir` with octal +permission string `opts.mode`. If `opts` is a string or number, it will be +treated as the `opts.mode`. + +If `opts.mode` isn't specified, it defaults to `0o777 & +(~process.umask())`. + +Promise resolves to first directory `made` that had to be created, or +`undefined` if everything already exists. Promise rejects if any errors +are encountered. Note that, in the case of promise rejection, some +directories _may_ have been created, as recursive directory creation is not +an atomic operation. + +You can optionally pass in an alternate `fs` implementation by passing in +`opts.fs`. Your implementation should have `opts.fs.mkdir(path, opts, cb)` +and `opts.fs.stat(path, cb)`. + +You can also override just one or the other of `mkdir` and `stat` by +passing in `opts.stat` or `opts.mkdir`, or providing an `fs` option that +only overrides one of these. + +## mkdirp.sync(dir, opts) -> String|null + +Synchronously create a new directory and any necessary subdirectories at +`dir` with octal permission string `opts.mode`. If `opts` is a string or +number, it will be treated as the `opts.mode`. + +If `opts.mode` isn't specified, it defaults to `0o777 & +(~process.umask())`. + +Returns the first directory that had to be created, or undefined if +everything already exists. + +You can optionally pass in an alternate `fs` implementation by passing in +`opts.fs`. Your implementation should have `opts.fs.mkdirSync(path, mode)` +and `opts.fs.statSync(path)`. + +You can also override just one or the other of `mkdirSync` and `statSync` +by passing in `opts.statSync` or `opts.mkdirSync`, or providing an `fs` +option that only overrides one of these. + +## mkdirp.manual, mkdirp.manualSync + +Use the manual implementation (not the native one). This is the default +when the native implementation is not available or the stat/mkdir +implementation is overridden. + +## mkdirp.native, mkdirp.nativeSync + +Use the native implementation (not the manual one). This is the default +when the native implementation is available and stat/mkdir are not +overridden. + +# implementation + +On Node.js v10.12.0 and above, use the native `fs.mkdir(p, +{recursive:true})` option, unless `fs.mkdir`/`fs.mkdirSync` has been +overridden by an option. + +## native implementation + +- If the path is a root directory, then pass it to the underlying + implementation and return the result/error. (In this case, it'll either + succeed or fail, but we aren't actually creating any dirs.) +- Walk up the path statting each directory, to find the first path that + will be created, `made`. +- Call `fs.mkdir(path, { recursive: true })` (or `fs.mkdirSync`) +- If error, raise it to the caller. +- Return `made`. + +## manual implementation + +- Call underlying `fs.mkdir` implementation, with `recursive: false` +- If error: + - If path is a root directory, raise to the caller and do not handle it + - If ENOENT, mkdirp parent dir, store result as `made` + - stat(path) + - If error, raise original `mkdir` error + - If directory, return `made` + - Else, raise original `mkdir` error +- else + - return `undefined` if a root dir, or `made` if set, or `path` + +## windows vs unix caveat + +On Windows file systems, attempts to create a root directory (ie, a drive +letter or root UNC path) will fail. If the root directory exists, then it +will fail with `EPERM`. If the root directory does not exist, then it will +fail with `ENOENT`. + +On posix file systems, attempts to create a root directory (in recursive +mode) will succeed silently, as it is treated like just another directory +that already exists. (In non-recursive mode, of course, it fails with +`EEXIST`.) + +In order to preserve this system-specific behavior (and because it's not as +if we can create the parent of a root directory anyway), attempts to create +a root directory are passed directly to the `fs` implementation, and any +errors encountered are not handled. + +## native error caveat + +The native implementation (as of at least Node.js v13.4.0) does not provide +appropriate errors in some cases (see +[nodejs/node#31481](https://github.com/nodejs/node/issues/31481) and +[nodejs/node#28015](https://github.com/nodejs/node/issues/28015)). + +In order to work around this issue, the native implementation will fall +back to the manual implementation if an `ENOENT` error is encountered. + +# choosing a recursive mkdir implementation + +There are a few to choose from! Use the one that suits your needs best :D + +## use `fs.mkdir(path, {recursive: true}, cb)` if: + +- You wish to optimize performance even at the expense of other factors. +- You don't need to know the first dir created. +- You are ok with getting `ENOENT` as the error when some other problem is + the actual cause. +- You can limit your platforms to Node.js v10.12 and above. +- You're ok with using callbacks instead of promises. +- You don't need/want a CLI. +- You don't need to override the `fs` methods in use. + +## use this module (mkdirp 1.x) if: + +- You need to know the first directory that was created. +- You wish to use the native implementation if available, but fall back + when it's not. +- You prefer promise-returning APIs to callback-taking APIs. +- You want more useful error messages than the native recursive mkdir + provides (at least as of Node.js v13.4), and are ok with re-trying on + `ENOENT` to achieve this. +- You need (or at least, are ok with) a CLI. +- You need to override the `fs` methods in use. + +## use [`make-dir`](http://npm.im/make-dir) if: + +- You do not need to know the first dir created (and wish to save a few + `stat` calls when using the native implementation for this reason). +- You wish to use the native implementation if available, but fall back + when it's not. +- You prefer promise-returning APIs to callback-taking APIs. +- You are ok with occasionally getting `ENOENT` errors for failures that + are actually related to something other than a missing file system entry. +- You don't need/want a CLI. +- You need to override the `fs` methods in use. + +## use mkdirp 0.x if: + +- You need to know the first directory that was created. +- You need (or at least, are ok with) a CLI. +- You need to override the `fs` methods in use. +- You're ok with using callbacks instead of promises. +- You are not running on Windows, where the root-level ENOENT errors can + lead to infinite regress. +- You think vinyl just sounds warmer and richer for some weird reason. +- You are supporting truly ancient Node.js versions, before even the advent + of a `Promise` language primitive. (Please don't. You deserve better.) + +# cli + +This package also ships with a `mkdirp` command. + +``` +$ mkdirp -h + +usage: mkdirp [DIR1,DIR2..] {OPTIONS} + + Create each supplied directory including any necessary parent directories + that don't yet exist. + + If the directory already exists, do nothing. + +OPTIONS are: + + -m<mode> If a directory needs to be created, set the mode as an octal + --mode=<mode> permission string. + + -v --version Print the mkdirp version number + + -h --help Print this helpful banner + + -p --print Print the first directories created for each path provided + + --manual Use manual implementation, even if native is available +``` + +# install + +With [npm](http://npmjs.org) do: + +``` +npm install mkdirp +``` + +to get the library locally, or + +``` +npm install -g mkdirp +``` + +to get the command everywhere, or + +``` +npx mkdirp ... +``` + +to run the command without installing it globally. + +# platform support + +This module works on node v8, but only v10 and above are officially +supported, as Node v8 reached its LTS end of life 2020-01-01, which is in +the past, as of this writing. + +# license + +MIT diff --git a/node_modules/npm-registry-fetch/node_modules/npm-package-arg/CHANGELOG.md b/node_modules/npm-registry-fetch/node_modules/npm-package-arg/CHANGELOG.md new file mode 100644 index 000000000..390a3a3c4 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/npm-package-arg/CHANGELOG.md @@ -0,0 +1,52 @@ +# Changelog + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +## [8.0.0](https://github.com/npm/npm-package-arg/compare/v7.0.0...v8.0.0) (2019-12-15) + + +### ⚠ BREAKING CHANGES + +* Dropping support for node 6 and 8. It'll probably +still work on those versions, but they are no longer supported or +tested, since npm v7 is moving away from them. + +* drop support for node 6 and 8 ([ba85e68](https://github.com/npm/npm-package-arg/commit/ba85e68555d6270f672c3d59da17672f744d0376)) + +<a name="7.0.0"></a> +# [7.0.0](https://github.com/npm/npm-package-arg/compare/v6.1.1...v7.0.0) (2019-11-11) + + +### deps + +* bump hosted-git-info to 3.0.2 ([68a4fc3](https://github.com/npm/npm-package-arg/commit/68a4fc3)), closes [/github.com/npm/hosted-git-info/pull/38#issuecomment-520243803](https://github.com//github.com/npm/hosted-git-info/pull/38/issues/issuecomment-520243803) + + +### BREAKING CHANGES + +* this drops support for ancient node versions. + + + +<a name="6.1.1"></a> +## [6.1.1](https://github.com/npm/npm-package-arg/compare/v6.1.0...v6.1.1) (2019-08-21) + + +### Bug Fixes + +* preserve drive letter on windows git file:// urls ([3909203](https://github.com/npm/npm-package-arg/commit/3909203)) + + + +<a name="6.1.0"></a> +# [6.1.0](https://github.com/npm/npm-package-arg/compare/v6.0.0...v6.1.0) (2018-04-10) + + +### Bug Fixes + +* **git:** Fix gitRange for git+ssh for private git ([#33](https://github.com/npm/npm-package-arg/issues/33)) ([647a0b3](https://github.com/npm/npm-package-arg/commit/647a0b3)) + + +### Features + +* **alias:** add `npm:` registry alias spec ([#34](https://github.com/npm/npm-package-arg/issues/34)) ([ab99f8e](https://github.com/npm/npm-package-arg/commit/ab99f8e)) diff --git a/node_modules/npm-registry-fetch/node_modules/npm-package-arg/LICENSE b/node_modules/npm-registry-fetch/node_modules/npm-package-arg/LICENSE new file mode 100644 index 000000000..19cec97b1 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/npm-package-arg/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/npm-package-arg/README.md b/node_modules/npm-registry-fetch/node_modules/npm-package-arg/README.md new file mode 100644 index 000000000..847341b21 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/npm-package-arg/README.md @@ -0,0 +1,83 @@ +# npm-package-arg + +[](https://travis-ci.org/npm/npm-package-arg) + +Parses package name and specifier passed to commands like `npm install` or +`npm cache add`, or as found in `package.json` dependency sections. + +## EXAMPLES + +```javascript +var assert = require("assert") +var npa = require("npm-package-arg") + +// Pass in the descriptor, and it'll return an object +try { + var parsed = npa("@bar/foo@1.2") +} catch (ex) { + … +} +``` + +## USING + +`var npa = require('npm-package-arg')` + +### var result = npa(*arg*[, *where*]) + +* *arg* - a string that you might pass to `npm install`, like: +`foo@1.2`, `@bar/foo@1.2`, `foo@user/foo`, `http://x.com/foo.tgz`, +`git+https://github.com/user/foo`, `bitbucket:user/foo`, `foo.tar.gz`, +`../foo/bar/` or `bar`. If the *arg* you provide doesn't have a specifier +part, eg `foo` then the specifier will default to `latest`. +* *where* - Optionally the path to resolve file paths relative to. Defaults to `process.cwd()` + +**Throws** if the package name is invalid, a dist-tag is invalid or a URL's protocol is not supported. + +### var result = npa.resolve(*name*, *spec*[, *where*]) + +* *name* - The name of the module you want to install. For example: `foo` or `@bar/foo`. +* *spec* - The specifier indicating where and how you can get this module. Something like: +`1.2`, `^1.7.17`, `http://x.com/foo.tgz`, `git+https://github.com/user/foo`, +`bitbucket:user/foo`, `file:foo.tar.gz` or `file:../foo/bar/`. If not +included then the default is `latest`. +* *where* - Optionally the path to resolve file paths relative to. Defaults to `process.cwd()` + +**Throws** if the package name is invalid, a dist-tag is invalid or a URL's protocol is not supported. + +## RESULT OBJECT + +The objects that are returned by npm-package-arg contain the following +keys: + +* `type` - One of the following strings: + * `git` - A git repo + * `tag` - A tagged version, like `"foo@latest"` + * `version` - A specific version number, like `"foo@1.2.3"` + * `range` - A version range, like `"foo@2.x"` + * `file` - A local `.tar.gz`, `.tar` or `.tgz` file. + * `directory` - A local directory. + * `remote` - An http url (presumably to a tgz) +* `registry` - If true this specifier refers to a resource hosted on a + registry. This is true for `tag`, `version` and `range` types. +* `name` - If known, the `name` field expected in the resulting pkg. +* `scope` - If a name is something like `@org/module` then the `scope` + field will be set to `@org`. If it doesn't have a scoped name, then + scope is `null`. +* `escapedName` - A version of `name` escaped to match the npm scoped packages + specification. Mostly used when making requests against a registry. When + `name` is `null`, `escapedName` will also be `null`. +* `rawSpec` - The specifier part that was parsed out in calls to `npa(arg)`, + or the value of `spec` in calls to `npa.resolve(name, spec). +* `saveSpec` - The normalized specifier, for saving to package.json files. + `null` for registry dependencies. +* `fetchSpec` - The version of the specifier to be used to fetch this + resource. `null` for shortcuts to hosted git dependencies as there isn't + just one URL to try with them. +* `gitRange` - If set, this is a semver specifier to match against git tags with +* `gitCommittish` - If set, this is the specific committish to use with a git dependency. +* `hosted` - If `from === 'hosted'` then this will be a `hosted-git-info` + object. This property is not included when serializing the object as + JSON. +* `raw` - The original un-modified string that was provided. If called as + `npa.resolve(name, spec)` then this will be `name + '@' + spec`. diff --git a/node_modules/npm-registry-fetch/node_modules/npm-package-arg/npa.js b/node_modules/npm-registry-fetch/node_modules/npm-package-arg/npa.js new file mode 100644 index 000000000..bf2c17cfd --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/npm-package-arg/npa.js @@ -0,0 +1,301 @@ +'use strict' +module.exports = npa +module.exports.resolve = resolve +module.exports.Result = Result + +let url +let HostedGit +let semver +let path_ +function path () { + if (!path_) path_ = require('path') + return path_ +} +let validatePackageName +let osenv + +const isWindows = process.platform === 'win32' || global.FAKE_WINDOWS +const hasSlashes = isWindows ? /\\|[/]/ : /[/]/ +const isURL = /^(?:git[+])?[a-z]+:/i +const isFilename = /[.](?:tgz|tar.gz|tar)$/i + +function npa (arg, where) { + let name + let spec + if (typeof arg === 'object') { + if (arg instanceof Result && (!where || where === arg.where)) { + return arg + } else if (arg.name && arg.rawSpec) { + return npa.resolve(arg.name, arg.rawSpec, where || arg.where) + } else { + return npa(arg.raw, where || arg.where) + } + } + const nameEndsAt = arg[0] === '@' ? arg.slice(1).indexOf('@') + 1 : arg.indexOf('@') + const namePart = nameEndsAt > 0 ? arg.slice(0, nameEndsAt) : arg + if (isURL.test(arg)) { + spec = arg + } else if (namePart[0] !== '@' && (hasSlashes.test(namePart) || isFilename.test(namePart))) { + spec = arg + } else if (nameEndsAt > 0) { + name = namePart + spec = arg.slice(nameEndsAt + 1) + } else { + if (!validatePackageName) validatePackageName = require('validate-npm-package-name') + const valid = validatePackageName(arg) + if (valid.validForOldPackages) { + name = arg + } else { + spec = arg + } + } + return resolve(name, spec, where, arg) +} + +const isFilespec = isWindows ? /^(?:[.]|~[/]|[/\\]|[a-zA-Z]:)/ : /^(?:[.]|~[/]|[/]|[a-zA-Z]:)/ + +function resolve (name, spec, where, arg) { + const res = new Result({ + raw: arg, + name: name, + rawSpec: spec, + fromArgument: arg != null + }) + + if (name) res.setName(name) + + if (spec && (isFilespec.test(spec) || /^file:/i.test(spec))) { + return fromFile(res, where) + } else if (spec && /^npm:/i.test(spec)) { + return fromAlias(res, where) + } + if (!HostedGit) HostedGit = require('hosted-git-info') + const hosted = HostedGit.fromUrl(spec, {noGitPlus: true, noCommittish: true}) + if (hosted) { + return fromHostedGit(res, hosted) + } else if (spec && isURL.test(spec)) { + return fromURL(res) + } else if (spec && (hasSlashes.test(spec) || isFilename.test(spec))) { + return fromFile(res, where) + } else { + return fromRegistry(res) + } +} + +function invalidPackageName (name, valid) { + const err = new Error(`Invalid package name "${name}": ${valid.errors.join('; ')}`) + err.code = 'EINVALIDPACKAGENAME' + return err +} +function invalidTagName (name) { + const err = new Error(`Invalid tag name "${name}": Tags may not have any characters that encodeURIComponent encodes.`) + err.code = 'EINVALIDTAGNAME' + return err +} + +function Result (opts) { + this.type = opts.type + this.registry = opts.registry + this.where = opts.where + if (opts.raw == null) { + this.raw = opts.name ? opts.name + '@' + opts.rawSpec : opts.rawSpec + } else { + this.raw = opts.raw + } + this.name = undefined + this.escapedName = undefined + this.scope = undefined + this.rawSpec = opts.rawSpec == null ? '' : opts.rawSpec + this.saveSpec = opts.saveSpec + this.fetchSpec = opts.fetchSpec + if (opts.name) this.setName(opts.name) + this.gitRange = opts.gitRange + this.gitCommittish = opts.gitCommittish + this.hosted = opts.hosted +} + +Result.prototype.setName = function (name) { + if (!validatePackageName) validatePackageName = require('validate-npm-package-name') + const valid = validatePackageName(name) + if (!valid.validForOldPackages) { + throw invalidPackageName(name, valid) + } + this.name = name + this.scope = name[0] === '@' ? name.slice(0, name.indexOf('/')) : undefined + // scoped packages in couch must have slash url-encoded, e.g. @foo%2Fbar + this.escapedName = name.replace('/', '%2f') + return this +} + +Result.prototype.toString = function () { + const full = [] + if (this.name != null && this.name !== '') full.push(this.name) + const spec = this.saveSpec || this.fetchSpec || this.rawSpec + if (spec != null && spec !== '') full.push(spec) + return full.length ? full.join('@') : this.raw +} + +Result.prototype.toJSON = function () { + const result = Object.assign({}, this) + delete result.hosted + return result +} + +function setGitCommittish (res, committish) { + if (committish != null && committish.length >= 7 && committish.slice(0, 7) === 'semver:') { + res.gitRange = decodeURIComponent(committish.slice(7)) + res.gitCommittish = null + } else { + res.gitCommittish = committish === '' ? null : committish + } + return res +} + +const isAbsolutePath = /^[/]|^[A-Za-z]:/ + +function resolvePath (where, spec) { + if (isAbsolutePath.test(spec)) return spec + return path().resolve(where, spec) +} + +function isAbsolute (dir) { + if (dir[0] === '/') return true + if (/^[A-Za-z]:/.test(dir)) return true + return false +} + +function fromFile (res, where) { + if (!where) where = process.cwd() + res.type = isFilename.test(res.rawSpec) ? 'file' : 'directory' + res.where = where + + const spec = res.rawSpec.replace(/\\/g, '/') + .replace(/^file:[/]*([A-Za-z]:)/, '$1') // drive name paths on windows + .replace(/^file:(?:[/]*([~./]))?/, '$1') + if (/^~[/]/.test(spec)) { + // this is needed for windows and for file:~/foo/bar + if (!osenv) osenv = require('osenv') + res.fetchSpec = resolvePath(osenv.home(), spec.slice(2)) + res.saveSpec = 'file:' + spec + } else { + res.fetchSpec = resolvePath(where, spec) + if (isAbsolute(spec)) { + res.saveSpec = 'file:' + spec + } else { + res.saveSpec = 'file:' + path().relative(where, res.fetchSpec) + } + } + return res +} + +function fromHostedGit (res, hosted) { + res.type = 'git' + res.hosted = hosted + res.saveSpec = hosted.toString({noGitPlus: false, noCommittish: false}) + res.fetchSpec = hosted.getDefaultRepresentation() === 'shortcut' ? null : hosted.toString() + return setGitCommittish(res, hosted.committish) +} + +function unsupportedURLType (protocol, spec) { + const err = new Error(`Unsupported URL Type "${protocol}": ${spec}`) + err.code = 'EUNSUPPORTEDPROTOCOL' + return err +} + +function matchGitScp (spec) { + // git ssh specifiers are overloaded to also use scp-style git + // specifiers, so we have to parse those out and treat them special. + // They are NOT true URIs, so we can't hand them to `url.parse`. + // + // This regex looks for things that look like: + // git+ssh://git@my.custom.git.com:username/project.git#deadbeef + // + // ...and various combinations. The username in the beginning is *required*. + const matched = spec.match(/^git\+ssh:\/\/([^:#]+:[^#]+(?:\.git)?)(?:#(.*))?$/i) + return matched && !matched[1].match(/:[0-9]+\/?.*$/i) && { + fetchSpec: matched[1], + gitCommittish: matched[2] == null ? null : matched[2] + } +} + +function fromURL (res) { + if (!url) url = require('url') + const urlparse = url.parse(res.rawSpec) + res.saveSpec = res.rawSpec + // check the protocol, and then see if it's git or not + switch (urlparse.protocol) { + case 'git:': + case 'git+http:': + case 'git+https:': + case 'git+rsync:': + case 'git+ftp:': + case 'git+file:': + case 'git+ssh:': + res.type = 'git' + const match = urlparse.protocol === 'git+ssh:' && matchGitScp(res.rawSpec) + if (match) { + setGitCommittish(res, match.gitCommittish) + res.fetchSpec = match.fetchSpec + } else { + setGitCommittish(res, urlparse.hash != null ? urlparse.hash.slice(1) : '') + urlparse.protocol = urlparse.protocol.replace(/^git[+]/, '') + if (urlparse.protocol === 'file:' && /^git\+file:\/\/[a-z]:/i.test(res.rawSpec)) { + // keep the drive letter : on windows file paths + urlparse.host += ':' + urlparse.hostname += ':' + } + delete urlparse.hash + res.fetchSpec = url.format(urlparse) + } + break + case 'http:': + case 'https:': + res.type = 'remote' + res.fetchSpec = res.saveSpec + break + + default: + throw unsupportedURLType(urlparse.protocol, res.rawSpec) + } + + return res +} + +function fromAlias (res, where) { + const subSpec = npa(res.rawSpec.substr(4), where) + if (subSpec.type === 'alias') { + throw new Error('nested aliases not supported') + } + if (!subSpec.registry) { + throw new Error('aliases only work for registry deps') + } + res.subSpec = subSpec + res.registry = true + res.type = 'alias' + res.saveSpec = null + res.fetchSpec = null + return res +} + +function fromRegistry (res) { + res.registry = true + const spec = res.rawSpec === '' ? 'latest' : res.rawSpec + // no save spec for registry components as we save based on the fetched + // version, not on the argument so this can't compute that. + res.saveSpec = null + res.fetchSpec = spec + if (!semver) semver = require('semver') + const version = semver.valid(spec, true) + const range = semver.validRange(spec, true) + if (version) { + res.type = 'version' + } else if (range) { + res.type = 'range' + } else { + if (encodeURIComponent(spec) !== spec) { + throw invalidTagName(spec) + } + res.type = 'tag' + } + return res +} diff --git a/node_modules/npm-registry-fetch/node_modules/npm-package-arg/package.json b/node_modules/npm-registry-fetch/node_modules/npm-package-arg/package.json new file mode 100644 index 000000000..b16c7ccaa --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/npm-package-arg/package.json @@ -0,0 +1,72 @@ +{ + "_from": "npm-package-arg@^8.0.0", + "_id": "npm-package-arg@8.0.0", + "_inBundle": false, + "_integrity": "sha512-JgqZHCEUKvhX7EehLNdySiuB227a0QYra9wpZOkW+jvwsRYKkce7y5Rv2axkxScJU1EP+L32jT2PLhQz7IWHlw==", + "_location": "/npm-registry-fetch/npm-package-arg", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-package-arg@^8.0.0", + "name": "npm-package-arg", + "escapedName": "npm-package-arg", + "rawSpec": "^8.0.0", + "saveSpec": null, + "fetchSpec": "^8.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-8.0.0.tgz", + "_shasum": "b519989b569efffa1fa050fb22a3c3c322d4bcc5", + "_spec": "npm-package-arg@^8.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/npm/npm-package-arg/issues" + }, + "bundleDependencies": false, + "dependencies": { + "hosted-git-info": "^3.0.2", + "osenv": "^0.1.5", + "semver": "^7.0.0", + "validate-npm-package-name": "^3.0.0" + }, + "deprecated": false, + "description": "Parse the things that can be arguments to `npm install`", + "devDependencies": { + "standard": "^11.0.1", + "standard-version": "^7.0.1", + "tap": "^14.10.2" + }, + "directories": { + "test": "test" + }, + "engines": { + "node": ">=10" + }, + "files": [ + "npa.js" + ], + "homepage": "https://github.com/npm/npm-package-arg", + "license": "ISC", + "main": "npa.js", + "name": "npm-package-arg", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/npm-package-arg.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "posttest": "standard", + "prerelease": "npm t", + "release": "standard-version -s", + "test": "tap --100 -J --coverage test/*.js" + }, + "version": "8.0.0" +} diff --git a/node_modules/npm-registry-fetch/node_modules/rimraf/LICENSE b/node_modules/npm-registry-fetch/node_modules/rimraf/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/rimraf/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/rimraf/README.md b/node_modules/npm-registry-fetch/node_modules/rimraf/README.md new file mode 100644 index 000000000..423b8cf85 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/rimraf/README.md @@ -0,0 +1,101 @@ +[](https://travis-ci.org/isaacs/rimraf) [](https://david-dm.org/isaacs/rimraf) [](https://david-dm.org/isaacs/rimraf#info=devDependencies) + +The [UNIX command](http://en.wikipedia.org/wiki/Rm_(Unix)) `rm -rf` for node. + +Install with `npm install rimraf`, or just drop rimraf.js somewhere. + +## API + +`rimraf(f, [opts], callback)` + +The first parameter will be interpreted as a globbing pattern for files. If you +want to disable globbing you can do so with `opts.disableGlob` (defaults to +`false`). This might be handy, for instance, if you have filenames that contain +globbing wildcard characters. + +The callback will be called with an error if there is one. Certain +errors are handled for you: + +* Windows: `EBUSY` and `ENOTEMPTY` - rimraf will back off a maximum of + `opts.maxBusyTries` times before giving up, adding 100ms of wait + between each attempt. The default `maxBusyTries` is 3. +* `ENOENT` - If the file doesn't exist, rimraf will return + successfully, since your desired outcome is already the case. +* `EMFILE` - Since `readdir` requires opening a file descriptor, it's + possible to hit `EMFILE` if too many file descriptors are in use. + In the sync case, there's nothing to be done for this. But in the + async case, rimraf will gradually back off with timeouts up to + `opts.emfileWait` ms, which defaults to 1000. + +## options + +* unlink, chmod, stat, lstat, rmdir, readdir, + unlinkSync, chmodSync, statSync, lstatSync, rmdirSync, readdirSync + + In order to use a custom file system library, you can override + specific fs functions on the options object. + + If any of these functions are present on the options object, then + the supplied function will be used instead of the default fs + method. + + Sync methods are only relevant for `rimraf.sync()`, of course. + + For example: + + ```javascript + var myCustomFS = require('some-custom-fs') + + rimraf('some-thing', myCustomFS, callback) + ``` + +* maxBusyTries + + If an `EBUSY`, `ENOTEMPTY`, or `EPERM` error code is encountered + on Windows systems, then rimraf will retry with a linear backoff + wait of 100ms longer on each try. The default maxBusyTries is 3. + + Only relevant for async usage. + +* emfileWait + + If an `EMFILE` error is encountered, then rimraf will retry + repeatedly with a linear backoff of 1ms longer on each try, until + the timeout counter hits this max. The default limit is 1000. + + If you repeatedly encounter `EMFILE` errors, then consider using + [graceful-fs](http://npm.im/graceful-fs) in your program. + + Only relevant for async usage. + +* glob + + Set to `false` to disable [glob](http://npm.im/glob) pattern + matching. + + Set to an object to pass options to the glob module. The default + glob options are `{ nosort: true, silent: true }`. + + Glob version 6 is used in this module. + + Relevant for both sync and async usage. + +* disableGlob + + Set to any non-falsey value to disable globbing entirely. + (Equivalent to setting `glob: false`.) + +## rimraf.sync + +It can remove stuff synchronously, too. But that's not so good. Use +the async API. It's better. + +## CLI + +If installed with `npm install rimraf -g` it can be used as a global +command `rimraf <path> [<path> ...]` which is useful for cross platform support. + +## mkdirp + +If you need to create a directory recursively, check out +[mkdirp](https://github.com/substack/node-mkdirp). diff --git a/node_modules/npm-registry-fetch/node_modules/rimraf/bin.js b/node_modules/npm-registry-fetch/node_modules/rimraf/bin.js new file mode 100755 index 000000000..0d1e17be7 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/rimraf/bin.js @@ -0,0 +1,50 @@ +#!/usr/bin/env node + +var rimraf = require('./') + +var help = false +var dashdash = false +var noglob = false +var args = process.argv.slice(2).filter(function(arg) { + if (dashdash) + return !!arg + else if (arg === '--') + dashdash = true + else if (arg === '--no-glob' || arg === '-G') + noglob = true + else if (arg === '--glob' || arg === '-g') + noglob = false + else if (arg.match(/^(-+|\/)(h(elp)?|\?)$/)) + help = true + else + return !!arg +}) + +if (help || args.length === 0) { + // If they didn't ask for help, then this is not a "success" + var log = help ? console.log : console.error + log('Usage: rimraf <path> [<path> ...]') + log('') + log(' Deletes all files and folders at "path" recursively.') + log('') + log('Options:') + log('') + log(' -h, --help Display this usage info') + log(' -G, --no-glob Do not expand glob patterns in arguments') + log(' -g, --glob Expand glob patterns in arguments (default)') + process.exit(help ? 0 : 1) +} else + go(0) + +function go (n) { + if (n >= args.length) + return + var options = {} + if (noglob) + options = { glob: false } + rimraf(args[n], options, function (er) { + if (er) + throw er + go(n+1) + }) +} diff --git a/node_modules/npm-registry-fetch/node_modules/rimraf/package.json b/node_modules/npm-registry-fetch/node_modules/rimraf/package.json new file mode 100644 index 000000000..1e5fea3c2 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/rimraf/package.json @@ -0,0 +1,67 @@ +{ + "_from": "rimraf@^2.7.1", + "_id": "rimraf@2.7.1", + "_inBundle": false, + "_integrity": "sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==", + "_location": "/npm-registry-fetch/rimraf", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "rimraf@^2.7.1", + "name": "rimraf", + "escapedName": "rimraf", + "rawSpec": "^2.7.1", + "saveSpec": null, + "fetchSpec": "^2.7.1" + }, + "_requiredBy": [ + "/npm-registry-fetch/cacache" + ], + "_resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.7.1.tgz", + "_shasum": "35797f13a7fdadc566142c29d4f07ccad483e3ec", + "_spec": "rimraf@^2.7.1", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/cacache", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bin": { + "rimraf": "bin.js" + }, + "bugs": { + "url": "https://github.com/isaacs/rimraf/issues" + }, + "bundleDependencies": false, + "dependencies": { + "glob": "^7.1.3" + }, + "deprecated": false, + "description": "A deep deletion module for node (like `rm -rf`)", + "devDependencies": { + "mkdirp": "^0.5.1", + "tap": "^12.1.1" + }, + "files": [ + "LICENSE", + "README.md", + "bin.js", + "rimraf.js" + ], + "homepage": "https://github.com/isaacs/rimraf#readme", + "license": "ISC", + "main": "rimraf.js", + "name": "rimraf", + "repository": { + "type": "git", + "url": "git://github.com/isaacs/rimraf.git" + }, + "scripts": { + "postpublish": "git push origin --all; git push origin --tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap test/*.js" + }, + "version": "2.7.1" +} diff --git a/node_modules/npm-registry-fetch/node_modules/rimraf/rimraf.js b/node_modules/npm-registry-fetch/node_modules/rimraf/rimraf.js new file mode 100644 index 000000000..a90ad029f --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/rimraf/rimraf.js @@ -0,0 +1,372 @@ +module.exports = rimraf +rimraf.sync = rimrafSync + +var assert = require("assert") +var path = require("path") +var fs = require("fs") +var glob = undefined +try { + glob = require("glob") +} catch (_err) { + // treat glob as optional. +} +var _0666 = parseInt('666', 8) + +var defaultGlobOpts = { + nosort: true, + silent: true +} + +// for EMFILE handling +var timeout = 0 + +var isWindows = (process.platform === "win32") + +function defaults (options) { + var methods = [ + 'unlink', + 'chmod', + 'stat', + 'lstat', + 'rmdir', + 'readdir' + ] + methods.forEach(function(m) { + options[m] = options[m] || fs[m] + m = m + 'Sync' + options[m] = options[m] || fs[m] + }) + + options.maxBusyTries = options.maxBusyTries || 3 + options.emfileWait = options.emfileWait || 1000 + if (options.glob === false) { + options.disableGlob = true + } + if (options.disableGlob !== true && glob === undefined) { + throw Error('glob dependency not found, set `options.disableGlob = true` if intentional') + } + options.disableGlob = options.disableGlob || false + options.glob = options.glob || defaultGlobOpts +} + +function rimraf (p, options, cb) { + if (typeof options === 'function') { + cb = options + options = {} + } + + assert(p, 'rimraf: missing path') + assert.equal(typeof p, 'string', 'rimraf: path should be a string') + assert.equal(typeof cb, 'function', 'rimraf: callback function required') + assert(options, 'rimraf: invalid options argument provided') + assert.equal(typeof options, 'object', 'rimraf: options should be object') + + defaults(options) + + var busyTries = 0 + var errState = null + var n = 0 + + if (options.disableGlob || !glob.hasMagic(p)) + return afterGlob(null, [p]) + + options.lstat(p, function (er, stat) { + if (!er) + return afterGlob(null, [p]) + + glob(p, options.glob, afterGlob) + }) + + function next (er) { + errState = errState || er + if (--n === 0) + cb(errState) + } + + function afterGlob (er, results) { + if (er) + return cb(er) + + n = results.length + if (n === 0) + return cb() + + results.forEach(function (p) { + rimraf_(p, options, function CB (er) { + if (er) { + if ((er.code === "EBUSY" || er.code === "ENOTEMPTY" || er.code === "EPERM") && + busyTries < options.maxBusyTries) { + busyTries ++ + var time = busyTries * 100 + // try again, with the same exact callback as this one. + return setTimeout(function () { + rimraf_(p, options, CB) + }, time) + } + + // this one won't happen if graceful-fs is used. + if (er.code === "EMFILE" && timeout < options.emfileWait) { + return setTimeout(function () { + rimraf_(p, options, CB) + }, timeout ++) + } + + // already gone + if (er.code === "ENOENT") er = null + } + + timeout = 0 + next(er) + }) + }) + } +} + +// Two possible strategies. +// 1. Assume it's a file. unlink it, then do the dir stuff on EPERM or EISDIR +// 2. Assume it's a directory. readdir, then do the file stuff on ENOTDIR +// +// Both result in an extra syscall when you guess wrong. However, there +// are likely far more normal files in the world than directories. This +// is based on the assumption that a the average number of files per +// directory is >= 1. +// +// If anyone ever complains about this, then I guess the strategy could +// be made configurable somehow. But until then, YAGNI. +function rimraf_ (p, options, cb) { + assert(p) + assert(options) + assert(typeof cb === 'function') + + // sunos lets the root user unlink directories, which is... weird. + // so we have to lstat here and make sure it's not a dir. + options.lstat(p, function (er, st) { + if (er && er.code === "ENOENT") + return cb(null) + + // Windows can EPERM on stat. Life is suffering. + if (er && er.code === "EPERM" && isWindows) + fixWinEPERM(p, options, er, cb) + + if (st && st.isDirectory()) + return rmdir(p, options, er, cb) + + options.unlink(p, function (er) { + if (er) { + if (er.code === "ENOENT") + return cb(null) + if (er.code === "EPERM") + return (isWindows) + ? fixWinEPERM(p, options, er, cb) + : rmdir(p, options, er, cb) + if (er.code === "EISDIR") + return rmdir(p, options, er, cb) + } + return cb(er) + }) + }) +} + +function fixWinEPERM (p, options, er, cb) { + assert(p) + assert(options) + assert(typeof cb === 'function') + if (er) + assert(er instanceof Error) + + options.chmod(p, _0666, function (er2) { + if (er2) + cb(er2.code === "ENOENT" ? null : er) + else + options.stat(p, function(er3, stats) { + if (er3) + cb(er3.code === "ENOENT" ? null : er) + else if (stats.isDirectory()) + rmdir(p, options, er, cb) + else + options.unlink(p, cb) + }) + }) +} + +function fixWinEPERMSync (p, options, er) { + assert(p) + assert(options) + if (er) + assert(er instanceof Error) + + try { + options.chmodSync(p, _0666) + } catch (er2) { + if (er2.code === "ENOENT") + return + else + throw er + } + + try { + var stats = options.statSync(p) + } catch (er3) { + if (er3.code === "ENOENT") + return + else + throw er + } + + if (stats.isDirectory()) + rmdirSync(p, options, er) + else + options.unlinkSync(p) +} + +function rmdir (p, options, originalEr, cb) { + assert(p) + assert(options) + if (originalEr) + assert(originalEr instanceof Error) + assert(typeof cb === 'function') + + // try to rmdir first, and only readdir on ENOTEMPTY or EEXIST (SunOS) + // if we guessed wrong, and it's not a directory, then + // raise the original error. + options.rmdir(p, function (er) { + if (er && (er.code === "ENOTEMPTY" || er.code === "EEXIST" || er.code === "EPERM")) + rmkids(p, options, cb) + else if (er && er.code === "ENOTDIR") + cb(originalEr) + else + cb(er) + }) +} + +function rmkids(p, options, cb) { + assert(p) + assert(options) + assert(typeof cb === 'function') + + options.readdir(p, function (er, files) { + if (er) + return cb(er) + var n = files.length + if (n === 0) + return options.rmdir(p, cb) + var errState + files.forEach(function (f) { + rimraf(path.join(p, f), options, function (er) { + if (errState) + return + if (er) + return cb(errState = er) + if (--n === 0) + options.rmdir(p, cb) + }) + }) + }) +} + +// this looks simpler, and is strictly *faster*, but will +// tie up the JavaScript thread and fail on excessively +// deep directory trees. +function rimrafSync (p, options) { + options = options || {} + defaults(options) + + assert(p, 'rimraf: missing path') + assert.equal(typeof p, 'string', 'rimraf: path should be a string') + assert(options, 'rimraf: missing options') + assert.equal(typeof options, 'object', 'rimraf: options should be object') + + var results + + if (options.disableGlob || !glob.hasMagic(p)) { + results = [p] + } else { + try { + options.lstatSync(p) + results = [p] + } catch (er) { + results = glob.sync(p, options.glob) + } + } + + if (!results.length) + return + + for (var i = 0; i < results.length; i++) { + var p = results[i] + + try { + var st = options.lstatSync(p) + } catch (er) { + if (er.code === "ENOENT") + return + + // Windows can EPERM on stat. Life is suffering. + if (er.code === "EPERM" && isWindows) + fixWinEPERMSync(p, options, er) + } + + try { + // sunos lets the root user unlink directories, which is... weird. + if (st && st.isDirectory()) + rmdirSync(p, options, null) + else + options.unlinkSync(p) + } catch (er) { + if (er.code === "ENOENT") + return + if (er.code === "EPERM") + return isWindows ? fixWinEPERMSync(p, options, er) : rmdirSync(p, options, er) + if (er.code !== "EISDIR") + throw er + + rmdirSync(p, options, er) + } + } +} + +function rmdirSync (p, options, originalEr) { + assert(p) + assert(options) + if (originalEr) + assert(originalEr instanceof Error) + + try { + options.rmdirSync(p) + } catch (er) { + if (er.code === "ENOENT") + return + if (er.code === "ENOTDIR") + throw originalEr + if (er.code === "ENOTEMPTY" || er.code === "EEXIST" || er.code === "EPERM") + rmkidsSync(p, options) + } +} + +function rmkidsSync (p, options) { + assert(p) + assert(options) + options.readdirSync(p).forEach(function (f) { + rimrafSync(path.join(p, f), options) + }) + + // We only end up here once we got ENOTEMPTY at least once, and + // at this point, we are guaranteed to have removed all the kids. + // So, we know that it won't be ENOENT or ENOTDIR or anything else. + // try really hard to delete stuff on windows, because it has a + // PROFOUNDLY annoying habit of not closing handles promptly when + // files are deleted, resulting in spurious ENOTEMPTY errors. + var retries = isWindows ? 100 : 1 + var i = 0 + do { + var threw = true + try { + var ret = options.rmdirSync(p, options) + threw = false + return ret + } finally { + if (++i < retries && threw) + continue + } + } while (true) +} diff --git a/node_modules/npm-registry-fetch/node_modules/semver/CHANGELOG.md b/node_modules/npm-registry-fetch/node_modules/semver/CHANGELOG.md new file mode 100644 index 000000000..db6b6d4d5 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/CHANGELOG.md @@ -0,0 +1,85 @@ +# changes log + +## 7.1.0 + +* Add `require('semver/preload')` to load the entire module without using + lazy getter methods. + +## 7.0.0 + +* Refactor module into separate files for better tree-shaking +* Drop support for very old node versions, use const/let, `=>` functions, + and classes. + +## 6.3.0 + +* Expose the token enum on the exports + +## 6.2.0 + +* Coerce numbers to strings when passed to semver.coerce() +* Add `rtl` option to coerce from right to left + +## 6.1.3 + +* Handle X-ranges properly in includePrerelease mode + +## 6.1.2 + +* Do not throw when testing invalid version strings + +## 6.1.1 + +* Add options support for semver.coerce() +* Handle undefined version passed to Range.test + +## 6.1.0 + +* Add semver.compareBuild function +* Support `*` in semver.intersects + +## 6.0 + +* Fix `intersects` logic. + + This is technically a bug fix, but since it is also a change to behavior + that may require users updating their code, it is marked as a major + version increment. + +## 5.7 + +* Add `minVersion` method + +## 5.6 + +* Move boolean `loose` param to an options object, with + backwards-compatibility protection. +* Add ability to opt out of special prerelease version handling with + the `includePrerelease` option flag. + +## 5.5 + +* Add version coercion capabilities + +## 5.4 + +* Add intersection checking + +## 5.3 + +* Add `minSatisfying` method + +## 5.2 + +* Add `prerelease(v)` that returns prerelease components + +## 5.1 + +* Add Backus-Naur for ranges +* Remove excessively cute inspection methods + +## 5.0 + +* Remove AMD/Browserified build artifacts +* Fix ltr and gtr when using the `*` range +* Fix for range `*` with a prerelease identifier diff --git a/node_modules/npm-registry-fetch/node_modules/semver/LICENSE b/node_modules/npm-registry-fetch/node_modules/semver/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/semver/README.md b/node_modules/npm-registry-fetch/node_modules/semver/README.md new file mode 100644 index 000000000..9ba40454c --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/README.md @@ -0,0 +1,554 @@ +semver(1) -- The semantic versioner for npm +=========================================== + +## Install + +```bash +npm install semver +```` + +## Usage + +As a node module: + +```js +const semver = require('semver') + +semver.valid('1.2.3') // '1.2.3' +semver.valid('a.b.c') // null +semver.clean(' =v1.2.3 ') // '1.2.3' +semver.satisfies('1.2.3', '1.x || >=2.5.0 || 5.0.0 - 7.2.3') // true +semver.gt('1.2.3', '9.8.7') // false +semver.lt('1.2.3', '9.8.7') // true +semver.minVersion('>=1.0.0') // '1.0.0' +semver.valid(semver.coerce('v2')) // '2.0.0' +semver.valid(semver.coerce('42.6.7.9.3-alpha')) // '42.6.7' +``` + +You can also just load the module for the function that you care about, if +you'd like to minimize your footprint. + +```js +// load the whole API at once in a single object +const semver = require('semver') + +// or just load the bits you need +// all of them listed here, just pick and choose what you want + +// classes +const SemVer = require('semver/classes/semver') +const Comparator = require('semver/classes/comparator') +const Range = require('semver/classes/range') + +// functions for working with versions +const semverParse = require('semver/functions/parse') +const semverValid = require('semver/functions/valid') +const semverClean = require('semver/functions/clean') +const semverInc = require('semver/functions/inc') +const semverDiff = require('semver/functions/diff') +const semverMajor = require('semver/functions/major') +const semverMinor = require('semver/functions/minor') +const semverPatch = require('semver/functions/patch') +const semverPrerelease = require('semver/functions/prerelease') +const semverCompare = require('semver/functions/compare') +const semverRcompare = require('semver/functions/rcompare') +const semverCompareLoose = require('semver/functions/compare-loose') +const semverCompareBuild = require('semver/functions/compare-build') +const semverSort = require('semver/functions/sort') +const semverRsort = require('semver/functions/rsort') + +// low-level comparators between versions +const semverGt = require('semver/functions/gt') +const semverLt = require('semver/functions/lt') +const semverEq = require('semver/functions/eq') +const semverNeq = require('semver/functions/neq') +const semverGte = require('semver/functions/gte') +const semverLte = require('semver/functions/lte') +const semverCmp = require('semver/functions/cmp') +const semverCoerce = require('semver/functions/coerce') + +// working with ranges +const semverSatisfies = require('semver/functions/satisfies') +const semverMaxSatisfying = require('semver/ranges/max-satisfying') +const semverMinSatisfying = require('semver/ranges/min-satisfying') +const semverToComparators = require('semver/ranges/to-comparators') +const semverMinVersion = require('semver/ranges/min-version') +const semverValidRange = require('semver/ranges/valid') +const semverOutside = require('semver/ranges/outside') +const semverGtr = require('semver/ranges/gtr') +const semverLtr = require('semver/ranges/ltr') +const semverIntersects = require('semver/ranges/intersects') +``` + +As a command-line utility: + +``` +$ semver -h + +A JavaScript implementation of the https://semver.org/ specification +Copyright Isaac Z. Schlueter + +Usage: semver [options] <version> [<version> [...]] +Prints valid versions sorted by SemVer precedence + +Options: +-r --range <range> + Print versions that match the specified range. + +-i --increment [<level>] + Increment a version by the specified level. Level can + be one of: major, minor, patch, premajor, preminor, + prepatch, or prerelease. Default level is 'patch'. + Only one version may be specified. + +--preid <identifier> + Identifier to be used to prefix premajor, preminor, + prepatch or prerelease version increments. + +-l --loose + Interpret versions and ranges loosely + +-p --include-prerelease + Always include prerelease versions in range matching + +-c --coerce + Coerce a string into SemVer if possible + (does not imply --loose) + +--rtl + Coerce version strings right to left + +--ltr + Coerce version strings left to right (default) + +Program exits successfully if any valid version satisfies +all supplied ranges, and prints all satisfying versions. + +If no satisfying versions are found, then exits failure. + +Versions are printed in ascending order, so supplying +multiple versions to the utility will just sort them. +``` + +## Versions + +A "version" is described by the `v2.0.0` specification found at +<https://semver.org/>. + +A leading `"="` or `"v"` character is stripped off and ignored. + +## Ranges + +A `version range` is a set of `comparators` which specify versions +that satisfy the range. + +A `comparator` is composed of an `operator` and a `version`. The set +of primitive `operators` is: + +* `<` Less than +* `<=` Less than or equal to +* `>` Greater than +* `>=` Greater than or equal to +* `=` Equal. If no operator is specified, then equality is assumed, + so this operator is optional, but MAY be included. + +For example, the comparator `>=1.2.7` would match the versions +`1.2.7`, `1.2.8`, `2.5.3`, and `1.3.9`, but not the versions `1.2.6` +or `1.1.0`. + +Comparators can be joined by whitespace to form a `comparator set`, +which is satisfied by the **intersection** of all of the comparators +it includes. + +A range is composed of one or more comparator sets, joined by `||`. A +version matches a range if and only if every comparator in at least +one of the `||`-separated comparator sets is satisfied by the version. + +For example, the range `>=1.2.7 <1.3.0` would match the versions +`1.2.7`, `1.2.8`, and `1.2.99`, but not the versions `1.2.6`, `1.3.0`, +or `1.1.0`. + +The range `1.2.7 || >=1.2.9 <2.0.0` would match the versions `1.2.7`, +`1.2.9`, and `1.4.6`, but not the versions `1.2.8` or `2.0.0`. + +### Prerelease Tags + +If a version has a prerelease tag (for example, `1.2.3-alpha.3`) then +it will only be allowed to satisfy comparator sets if at least one +comparator with the same `[major, minor, patch]` tuple also has a +prerelease tag. + +For example, the range `>1.2.3-alpha.3` would be allowed to match the +version `1.2.3-alpha.7`, but it would *not* be satisfied by +`3.4.5-alpha.9`, even though `3.4.5-alpha.9` is technically "greater +than" `1.2.3-alpha.3` according to the SemVer sort rules. The version +range only accepts prerelease tags on the `1.2.3` version. The +version `3.4.5` *would* satisfy the range, because it does not have a +prerelease flag, and `3.4.5` is greater than `1.2.3-alpha.7`. + +The purpose for this behavior is twofold. First, prerelease versions +frequently are updated very quickly, and contain many breaking changes +that are (by the author's design) not yet fit for public consumption. +Therefore, by default, they are excluded from range matching +semantics. + +Second, a user who has opted into using a prerelease version has +clearly indicated the intent to use *that specific* set of +alpha/beta/rc versions. By including a prerelease tag in the range, +the user is indicating that they are aware of the risk. However, it +is still not appropriate to assume that they have opted into taking a +similar risk on the *next* set of prerelease versions. + +Note that this behavior can be suppressed (treating all prerelease +versions as if they were normal versions, for the purpose of range +matching) by setting the `includePrerelease` flag on the options +object to any +[functions](https://github.com/npm/node-semver#functions) that do +range matching. + +#### Prerelease Identifiers + +The method `.inc` takes an additional `identifier` string argument that +will append the value of the string as a prerelease identifier: + +```javascript +semver.inc('1.2.3', 'prerelease', 'beta') +// '1.2.4-beta.0' +``` + +command-line example: + +```bash +$ semver 1.2.3 -i prerelease --preid beta +1.2.4-beta.0 +``` + +Which then can be used to increment further: + +```bash +$ semver 1.2.4-beta.0 -i prerelease +1.2.4-beta.1 +``` + +### Advanced Range Syntax + +Advanced range syntax desugars to primitive comparators in +deterministic ways. + +Advanced ranges may be combined in the same way as primitive +comparators using white space or `||`. + +#### Hyphen Ranges `X.Y.Z - A.B.C` + +Specifies an inclusive set. + +* `1.2.3 - 2.3.4` := `>=1.2.3 <=2.3.4` + +If a partial version is provided as the first version in the inclusive +range, then the missing pieces are replaced with zeroes. + +* `1.2 - 2.3.4` := `>=1.2.0 <=2.3.4` + +If a partial version is provided as the second version in the +inclusive range, then all versions that start with the supplied parts +of the tuple are accepted, but nothing that would be greater than the +provided tuple parts. + +* `1.2.3 - 2.3` := `>=1.2.3 <2.4.0` +* `1.2.3 - 2` := `>=1.2.3 <3.0.0` + +#### X-Ranges `1.2.x` `1.X` `1.2.*` `*` + +Any of `X`, `x`, or `*` may be used to "stand in" for one of the +numeric values in the `[major, minor, patch]` tuple. + +* `*` := `>=0.0.0` (Any version satisfies) +* `1.x` := `>=1.0.0 <2.0.0` (Matching major version) +* `1.2.x` := `>=1.2.0 <1.3.0` (Matching major and minor versions) + +A partial version range is treated as an X-Range, so the special +character is in fact optional. + +* `""` (empty string) := `*` := `>=0.0.0` +* `1` := `1.x.x` := `>=1.0.0 <2.0.0` +* `1.2` := `1.2.x` := `>=1.2.0 <1.3.0` + +#### Tilde Ranges `~1.2.3` `~1.2` `~1` + +Allows patch-level changes if a minor version is specified on the +comparator. Allows minor-level changes if not. + +* `~1.2.3` := `>=1.2.3 <1.(2+1).0` := `>=1.2.3 <1.3.0` +* `~1.2` := `>=1.2.0 <1.(2+1).0` := `>=1.2.0 <1.3.0` (Same as `1.2.x`) +* `~1` := `>=1.0.0 <(1+1).0.0` := `>=1.0.0 <2.0.0` (Same as `1.x`) +* `~0.2.3` := `>=0.2.3 <0.(2+1).0` := `>=0.2.3 <0.3.0` +* `~0.2` := `>=0.2.0 <0.(2+1).0` := `>=0.2.0 <0.3.0` (Same as `0.2.x`) +* `~0` := `>=0.0.0 <(0+1).0.0` := `>=0.0.0 <1.0.0` (Same as `0.x`) +* `~1.2.3-beta.2` := `>=1.2.3-beta.2 <1.3.0` Note that prereleases in + the `1.2.3` version will be allowed, if they are greater than or + equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but + `1.2.4-beta.2` would not, because it is a prerelease of a + different `[major, minor, patch]` tuple. + +#### Caret Ranges `^1.2.3` `^0.2.5` `^0.0.4` + +Allows changes that do not modify the left-most non-zero element in the +`[major, minor, patch]` tuple. In other words, this allows patch and +minor updates for versions `1.0.0` and above, patch updates for +versions `0.X >=0.1.0`, and *no* updates for versions `0.0.X`. + +Many authors treat a `0.x` version as if the `x` were the major +"breaking-change" indicator. + +Caret ranges are ideal when an author may make breaking changes +between `0.2.4` and `0.3.0` releases, which is a common practice. +However, it presumes that there will *not* be breaking changes between +`0.2.4` and `0.2.5`. It allows for changes that are presumed to be +additive (but non-breaking), according to commonly observed practices. + +* `^1.2.3` := `>=1.2.3 <2.0.0` +* `^0.2.3` := `>=0.2.3 <0.3.0` +* `^0.0.3` := `>=0.0.3 <0.0.4` +* `^1.2.3-beta.2` := `>=1.2.3-beta.2 <2.0.0` Note that prereleases in + the `1.2.3` version will be allowed, if they are greater than or + equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but + `1.2.4-beta.2` would not, because it is a prerelease of a + different `[major, minor, patch]` tuple. +* `^0.0.3-beta` := `>=0.0.3-beta <0.0.4` Note that prereleases in the + `0.0.3` version *only* will be allowed, if they are greater than or + equal to `beta`. So, `0.0.3-pr.2` would be allowed. + +When parsing caret ranges, a missing `patch` value desugars to the +number `0`, but will allow flexibility within that value, even if the +major and minor versions are both `0`. + +* `^1.2.x` := `>=1.2.0 <2.0.0` +* `^0.0.x` := `>=0.0.0 <0.1.0` +* `^0.0` := `>=0.0.0 <0.1.0` + +A missing `minor` and `patch` values will desugar to zero, but also +allow flexibility within those values, even if the major version is +zero. + +* `^1.x` := `>=1.0.0 <2.0.0` +* `^0.x` := `>=0.0.0 <1.0.0` + +### Range Grammar + +Putting all this together, here is a Backus-Naur grammar for ranges, +for the benefit of parser authors: + +```bnf +range-set ::= range ( logical-or range ) * +logical-or ::= ( ' ' ) * '||' ( ' ' ) * +range ::= hyphen | simple ( ' ' simple ) * | '' +hyphen ::= partial ' - ' partial +simple ::= primitive | partial | tilde | caret +primitive ::= ( '<' | '>' | '>=' | '<=' | '=' ) partial +partial ::= xr ( '.' xr ( '.' xr qualifier ? )? )? +xr ::= 'x' | 'X' | '*' | nr +nr ::= '0' | ['1'-'9'] ( ['0'-'9'] ) * +tilde ::= '~' partial +caret ::= '^' partial +qualifier ::= ( '-' pre )? ( '+' build )? +pre ::= parts +build ::= parts +parts ::= part ( '.' part ) * +part ::= nr | [-0-9A-Za-z]+ +``` + +## Functions + +All methods and classes take a final `options` object argument. All +options in this object are `false` by default. The options supported +are: + +- `loose` Be more forgiving about not-quite-valid semver strings. + (Any resulting output will always be 100% strict compliant, of + course.) For backwards compatibility reasons, if the `options` + argument is a boolean value instead of an object, it is interpreted + to be the `loose` param. +- `includePrerelease` Set to suppress the [default + behavior](https://github.com/npm/node-semver#prerelease-tags) of + excluding prerelease tagged versions from ranges unless they are + explicitly opted into. + +Strict-mode Comparators and Ranges will be strict about the SemVer +strings that they parse. + +* `valid(v)`: Return the parsed version, or null if it's not valid. +* `inc(v, release)`: Return the version incremented by the release + type (`major`, `premajor`, `minor`, `preminor`, `patch`, + `prepatch`, or `prerelease`), or null if it's not valid + * `premajor` in one call will bump the version up to the next major + version and down to a prerelease of that major version. + `preminor`, and `prepatch` work the same way. + * If called from a non-prerelease version, the `prerelease` will work the + same as `prepatch`. It increments the patch version, then makes a + prerelease. If the input version is already a prerelease it simply + increments it. +* `prerelease(v)`: Returns an array of prerelease components, or null + if none exist. Example: `prerelease('1.2.3-alpha.1') -> ['alpha', 1]` +* `major(v)`: Return the major version number. +* `minor(v)`: Return the minor version number. +* `patch(v)`: Return the patch version number. +* `intersects(r1, r2, loose)`: Return true if the two supplied ranges + or comparators intersect. +* `parse(v)`: Attempt to parse a string as a semantic version, returning either + a `SemVer` object or `null`. + +### Comparison + +* `gt(v1, v2)`: `v1 > v2` +* `gte(v1, v2)`: `v1 >= v2` +* `lt(v1, v2)`: `v1 < v2` +* `lte(v1, v2)`: `v1 <= v2` +* `eq(v1, v2)`: `v1 == v2` This is true if they're logically equivalent, + even if they're not the exact same string. You already know how to + compare strings. +* `neq(v1, v2)`: `v1 != v2` The opposite of `eq`. +* `cmp(v1, comparator, v2)`: Pass in a comparison string, and it'll call + the corresponding function above. `"==="` and `"!=="` do simple + string comparison, but are included for completeness. Throws if an + invalid comparison string is provided. +* `compare(v1, v2)`: Return `0` if `v1 == v2`, or `1` if `v1` is greater, or `-1` if + `v2` is greater. Sorts in ascending order if passed to `Array.sort()`. +* `rcompare(v1, v2)`: The reverse of compare. Sorts an array of versions + in descending order when passed to `Array.sort()`. +* `compareBuild(v1, v2)`: The same as `compare` but considers `build` when two versions + are equal. Sorts in ascending order if passed to `Array.sort()`. + `v2` is greater. Sorts in ascending order if passed to `Array.sort()`. +* `diff(v1, v2)`: Returns difference between two versions by the release type + (`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`), + or null if the versions are the same. + +### Comparators + +* `intersects(comparator)`: Return true if the comparators intersect + +### Ranges + +* `validRange(range)`: Return the valid range or null if it's not valid +* `satisfies(version, range)`: Return true if the version satisfies the + range. +* `maxSatisfying(versions, range)`: Return the highest version in the list + that satisfies the range, or `null` if none of them do. +* `minSatisfying(versions, range)`: Return the lowest version in the list + that satisfies the range, or `null` if none of them do. +* `minVersion(range)`: Return the lowest version that can possibly match + the given range. +* `gtr(version, range)`: Return `true` if version is greater than all the + versions possible in the range. +* `ltr(version, range)`: Return `true` if version is less than all the + versions possible in the range. +* `outside(version, range, hilo)`: Return true if the version is outside + the bounds of the range in either the high or low direction. The + `hilo` argument must be either the string `'>'` or `'<'`. (This is + the function called by `gtr` and `ltr`.) +* `intersects(range)`: Return true if any of the ranges comparators intersect + +Note that, since ranges may be non-contiguous, a version might not be +greater than a range, less than a range, *or* satisfy a range! For +example, the range `1.2 <1.2.9 || >2.0.0` would have a hole from `1.2.9` +until `2.0.0`, so the version `1.2.10` would not be greater than the +range (because `2.0.1` satisfies, which is higher), nor less than the +range (since `1.2.8` satisfies, which is lower), and it also does not +satisfy the range. + +If you want to know if a version satisfies or does not satisfy a +range, use the `satisfies(version, range)` function. + +### Coercion + +* `coerce(version, options)`: Coerces a string to semver if possible + +This aims to provide a very forgiving translation of a non-semver string to +semver. It looks for the first digit in a string, and consumes all +remaining characters which satisfy at least a partial semver (e.g., `1`, +`1.2`, `1.2.3`) up to the max permitted length (256 characters). Longer +versions are simply truncated (`4.6.3.9.2-alpha2` becomes `4.6.3`). All +surrounding text is simply ignored (`v3.4 replaces v3.3.1` becomes +`3.4.0`). Only text which lacks digits will fail coercion (`version one` +is not valid). The maximum length for any semver component considered for +coercion is 16 characters; longer components will be ignored +(`10000000000000000.4.7.4` becomes `4.7.4`). The maximum value for any +semver component is `Number.MAX_SAFE_INTEGER || (2**53 - 1)`; higher value +components are invalid (`9999999999999999.4.7.4` is likely invalid). + +If the `options.rtl` flag is set, then `coerce` will return the right-most +coercible tuple that does not share an ending index with a longer coercible +tuple. For example, `1.2.3.4` will return `2.3.4` in rtl mode, not +`4.0.0`. `1.2.3/4` will return `4.0.0`, because the `4` is not a part of +any other overlapping SemVer tuple. + +### Clean + +* `clean(version)`: Clean a string to be a valid semver if possible + +This will return a cleaned and trimmed semver version. If the provided +version is not valid a null will be returned. This does not work for +ranges. + +ex. +* `s.clean(' = v 2.1.5foo')`: `null` +* `s.clean(' = v 2.1.5foo', { loose: true })`: `'2.1.5-foo'` +* `s.clean(' = v 2.1.5-foo')`: `null` +* `s.clean(' = v 2.1.5-foo', { loose: true })`: `'2.1.5-foo'` +* `s.clean('=v2.1.5')`: `'2.1.5'` +* `s.clean(' =v2.1.5')`: `2.1.5` +* `s.clean(' 2.1.5 ')`: `'2.1.5'` +* `s.clean('~1.0.0')`: `null` + +## Exported Modules + +<!-- +TODO: Make sure that all of these items are documented (classes aren't, +eg), and then pull the module name into the documentation for that specific +thing. +--> + +You may pull in just the part of this semver utility that you need, if you +are sensitive to packing and tree-shaking concerns. The main +`require('semver')` export uses getter functions to lazily load the parts +of the API that are used. + +The following modules are available: + +* `require('semver')` +* `require('semver/classes')` +* `require('semver/classes/comparator')` +* `require('semver/classes/range')` +* `require('semver/classes/semver')` +* `require('semver/functions/clean')` +* `require('semver/functions/cmp')` +* `require('semver/functions/coerce')` +* `require('semver/functions/compare')` +* `require('semver/functions/compare-build')` +* `require('semver/functions/compare-loose')` +* `require('semver/functions/diff')` +* `require('semver/functions/eq')` +* `require('semver/functions/gt')` +* `require('semver/functions/gte')` +* `require('semver/functions/inc')` +* `require('semver/functions/lt')` +* `require('semver/functions/lte')` +* `require('semver/functions/major')` +* `require('semver/functions/minor')` +* `require('semver/functions/neq')` +* `require('semver/functions/parse')` +* `require('semver/functions/patch')` +* `require('semver/functions/prerelease')` +* `require('semver/functions/rcompare')` +* `require('semver/functions/rsort')` +* `require('semver/functions/satisfies')` +* `require('semver/functions/sort')` +* `require('semver/functions/valid')` +* `require('semver/ranges/gtr')` +* `require('semver/ranges/intersects')` +* `require('semver/ranges/ltr')` +* `require('semver/ranges/max-satisfying')` +* `require('semver/ranges/min-satisfying')` +* `require('semver/ranges/min-version')` +* `require('semver/ranges/outside')` +* `require('semver/ranges/to-comparators')` +* `require('semver/ranges/valid')` diff --git a/node_modules/npm-registry-fetch/node_modules/semver/bin/semver.js b/node_modules/npm-registry-fetch/node_modules/semver/bin/semver.js new file mode 100755 index 000000000..73fe29538 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/bin/semver.js @@ -0,0 +1,173 @@ +#!/usr/bin/env node +// Standalone semver comparison program. +// Exits successfully and prints matching version(s) if +// any supplied version is valid and passes all tests. + +const argv = process.argv.slice(2) + +let versions = [] + +const range = [] + +let inc = null + +const version = require('../package.json').version + +let loose = false + +let includePrerelease = false + +let coerce = false + +let rtl = false + +let identifier + +const semver = require('../') + +let reverse = false + +const options = {} + +const main = () => { + if (!argv.length) return help() + while (argv.length) { + let a = argv.shift() + const indexOfEqualSign = a.indexOf('=') + if (indexOfEqualSign !== -1) { + a = a.slice(0, indexOfEqualSign) + argv.unshift(a.slice(indexOfEqualSign + 1)) + } + switch (a) { + case '-rv': case '-rev': case '--rev': case '--reverse': + reverse = true + break + case '-l': case '--loose': + loose = true + break + case '-p': case '--include-prerelease': + includePrerelease = true + break + case '-v': case '--version': + versions.push(argv.shift()) + break + case '-i': case '--inc': case '--increment': + switch (argv[0]) { + case 'major': case 'minor': case 'patch': case 'prerelease': + case 'premajor': case 'preminor': case 'prepatch': + inc = argv.shift() + break + default: + inc = 'patch' + break + } + break + case '--preid': + identifier = argv.shift() + break + case '-r': case '--range': + range.push(argv.shift()) + break + case '-c': case '--coerce': + coerce = true + break + case '--rtl': + rtl = true + break + case '--ltr': + rtl = false + break + case '-h': case '--help': case '-?': + return help() + default: + versions.push(a) + break + } + } + + const options = { loose: loose, includePrerelease: includePrerelease, rtl: rtl } + + versions = versions.map((v) => { + return coerce ? (semver.coerce(v, options) || { version: v }).version : v + }).filter((v) => { + return semver.valid(v) + }) + if (!versions.length) return fail() + if (inc && (versions.length !== 1 || range.length)) { return failInc() } + + for (let i = 0, l = range.length; i < l; i++) { + versions = versions.filter((v) => { + return semver.satisfies(v, range[i], options) + }) + if (!versions.length) return fail() + } + return success(versions) +} + + +const failInc = () => { + console.error('--inc can only be used on a single version with no range') + fail() +} + +const fail = () => process.exit(1) + +const success = () => { + const compare = reverse ? 'rcompare' : 'compare' + versions.sort((a, b) => { + return semver[compare](a, b, options) + }).map((v) => { + return semver.clean(v, options) + }).map((v) => { + return inc ? semver.inc(v, inc, options, identifier) : v + }).forEach((v, i, _) => { console.log(v) }) +} + +const help = () => console.log( +`SemVer ${version} + +A JavaScript implementation of the https://semver.org/ specification +Copyright Isaac Z. Schlueter + +Usage: semver [options] <version> [<version> [...]] +Prints valid versions sorted by SemVer precedence + +Options: +-r --range <range> + Print versions that match the specified range. + +-i --increment [<level>] + Increment a version by the specified level. Level can + be one of: major, minor, patch, premajor, preminor, + prepatch, or prerelease. Default level is 'patch'. + Only one version may be specified. + +--preid <identifier> + Identifier to be used to prefix premajor, preminor, + prepatch or prerelease version increments. + +-l --loose + Interpret versions and ranges loosely + +-p --include-prerelease + Always include prerelease versions in range matching + +-c --coerce + Coerce a string into SemVer if possible + (does not imply --loose) + +--rtl + Coerce version strings right to left + +--ltr + Coerce version strings left to right (default) + +Program exits successfully if any valid version satisfies +all supplied ranges, and prints all satisfying versions. + +If no satisfying versions are found, then exits failure. + +Versions are printed in ascending order, so supplying +multiple versions to the utility will just sort them.`) + +main() diff --git a/node_modules/npm-registry-fetch/node_modules/semver/classes/comparator.js b/node_modules/npm-registry-fetch/node_modules/semver/classes/comparator.js new file mode 100644 index 000000000..3595792d0 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/classes/comparator.js @@ -0,0 +1,139 @@ +const ANY = Symbol('SemVer ANY') +// hoisted class for cyclic dependency +class Comparator { + static get ANY () { + return ANY + } + constructor (comp, options) { + if (!options || typeof options !== 'object') { + options = { + loose: !!options, + includePrerelease: false + } + } + + if (comp instanceof Comparator) { + if (comp.loose === !!options.loose) { + return comp + } else { + comp = comp.value + } + } + + debug('comparator', comp, options) + this.options = options + this.loose = !!options.loose + this.parse(comp) + + if (this.semver === ANY) { + this.value = '' + } else { + this.value = this.operator + this.semver.version + } + + debug('comp', this) + } + + parse (comp) { + const r = this.options.loose ? re[t.COMPARATORLOOSE] : re[t.COMPARATOR] + const m = comp.match(r) + + if (!m) { + throw new TypeError(`Invalid comparator: ${comp}`) + } + + this.operator = m[1] !== undefined ? m[1] : '' + if (this.operator === '=') { + this.operator = '' + } + + // if it literally is just '>' or '' then allow anything. + if (!m[2]) { + this.semver = ANY + } else { + this.semver = new SemVer(m[2], this.options.loose) + } + } + + toString () { + return this.value + } + + test (version) { + debug('Comparator.test', version, this.options.loose) + + if (this.semver === ANY || version === ANY) { + return true + } + + if (typeof version === 'string') { + try { + version = new SemVer(version, this.options) + } catch (er) { + return false + } + } + + return cmp(version, this.operator, this.semver, this.options) + } + + intersects (comp, options) { + if (!(comp instanceof Comparator)) { + throw new TypeError('a Comparator is required') + } + + if (!options || typeof options !== 'object') { + options = { + loose: !!options, + includePrerelease: false + } + } + + if (this.operator === '') { + if (this.value === '') { + return true + } + return new Range(comp.value, options).test(this.value) + } else if (comp.operator === '') { + if (comp.value === '') { + return true + } + return new Range(this.value, options).test(comp.semver) + } + + const sameDirectionIncreasing = + (this.operator === '>=' || this.operator === '>') && + (comp.operator === '>=' || comp.operator === '>') + const sameDirectionDecreasing = + (this.operator === '<=' || this.operator === '<') && + (comp.operator === '<=' || comp.operator === '<') + const sameSemVer = this.semver.version === comp.semver.version + const differentDirectionsInclusive = + (this.operator === '>=' || this.operator === '<=') && + (comp.operator === '>=' || comp.operator === '<=') + const oppositeDirectionsLessThan = + cmp(this.semver, '<', comp.semver, options) && + (this.operator === '>=' || this.operator === '>') && + (comp.operator === '<=' || comp.operator === '<') + const oppositeDirectionsGreaterThan = + cmp(this.semver, '>', comp.semver, options) && + (this.operator === '<=' || this.operator === '<') && + (comp.operator === '>=' || comp.operator === '>') + + return ( + sameDirectionIncreasing || + sameDirectionDecreasing || + (sameSemVer && differentDirectionsInclusive) || + oppositeDirectionsLessThan || + oppositeDirectionsGreaterThan + ) + } +} + +module.exports = Comparator + +const {re, t} = require('../internal/re') +const cmp = require('../functions/cmp') +const debug = require('../internal/debug') +const SemVer = require('./semver') +const Range = require('./range') diff --git a/node_modules/npm-registry-fetch/node_modules/semver/classes/index.js b/node_modules/npm-registry-fetch/node_modules/semver/classes/index.js new file mode 100644 index 000000000..198b84d66 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/classes/index.js @@ -0,0 +1,5 @@ +module.exports = { + SemVer: require('./semver.js'), + Range: require('./range.js'), + Comparator: require('./comparator.js') +} diff --git a/node_modules/npm-registry-fetch/node_modules/semver/classes/range.js b/node_modules/npm-registry-fetch/node_modules/semver/classes/range.js new file mode 100644 index 000000000..90876c389 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/classes/range.js @@ -0,0 +1,448 @@ +// hoisted class for cyclic dependency +class Range { + constructor (range, options) { + if (!options || typeof options !== 'object') { + options = { + loose: !!options, + includePrerelease: false + } + } + + if (range instanceof Range) { + if ( + range.loose === !!options.loose && + range.includePrerelease === !!options.includePrerelease + ) { + return range + } else { + return new Range(range.raw, options) + } + } + + if (range instanceof Comparator) { + // just put it in the set and return + this.raw = range.value + this.set = [[range]] + this.format() + return this + } + + this.options = options + this.loose = !!options.loose + this.includePrerelease = !!options.includePrerelease + + // First, split based on boolean or || + this.raw = range + this.set = range + .split(/\s*\|\|\s*/) + // map the range to a 2d array of comparators + .map(range => this.parseRange(range.trim())) + // throw out any comparator lists that are empty + // this generally means that it was not a valid range, which is allowed + // in loose mode, but will still throw if the WHOLE range is invalid. + .filter(c => c.length) + + if (!this.set.length) { + throw new TypeError(`Invalid SemVer Range: ${range}`) + } + + this.format() + } + + format () { + this.range = this.set + .map((comps) => { + return comps.join(' ').trim() + }) + .join('||') + .trim() + return this.range + } + + toString () { + return this.range + } + + parseRange (range) { + const loose = this.options.loose + range = range.trim() + // `1.2.3 - 1.2.4` => `>=1.2.3 <=1.2.4` + const hr = loose ? re[t.HYPHENRANGELOOSE] : re[t.HYPHENRANGE] + range = range.replace(hr, hyphenReplace) + debug('hyphen replace', range) + // `> 1.2.3 < 1.2.5` => `>1.2.3 <1.2.5` + range = range.replace(re[t.COMPARATORTRIM], comparatorTrimReplace) + debug('comparator trim', range, re[t.COMPARATORTRIM]) + + // `~ 1.2.3` => `~1.2.3` + range = range.replace(re[t.TILDETRIM], tildeTrimReplace) + + // `^ 1.2.3` => `^1.2.3` + range = range.replace(re[t.CARETTRIM], caretTrimReplace) + + // normalize spaces + range = range.split(/\s+/).join(' ') + + // At this point, the range is completely trimmed and + // ready to be split into comparators. + + const compRe = loose ? re[t.COMPARATORLOOSE] : re[t.COMPARATOR] + return range + .split(' ') + .map(comp => parseComparator(comp, this.options)) + .join(' ') + .split(/\s+/) + // in loose mode, throw out any that are not valid comparators + .filter(this.options.loose ? comp => !!comp.match(compRe) : () => true) + .map(comp => new Comparator(comp, this.options)) + } + + intersects (range, options) { + if (!(range instanceof Range)) { + throw new TypeError('a Range is required') + } + + return this.set.some((thisComparators) => { + return ( + isSatisfiable(thisComparators, options) && + range.set.some((rangeComparators) => { + return ( + isSatisfiable(rangeComparators, options) && + thisComparators.every((thisComparator) => { + return rangeComparators.every((rangeComparator) => { + return thisComparator.intersects(rangeComparator, options) + }) + }) + ) + }) + ) + }) + } + + // if ANY of the sets match ALL of its comparators, then pass + test (version) { + if (!version) { + return false + } + + if (typeof version === 'string') { + try { + version = new SemVer(version, this.options) + } catch (er) { + return false + } + } + + for (let i = 0; i < this.set.length; i++) { + if (testSet(this.set[i], version, this.options)) { + return true + } + } + return false + } +} +module.exports = Range + +const Comparator = require('./comparator') +const debug = require('../internal/debug') +const SemVer = require('./semver') +const { + re, + t, + comparatorTrimReplace, + tildeTrimReplace, + caretTrimReplace +} = require('../internal/re') + +// take a set of comparators and determine whether there +// exists a version which can satisfy it +const isSatisfiable = (comparators, options) => { + let result = true + const remainingComparators = comparators.slice() + let testComparator = remainingComparators.pop() + + while (result && remainingComparators.length) { + result = remainingComparators.every((otherComparator) => { + return testComparator.intersects(otherComparator, options) + }) + + testComparator = remainingComparators.pop() + } + + return result +} + +// comprised of xranges, tildes, stars, and gtlt's at this point. +// already replaced the hyphen ranges +// turn into a set of JUST comparators. +const parseComparator = (comp, options) => { + debug('comp', comp, options) + comp = replaceCarets(comp, options) + debug('caret', comp) + comp = replaceTildes(comp, options) + debug('tildes', comp) + comp = replaceXRanges(comp, options) + debug('xrange', comp) + comp = replaceStars(comp, options) + debug('stars', comp) + return comp +} + +const isX = id => !id || id.toLowerCase() === 'x' || id === '*' + +// ~, ~> --> * (any, kinda silly) +// ~2, ~2.x, ~2.x.x, ~>2, ~>2.x ~>2.x.x --> >=2.0.0 <3.0.0 +// ~2.0, ~2.0.x, ~>2.0, ~>2.0.x --> >=2.0.0 <2.1.0 +// ~1.2, ~1.2.x, ~>1.2, ~>1.2.x --> >=1.2.0 <1.3.0 +// ~1.2.3, ~>1.2.3 --> >=1.2.3 <1.3.0 +// ~1.2.0, ~>1.2.0 --> >=1.2.0 <1.3.0 +const replaceTildes = (comp, options) => + comp.trim().split(/\s+/).map((comp) => { + return replaceTilde(comp, options) + }).join(' ') + +const replaceTilde = (comp, options) => { + const r = options.loose ? re[t.TILDELOOSE] : re[t.TILDE] + return comp.replace(r, (_, M, m, p, pr) => { + debug('tilde', comp, _, M, m, p, pr) + let ret + + if (isX(M)) { + ret = '' + } else if (isX(m)) { + ret = `>=${M}.0.0 <${+M + 1}.0.0` + } else if (isX(p)) { + // ~1.2 == >=1.2.0 <1.3.0 + ret = `>=${M}.${m}.0 <${M}.${+m + 1}.0` + } else if (pr) { + debug('replaceTilde pr', pr) + ret = `>=${M}.${m}.${p}-${pr + } <${M}.${+m + 1}.0` + } else { + // ~1.2.3 == >=1.2.3 <1.3.0 + ret = `>=${M}.${m}.${p + } <${M}.${+m + 1}.0` + } + + debug('tilde return', ret) + return ret + }) +} + +// ^ --> * (any, kinda silly) +// ^2, ^2.x, ^2.x.x --> >=2.0.0 <3.0.0 +// ^2.0, ^2.0.x --> >=2.0.0 <3.0.0 +// ^1.2, ^1.2.x --> >=1.2.0 <2.0.0 +// ^1.2.3 --> >=1.2.3 <2.0.0 +// ^1.2.0 --> >=1.2.0 <2.0.0 +const replaceCarets = (comp, options) => + comp.trim().split(/\s+/).map((comp) => { + return replaceCaret(comp, options) + }).join(' ') + +const replaceCaret = (comp, options) => { + debug('caret', comp, options) + const r = options.loose ? re[t.CARETLOOSE] : re[t.CARET] + return comp.replace(r, (_, M, m, p, pr) => { + debug('caret', comp, _, M, m, p, pr) + let ret + + if (isX(M)) { + ret = '' + } else if (isX(m)) { + ret = `>=${M}.0.0 <${+M + 1}.0.0` + } else if (isX(p)) { + if (M === '0') { + ret = `>=${M}.${m}.0 <${M}.${+m + 1}.0` + } else { + ret = `>=${M}.${m}.0 <${+M + 1}.0.0` + } + } else if (pr) { + debug('replaceCaret pr', pr) + if (M === '0') { + if (m === '0') { + ret = `>=${M}.${m}.${p}-${pr + } <${M}.${m}.${+p + 1}` + } else { + ret = `>=${M}.${m}.${p}-${pr + } <${M}.${+m + 1}.0` + } + } else { + ret = `>=${M}.${m}.${p}-${pr + } <${+M + 1}.0.0` + } + } else { + debug('no pr') + if (M === '0') { + if (m === '0') { + ret = `>=${M}.${m}.${p + } <${M}.${m}.${+p + 1}` + } else { + ret = `>=${M}.${m}.${p + } <${M}.${+m + 1}.0` + } + } else { + ret = `>=${M}.${m}.${p + } <${+M + 1}.0.0` + } + } + + debug('caret return', ret) + return ret + }) +} + +const replaceXRanges = (comp, options) => { + debug('replaceXRanges', comp, options) + return comp.split(/\s+/).map((comp) => { + return replaceXRange(comp, options) + }).join(' ') +} + +const replaceXRange = (comp, options) => { + comp = comp.trim() + const r = options.loose ? re[t.XRANGELOOSE] : re[t.XRANGE] + return comp.replace(r, (ret, gtlt, M, m, p, pr) => { + debug('xRange', comp, ret, gtlt, M, m, p, pr) + const xM = isX(M) + const xm = xM || isX(m) + const xp = xm || isX(p) + const anyX = xp + + if (gtlt === '=' && anyX) { + gtlt = '' + } + + // if we're including prereleases in the match, then we need + // to fix this to -0, the lowest possible prerelease value + pr = options.includePrerelease ? '-0' : '' + + if (xM) { + if (gtlt === '>' || gtlt === '<') { + // nothing is allowed + ret = '<0.0.0-0' + } else { + // nothing is forbidden + ret = '*' + } + } else if (gtlt && anyX) { + // we know patch is an x, because we have any x at all. + // replace X with 0 + if (xm) { + m = 0 + } + p = 0 + + if (gtlt === '>') { + // >1 => >=2.0.0 + // >1.2 => >=1.3.0 + gtlt = '>=' + if (xm) { + M = +M + 1 + m = 0 + p = 0 + } else { + m = +m + 1 + p = 0 + } + } else if (gtlt === '<=') { + // <=0.7.x is actually <0.8.0, since any 0.7.x should + // pass. Similarly, <=7.x is actually <8.0.0, etc. + gtlt = '<' + if (xm) { + M = +M + 1 + } else { + m = +m + 1 + } + } + + ret = `${gtlt + M}.${m}.${p}${pr}` + } else if (xm) { + ret = `>=${M}.0.0${pr} <${+M + 1}.0.0${pr}` + } else if (xp) { + ret = `>=${M}.${m}.0${pr + } <${M}.${+m + 1}.0${pr}` + } + + debug('xRange return', ret) + + return ret + }) +} + +// Because * is AND-ed with everything else in the comparator, +// and '' means "any version", just remove the *s entirely. +const replaceStars = (comp, options) => { + debug('replaceStars', comp, options) + // Looseness is ignored here. star is always as loose as it gets! + return comp.trim().replace(re[t.STAR], '') +} + +// This function is passed to string.replace(re[t.HYPHENRANGE]) +// M, m, patch, prerelease, build +// 1.2 - 3.4.5 => >=1.2.0 <=3.4.5 +// 1.2.3 - 3.4 => >=1.2.0 <3.5.0 Any 3.4.x will do +// 1.2 - 3.4 => >=1.2.0 <3.5.0 +const hyphenReplace = ($0, + from, fM, fm, fp, fpr, fb, + to, tM, tm, tp, tpr, tb) => { + if (isX(fM)) { + from = '' + } else if (isX(fm)) { + from = `>=${fM}.0.0` + } else if (isX(fp)) { + from = `>=${fM}.${fm}.0` + } else { + from = `>=${from}` + } + + if (isX(tM)) { + to = '' + } else if (isX(tm)) { + to = `<${+tM + 1}.0.0` + } else if (isX(tp)) { + to = `<${tM}.${+tm + 1}.0` + } else if (tpr) { + to = `<=${tM}.${tm}.${tp}-${tpr}` + } else { + to = `<=${to}` + } + + return (`${from} ${to}`).trim() +} + +const testSet = (set, version, options) => { + for (let i = 0; i < set.length; i++) { + if (!set[i].test(version)) { + return false + } + } + + if (version.prerelease.length && !options.includePrerelease) { + // Find the set of versions that are allowed to have prereleases + // For example, ^1.2.3-pr.1 desugars to >=1.2.3-pr.1 <2.0.0 + // That should allow `1.2.3-pr.2` to pass. + // However, `1.2.4-alpha.notready` should NOT be allowed, + // even though it's within the range set by the comparators. + for (let i = 0; i < set.length; i++) { + debug(set[i].semver) + if (set[i].semver === Comparator.ANY) { + continue + } + + if (set[i].semver.prerelease.length > 0) { + const allowed = set[i].semver + if (allowed.major === version.major && + allowed.minor === version.minor && + allowed.patch === version.patch) { + return true + } + } + } + + // Version has a -pre, but it's not one of the ones we like. + return false + } + + return true +} diff --git a/node_modules/npm-registry-fetch/node_modules/semver/classes/semver.js b/node_modules/npm-registry-fetch/node_modules/semver/classes/semver.js new file mode 100644 index 000000000..73247ad2b --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/classes/semver.js @@ -0,0 +1,290 @@ +const debug = require('../internal/debug') +const { MAX_LENGTH, MAX_SAFE_INTEGER } = require('../internal/constants') +const { re, t } = require('../internal/re') + +const { compareIdentifiers } = require('../internal/identifiers') +class SemVer { + constructor (version, options) { + if (!options || typeof options !== 'object') { + options = { + loose: !!options, + includePrerelease: false + } + } + if (version instanceof SemVer) { + if (version.loose === !!options.loose && + version.includePrerelease === !!options.includePrerelease) { + return version + } else { + version = version.version + } + } else if (typeof version !== 'string') { + throw new TypeError(`Invalid Version: ${version}`) + } + + if (version.length > MAX_LENGTH) { + throw new TypeError( + `version is longer than ${MAX_LENGTH} characters` + ) + } + + debug('SemVer', version, options) + this.options = options + this.loose = !!options.loose + // this isn't actually relevant for versions, but keep it so that we + // don't run into trouble passing this.options around. + this.includePrerelease = !!options.includePrerelease + + const m = version.trim().match(options.loose ? re[t.LOOSE] : re[t.FULL]) + + if (!m) { + throw new TypeError(`Invalid Version: ${version}`) + } + + this.raw = version + + // these are actually numbers + this.major = +m[1] + this.minor = +m[2] + this.patch = +m[3] + + if (this.major > MAX_SAFE_INTEGER || this.major < 0) { + throw new TypeError('Invalid major version') + } + + if (this.minor > MAX_SAFE_INTEGER || this.minor < 0) { + throw new TypeError('Invalid minor version') + } + + if (this.patch > MAX_SAFE_INTEGER || this.patch < 0) { + throw new TypeError('Invalid patch version') + } + + // numberify any prerelease numeric ids + if (!m[4]) { + this.prerelease = [] + } else { + this.prerelease = m[4].split('.').map((id) => { + if (/^[0-9]+$/.test(id)) { + const num = +id + if (num >= 0 && num < MAX_SAFE_INTEGER) { + return num + } + } + return id + }) + } + + this.build = m[5] ? m[5].split('.') : [] + this.format() + } + + format () { + this.version = `${this.major}.${this.minor}.${this.patch}` + if (this.prerelease.length) { + this.version += `-${this.prerelease.join('.')}` + } + return this.version + } + + toString () { + return this.version + } + + compare (other) { + debug('SemVer.compare', this.version, this.options, other) + if (!(other instanceof SemVer)) { + if (typeof other === 'string' && other === this.version) { + return 0 + } + other = new SemVer(other, this.options) + } + + if (other.version === this.version) { + return 0 + } + + return this.compareMain(other) || this.comparePre(other) + } + + compareMain (other) { + if (!(other instanceof SemVer)) { + other = new SemVer(other, this.options) + } + + return ( + compareIdentifiers(this.major, other.major) || + compareIdentifiers(this.minor, other.minor) || + compareIdentifiers(this.patch, other.patch) + ) + } + + comparePre (other) { + if (!(other instanceof SemVer)) { + other = new SemVer(other, this.options) + } + + // NOT having a prerelease is > having one + if (this.prerelease.length && !other.prerelease.length) { + return -1 + } else if (!this.prerelease.length && other.prerelease.length) { + return 1 + } else if (!this.prerelease.length && !other.prerelease.length) { + return 0 + } + + let i = 0 + do { + const a = this.prerelease[i] + const b = other.prerelease[i] + debug('prerelease compare', i, a, b) + if (a === undefined && b === undefined) { + return 0 + } else if (b === undefined) { + return 1 + } else if (a === undefined) { + return -1 + } else if (a === b) { + continue + } else { + return compareIdentifiers(a, b) + } + } while (++i) + } + + compareBuild (other) { + if (!(other instanceof SemVer)) { + other = new SemVer(other, this.options) + } + + let i = 0 + do { + const a = this.build[i] + const b = other.build[i] + debug('prerelease compare', i, a, b) + if (a === undefined && b === undefined) { + return 0 + } else if (b === undefined) { + return 1 + } else if (a === undefined) { + return -1 + } else if (a === b) { + continue + } else { + return compareIdentifiers(a, b) + } + } while (++i) + } + + // preminor will bump the version up to the next minor release, and immediately + // down to pre-release. premajor and prepatch work the same way. + inc (release, identifier) { + switch (release) { + case 'premajor': + this.prerelease.length = 0 + this.patch = 0 + this.minor = 0 + this.major++ + this.inc('pre', identifier) + break + case 'preminor': + this.prerelease.length = 0 + this.patch = 0 + this.minor++ + this.inc('pre', identifier) + break + case 'prepatch': + // If this is already a prerelease, it will bump to the next version + // drop any prereleases that might already exist, since they are not + // relevant at this point. + this.prerelease.length = 0 + this.inc('patch', identifier) + this.inc('pre', identifier) + break + // If the input is a non-prerelease version, this acts the same as + // prepatch. + case 'prerelease': + if (this.prerelease.length === 0) { + this.inc('patch', identifier) + } + this.inc('pre', identifier) + break + + case 'major': + // If this is a pre-major version, bump up to the same major version. + // Otherwise increment major. + // 1.0.0-5 bumps to 1.0.0 + // 1.1.0 bumps to 2.0.0 + if ( + this.minor !== 0 || + this.patch !== 0 || + this.prerelease.length === 0 + ) { + this.major++ + } + this.minor = 0 + this.patch = 0 + this.prerelease = [] + break + case 'minor': + // If this is a pre-minor version, bump up to the same minor version. + // Otherwise increment minor. + // 1.2.0-5 bumps to 1.2.0 + // 1.2.1 bumps to 1.3.0 + if (this.patch !== 0 || this.prerelease.length === 0) { + this.minor++ + } + this.patch = 0 + this.prerelease = [] + break + case 'patch': + // If this is not a pre-release version, it will increment the patch. + // If it is a pre-release it will bump up to the same patch version. + // 1.2.0-5 patches to 1.2.0 + // 1.2.0 patches to 1.2.1 + if (this.prerelease.length === 0) { + this.patch++ + } + this.prerelease = [] + break + // This probably shouldn't be used publicly. + // 1.0.0 'pre' would become 1.0.0-0 which is the wrong direction. + case 'pre': + if (this.prerelease.length === 0) { + this.prerelease = [0] + } else { + let i = this.prerelease.length + while (--i >= 0) { + if (typeof this.prerelease[i] === 'number') { + this.prerelease[i]++ + i = -2 + } + } + if (i === -1) { + // didn't increment anything + this.prerelease.push(0) + } + } + if (identifier) { + // 1.2.0-beta.1 bumps to 1.2.0-beta.2, + // 1.2.0-beta.fooblz or 1.2.0-beta bumps to 1.2.0-beta.0 + if (this.prerelease[0] === identifier) { + if (isNaN(this.prerelease[1])) { + this.prerelease = [identifier, 0] + } + } else { + this.prerelease = [identifier, 0] + } + } + break + + default: + throw new Error(`invalid increment argument: ${release}`) + } + this.format() + this.raw = this.version + return this + } +} + +module.exports = SemVer diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/clean.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/clean.js new file mode 100644 index 000000000..811fe6b82 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/clean.js @@ -0,0 +1,6 @@ +const parse = require('./parse') +const clean = (version, options) => { + const s = parse(version.trim().replace(/^[=v]+/, ''), options) + return s ? s.version : null +} +module.exports = clean diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/cmp.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/cmp.js new file mode 100644 index 000000000..3b89db779 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/cmp.js @@ -0,0 +1,48 @@ +const eq = require('./eq') +const neq = require('./neq') +const gt = require('./gt') +const gte = require('./gte') +const lt = require('./lt') +const lte = require('./lte') + +const cmp = (a, op, b, loose) => { + switch (op) { + case '===': + if (typeof a === 'object') + a = a.version + if (typeof b === 'object') + b = b.version + return a === b + + case '!==': + if (typeof a === 'object') + a = a.version + if (typeof b === 'object') + b = b.version + return a !== b + + case '': + case '=': + case '==': + return eq(a, b, loose) + + case '!=': + return neq(a, b, loose) + + case '>': + return gt(a, b, loose) + + case '>=': + return gte(a, b, loose) + + case '<': + return lt(a, b, loose) + + case '<=': + return lte(a, b, loose) + + default: + throw new TypeError(`Invalid operator: ${op}`) + } +} +module.exports = cmp diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/coerce.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/coerce.js new file mode 100644 index 000000000..106ca71c9 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/coerce.js @@ -0,0 +1,51 @@ +const SemVer = require('../classes/semver') +const parse = require('./parse') +const {re, t} = require('../internal/re') + +const coerce = (version, options) => { + if (version instanceof SemVer) { + return version + } + + if (typeof version === 'number') { + version = String(version) + } + + if (typeof version !== 'string') { + return null + } + + options = options || {} + + let match = null + if (!options.rtl) { + match = version.match(re[t.COERCE]) + } else { + // Find the right-most coercible string that does not share + // a terminus with a more left-ward coercible string. + // Eg, '1.2.3.4' wants to coerce '2.3.4', not '3.4' or '4' + // + // Walk through the string checking with a /g regexp + // Manually set the index so as to pick up overlapping matches. + // Stop when we get a match that ends at the string end, since no + // coercible string can be more right-ward without the same terminus. + let next + while ((next = re[t.COERCERTL].exec(version)) && + (!match || match.index + match[0].length !== version.length) + ) { + if (!match || + next.index + next[0].length !== match.index + match[0].length) { + match = next + } + re[t.COERCERTL].lastIndex = next.index + next[1].length + next[2].length + } + // leave it in a clean state + re[t.COERCERTL].lastIndex = -1 + } + + if (match === null) + return null + + return parse(`${match[2]}.${match[3] || '0'}.${match[4] || '0'}`, options) +} +module.exports = coerce diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/compare-build.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/compare-build.js new file mode 100644 index 000000000..9eb881bef --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/compare-build.js @@ -0,0 +1,7 @@ +const SemVer = require('../classes/semver') +const compareBuild = (a, b, loose) => { + const versionA = new SemVer(a, loose) + const versionB = new SemVer(b, loose) + return versionA.compare(versionB) || versionA.compareBuild(versionB) +} +module.exports = compareBuild diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/compare-loose.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/compare-loose.js new file mode 100644 index 000000000..4881fbe00 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/compare-loose.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const compareLoose = (a, b) => compare(a, b, true) +module.exports = compareLoose diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/compare.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/compare.js new file mode 100644 index 000000000..748b7afa5 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/compare.js @@ -0,0 +1,5 @@ +const SemVer = require('../classes/semver') +const compare = (a, b, loose) => + new SemVer(a, loose).compare(new SemVer(b, loose)) + +module.exports = compare diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/diff.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/diff.js new file mode 100644 index 000000000..1493666e1 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/diff.js @@ -0,0 +1,25 @@ +const parse = require('./parse') +const eq = require('./eq') + +const diff = (version1, version2) => { + if (eq(version1, version2)) { + return null + } else { + const v1 = parse(version1) + const v2 = parse(version2) + let prefix = '' + if (v1.prerelease.length || v2.prerelease.length) { + prefix = 'pre' + var defaultResult = 'prerelease' + } + for (const key in v1) { + if (key === 'major' || key === 'minor' || key === 'patch') { + if (v1[key] !== v2[key]) { + return prefix + key + } + } + } + return defaultResult // may be undefined + } +} +module.exports = diff diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/eq.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/eq.js new file mode 100644 index 000000000..271fed976 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/eq.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const eq = (a, b, loose) => compare(a, b, loose) === 0 +module.exports = eq diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/gt.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/gt.js new file mode 100644 index 000000000..d9b2156d8 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/gt.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const gt = (a, b, loose) => compare(a, b, loose) > 0 +module.exports = gt diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/gte.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/gte.js new file mode 100644 index 000000000..5aeaa6347 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/gte.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const gte = (a, b, loose) => compare(a, b, loose) >= 0 +module.exports = gte diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/inc.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/inc.js new file mode 100644 index 000000000..aa4d83ab4 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/inc.js @@ -0,0 +1,15 @@ +const SemVer = require('../classes/semver') + +const inc = (version, release, options, identifier) => { + if (typeof (options) === 'string') { + identifier = options + options = undefined + } + + try { + return new SemVer(version, options).inc(release, identifier).version + } catch (er) { + return null + } +} +module.exports = inc diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/lt.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/lt.js new file mode 100644 index 000000000..b440ab7d4 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/lt.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const lt = (a, b, loose) => compare(a, b, loose) < 0 +module.exports = lt diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/lte.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/lte.js new file mode 100644 index 000000000..6dcc95650 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/lte.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const lte = (a, b, loose) => compare(a, b, loose) <= 0 +module.exports = lte diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/major.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/major.js new file mode 100644 index 000000000..4283165e9 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/major.js @@ -0,0 +1,3 @@ +const SemVer = require('../classes/semver') +const major = (a, loose) => new SemVer(a, loose).major +module.exports = major diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/minor.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/minor.js new file mode 100644 index 000000000..57b3455f8 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/minor.js @@ -0,0 +1,3 @@ +const SemVer = require('../classes/semver') +const minor = (a, loose) => new SemVer(a, loose).minor +module.exports = minor diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/neq.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/neq.js new file mode 100644 index 000000000..f944c0157 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/neq.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const neq = (a, b, loose) => compare(a, b, loose) !== 0 +module.exports = neq diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/parse.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/parse.js new file mode 100644 index 000000000..457fee04a --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/parse.js @@ -0,0 +1,37 @@ +const {MAX_LENGTH} = require('../internal/constants') +const { re, t } = require('../internal/re') +const SemVer = require('../classes/semver') + +const parse = (version, options) => { + if (!options || typeof options !== 'object') { + options = { + loose: !!options, + includePrerelease: false + } + } + + if (version instanceof SemVer) { + return version + } + + if (typeof version !== 'string') { + return null + } + + if (version.length > MAX_LENGTH) { + return null + } + + const r = options.loose ? re[t.LOOSE] : re[t.FULL] + if (!r.test(version)) { + return null + } + + try { + return new SemVer(version, options) + } catch (er) { + return null + } +} + +module.exports = parse diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/patch.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/patch.js new file mode 100644 index 000000000..63afca252 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/patch.js @@ -0,0 +1,3 @@ +const SemVer = require('../classes/semver') +const patch = (a, loose) => new SemVer(a, loose).patch +module.exports = patch diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/prerelease.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/prerelease.js new file mode 100644 index 000000000..06aa13248 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/prerelease.js @@ -0,0 +1,6 @@ +const parse = require('./parse') +const prerelease = (version, options) => { + const parsed = parse(version, options) + return (parsed && parsed.prerelease.length) ? parsed.prerelease : null +} +module.exports = prerelease diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/rcompare.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/rcompare.js new file mode 100644 index 000000000..0ac509e79 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/rcompare.js @@ -0,0 +1,3 @@ +const compare = require('./compare') +const rcompare = (a, b, loose) => compare(b, a, loose) +module.exports = rcompare diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/rsort.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/rsort.js new file mode 100644 index 000000000..82404c5cf --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/rsort.js @@ -0,0 +1,3 @@ +const compareBuild = require('./compare-build') +const rsort = (list, loose) => list.sort((a, b) => compareBuild(b, a, loose)) +module.exports = rsort diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/satisfies.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/satisfies.js new file mode 100644 index 000000000..50af1c199 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/satisfies.js @@ -0,0 +1,10 @@ +const Range = require('../classes/range') +const satisfies = (version, range, options) => { + try { + range = new Range(range, options) + } catch (er) { + return false + } + return range.test(version) +} +module.exports = satisfies diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/sort.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/sort.js new file mode 100644 index 000000000..4d10917ab --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/sort.js @@ -0,0 +1,3 @@ +const compareBuild = require('./compare-build') +const sort = (list, loose) => list.sort((a, b) => compareBuild(a, b, loose)) +module.exports = sort diff --git a/node_modules/npm-registry-fetch/node_modules/semver/functions/valid.js b/node_modules/npm-registry-fetch/node_modules/semver/functions/valid.js new file mode 100644 index 000000000..f27bae107 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/functions/valid.js @@ -0,0 +1,6 @@ +const parse = require('./parse') +const valid = (version, options) => { + const v = parse(version, options) + return v ? v.version : null +} +module.exports = valid diff --git a/node_modules/npm-registry-fetch/node_modules/semver/index.js b/node_modules/npm-registry-fetch/node_modules/semver/index.js new file mode 100644 index 000000000..3a0b4e52c --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/index.js @@ -0,0 +1,46 @@ +// just pre-load all the stuff that index.js lazily exports +const internalRe = require('./internal/re') +module.exports = { + re: internalRe.re, + src: internalRe.src, + tokens: internalRe.t, + SEMVER_SPEC_VERSION: require('./internal/constants').SEMVER_SPEC_VERSION, + SemVer: require('./classes/semver'), + compareIdentifiers: require('./internal/identifiers').compareIdentifiers, + rcompareIdentifiers: require('./internal/identifiers').rcompareIdentifiers, + parse: require('./functions/parse'), + valid: require('./functions/valid'), + clean: require('./functions/clean'), + inc: require('./functions/inc'), + diff: require('./functions/diff'), + major: require('./functions/major'), + minor: require('./functions/minor'), + patch: require('./functions/patch'), + prerelease: require('./functions/prerelease'), + compare: require('./functions/compare'), + rcompare: require('./functions/rcompare'), + compareLoose: require('./functions/compare-loose'), + compareBuild: require('./functions/compare-build'), + sort: require('./functions/sort'), + rsort: require('./functions/rsort'), + gt: require('./functions/gt'), + lt: require('./functions/lt'), + eq: require('./functions/eq'), + neq: require('./functions/neq'), + gte: require('./functions/gte'), + lte: require('./functions/lte'), + cmp: require('./functions/cmp'), + coerce: require('./functions/coerce'), + Comparator: require('./classes/comparator'), + Range: require('./classes/range'), + satisfies: require('./functions/satisfies'), + toComparators: require('./ranges/to-comparators'), + maxSatisfying: require('./ranges/max-satisfying'), + minSatisfying: require('./ranges/min-satisfying'), + minVersion: require('./ranges/min-version'), + validRange: require('./ranges/valid'), + outside: require('./ranges/outside'), + gtr: require('./ranges/gtr'), + ltr: require('./ranges/ltr'), + intersects: require('./ranges/intersects'), +} diff --git a/node_modules/npm-registry-fetch/node_modules/semver/internal/constants.js b/node_modules/npm-registry-fetch/node_modules/semver/internal/constants.js new file mode 100644 index 000000000..49df215ad --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/internal/constants.js @@ -0,0 +1,17 @@ +// Note: this is the semver.org version of the spec that it implements +// Not necessarily the package version of this code. +const SEMVER_SPEC_VERSION = '2.0.0' + +const MAX_LENGTH = 256 +const MAX_SAFE_INTEGER = Number.MAX_SAFE_INTEGER || + /* istanbul ignore next */ 9007199254740991 + +// Max safe segment length for coercion. +const MAX_SAFE_COMPONENT_LENGTH = 16 + +module.exports = { + SEMVER_SPEC_VERSION, + MAX_LENGTH, + MAX_SAFE_INTEGER, + MAX_SAFE_COMPONENT_LENGTH +} diff --git a/node_modules/npm-registry-fetch/node_modules/semver/internal/debug.js b/node_modules/npm-registry-fetch/node_modules/semver/internal/debug.js new file mode 100644 index 000000000..1c00e1369 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/internal/debug.js @@ -0,0 +1,9 @@ +const debug = ( + typeof process === 'object' && + process.env && + process.env.NODE_DEBUG && + /\bsemver\b/i.test(process.env.NODE_DEBUG) +) ? (...args) => console.error('SEMVER', ...args) + : () => {} + +module.exports = debug diff --git a/node_modules/npm-registry-fetch/node_modules/semver/internal/identifiers.js b/node_modules/npm-registry-fetch/node_modules/semver/internal/identifiers.js new file mode 100644 index 000000000..ed1309421 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/internal/identifiers.js @@ -0,0 +1,23 @@ +const numeric = /^[0-9]+$/ +const compareIdentifiers = (a, b) => { + const anum = numeric.test(a) + const bnum = numeric.test(b) + + if (anum && bnum) { + a = +a + b = +b + } + + return a === b ? 0 + : (anum && !bnum) ? -1 + : (bnum && !anum) ? 1 + : a < b ? -1 + : 1 +} + +const rcompareIdentifiers = (a, b) => compareIdentifiers(b, a) + +module.exports = { + compareIdentifiers, + rcompareIdentifiers +} diff --git a/node_modules/npm-registry-fetch/node_modules/semver/internal/re.js b/node_modules/npm-registry-fetch/node_modules/semver/internal/re.js new file mode 100644 index 000000000..0e8fb5289 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/internal/re.js @@ -0,0 +1,179 @@ +const { MAX_SAFE_COMPONENT_LENGTH } = require('./constants') +const debug = require('./debug') +exports = module.exports = {} + +// The actual regexps go on exports.re +const re = exports.re = [] +const src = exports.src = [] +const t = exports.t = {} +let R = 0 + +const createToken = (name, value, isGlobal) => { + const index = R++ + debug(index, value) + t[name] = index + src[index] = value + re[index] = new RegExp(value, isGlobal ? 'g' : undefined) +} + +// The following Regular Expressions can be used for tokenizing, +// validating, and parsing SemVer version strings. + +// ## Numeric Identifier +// A single `0`, or a non-zero digit followed by zero or more digits. + +createToken('NUMERICIDENTIFIER', '0|[1-9]\\d*') +createToken('NUMERICIDENTIFIERLOOSE', '[0-9]+') + +// ## Non-numeric Identifier +// Zero or more digits, followed by a letter or hyphen, and then zero or +// more letters, digits, or hyphens. + +createToken('NONNUMERICIDENTIFIER', '\\d*[a-zA-Z-][a-zA-Z0-9-]*') + +// ## Main Version +// Three dot-separated numeric identifiers. + +createToken('MAINVERSION', `(${src[t.NUMERICIDENTIFIER]})\\.` + + `(${src[t.NUMERICIDENTIFIER]})\\.` + + `(${src[t.NUMERICIDENTIFIER]})`) + +createToken('MAINVERSIONLOOSE', `(${src[t.NUMERICIDENTIFIERLOOSE]})\\.` + + `(${src[t.NUMERICIDENTIFIERLOOSE]})\\.` + + `(${src[t.NUMERICIDENTIFIERLOOSE]})`) + +// ## Pre-release Version Identifier +// A numeric identifier, or a non-numeric identifier. + +createToken('PRERELEASEIDENTIFIER', `(?:${src[t.NUMERICIDENTIFIER] +}|${src[t.NONNUMERICIDENTIFIER]})`) + +createToken('PRERELEASEIDENTIFIERLOOSE', `(?:${src[t.NUMERICIDENTIFIERLOOSE] +}|${src[t.NONNUMERICIDENTIFIER]})`) + +// ## Pre-release Version +// Hyphen, followed by one or more dot-separated pre-release version +// identifiers. + +createToken('PRERELEASE', `(?:-(${src[t.PRERELEASEIDENTIFIER] +}(?:\\.${src[t.PRERELEASEIDENTIFIER]})*))`) + +createToken('PRERELEASELOOSE', `(?:-?(${src[t.PRERELEASEIDENTIFIERLOOSE] +}(?:\\.${src[t.PRERELEASEIDENTIFIERLOOSE]})*))`) + +// ## Build Metadata Identifier +// Any combination of digits, letters, or hyphens. + +createToken('BUILDIDENTIFIER', '[0-9A-Za-z-]+') + +// ## Build Metadata +// Plus sign, followed by one or more period-separated build metadata +// identifiers. + +createToken('BUILD', `(?:\\+(${src[t.BUILDIDENTIFIER] +}(?:\\.${src[t.BUILDIDENTIFIER]})*))`) + +// ## Full Version String +// A main version, followed optionally by a pre-release version and +// build metadata. + +// Note that the only major, minor, patch, and pre-release sections of +// the version string are capturing groups. The build metadata is not a +// capturing group, because it should not ever be used in version +// comparison. + +createToken('FULLPLAIN', `v?${src[t.MAINVERSION] +}${src[t.PRERELEASE]}?${ + src[t.BUILD]}?`) + +createToken('FULL', `^${src[t.FULLPLAIN]}$`) + +// like full, but allows v1.2.3 and =1.2.3, which people do sometimes. +// also, 1.0.0alpha1 (prerelease without the hyphen) which is pretty +// common in the npm registry. +createToken('LOOSEPLAIN', `[v=\\s]*${src[t.MAINVERSIONLOOSE] +}${src[t.PRERELEASELOOSE]}?${ + src[t.BUILD]}?`) + +createToken('LOOSE', `^${src[t.LOOSEPLAIN]}$`) + +createToken('GTLT', '((?:<|>)?=?)') + +// Something like "2.*" or "1.2.x". +// Note that "x.x" is a valid xRange identifer, meaning "any version" +// Only the first item is strictly required. +createToken('XRANGEIDENTIFIERLOOSE', `${src[t.NUMERICIDENTIFIERLOOSE]}|x|X|\\*`) +createToken('XRANGEIDENTIFIER', `${src[t.NUMERICIDENTIFIER]}|x|X|\\*`) + +createToken('XRANGEPLAIN', `[v=\\s]*(${src[t.XRANGEIDENTIFIER]})` + + `(?:\\.(${src[t.XRANGEIDENTIFIER]})` + + `(?:\\.(${src[t.XRANGEIDENTIFIER]})` + + `(?:${src[t.PRERELEASE]})?${ + src[t.BUILD]}?` + + `)?)?`) + +createToken('XRANGEPLAINLOOSE', `[v=\\s]*(${src[t.XRANGEIDENTIFIERLOOSE]})` + + `(?:\\.(${src[t.XRANGEIDENTIFIERLOOSE]})` + + `(?:\\.(${src[t.XRANGEIDENTIFIERLOOSE]})` + + `(?:${src[t.PRERELEASELOOSE]})?${ + src[t.BUILD]}?` + + `)?)?`) + +createToken('XRANGE', `^${src[t.GTLT]}\\s*${src[t.XRANGEPLAIN]}$`) +createToken('XRANGELOOSE', `^${src[t.GTLT]}\\s*${src[t.XRANGEPLAINLOOSE]}$`) + +// Coercion. +// Extract anything that could conceivably be a part of a valid semver +createToken('COERCE', `${'(^|[^\\d])' + + '(\\d{1,'}${MAX_SAFE_COMPONENT_LENGTH}})` + + `(?:\\.(\\d{1,${MAX_SAFE_COMPONENT_LENGTH}}))?` + + `(?:\\.(\\d{1,${MAX_SAFE_COMPONENT_LENGTH}}))?` + + `(?:$|[^\\d])`) +createToken('COERCERTL', src[t.COERCE], true) + +// Tilde ranges. +// Meaning is "reasonably at or greater than" +createToken('LONETILDE', '(?:~>?)') + +createToken('TILDETRIM', `(\\s*)${src[t.LONETILDE]}\\s+`, true) +exports.tildeTrimReplace = '$1~' + +createToken('TILDE', `^${src[t.LONETILDE]}${src[t.XRANGEPLAIN]}$`) +createToken('TILDELOOSE', `^${src[t.LONETILDE]}${src[t.XRANGEPLAINLOOSE]}$`) + +// Caret ranges. +// Meaning is "at least and backwards compatible with" +createToken('LONECARET', '(?:\\^)') + +createToken('CARETTRIM', `(\\s*)${src[t.LONECARET]}\\s+`, true) +exports.caretTrimReplace = '$1^' + +createToken('CARET', `^${src[t.LONECARET]}${src[t.XRANGEPLAIN]}$`) +createToken('CARETLOOSE', `^${src[t.LONECARET]}${src[t.XRANGEPLAINLOOSE]}$`) + +// A simple gt/lt/eq thing, or just "" to indicate "any version" +createToken('COMPARATORLOOSE', `^${src[t.GTLT]}\\s*(${src[t.LOOSEPLAIN]})$|^$`) +createToken('COMPARATOR', `^${src[t.GTLT]}\\s*(${src[t.FULLPLAIN]})$|^$`) + +// An expression to strip any whitespace between the gtlt and the thing +// it modifies, so that `> 1.2.3` ==> `>1.2.3` +createToken('COMPARATORTRIM', `(\\s*)${src[t.GTLT] +}\\s*(${src[t.LOOSEPLAIN]}|${src[t.XRANGEPLAIN]})`, true) +exports.comparatorTrimReplace = '$1$2$3' + +// Something like `1.2.3 - 1.2.4` +// Note that these all use the loose form, because they'll be +// checked against either the strict or loose comparator form +// later. +createToken('HYPHENRANGE', `^\\s*(${src[t.XRANGEPLAIN]})` + + `\\s+-\\s+` + + `(${src[t.XRANGEPLAIN]})` + + `\\s*$`) + +createToken('HYPHENRANGELOOSE', `^\\s*(${src[t.XRANGEPLAINLOOSE]})` + + `\\s+-\\s+` + + `(${src[t.XRANGEPLAINLOOSE]})` + + `\\s*$`) + +// Star ranges basically just allow anything at all. +createToken('STAR', '(<|>)?=?\\s*\\*') diff --git a/node_modules/npm-registry-fetch/node_modules/semver/package.json b/node_modules/npm-registry-fetch/node_modules/semver/package.json new file mode 100644 index 000000000..646da3ce3 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/package.json @@ -0,0 +1,71 @@ +{ + "_from": "semver@^7.0.0", + "_id": "semver@7.1.2", + "_inBundle": false, + "_integrity": "sha512-BJs9T/H8sEVHbeigqzIEo57Iu/3DG6c4QoqTfbQB3BPA4zgzAomh/Fk9E7QtjWQ8mx2dgA9YCfSF4y9k9bHNpQ==", + "_location": "/npm-registry-fetch/semver", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "semver@^7.0.0", + "name": "semver", + "escapedName": "semver", + "rawSpec": "^7.0.0", + "saveSpec": null, + "fetchSpec": "^7.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch", + "/npm-registry-fetch/npm-package-arg" + ], + "_resolved": "https://registry.npmjs.org/semver/-/semver-7.1.2.tgz", + "_shasum": "847bae5bce68c5d08889824f02667199b70e3d87", + "_spec": "semver@^7.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch", + "bin": { + "semver": "bin/semver.js" + }, + "bugs": { + "url": "https://github.com/npm/node-semver/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "The semantic version parser used by npm.", + "devDependencies": { + "tap": "^14.10.2" + }, + "engines": { + "node": ">=10" + }, + "files": [ + "bin", + "range.bnf", + "classes", + "functions", + "internal", + "ranges", + "index.js", + "preload.js" + ], + "homepage": "https://github.com/npm/node-semver#readme", + "license": "ISC", + "main": "index.js", + "name": "semver", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/node-semver.git" + }, + "scripts": { + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "snap": "tap", + "test": "tap" + }, + "tap": { + "check-coverage": true, + "coverage-map": "map.js" + }, + "version": "7.1.2" +} diff --git a/node_modules/npm-registry-fetch/node_modules/semver/preload.js b/node_modules/npm-registry-fetch/node_modules/semver/preload.js new file mode 100644 index 000000000..947cd4f79 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/preload.js @@ -0,0 +1,2 @@ +// XXX remove in v8 or beyond +module.exports = require('./index.js') diff --git a/node_modules/npm-registry-fetch/node_modules/semver/range.bnf b/node_modules/npm-registry-fetch/node_modules/semver/range.bnf new file mode 100644 index 000000000..d4c6ae0d7 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/range.bnf @@ -0,0 +1,16 @@ +range-set ::= range ( logical-or range ) * +logical-or ::= ( ' ' ) * '||' ( ' ' ) * +range ::= hyphen | simple ( ' ' simple ) * | '' +hyphen ::= partial ' - ' partial +simple ::= primitive | partial | tilde | caret +primitive ::= ( '<' | '>' | '>=' | '<=' | '=' ) partial +partial ::= xr ( '.' xr ( '.' xr qualifier ? )? )? +xr ::= 'x' | 'X' | '*' | nr +nr ::= '0' | [1-9] ( [0-9] ) * +tilde ::= '~' partial +caret ::= '^' partial +qualifier ::= ( '-' pre )? ( '+' build )? +pre ::= parts +build ::= parts +parts ::= part ( '.' part ) * +part ::= nr | [-0-9A-Za-z]+ diff --git a/node_modules/npm-registry-fetch/node_modules/semver/ranges/gtr.js b/node_modules/npm-registry-fetch/node_modules/semver/ranges/gtr.js new file mode 100644 index 000000000..db7e35599 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/ranges/gtr.js @@ -0,0 +1,4 @@ +// Determine if version is greater than all the versions possible in the range. +const outside = require('./outside') +const gtr = (version, range, options) => outside(version, range, '>', options) +module.exports = gtr diff --git a/node_modules/npm-registry-fetch/node_modules/semver/ranges/intersects.js b/node_modules/npm-registry-fetch/node_modules/semver/ranges/intersects.js new file mode 100644 index 000000000..3d1a6f31d --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/ranges/intersects.js @@ -0,0 +1,7 @@ +const Range = require('../classes/range') +const intersects = (r1, r2, options) => { + r1 = new Range(r1, options) + r2 = new Range(r2, options) + return r1.intersects(r2) +} +module.exports = intersects diff --git a/node_modules/npm-registry-fetch/node_modules/semver/ranges/ltr.js b/node_modules/npm-registry-fetch/node_modules/semver/ranges/ltr.js new file mode 100644 index 000000000..528a885eb --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/ranges/ltr.js @@ -0,0 +1,4 @@ +const outside = require('./outside') +// Determine if version is less than all the versions possible in the range +const ltr = (version, range, options) => outside(version, range, '<', options) +module.exports = ltr diff --git a/node_modules/npm-registry-fetch/node_modules/semver/ranges/max-satisfying.js b/node_modules/npm-registry-fetch/node_modules/semver/ranges/max-satisfying.js new file mode 100644 index 000000000..6e3d993c6 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/ranges/max-satisfying.js @@ -0,0 +1,25 @@ +const SemVer = require('../classes/semver') +const Range = require('../classes/range') + +const maxSatisfying = (versions, range, options) => { + let max = null + let maxSV = null + let rangeObj = null + try { + rangeObj = new Range(range, options) + } catch (er) { + return null + } + versions.forEach((v) => { + if (rangeObj.test(v)) { + // satisfies(v, range, options) + if (!max || maxSV.compare(v) === -1) { + // compare(max, v, true) + max = v + maxSV = new SemVer(max, options) + } + } + }) + return max +} +module.exports = maxSatisfying diff --git a/node_modules/npm-registry-fetch/node_modules/semver/ranges/min-satisfying.js b/node_modules/npm-registry-fetch/node_modules/semver/ranges/min-satisfying.js new file mode 100644 index 000000000..9b60974e2 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/ranges/min-satisfying.js @@ -0,0 +1,24 @@ +const SemVer = require('../classes/semver') +const Range = require('../classes/range') +const minSatisfying = (versions, range, options) => { + let min = null + let minSV = null + let rangeObj = null + try { + rangeObj = new Range(range, options) + } catch (er) { + return null + } + versions.forEach((v) => { + if (rangeObj.test(v)) { + // satisfies(v, range, options) + if (!min || minSV.compare(v) === 1) { + // compare(min, v, true) + min = v + minSV = new SemVer(min, options) + } + } + }) + return min +} +module.exports = minSatisfying diff --git a/node_modules/npm-registry-fetch/node_modules/semver/ranges/min-version.js b/node_modules/npm-registry-fetch/node_modules/semver/ranges/min-version.js new file mode 100644 index 000000000..7118d237b --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/ranges/min-version.js @@ -0,0 +1,57 @@ +const SemVer = require('../classes/semver') +const Range = require('../classes/range') +const gt = require('../functions/gt') + +const minVersion = (range, loose) => { + range = new Range(range, loose) + + let minver = new SemVer('0.0.0') + if (range.test(minver)) { + return minver + } + + minver = new SemVer('0.0.0-0') + if (range.test(minver)) { + return minver + } + + minver = null + for (let i = 0; i < range.set.length; ++i) { + const comparators = range.set[i] + + comparators.forEach((comparator) => { + // Clone to avoid manipulating the comparator's semver object. + const compver = new SemVer(comparator.semver.version) + switch (comparator.operator) { + case '>': + if (compver.prerelease.length === 0) { + compver.patch++ + } else { + compver.prerelease.push(0) + } + compver.raw = compver.format() + /* fallthrough */ + case '': + case '>=': + if (!minver || gt(minver, compver)) { + minver = compver + } + break + case '<': + case '<=': + /* Ignore maximum versions */ + break + /* istanbul ignore next */ + default: + throw new Error(`Unexpected operation: ${comparator.operator}`) + } + }) + } + + if (minver && range.test(minver)) { + return minver + } + + return null +} +module.exports = minVersion diff --git a/node_modules/npm-registry-fetch/node_modules/semver/ranges/outside.js b/node_modules/npm-registry-fetch/node_modules/semver/ranges/outside.js new file mode 100644 index 000000000..e35ed1176 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/ranges/outside.js @@ -0,0 +1,80 @@ +const SemVer = require('../classes/semver') +const Comparator = require('../classes/comparator') +const {ANY} = Comparator +const Range = require('../classes/range') +const satisfies = require('../functions/satisfies') +const gt = require('../functions/gt') +const lt = require('../functions/lt') +const lte = require('../functions/lte') +const gte = require('../functions/gte') + +const outside = (version, range, hilo, options) => { + version = new SemVer(version, options) + range = new Range(range, options) + + let gtfn, ltefn, ltfn, comp, ecomp + switch (hilo) { + case '>': + gtfn = gt + ltefn = lte + ltfn = lt + comp = '>' + ecomp = '>=' + break + case '<': + gtfn = lt + ltefn = gte + ltfn = gt + comp = '<' + ecomp = '<=' + break + default: + throw new TypeError('Must provide a hilo val of "<" or ">"') + } + + // If it satisifes the range it is not outside + if (satisfies(version, range, options)) { + return false + } + + // From now on, variable terms are as if we're in "gtr" mode. + // but note that everything is flipped for the "ltr" function. + + for (let i = 0; i < range.set.length; ++i) { + const comparators = range.set[i] + + let high = null + let low = null + + comparators.forEach((comparator) => { + if (comparator.semver === ANY) { + comparator = new Comparator('>=0.0.0') + } + high = high || comparator + low = low || comparator + if (gtfn(comparator.semver, high.semver, options)) { + high = comparator + } else if (ltfn(comparator.semver, low.semver, options)) { + low = comparator + } + }) + + // If the edge version comparator has a operator then our version + // isn't outside it + if (high.operator === comp || high.operator === ecomp) { + return false + } + + // If the lowest version comparator has an operator and our version + // is less than it then it isn't higher than the range + if ((!low.operator || low.operator === comp) && + ltefn(version, low.semver)) { + return false + } else if (low.operator === ecomp && ltfn(version, low.semver)) { + return false + } + } + return true +} + +module.exports = outside diff --git a/node_modules/npm-registry-fetch/node_modules/semver/ranges/to-comparators.js b/node_modules/npm-registry-fetch/node_modules/semver/ranges/to-comparators.js new file mode 100644 index 000000000..6c8bc7e6f --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/ranges/to-comparators.js @@ -0,0 +1,8 @@ +const Range = require('../classes/range') + +// Mostly just for testing and legacy API reasons +const toComparators = (range, options) => + new Range(range, options).set + .map(comp => comp.map(c => c.value).join(' ').trim().split(' ')) + +module.exports = toComparators diff --git a/node_modules/npm-registry-fetch/node_modules/semver/ranges/valid.js b/node_modules/npm-registry-fetch/node_modules/semver/ranges/valid.js new file mode 100644 index 000000000..365f35689 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/semver/ranges/valid.js @@ -0,0 +1,11 @@ +const Range = require('../classes/range') +const validRange = (range, options) => { + try { + // Return '*' instead of '' so that truthiness works. + // This will throw if it's invalid anyway + return new Range(range, options).range || '*' + } catch (er) { + return null + } +} +module.exports = validRange diff --git a/node_modules/npm-registry-fetch/node_modules/ssri/CHANGELOG.md b/node_modules/npm-registry-fetch/node_modules/ssri/CHANGELOG.md new file mode 100644 index 000000000..1d5447aea --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/ssri/CHANGELOG.md @@ -0,0 +1,323 @@ +# Changelog + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +## [7.1.0](https://github.com/npm/ssri/compare/v7.0.1...v7.1.0) (2019-10-24) + + +### Bug Fixes + +* Do not blow up if the opts object is mutated ([806e8c8](https://github.com/npm/ssri/commit/806e8c8)) + + +### Features + +* Add Integrity#merge method ([0572c1d](https://github.com/npm/ssri/commit/0572c1d)), closes [#4](https://github.com/npm/ssri/issues/4) + +### [7.0.1](https://github.com/npm/ssri/compare/v7.0.0...v7.0.1) (2019-09-30) + +## [7.0.0](https://github.com/npm/ssri/compare/v6.0.1...v7.0.0) (2019-09-18) + + +### ⚠ BREAKING CHANGES + +* ssri no longer accepts a Promise option, and does not +use, return, or rely on Bluebird promises. +* drop support for Node.js v6. + +We knew this was coming, and the Stream changes are breaking anyway. +May as well do this now. +* **streams:** this replaces the Node.js stream with a Minipass +stream. See http://npm.im/minipass for documentation. + +### Bug Fixes + +* return super.write() return value ([55b055d](https://github.com/npm/ssri/commit/55b055d)) + + +* Use native promises only ([6d13165](https://github.com/npm/ssri/commit/6d13165)) +* update tap, standard, standard-version, travis ([2e54956](https://github.com/npm/ssri/commit/2e54956)) +* **streams:** replace transform streams with minipass ([363995e](https://github.com/npm/ssri/commit/363995e)) + +<a name="6.0.1"></a> +## [6.0.1](https://github.com/npm/ssri/compare/v6.0.0...v6.0.1) (2018-08-27) + + +### Bug Fixes + +* **opts:** use figgy-pudding to specify consumed opts ([cf86553](https://github.com/npm/ssri/commit/cf86553)) + + + +<a name="6.0.0"></a> +# [6.0.0](https://github.com/npm/ssri/compare/v5.3.0...v6.0.0) (2018-04-09) + + +### Bug Fixes + +* **docs:** minor typo ([b71ef17](https://github.com/npm/ssri/commit/b71ef17)) + + +### meta + +* drop support for node@4 ([d9bf359](https://github.com/npm/ssri/commit/d9bf359)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="5.3.0"></a> +# [5.3.0](https://github.com/npm/ssri/compare/v5.2.4...v5.3.0) (2018-03-13) + + +### Features + +* **checkData:** optionally throw when checkData fails ([bf26b84](https://github.com/npm/ssri/commit/bf26b84)) + + + +<a name="5.2.4"></a> +## [5.2.4](https://github.com/npm/ssri/compare/v5.2.3...v5.2.4) (2018-02-16) + + + +<a name="5.2.3"></a> +## [5.2.3](https://github.com/npm/ssri/compare/v5.2.2...v5.2.3) (2018-02-16) + + +### Bug Fixes + +* **hashes:** filter hash priority list by available hashes ([2fa30b8](https://github.com/npm/ssri/commit/2fa30b8)) +* **integrityStream:** dedupe algorithms to generate ([d56c654](https://github.com/npm/ssri/commit/d56c654)) + + + +<a name="5.2.2"></a> +## [5.2.2](https://github.com/npm/ssri/compare/v5.2.1...v5.2.2) (2018-02-14) + + +### Bug Fixes + +* **security:** tweak strict SRI regex ([#10](https://github.com/npm/ssri/issues/10)) ([d0ebcdc](https://github.com/npm/ssri/commit/d0ebcdc)) + + + +<a name="5.2.1"></a> +## [5.2.1](https://github.com/npm/ssri/compare/v5.2.0...v5.2.1) (2018-02-06) + + + +<a name="5.2.0"></a> +# [5.2.0](https://github.com/npm/ssri/compare/v5.1.0...v5.2.0) (2018-02-06) + + +### Features + +* **match:** add integrity.match() ([3c49cc4](https://github.com/npm/ssri/commit/3c49cc4)) + + + +<a name="5.1.0"></a> +# [5.1.0](https://github.com/npm/ssri/compare/v5.0.0...v5.1.0) (2018-01-18) + + +### Bug Fixes + +* **checkStream:** integrityStream now takes opts.integrity algos into account ([d262910](https://github.com/npm/ssri/commit/d262910)) + + +### Features + +* **sha3:** do some guesswork about upcoming sha3 ([7fdd9df](https://github.com/npm/ssri/commit/7fdd9df)) + + + +<a name="5.0.0"></a> +# [5.0.0](https://github.com/npm/ssri/compare/v4.1.6...v5.0.0) (2017-10-23) + + +### Features + +* **license:** relicense to ISC (#9) ([c82983a](https://github.com/npm/ssri/commit/c82983a)) + + +### BREAKING CHANGES + +* **license:** the license has been changed from CC0-1.0 to ISC. + + + +<a name="4.1.6"></a> +## [4.1.6](https://github.com/npm/ssri/compare/v4.1.5...v4.1.6) (2017-06-07) + + +### Bug Fixes + +* **checkStream:** make sure to pass all opts through ([0b1bcbe](https://github.com/npm/ssri/commit/0b1bcbe)) + + + +<a name="4.1.5"></a> +## [4.1.5](https://github.com/npm/ssri/compare/v4.1.4...v4.1.5) (2017-06-05) + + +### Bug Fixes + +* **integrityStream:** stop crashing if opts.algorithms and opts.integrity have an algo mismatch ([fb1293e](https://github.com/npm/ssri/commit/fb1293e)) + + + +<a name="4.1.4"></a> +## [4.1.4](https://github.com/npm/ssri/compare/v4.1.3...v4.1.4) (2017-05-31) + + +### Bug Fixes + +* **node:** older versions of node[@4](https://github.com/4) do not support base64buffer string parsing ([513df4e](https://github.com/npm/ssri/commit/513df4e)) + + + +<a name="4.1.3"></a> +## [4.1.3](https://github.com/npm/ssri/compare/v4.1.2...v4.1.3) (2017-05-24) + + +### Bug Fixes + +* **check:** handle various bad hash corner cases better ([c2c262b](https://github.com/npm/ssri/commit/c2c262b)) + + + +<a name="4.1.2"></a> +## [4.1.2](https://github.com/npm/ssri/compare/v4.1.1...v4.1.2) (2017-04-18) + + +### Bug Fixes + +* **stream:** _flush can be called multiple times. use on("end") ([b1c4805](https://github.com/npm/ssri/commit/b1c4805)) + + + +<a name="4.1.1"></a> +## [4.1.1](https://github.com/npm/ssri/compare/v4.1.0...v4.1.1) (2017-04-12) + + +### Bug Fixes + +* **pickAlgorithm:** error if pickAlgorithm() is used in an empty Integrity ([fab470e](https://github.com/npm/ssri/commit/fab470e)) + + + +<a name="4.1.0"></a> +# [4.1.0](https://github.com/npm/ssri/compare/v4.0.0...v4.1.0) (2017-04-07) + + +### Features + +* adding ssri.create for a crypto style interface (#2) ([96f52ad](https://github.com/npm/ssri/commit/96f52ad)) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/ssri/compare/v3.0.2...v4.0.0) (2017-04-03) + + +### Bug Fixes + +* **integrity:** should have changed the error code before. oops ([8381afa](https://github.com/npm/ssri/commit/8381afa)) + + +### BREAKING CHANGES + +* **integrity:** EBADCHECKSUM -> EINTEGRITY for verification errors + + + +<a name="3.0.2"></a> +## [3.0.2](https://github.com/npm/ssri/compare/v3.0.1...v3.0.2) (2017-04-03) + + + +<a name="3.0.1"></a> +## [3.0.1](https://github.com/npm/ssri/compare/v3.0.0...v3.0.1) (2017-04-03) + + +### Bug Fixes + +* **package.json:** really should have these in the keywords because search ([a6ac6d0](https://github.com/npm/ssri/commit/a6ac6d0)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/ssri/compare/v2.0.0...v3.0.0) (2017-04-03) + + +### Bug Fixes + +* **hashes:** IntegrityMetadata -> Hash ([d04aa1f](https://github.com/npm/ssri/commit/d04aa1f)) + + +### Features + +* **check:** return IntegrityMetadata on check success ([2301e74](https://github.com/npm/ssri/commit/2301e74)) +* **fromHex:** ssri.fromHex to make it easier to generate them from hex valus ([049b89e](https://github.com/npm/ssri/commit/049b89e)) +* **hex:** utility function for getting hex version of digest ([a9f021c](https://github.com/npm/ssri/commit/a9f021c)) +* **hexDigest:** added hexDigest method to Integrity objects too ([85208ba](https://github.com/npm/ssri/commit/85208ba)) +* **integrity:** add .isIntegrity and .isIntegrityMetadata ([1b29e6f](https://github.com/npm/ssri/commit/1b29e6f)) +* **integrityStream:** new stream that can both generate and check streamed data ([fd23e1b](https://github.com/npm/ssri/commit/fd23e1b)) +* **parse:** allow parsing straight into a single IntegrityMetadata object ([c8ddf48](https://github.com/npm/ssri/commit/c8ddf48)) +* **pickAlgorithm:** Intergrity#pickAlgorithm() added ([b97a796](https://github.com/npm/ssri/commit/b97a796)) +* **size:** calculate and update stream sizes ([02ed1ad](https://github.com/npm/ssri/commit/02ed1ad)) + + +### BREAKING CHANGES + +* **hashes:** `.isIntegrityMetadata` is now `.isHash`. Also, any references to `IntegrityMetadata` now refer to `Hash`. +* **integrityStream:** createCheckerStream has been removed and replaced with a general-purpose integrityStream. + +To convert existing createCheckerStream code, move the `sri` argument into `opts.integrity` in integrityStream. All other options should be the same. +* **check:** `checkData`, `checkStream`, and `createCheckerStream` now yield a whole IntegrityMetadata instance representing the first successful hash match. + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/ssri/compare/v1.0.0...v2.0.0) (2017-03-24) + + +### Bug Fixes + +* **strict-mode:** make regexes more rigid ([122a32c](https://github.com/npm/ssri/commit/122a32c)) + + +### Features + +* **api:** added serialize alias for unparse ([999b421](https://github.com/npm/ssri/commit/999b421)) +* **concat:** add Integrity#concat() ([cae12c7](https://github.com/npm/ssri/commit/cae12c7)) +* **pickAlgo:** pick the strongest algorithm provided, by default ([58c18f7](https://github.com/npm/ssri/commit/58c18f7)) +* **strict-mode:** strict SRI support ([3f0b64c](https://github.com/npm/ssri/commit/3f0b64c)) +* **stringify:** replaced unparse/serialize with stringify ([4acad30](https://github.com/npm/ssri/commit/4acad30)) +* **verification:** add opts.pickAlgorithm ([f72e658](https://github.com/npm/ssri/commit/f72e658)) + + +### BREAKING CHANGES + +* **pickAlgo:** ssri will prioritize specific hashes now +* **stringify:** serialize and unparse have been removed. Use ssri.stringify instead. +* **strict-mode:** functions that accepted an optional `sep` argument now expect `opts.sep`. + + + +<a name="1.0.0"></a> +# 1.0.0 (2017-03-23) + + +### Features + +* **api:** implemented initial api ([4fbb16b](https://github.com/npm/ssri/commit/4fbb16b)) + + +### BREAKING CHANGES + +* **api:** Initial API established. diff --git a/node_modules/npm-registry-fetch/node_modules/ssri/LICENSE.md b/node_modules/npm-registry-fetch/node_modules/ssri/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/ssri/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/ssri/README.md b/node_modules/npm-registry-fetch/node_modules/ssri/README.md new file mode 100644 index 000000000..0cd41be89 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/ssri/README.md @@ -0,0 +1,528 @@ +# ssri [](https://npm.im/ssri) [](https://npm.im/ssri) [](https://travis-ci.org/npm/ssri) [](https://ci.appveyor.com/project/npm/ssri) [](https://coveralls.io/github/npm/ssri?branch=latest) + +[`ssri`](https://github.com/npm/ssri), short for Standard Subresource +Integrity, is a Node.js utility for parsing, manipulating, serializing, +generating, and verifying [Subresource +Integrity](https://w3c.github.io/webappsec/specs/subresourceintegrity/) hashes. + +## Install + +`$ npm install --save ssri` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * Parsing & Serializing + * [`parse`](#parse) + * [`stringify`](#stringify) + * [`Integrity#concat`](#integrity-concat) + * [`Integrity#merge`](#integrity-merge) + * [`Integrity#toString`](#integrity-to-string) + * [`Integrity#toJSON`](#integrity-to-json) + * [`Integrity#match`](#integrity-match) + * [`Integrity#pickAlgorithm`](#integrity-pick-algorithm) + * [`Integrity#hexDigest`](#integrity-hex-digest) + * Integrity Generation + * [`fromHex`](#from-hex) + * [`fromData`](#from-data) + * [`fromStream`](#from-stream) + * [`create`](#create) + * Integrity Verification + * [`checkData`](#check-data) + * [`checkStream`](#check-stream) + * [`integrityStream`](#integrity-stream) + +### Example + +```javascript +const ssri = require('ssri') + +const integrity = 'sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo' + +// Parsing and serializing +const parsed = ssri.parse(integrity) +ssri.stringify(parsed) // === integrity (works on non-Integrity objects) +parsed.toString() // === integrity + +// Async stream functions +ssri.checkStream(fs.createReadStream('./my-file'), integrity).then(...) +ssri.fromStream(fs.createReadStream('./my-file')).then(sri => { + sri.toString() === integrity +}) +fs.createReadStream('./my-file').pipe(ssri.createCheckerStream(sri)) + +// Sync data functions +ssri.fromData(fs.readFileSync('./my-file')) // === parsed +ssri.checkData(fs.readFileSync('./my-file'), integrity) // => 'sha512' +``` + +### Features + +* Parses and stringifies SRI strings. +* Generates SRI strings from raw data or Streams. +* Strict standard compliance. +* `?foo` metadata option support. +* Multiple entries for the same algorithm. +* Object-based integrity hash manipulation. +* Small footprint: no dependencies, concise implementation. +* Full test coverage. +* Customizable algorithm picker. + +### Contributing + +The ssri team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +### API + +#### <a name="parse"></a> `> ssri.parse(sri, [opts]) -> Integrity` + +Parses `sri` into an `Integrity` data structure. `sri` can be an integrity +string, an `Hash`-like with `digest` and `algorithm` fields and an optional +`options` field, or an `Integrity`-like object. The resulting object will be an +`Integrity` instance that has this shape: + +```javascript +{ + 'sha1': [{algorithm: 'sha1', digest: 'deadbeef', options: []}], + 'sha512': [ + {algorithm: 'sha512', digest: 'c0ffee', options: []}, + {algorithm: 'sha512', digest: 'bad1dea', options: ['foo']} + ], +} +``` + +If `opts.single` is truthy, a single `Hash` object will be returned. That is, a +single object that looks like `{algorithm, digest, options}`, as opposed to a +larger object with multiple of these. + +If `opts.strict` is truthy, the resulting object will be filtered such that +it strictly follows the Subresource Integrity spec, throwing away any entries +with any invalid components. This also means a restricted set of algorithms +will be used -- the spec limits them to `sha256`, `sha384`, and `sha512`. + +Strict mode is recommended if the integrity strings are intended for use in +browsers, or in other situations where strict adherence to the spec is needed. + +##### Example + +```javascript +ssri.parse('sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo') // -> Integrity object +``` + +#### <a name="stringify"></a> `> ssri.stringify(sri, [opts]) -> String` + +This function is identical to [`Integrity#toString()`](#integrity-to-string), +except it can be used on _any_ object that [`parse`](#parse) can handle -- that +is, a string, an `Hash`-like, or an `Integrity`-like. + +The `opts.sep` option defines the string to use when joining multiple entries +together. To be spec-compliant, this _must_ be whitespace. The default is a +single space (`' '`). + +If `opts.strict` is true, the integrity string will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +// Useful for cleaning up input SRI strings: +ssri.stringify('\n\rsha512-foo\n\t\tsha384-bar') +// -> 'sha512-foo sha384-bar' + +// Hash-like: only a single entry. +ssri.stringify({ + algorithm: 'sha512', + digest:'9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==', + options: ['foo'] +}) +// -> +// 'sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo' + +// Integrity-like: full multi-entry syntax. Similar to output of `ssri.parse` +ssri.stringify({ + 'sha512': [ + { + algorithm: 'sha512', + digest:'9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==', + options: ['foo'] + } + ] +}) +// -> +// 'sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo' +``` + +#### <a name="integrity-concat"></a> `> Integrity#concat(otherIntegrity, [opts]) -> Integrity` + +Concatenates an `Integrity` object with another IntegrityLike, or an integrity +string. + +This is functionally equivalent to concatenating the string format of both +integrity arguments, and calling [`ssri.parse`](#ssri-parse) on the new string. + +If `opts.strict` is true, the new `Integrity` will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +// This will combine the integrity checks for two different versions of +// your index.js file so you can use a single integrity string and serve +// either of these to clients, from a single `<script>` tag. +const desktopIntegrity = ssri.fromData(fs.readFileSync('./index.desktop.js')) +const mobileIntegrity = ssri.fromData(fs.readFileSync('./index.mobile.js')) + +// Note that browsers (and ssri) will succeed as long as ONE of the entries +// for the *prioritized* algorithm succeeds. That is, in order for this fallback +// to work, both desktop and mobile *must* use the same `algorithm` values. +desktopIntegrity.concat(mobileIntegrity) +``` + +#### <a name="integrity-merge"></a> `> Integrity#merge(otherIntegrity, [opts])` + +Safely merges another IntegrityLike or integrity string into an `Integrity` +object. + +If the other integrity value has any algorithms in common with the current +object, then the hash digests must match, or an error is thrown. + +Any new hashes will be added to the current object's set. + +This is useful when an integrity value may be upgraded with a stronger +algorithm, you wish to prevent accidentally supressing integrity errors by +overwriting the expected integrity value. + +##### Example + +```javascript +const data = fs.readFileSync('data.txt') + +// integrity.txt contains 'sha1-X1UT+IIv2+UUWvM7ZNjZcNz5XG4=' +// because we were young, and didn't realize sha1 would not last +const expectedIntegrity = ssri.parse(fs.readFileSync('integrity.txt', 'utf8')) +const match = ssri.checkData(data, expectedIntegrity, { + algorithms: ['sha512', 'sha1'] +}) +if (!match) { + throw new Error('data corrupted or something!') +} + +// get a stronger algo! +if (match && match.algorithm !== 'sha512') { + const updatedIntegrity = ssri.fromData(data, { algorithms: ['sha512'] }) + expectedIntegrity.merge(updatedIntegrity) + fs.writeFileSync('integrity.txt', expectedIntegrity.toString()) + // file now contains + // 'sha1-X1UT+IIv2+UUWvM7ZNjZcNz5XG4= sha512-yzd8ELD1piyANiWnmdnpCL5F52f10UfUdEkHywVZeqTt0ymgrxR63Qz0GB7TKPoeeZQmWCaz7T1+9vBnypkYWg==' +} +``` + +#### <a name="integrity-to-string"></a> `> Integrity#toString([opts]) -> String` + +Returns the string representation of an `Integrity` object. All hash entries +will be concatenated in the string by `opts.sep`, which defaults to `' '`. + +If you want to serialize an object that didn't come from an `ssri` function, +use [`ssri.stringify()`](#stringify). + +If `opts.strict` is true, the integrity string will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +const integrity = 'sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo' + +ssri.parse(integrity).toString() === integrity +``` + +#### <a name="integrity-to-json"></a> `> Integrity#toJSON() -> String` + +Returns the string representation of an `Integrity` object. All hash entries +will be concatenated in the string by `' '`. + +This is a convenience method so you can pass an `Integrity` object directly to `JSON.stringify`. +For more info check out [toJSON() behavior on mdn](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#toJSON%28%29_behavior). + +##### Example + +```javascript +const integrity = '"sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo"' + +JSON.stringify(ssri.parse(integrity)) === integrity +``` + +#### <a name="integrity-match"></a> `> Integrity#match(sri, [opts]) -> Hash | false` + +Returns the matching (truthy) hash if `Integrity` matches the argument passed as +`sri`, which can be anything that [`parse`](#parse) will accept. `opts` will be +passed through to `parse` and [`pickAlgorithm()`](#integrity-pick-algorithm). + +##### Example + +```javascript +const integrity = 'sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==' + +ssri.parse(integrity).match(integrity) +// Hash { +// digest: '9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==' +// algorithm: 'sha512' +// } + +ssri.parse(integrity).match('sha1-deadbeef') +// false +``` + +#### <a name="integrity-pick-algorithm"></a> `> Integrity#pickAlgorithm([opts]) -> String` + +Returns the "best" algorithm from those available in the integrity object. + +If `opts.pickAlgorithm` is provided, it will be passed two algorithms as +arguments. ssri will prioritize whichever of the two algorithms is returned by +this function. Note that the function may be called multiple times, and it +**must** return one of the two algorithms provided. By default, ssri will make +a best-effort to pick the strongest/most reliable of the given algorithms. It +may intentionally deprioritize algorithms with known vulnerabilities. + +##### Example + +```javascript +ssri.parse('sha1-WEakDigEST sha512-yzd8ELD1piyANiWnmdnpCL5F52f10UfUdEkHywVZeqTt0ymgrxR63Qz0GB7TKPoeeZQmWCaz7T1').pickAlgorithm() // sha512 +``` + +#### <a name="integrity-hex-digest"></a> `> Integrity#hexDigest() -> String` + +`Integrity` is assumed to be either a single-hash `Integrity` instance, or a +`Hash` instance. Returns its `digest`, converted to a hex representation of the +base64 data. + +##### Example + +```javascript +ssri.parse('sha1-deadbeef').hexDigest() // '75e69d6de79f' +``` + +#### <a name="from-hex"></a> `> ssri.fromHex(hexDigest, algorithm, [opts]) -> Integrity` + +Creates an `Integrity` object with a single entry, based on a hex-formatted +hash. This is a utility function to help convert existing shasums to the +Integrity format, and is roughly equivalent to something like: + +```javascript +algorithm + '-' + Buffer.from(hexDigest, 'hex').toString('base64') +``` + +`opts.options` may optionally be passed in: it must be an array of option +strings that will be added to all generated integrity hashes generated by +`fromData`. This is a loosely-specified feature of SRIs, and currently has no +specified semantics besides being `?`-separated. Use at your own risk, and +probably avoid if your integrity strings are meant to be used with browsers. + +If `opts.strict` is true, the integrity object will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +If `opts.single` is true, a single `Hash` object will be returned. + +##### Example + +```javascript +ssri.fromHex('75e69d6de79f', 'sha1').toString() // 'sha1-deadbeef' +``` + +#### <a name="from-data"></a> `> ssri.fromData(data, [opts]) -> Integrity` + +Creates an `Integrity` object from either string or `Buffer` data, calculating +all the requested hashes and adding any specified options to the object. + +`opts.algorithms` determines which algorithms to generate hashes for. All +results will be included in a single `Integrity` object. The default value for +`opts.algorithms` is `['sha512']`. All algorithm strings must be hashes listed +in `crypto.getHashes()` for the host Node.js platform. + +`opts.options` may optionally be passed in: it must be an array of option +strings that will be added to all generated integrity hashes generated by +`fromData`. This is a loosely-specified feature of SRIs, and currently has no +specified semantics besides being `?`-separated. Use at your own risk, and +probably avoid if your integrity strings are meant to be used with browsers. + +If `opts.strict` is true, the integrity object will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +const integrityObj = ssri.fromData('foobarbaz', { + algorithms: ['sha256', 'sha384', 'sha512'] +}) +integrity.toString('\n') +// -> +// sha256-l981iLWj8kurw4UbNy8Lpxqdzd7UOxS50Glhv8FwfZ0= +// sha384-irnCxQ0CfQhYGlVAUdwTPC9bF3+YWLxlaDGM4xbYminxpbXEq+D+2GCEBTxcjES9 +// sha512-yzd8ELD1piyANiWnmdnpCL5F52f10UfUdEkHywVZeqTt0ymgrxR63Qz0GB7TKPoeeZQmWCaz7T1+9vBnypkYWg== +``` + +#### <a name="from-stream"></a> `> ssri.fromStream(stream, [opts]) -> Promise<Integrity>` + +Returns a Promise of an Integrity object calculated by reading data from +a given `stream`. + +It accepts both `opts.algorithms` and `opts.options`, which are documented as +part of [`ssri.fromData`](#from-data). + +Additionally, `opts.Promise` may be passed in to inject a Promise library of +choice. By default, ssri will use Node's built-in Promises. + +If `opts.strict` is true, the integrity object will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +ssri.fromStream(fs.createReadStream('index.js'), { + algorithms: ['sha1', 'sha512'] +}).then(integrity => { + return ssri.checkStream(fs.createReadStream('index.js'), integrity) +}) // succeeds +``` + +#### <a name="create"></a> `> ssri.create([opts]) -> <Hash>` + +Returns a Hash object with `update(<Buffer or string>[,enc])` and `digest()` methods. + + +The Hash object provides the same methods as [crypto class Hash](https://nodejs.org/dist/latest-v6.x/docs/api/crypto.html#crypto_class_hash). +`digest()` accepts no arguments and returns an Integrity object calculated by reading data from +calls to update. + +It accepts both `opts.algorithms` and `opts.options`, which are documented as +part of [`ssri.fromData`](#from-data). + +If `opts.strict` is true, the integrity object will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +const integrity = ssri.create().update('foobarbaz').digest() +integrity.toString() +// -> +// sha512-yzd8ELD1piyANiWnmdnpCL5F52f10UfUdEkHywVZeqTt0ymgrxR63Qz0GB7TKPoeeZQmWCaz7T1+9vBnypkYWg== +``` + +#### <a name="check-data"></a> `> ssri.checkData(data, sri, [opts]) -> Hash|false` + +Verifies `data` integrity against an `sri` argument. `data` may be either a +`String` or a `Buffer`, and `sri` can be any subresource integrity +representation that [`ssri.parse`](#parse) can handle. + +If verification succeeds, `checkData` will return the name of the algorithm that +was used for verification (a truthy value). Otherwise, it will return `false`. + +If `opts.pickAlgorithm` is provided, it will be used by +[`Integrity#pickAlgorithm`](#integrity-pick-algorithm) when deciding which of +the available digests to match against. + +If `opts.error` is true, and verification fails, `checkData` will throw either +an `EBADSIZE` or an `EINTEGRITY` error, instead of just returning false. + +##### Example + +```javascript +const data = fs.readFileSync('index.js') +ssri.checkData(data, ssri.fromData(data)) // -> 'sha512' +ssri.checkData(data, 'sha256-l981iLWj8kurw4UbNy8Lpxqdzd7UOxS50Glhv8FwfZ0') +ssri.checkData(data, 'sha1-BaDDigEST') // -> false +ssri.checkData(data, 'sha1-BaDDigEST', {error: true}) // -> Error! EINTEGRITY +``` + +#### <a name="check-stream"></a> `> ssri.checkStream(stream, sri, [opts]) -> Promise<Hash>` + +Verifies the contents of `stream` against an `sri` argument. `stream` will be +consumed in its entirety by this process. `sri` can be any subresource integrity +representation that [`ssri.parse`](#parse) can handle. + +`checkStream` will return a Promise that either resolves to the +`Hash` that succeeded verification, or, if the verification fails +or an error happens with `stream`, the Promise will be rejected. + +If the Promise is rejected because verification failed, the returned error will +have `err.code` as `EINTEGRITY`. + +If `opts.size` is given, it will be matched against the stream size. An error +with `err.code` `EBADSIZE` will be returned by a rejection if the expected size +and actual size fail to match. + +If `opts.pickAlgorithm` is provided, it will be used by +[`Integrity#pickAlgorithm`](#integrity-pick-algorithm) when deciding which of +the available digests to match against. + +##### Example + +```javascript +const integrity = ssri.fromData(fs.readFileSync('index.js')) + +ssri.checkStream( + fs.createReadStream('index.js'), + integrity +) +// -> +// Promise<{ +// algorithm: 'sha512', +// digest: 'sha512-yzd8ELD1piyANiWnmdnpCL5F52f10UfUdEkHywVZeqTt0ymgrxR63Qz0GB7TKPoeeZQmWCaz7T1' +// }> + +ssri.checkStream( + fs.createReadStream('index.js'), + 'sha256-l981iLWj8kurw4UbNy8Lpxqdzd7UOxS50Glhv8FwfZ0' +) // -> Promise<Hash> + +ssri.checkStream( + fs.createReadStream('index.js'), + 'sha1-BaDDigEST' +) // -> Promise<Error<{code: 'EINTEGRITY'}>> +``` + +#### <a name="integrity-stream"></a> `> integrityStream([opts]) -> IntegrityStream` + +Returns a `Transform` stream that data can be piped through in order to generate +and optionally check data integrity for piped data. When the stream completes +successfully, it emits `size` and `integrity` events, containing the total +number of bytes processed and a calculated `Integrity` instance based on stream +data, respectively. + +If `opts.algorithms` is passed in, the listed algorithms will be calculated when +generating the final `Integrity` instance. The default is `['sha512']`. + +If `opts.single` is passed in, a single `Hash` instance will be returned. + +If `opts.integrity` is passed in, it should be an `integrity` value understood +by [`parse`](#parse) that the stream will check the data against. If +verification succeeds, the integrity stream will emit a `verified` event whose +value is a single `Hash` object that is the one that succeeded verification. If +verification fails, the stream will error with an `EINTEGRITY` error code. + +If `opts.size` is given, it will be matched against the stream size. An error +with `err.code` `EBADSIZE` will be emitted by the stream if the expected size +and actual size fail to match. + +If `opts.pickAlgorithm` is provided, it will be passed two algorithms as +arguments. ssri will prioritize whichever of the two algorithms is returned by +this function. Note that the function may be called multiple times, and it +**must** return one of the two algorithms provided. By default, ssri will make +a best-effort to pick the strongest/most reliable of the given algorithms. It +may intentionally deprioritize algorithms with known vulnerabilities. + +##### Example + +```javascript +const integrity = ssri.fromData(fs.readFileSync('index.js')) +fs.createReadStream('index.js') +.pipe(ssri.integrityStream({integrity})) +``` diff --git a/node_modules/npm-registry-fetch/node_modules/ssri/index.js b/node_modules/npm-registry-fetch/node_modules/ssri/index.js new file mode 100644 index 000000000..daee85d73 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/ssri/index.js @@ -0,0 +1,454 @@ +'use strict' + +const crypto = require('crypto') +const figgyPudding = require('figgy-pudding') +const MiniPass = require('minipass') + +const SPEC_ALGORITHMS = ['sha256', 'sha384', 'sha512'] + +const BASE64_REGEX = /^[a-z0-9+/]+(?:=?=?)$/i +const SRI_REGEX = /^([^-]+)-([^?]+)([?\S*]*)$/ +const STRICT_SRI_REGEX = /^([^-]+)-([A-Za-z0-9+/=]{44,88})(\?[\x21-\x7E]*)*$/ +const VCHAR_REGEX = /^[\x21-\x7E]+$/ + +const SsriOpts = figgyPudding({ + algorithms: { default: ['sha512'] }, + error: { default: false }, + integrity: {}, + options: { default: [] }, + pickAlgorithm: { default: () => getPrioritizedHash }, + sep: { default: ' ' }, + single: { default: false }, + size: {}, + strict: { default: false } +}) + +const getOptString = options => !options || !options.length ? '' + : `?${options.join('?')}` + +const _onEnd = Symbol('_onEnd') +const _getOptions = Symbol('_getOptions') +class IntegrityStream extends MiniPass { + constructor (opts) { + super() + this.size = 0 + this.opts = opts + + // may be overridden later, but set now for class consistency + this[_getOptions]() + + // options used for calculating stream. can't be changed. + this.algorithms = Array.from( + new Set(opts.algorithms.concat(this.algorithm ? [this.algorithm] : [])) + ) + this.hashes = this.algorithms.map(crypto.createHash) + } + + [_getOptions] () { + const opts = this.opts + // For verification + this.sri = opts.integrity ? parse(opts.integrity, opts) : null + this.expectedSize = opts.size + this.goodSri = this.sri ? !!Object.keys(this.sri).length : false + this.algorithm = this.goodSri ? this.sri.pickAlgorithm(opts) : null + this.digests = this.goodSri ? this.sri[this.algorithm] : null + this.optString = getOptString(opts.options) + } + + emit (ev, data) { + if (ev === 'end') this[_onEnd]() + return super.emit(ev, data) + } + + write (data) { + this.size += data.length + this.hashes.forEach(h => h.update(data)) + return super.write(data) + } + + [_onEnd] () { + if (!this.goodSri) { + this[_getOptions]() + } + const newSri = parse(this.hashes.map((h, i) => { + return `${this.algorithms[i]}-${h.digest('base64')}${this.optString}` + }).join(' '), this.opts) + // Integrity verification mode + const match = this.goodSri && newSri.match(this.sri, this.opts) + if (typeof this.expectedSize === 'number' && this.size !== this.expectedSize) { + const err = new Error(`stream size mismatch when checking ${this.sri}.\n Wanted: ${this.expectedSize}\n Found: ${this.size}`) + err.code = 'EBADSIZE' + err.found = this.size + err.expected = this.expectedSize + err.sri = this.sri + this.emit('error', err) + } else if (this.sri && !match) { + const err = new Error(`${this.sri} integrity checksum failed when using ${this.algorithm}: wanted ${this.digests} but got ${newSri}. (${this.size} bytes)`) + err.code = 'EINTEGRITY' + err.found = newSri + err.expected = this.digests + err.algorithm = this.algorithm + err.sri = this.sri + this.emit('error', err) + } else { + this.emit('size', this.size) + this.emit('integrity', newSri) + match && this.emit('verified', match) + } + } +} + +class Hash { + get isHash () { return true } + constructor (hash, opts) { + opts = SsriOpts(opts) + const strict = !!opts.strict + this.source = hash.trim() + + // set default values so that we make V8 happy to + // always see a familiar object template. + this.digest = '' + this.algorithm = '' + this.options = [] + + // 3.1. Integrity metadata (called "Hash" by ssri) + // https://w3c.github.io/webappsec-subresource-integrity/#integrity-metadata-description + const match = this.source.match( + strict + ? STRICT_SRI_REGEX + : SRI_REGEX + ) + if (!match) { return } + if (strict && !SPEC_ALGORITHMS.some(a => a === match[1])) { return } + this.algorithm = match[1] + this.digest = match[2] + + const rawOpts = match[3] + if (rawOpts) { + this.options = rawOpts.slice(1).split('?') + } + } + + hexDigest () { + return this.digest && Buffer.from(this.digest, 'base64').toString('hex') + } + + toJSON () { + return this.toString() + } + + toString (opts) { + opts = SsriOpts(opts) + if (opts.strict) { + // Strict mode enforces the standard as close to the foot of the + // letter as it can. + if (!( + // The spec has very restricted productions for algorithms. + // https://www.w3.org/TR/CSP2/#source-list-syntax + SPEC_ALGORITHMS.some(x => x === this.algorithm) && + // Usually, if someone insists on using a "different" base64, we + // leave it as-is, since there's multiple standards, and the + // specified is not a URL-safe variant. + // https://www.w3.org/TR/CSP2/#base64_value + this.digest.match(BASE64_REGEX) && + // Option syntax is strictly visual chars. + // https://w3c.github.io/webappsec-subresource-integrity/#grammardef-option-expression + // https://tools.ietf.org/html/rfc5234#appendix-B.1 + this.options.every(opt => opt.match(VCHAR_REGEX)) + )) { + return '' + } + } + const options = this.options && this.options.length + ? `?${this.options.join('?')}` + : '' + return `${this.algorithm}-${this.digest}${options}` + } +} + +class Integrity { + get isIntegrity () { return true } + toJSON () { + return this.toString() + } + + toString (opts) { + opts = SsriOpts(opts) + let sep = opts.sep || ' ' + if (opts.strict) { + // Entries must be separated by whitespace, according to spec. + sep = sep.replace(/\S+/g, ' ') + } + return Object.keys(this).map(k => { + return this[k].map(hash => { + return Hash.prototype.toString.call(hash, opts) + }).filter(x => x.length).join(sep) + }).filter(x => x.length).join(sep) + } + + concat (integrity, opts) { + opts = SsriOpts(opts) + const other = typeof integrity === 'string' + ? integrity + : stringify(integrity, opts) + return parse(`${this.toString(opts)} ${other}`, opts) + } + + hexDigest () { + return parse(this, { single: true }).hexDigest() + } + + // add additional hashes to an integrity value, but prevent + // *changing* an existing integrity hash. + merge (integrity, opts) { + opts = SsriOpts(opts) + const other = parse(integrity, opts) + for (const algo in other) { + if (this[algo]) { + if (!this[algo].find(hash => + other[algo].find(otherhash => + hash.digest === otherhash.digest))) { + throw new Error('hashes do not match, cannot update integrity') + } + } else { + this[algo] = other[algo] + } + } + } + + match (integrity, opts) { + opts = SsriOpts(opts) + const other = parse(integrity, opts) + const algo = other.pickAlgorithm(opts) + return ( + this[algo] && + other[algo] && + this[algo].find(hash => + other[algo].find(otherhash => + hash.digest === otherhash.digest + ) + ) + ) || false + } + + pickAlgorithm (opts) { + opts = SsriOpts(opts) + const pickAlgorithm = opts.pickAlgorithm + const keys = Object.keys(this) + if (!keys.length) { + throw new Error(`No algorithms available for ${ + JSON.stringify(this.toString()) + }`) + } + return keys.reduce((acc, algo) => { + return pickAlgorithm(acc, algo) || acc + }) + } +} + +module.exports.parse = parse +function parse (sri, opts) { + opts = SsriOpts(opts) + if (typeof sri === 'string') { + return _parse(sri, opts) + } else if (sri.algorithm && sri.digest) { + const fullSri = new Integrity() + fullSri[sri.algorithm] = [sri] + return _parse(stringify(fullSri, opts), opts) + } else { + return _parse(stringify(sri, opts), opts) + } +} + +function _parse (integrity, opts) { + // 3.4.3. Parse metadata + // https://w3c.github.io/webappsec-subresource-integrity/#parse-metadata + if (opts.single) { + return new Hash(integrity, opts) + } + return integrity.trim().split(/\s+/).reduce((acc, string) => { + const hash = new Hash(string, opts) + if (hash.algorithm && hash.digest) { + const algo = hash.algorithm + if (!acc[algo]) { acc[algo] = [] } + acc[algo].push(hash) + } + return acc + }, new Integrity()) +} + +module.exports.stringify = stringify +function stringify (obj, opts) { + opts = SsriOpts(opts) + if (obj.algorithm && obj.digest) { + return Hash.prototype.toString.call(obj, opts) + } else if (typeof obj === 'string') { + return stringify(parse(obj, opts), opts) + } else { + return Integrity.prototype.toString.call(obj, opts) + } +} + +module.exports.fromHex = fromHex +function fromHex (hexDigest, algorithm, opts) { + opts = SsriOpts(opts) + const optString = getOptString(opts.options) + return parse( + `${algorithm}-${ + Buffer.from(hexDigest, 'hex').toString('base64') + }${optString}`, opts + ) +} + +module.exports.fromData = fromData +function fromData (data, opts) { + opts = SsriOpts(opts) + const algorithms = opts.algorithms + const optString = getOptString(opts.options) + return algorithms.reduce((acc, algo) => { + const digest = crypto.createHash(algo).update(data).digest('base64') + const hash = new Hash( + `${algo}-${digest}${optString}`, + opts + ) + /* istanbul ignore else - it would be VERY strange if the string we + * just calculated with an algo did not have an algo or digest. + */ + if (hash.algorithm && hash.digest) { + const algo = hash.algorithm + if (!acc[algo]) { acc[algo] = [] } + acc[algo].push(hash) + } + return acc + }, new Integrity()) +} + +module.exports.fromStream = fromStream +function fromStream (stream, opts) { + opts = SsriOpts(opts) + const istream = integrityStream(opts) + return new Promise((resolve, reject) => { + stream.pipe(istream) + stream.on('error', reject) + istream.on('error', reject) + let sri + istream.on('integrity', s => { sri = s }) + istream.on('end', () => resolve(sri)) + istream.on('data', () => {}) + }) +} + +module.exports.checkData = checkData +function checkData (data, sri, opts) { + opts = SsriOpts(opts) + sri = parse(sri, opts) + if (!Object.keys(sri).length) { + if (opts.error) { + throw Object.assign( + new Error('No valid integrity hashes to check against'), { + code: 'EINTEGRITY' + } + ) + } else { + return false + } + } + const algorithm = sri.pickAlgorithm(opts) + const digest = crypto.createHash(algorithm).update(data).digest('base64') + const newSri = parse({ algorithm, digest }) + const match = newSri.match(sri, opts) + if (match || !opts.error) { + return match + } else if (typeof opts.size === 'number' && (data.length !== opts.size)) { + const err = new Error(`data size mismatch when checking ${sri}.\n Wanted: ${opts.size}\n Found: ${data.length}`) + err.code = 'EBADSIZE' + err.found = data.length + err.expected = opts.size + err.sri = sri + throw err + } else { + const err = new Error(`Integrity checksum failed when using ${algorithm}: Wanted ${sri}, but got ${newSri}. (${data.length} bytes)`) + err.code = 'EINTEGRITY' + err.found = newSri + err.expected = sri + err.algorithm = algorithm + err.sri = sri + throw err + } +} + +module.exports.checkStream = checkStream +function checkStream (stream, sri, opts) { + opts = SsriOpts(opts) + const checker = integrityStream(opts.concat({ + integrity: sri + })) + return new Promise((resolve, reject) => { + stream.pipe(checker) + stream.on('error', reject) + checker.on('error', reject) + let sri + checker.on('verified', s => { sri = s }) + checker.on('end', () => resolve(sri)) + checker.on('data', () => {}) + }) +} + +module.exports.integrityStream = integrityStream +function integrityStream (opts) { + return new IntegrityStream(SsriOpts(opts)) +} + +module.exports.create = createIntegrity +function createIntegrity (opts) { + opts = SsriOpts(opts) + const algorithms = opts.algorithms + const optString = getOptString(opts.options) + + const hashes = algorithms.map(crypto.createHash) + + return { + update: function (chunk, enc) { + hashes.forEach(h => h.update(chunk, enc)) + return this + }, + digest: function (enc) { + const integrity = algorithms.reduce((acc, algo) => { + const digest = hashes.shift().digest('base64') + const hash = new Hash( + `${algo}-${digest}${optString}`, + opts + ) + /* istanbul ignore else - it would be VERY strange if the hash we + * just calculated with an algo did not have an algo or digest. + */ + if (hash.algorithm && hash.digest) { + const algo = hash.algorithm + if (!acc[algo]) { acc[algo] = [] } + acc[algo].push(hash) + } + return acc + }, new Integrity()) + + return integrity + } + } +} + +const NODE_HASHES = new Set(crypto.getHashes()) + +// This is a Best Effort™ at a reasonable priority for hash algos +const DEFAULT_PRIORITY = [ + 'md5', 'whirlpool', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512', + // TODO - it's unclear _which_ of these Node will actually use as its name + // for the algorithm, so we guesswork it based on the OpenSSL names. + 'sha3', + 'sha3-256', 'sha3-384', 'sha3-512', + 'sha3_256', 'sha3_384', 'sha3_512' +].filter(algo => NODE_HASHES.has(algo)) + +function getPrioritizedHash (algo1, algo2) { + return DEFAULT_PRIORITY.indexOf(algo1.toLowerCase()) >= DEFAULT_PRIORITY.indexOf(algo2.toLowerCase()) + ? algo1 + : algo2 +} diff --git a/node_modules/npm-registry-fetch/node_modules/ssri/package.json b/node_modules/npm-registry-fetch/node_modules/ssri/package.json new file mode 100644 index 000000000..6df454b60 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/ssri/package.json @@ -0,0 +1,88 @@ +{ + "_from": "ssri@^7.0.1", + "_id": "ssri@7.1.0", + "_inBundle": false, + "_integrity": "sha512-77/WrDZUWocK0mvA5NTRQyveUf+wsrIc6vyrxpS8tVvYBcX215QbafrJR3KtkpskIzoFLqqNuuYQvxaMjXJ/0g==", + "_location": "/npm-registry-fetch/ssri", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "ssri@^7.0.1", + "name": "ssri", + "escapedName": "ssri", + "rawSpec": "^7.0.1", + "saveSpec": null, + "fetchSpec": "^7.0.1" + }, + "_requiredBy": [ + "/npm-registry-fetch/cacache", + "/npm-registry-fetch/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/ssri/-/ssri-7.1.0.tgz", + "_shasum": "92c241bf6de82365b5c7fb4bd76e975522e1294d", + "_spec": "ssri@^7.0.1", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/make-fetch-happen", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/ssri/issues" + }, + "bundleDependencies": false, + "dependencies": { + "figgy-pudding": "^3.5.1", + "minipass": "^3.1.1" + }, + "deprecated": false, + "description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.", + "devDependencies": { + "standard": "^14.3.0", + "standard-version": "^7.0.0", + "tap": "^14.8.2", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "engines": { + "node": ">= 8" + }, + "files": [ + "*.js" + ], + "homepage": "https://github.com/npm/ssri#readme", + "keywords": [ + "w3c", + "web", + "security", + "integrity", + "checksum", + "hashing", + "subresource integrity", + "sri", + "sri hash", + "sri string", + "sri generator", + "html" + ], + "license": "ISC", + "main": "index.js", + "name": "ssri", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/ssri.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "tap": { + "check-coverage": true + }, + "version": "7.1.0" +} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/CHANGELOG.md b/node_modules/npm-registry-fetch/node_modules/tar/CHANGELOG.md new file mode 100644 index 000000000..14b5c4ee8 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/CHANGELOG.md @@ -0,0 +1,66 @@ +# Charge Long + +## 6.0 + +- Drop support for node 6 and 8 +- fix symlinks and hardlinks on windows being packed with `\`-style path + targets + +## 5.0 + +- Address unpack race conditions using path reservations +- Change large-numbers errors from TypeError to Error +- Add `TAR_*` error codes +- do not treat ignored entries as an invalid archive +- drop support for node v4 +- unpack: conditionally use a file mapping to write files on Windows +- Set more portable 'mode' value in portable mode +- Set `portable` gzip option in portable mode + +## 4.4 + +- Add 'mtime' option to tar creation to force mtime +- unpack: only reuse file fs entries if nlink = 1 +- unpack: rename before unlinking files on Windows +- Fix encoding/decoding of base-256 numbers +- Use `stat` instead of `lstat` when checking CWD +- Always provide a callback to fs.close() + +## 4.3 + +- Add 'transform' unpack option + +## 4.2 + +- Fail when zlib fails + +## 4.1 + +- Add noMtime flag for tar creation + +## 4.0 + +- unpack: raise error if cwd is missing or not a dir +- pack: don't drop dots from dotfiles when prefixing + +## 3.1 + +- Support `@file.tar` as an entry argument to copy entries from one tar + file to another. +- Add `noPax` option +- `noResume` option for tar.t +- win32: convert `>|<?:` chars to windows-friendly form +- Exclude mtime for dirs in portable mode + +## 3.0 + +- Minipass-based implementation +- Entirely new API surface, `tar.c()`, `tar.x()` etc., much closer to + system tar semantics +- Massive performance improvement +- Require node 4.x and higher + +## 0.x, 1.x, 2.x - 2011-2014 + +- fstream-based implementation +- slow and kinda bad, but better than npm shelling out to the system `tar` diff --git a/node_modules/npm-registry-fetch/node_modules/tar/LICENSE b/node_modules/npm-registry-fetch/node_modules/tar/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/tar/README.md b/node_modules/npm-registry-fetch/node_modules/tar/README.md new file mode 100644 index 000000000..5e635e622 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/README.md @@ -0,0 +1,1031 @@ +# node-tar + +[](https://travis-ci.org/npm/node-tar) + +[Fast](./benchmarks) and full-featured Tar for Node.js + +The API is designed to mimic the behavior of `tar(1)` on unix systems. +If you are familiar with how tar works, most of this will hopefully be +straightforward for you. If not, then hopefully this module can teach +you useful unix skills that may come in handy someday :) + +## Background + +A "tar file" or "tarball" is an archive of file system entries +(directories, files, links, etc.) The name comes from "tape archive". +If you run `man tar` on almost any Unix command line, you'll learn +quite a bit about what it can do, and its history. + +Tar has 5 main top-level commands: + +* `c` Create an archive +* `r` Replace entries within an archive +* `u` Update entries within an archive (ie, replace if they're newer) +* `t` List out the contents of an archive +* `x` Extract an archive to disk + +The other flags and options modify how this top level function works. + +## High-Level API + +These 5 functions are the high-level API. All of them have a +single-character name (for unix nerds familiar with `tar(1)`) as well +as a long name (for everyone else). + +All the high-level functions take the following arguments, all three +of which are optional and may be omitted. + +1. `options` - An optional object specifying various options +2. `paths` - An array of paths to add or extract +3. `callback` - Called when the command is completed, if async. (If + sync or no file specified, providing a callback throws a + `TypeError`.) + +If the command is sync (ie, if `options.sync=true`), then the +callback is not allowed, since the action will be completed immediately. + +If a `file` argument is specified, and the command is async, then a +`Promise` is returned. In this case, if async, a callback may be +provided which is called when the command is completed. + +If a `file` option is not specified, then a stream is returned. For +`create`, this is a readable stream of the generated archive. For +`list` and `extract` this is a writable stream that an archive should +be written into. If a file is not specified, then a callback is not +allowed, because you're already getting a stream to work with. + +`replace` and `update` only work on existing archives, and so require +a `file` argument. + +Sync commands without a file argument return a stream that acts on its +input immediately in the same tick. For readable streams, this means +that all of the data is immediately available by calling +`stream.read()`. For writable streams, it will be acted upon as soon +as it is provided, but this can be at any time. + +### Warnings and Errors + +Tar emits warnings and errors for recoverable and unrecoverable situations, +respectively. In many cases, a warning only affects a single entry in an +archive, or is simply informing you that it's modifying an entry to comply +with the settings provided. + +Unrecoverable warnings will always raise an error (ie, emit `'error'` on +streaming actions, throw for non-streaming sync actions, reject the +returned Promise for non-streaming async operations, or call a provided +callback with an `Error` as the first argument). Recoverable errors will +raise an error only if `strict: true` is set in the options. + +Respond to (recoverable) warnings by listening to the `warn` event. +Handlers receive 3 arguments: + +- `code` String. One of the error codes below. This may not match + `data.code`, which preserves the original error code from fs and zlib. +- `message` String. More details about the error. +- `data` Metadata about the error. An `Error` object for errors raised by + fs and zlib. All fields are attached to errors raisd by tar. Typically + contains the following fields, as relevant: + - `tarCode` The tar error code. + - `code` Either the tar error code, or the error code set by the + underlying system. + - `file` The archive file being read or written. + - `cwd` Working directory for creation and extraction operations. + - `entry` The entry object (if it could be created) for `TAR_ENTRY_INFO`, + `TAR_ENTRY_INVALID`, and `TAR_ENTRY_ERROR` warnings. + - `header` The header object (if it could be created, and the entry could + not be created) for `TAR_ENTRY_INFO` and `TAR_ENTRY_INVALID` warnings. + - `recoverable` Boolean. If `false`, then the warning will emit an + `error`, even in non-strict mode. + +#### Error Codes + +* `TAR_ENTRY_INFO` An informative error indicating that an entry is being + modified, but otherwise processed normally. For example, removing `/` or + `C:\` from absolute paths if `preservePaths` is not set. + +* `TAR_ENTRY_INVALID` An indication that a given entry is not a valid tar + archive entry, and will be skipped. This occurs when: + - a checksum fails, + - a `linkpath` is missing for a link type, or + - a `linkpath` is provided for a non-link type. + + If every entry in a parsed archive raises an `TAR_ENTRY_INVALID` error, + then the archive is presumed to be unrecoverably broken, and + `TAR_BAD_ARCHIVE` will be raised. + +* `TAR_ENTRY_ERROR` The entry appears to be a valid tar archive entry, but + encountered an error which prevented it from being unpacked. This occurs + when: + - an unrecoverable fs error happens during unpacking, + - an entry has `..` in the path and `preservePaths` is not set, or + - an entry is extracting through a symbolic link, when `preservePaths` is + not set. + +* `TAR_ENTRY_UNSUPPORTED` An indication that a given entry is + a valid archive entry, but of a type that is unsupported, and so will be + skipped in archive creation or extracting. + +* `TAR_ABORT` When parsing gzipped-encoded archives, the parser will + abort the parse process raise a warning for any zlib errors encountered. + Aborts are considered unrecoverable for both parsing and unpacking. + +* `TAR_BAD_ARCHIVE` The archive file is totally hosed. This can happen for + a number of reasons, and always occurs at the end of a parse or extract: + + - An entry body was truncated before seeing the full number of bytes. + - The archive contained only invalid entries, indicating that it is + likely not an archive, or at least, not an archive this library can + parse. + + `TAR_BAD_ARCHIVE` is considered informative for parse operations, but + unrecoverable for extraction. Note that, if encountered at the end of an + extraction, tar WILL still have extracted as much it could from the + archive, so there may be some garbage files to clean up. + +Errors that occur deeper in the system (ie, either the filesystem or zlib) +will have their error codes left intact, and a `tarCode` matching one of +the above will be added to the warning metadata or the raised error object. + +Errors generated by tar will have one of the above codes set as the +`error.code` field as well, but since errors originating in zlib or fs will +have their original codes, it's better to read `error.tarCode` if you wish +to see how tar is handling the issue. + +### Examples + +The API mimics the `tar(1)` command line functionality, with aliases +for more human-readable option and function names. The goal is that +if you know how to use `tar(1)` in Unix, then you know how to use +`require('tar')` in JavaScript. + +To replicate `tar czf my-tarball.tgz files and folders`, you'd do: + +```js +tar.c( + { + gzip: <true|gzip options>, + file: 'my-tarball.tgz' + }, + ['some', 'files', 'and', 'folders'] +).then(_ => { .. tarball has been created .. }) +``` + +To replicate `tar cz files and folders > my-tarball.tgz`, you'd do: + +```js +tar.c( // or tar.create + { + gzip: <true|gzip options> + }, + ['some', 'files', 'and', 'folders'] +).pipe(fs.createWriteStream('my-tarball.tgz')) +``` + +To replicate `tar xf my-tarball.tgz` you'd do: + +```js +tar.x( // or tar.extract( + { + file: 'my-tarball.tgz' + } +).then(_=> { .. tarball has been dumped in cwd .. }) +``` + +To replicate `cat my-tarball.tgz | tar x -C some-dir --strip=1`: + +```js +fs.createReadStream('my-tarball.tgz').pipe( + tar.x({ + strip: 1, + C: 'some-dir' // alias for cwd:'some-dir', also ok + }) +) +``` + +To replicate `tar tf my-tarball.tgz`, do this: + +```js +tar.t({ + file: 'my-tarball.tgz', + onentry: entry => { .. do whatever with it .. } +}) +``` + +To replicate `cat my-tarball.tgz | tar t` do: + +```js +fs.createReadStream('my-tarball.tgz') + .pipe(tar.t()) + .on('entry', entry => { .. do whatever with it .. }) +``` + +To do anything synchronous, add `sync: true` to the options. Note +that sync functions don't take a callback and don't return a promise. +When the function returns, it's already done. Sync methods without a +file argument return a sync stream, which flushes immediately. But, +of course, it still won't be done until you `.end()` it. + +To filter entries, add `filter: <function>` to the options. +Tar-creating methods call the filter with `filter(path, stat)`. +Tar-reading methods (including extraction) call the filter with +`filter(path, entry)`. The filter is called in the `this`-context of +the `Pack` or `Unpack` stream object. + +The arguments list to `tar t` and `tar x` specify a list of filenames +to extract or list, so they're equivalent to a filter that tests if +the file is in the list. + +For those who _aren't_ fans of tar's single-character command names: + +``` +tar.c === tar.create +tar.r === tar.replace (appends to archive, file is required) +tar.u === tar.update (appends if newer, file is required) +tar.x === tar.extract +tar.t === tar.list +``` + +Keep reading for all the command descriptions and options, as well as +the low-level API that they are built on. + +### tar.c(options, fileList, callback) [alias: tar.create] + +Create a tarball archive. + +The `fileList` is an array of paths to add to the tarball. Adding a +directory also adds its children recursively. + +An entry in `fileList` that starts with an `@` symbol is a tar archive +whose entries will be added. To add a file that starts with `@`, +prepend it with `./`. + +The following options are supported: + +- `file` Write the tarball archive to the specified filename. If this + is specified, then the callback will be fired when the file has been + written, and a promise will be returned that resolves when the file + is written. If a filename is not specified, then a Readable Stream + will be returned which will emit the file data. [Alias: `f`] +- `sync` Act synchronously. If this is set, then any provided file + will be fully written after the call to `tar.c`. If this is set, + and a file is not provided, then the resulting stream will already + have the data ready to `read` or `emit('data')` as soon as you + request it. +- `onwarn` A function that will get called with `(code, message, data)` for + any warnings encountered. (See "Warnings and Errors") +- `strict` Treat warnings as crash-worthy errors. Default false. +- `cwd` The current working directory for creating the archive. + Defaults to `process.cwd()`. [Alias: `C`] +- `prefix` A path portion to prefix onto the entries in the archive. +- `gzip` Set to any truthy value to create a gzipped archive, or an + object with settings for `zlib.Gzip()` [Alias: `z`] +- `filter` A function that gets called with `(path, stat)` for each + entry being added. Return `true` to add the entry to the archive, + or `false` to omit it. +- `portable` Omit metadata that is system-specific: `ctime`, `atime`, + `uid`, `gid`, `uname`, `gname`, `dev`, `ino`, and `nlink`. Note + that `mtime` is still included, because this is necessary for other + time-based operations. Additionally, `mode` is set to a "reasonable + default" for most unix systems, based on a `umask` value of `0o22`. +- `preservePaths` Allow absolute paths. By default, `/` is stripped + from absolute paths. [Alias: `P`] +- `mode` The mode to set on the created file archive +- `noDirRecurse` Do not recursively archive the contents of + directories. [Alias: `n`] +- `follow` Set to true to pack the targets of symbolic links. Without + this option, symbolic links are archived as such. [Alias: `L`, `h`] +- `noPax` Suppress pax extended headers. Note that this means that + long paths and linkpaths will be truncated, and large or negative + numeric values may be interpreted incorrectly. +- `noMtime` Set to true to omit writing `mtime` values for entries. + Note that this prevents using other mtime-based features like + `tar.update` or the `keepNewer` option with the resulting tar archive. + [Alias: `m`, `no-mtime`] +- `mtime` Set to a `Date` object to force a specific `mtime` for + everything added to the archive. Overridden by `noMtime`. + + +The following options are mostly internal, but can be modified in some +advanced use cases, such as re-using caches between runs. + +- `linkCache` A Map object containing the device and inode value for + any file whose nlink is > 1, to identify hard links. +- `statCache` A Map object that caches calls `lstat`. +- `readdirCache` A Map object that caches calls to `readdir`. +- `jobs` A number specifying how many concurrent jobs to run. + Defaults to 4. +- `maxReadSize` The maximum buffer size for `fs.read()` operations. + Defaults to 16 MB. + +### tar.x(options, fileList, callback) [alias: tar.extract] + +Extract a tarball archive. + +The `fileList` is an array of paths to extract from the tarball. If +no paths are provided, then all the entries are extracted. + +If the archive is gzipped, then tar will detect this and unzip it. + +Note that all directories that are created will be forced to be +writable, readable, and listable by their owner, to avoid cases where +a directory prevents extraction of child entries by virtue of its +mode. + +Most extraction errors will cause a `warn` event to be emitted. If +the `cwd` is missing, or not a directory, then the extraction will +fail completely. + +The following options are supported: + +- `cwd` Extract files relative to the specified directory. Defaults + to `process.cwd()`. If provided, this must exist and must be a + directory. [Alias: `C`] +- `file` The archive file to extract. If not specified, then a + Writable stream is returned where the archive data should be + written. [Alias: `f`] +- `sync` Create files and directories synchronously. +- `strict` Treat warnings as crash-worthy errors. Default false. +- `filter` A function that gets called with `(path, entry)` for each + entry being unpacked. Return `true` to unpack the entry from the + archive, or `false` to skip it. +- `newer` Set to true to keep the existing file on disk if it's newer + than the file in the archive. [Alias: `keep-newer`, + `keep-newer-files`] +- `keep` Do not overwrite existing files. In particular, if a file + appears more than once in an archive, later copies will not + overwrite earlier copies. [Alias: `k`, `keep-existing`] +- `preservePaths` Allow absolute paths, paths containing `..`, and + extracting through symbolic links. By default, `/` is stripped from + absolute paths, `..` paths are not extracted, and any file whose + location would be modified by a symbolic link is not extracted. + [Alias: `P`] +- `unlink` Unlink files before creating them. Without this option, + tar overwrites existing files, which preserves existing hardlinks. + With this option, existing hardlinks will be broken, as will any + symlink that would affect the location of an extracted file. [Alias: + `U`] +- `strip` Remove the specified number of leading path elements. + Pathnames with fewer elements will be silently skipped. Note that + the pathname is edited after applying the filter, but before + security checks. [Alias: `strip-components`, `stripComponents`] +- `onwarn` A function that will get called with `(code, message, data)` for + any warnings encountered. (See "Warnings and Errors") +- `preserveOwner` If true, tar will set the `uid` and `gid` of + extracted entries to the `uid` and `gid` fields in the archive. + This defaults to true when run as root, and false otherwise. If + false, then files and directories will be set with the owner and + group of the user running the process. This is similar to `-p` in + `tar(1)`, but ACLs and other system-specific data is never unpacked + in this implementation, and modes are set by default already. + [Alias: `p`] +- `uid` Set to a number to force ownership of all extracted files and + folders, and all implicitly created directories, to be owned by the + specified user id, regardless of the `uid` field in the archive. + Cannot be used along with `preserveOwner`. Requires also setting a + `gid` option. +- `gid` Set to a number to force ownership of all extracted files and + folders, and all implicitly created directories, to be owned by the + specified group id, regardless of the `gid` field in the archive. + Cannot be used along with `preserveOwner`. Requires also setting a + `uid` option. +- `noMtime` Set to true to omit writing `mtime` value for extracted + entries. [Alias: `m`, `no-mtime`] +- `transform` Provide a function that takes an `entry` object, and + returns a stream, or any falsey value. If a stream is provided, + then that stream's data will be written instead of the contents of + the archive entry. If a falsey value is provided, then the entry is + written to disk as normal. (To exclude items from extraction, use + the `filter` option described above.) +- `onentry` A function that gets called with `(entry)` for each entry + that passes the filter. + +The following options are mostly internal, but can be modified in some +advanced use cases, such as re-using caches between runs. + +- `maxReadSize` The maximum buffer size for `fs.read()` operations. + Defaults to 16 MB. +- `umask` Filter the modes of entries like `process.umask()`. +- `dmode` Default mode for directories +- `fmode` Default mode for files +- `dirCache` A Map object of which directories exist. +- `maxMetaEntrySize` The maximum size of meta entries that is + supported. Defaults to 1 MB. + +Note that using an asynchronous stream type with the `transform` +option will cause undefined behavior in sync extractions. +[MiniPass](http://npm.im/minipass)-based streams are designed for this +use case. + +### tar.t(options, fileList, callback) [alias: tar.list] + +List the contents of a tarball archive. + +The `fileList` is an array of paths to list from the tarball. If +no paths are provided, then all the entries are listed. + +If the archive is gzipped, then tar will detect this and unzip it. + +Returns an event emitter that emits `entry` events with +`tar.ReadEntry` objects. However, they don't emit `'data'` or `'end'` +events. (If you want to get actual readable entries, use the +`tar.Parse` class instead.) + +The following options are supported: + +- `cwd` Extract files relative to the specified directory. Defaults + to `process.cwd()`. [Alias: `C`] +- `file` The archive file to list. If not specified, then a + Writable stream is returned where the archive data should be + written. [Alias: `f`] +- `sync` Read the specified file synchronously. (This has no effect + when a file option isn't specified, because entries are emitted as + fast as they are parsed from the stream anyway.) +- `strict` Treat warnings as crash-worthy errors. Default false. +- `filter` A function that gets called with `(path, entry)` for each + entry being listed. Return `true` to emit the entry from the + archive, or `false` to skip it. +- `onentry` A function that gets called with `(entry)` for each entry + that passes the filter. This is important for when both `file` and + `sync` are set, because it will be called synchronously. +- `maxReadSize` The maximum buffer size for `fs.read()` operations. + Defaults to 16 MB. +- `noResume` By default, `entry` streams are resumed immediately after + the call to `onentry`. Set `noResume: true` to suppress this + behavior. Note that by opting into this, the stream will never + complete until the entry data is consumed. + +### tar.u(options, fileList, callback) [alias: tar.update] + +Add files to an archive if they are newer than the entry already in +the tarball archive. + +The `fileList` is an array of paths to add to the tarball. Adding a +directory also adds its children recursively. + +An entry in `fileList` that starts with an `@` symbol is a tar archive +whose entries will be added. To add a file that starts with `@`, +prepend it with `./`. + +The following options are supported: + +- `file` Required. Write the tarball archive to the specified + filename. [Alias: `f`] +- `sync` Act synchronously. If this is set, then any provided file + will be fully written after the call to `tar.c`. +- `onwarn` A function that will get called with `(code, message, data)` for + any warnings encountered. (See "Warnings and Errors") +- `strict` Treat warnings as crash-worthy errors. Default false. +- `cwd` The current working directory for adding entries to the + archive. Defaults to `process.cwd()`. [Alias: `C`] +- `prefix` A path portion to prefix onto the entries in the archive. +- `gzip` Set to any truthy value to create a gzipped archive, or an + object with settings for `zlib.Gzip()` [Alias: `z`] +- `filter` A function that gets called with `(path, stat)` for each + entry being added. Return `true` to add the entry to the archive, + or `false` to omit it. +- `portable` Omit metadata that is system-specific: `ctime`, `atime`, + `uid`, `gid`, `uname`, `gname`, `dev`, `ino`, and `nlink`. Note + that `mtime` is still included, because this is necessary for other + time-based operations. Additionally, `mode` is set to a "reasonable + default" for most unix systems, based on a `umask` value of `0o22`. +- `preservePaths` Allow absolute paths. By default, `/` is stripped + from absolute paths. [Alias: `P`] +- `maxReadSize` The maximum buffer size for `fs.read()` operations. + Defaults to 16 MB. +- `noDirRecurse` Do not recursively archive the contents of + directories. [Alias: `n`] +- `follow` Set to true to pack the targets of symbolic links. Without + this option, symbolic links are archived as such. [Alias: `L`, `h`] +- `noPax` Suppress pax extended headers. Note that this means that + long paths and linkpaths will be truncated, and large or negative + numeric values may be interpreted incorrectly. +- `noMtime` Set to true to omit writing `mtime` values for entries. + Note that this prevents using other mtime-based features like + `tar.update` or the `keepNewer` option with the resulting tar archive. + [Alias: `m`, `no-mtime`] +- `mtime` Set to a `Date` object to force a specific `mtime` for + everything added to the archive. Overridden by `noMtime`. + +### tar.r(options, fileList, callback) [alias: tar.replace] + +Add files to an existing archive. Because later entries override +earlier entries, this effectively replaces any existing entries. + +The `fileList` is an array of paths to add to the tarball. Adding a +directory also adds its children recursively. + +An entry in `fileList` that starts with an `@` symbol is a tar archive +whose entries will be added. To add a file that starts with `@`, +prepend it with `./`. + +The following options are supported: + +- `file` Required. Write the tarball archive to the specified + filename. [Alias: `f`] +- `sync` Act synchronously. If this is set, then any provided file + will be fully written after the call to `tar.c`. +- `onwarn` A function that will get called with `(code, message, data)` for + any warnings encountered. (See "Warnings and Errors") +- `strict` Treat warnings as crash-worthy errors. Default false. +- `cwd` The current working directory for adding entries to the + archive. Defaults to `process.cwd()`. [Alias: `C`] +- `prefix` A path portion to prefix onto the entries in the archive. +- `gzip` Set to any truthy value to create a gzipped archive, or an + object with settings for `zlib.Gzip()` [Alias: `z`] +- `filter` A function that gets called with `(path, stat)` for each + entry being added. Return `true` to add the entry to the archive, + or `false` to omit it. +- `portable` Omit metadata that is system-specific: `ctime`, `atime`, + `uid`, `gid`, `uname`, `gname`, `dev`, `ino`, and `nlink`. Note + that `mtime` is still included, because this is necessary for other + time-based operations. Additionally, `mode` is set to a "reasonable + default" for most unix systems, based on a `umask` value of `0o22`. +- `preservePaths` Allow absolute paths. By default, `/` is stripped + from absolute paths. [Alias: `P`] +- `maxReadSize` The maximum buffer size for `fs.read()` operations. + Defaults to 16 MB. +- `noDirRecurse` Do not recursively archive the contents of + directories. [Alias: `n`] +- `follow` Set to true to pack the targets of symbolic links. Without + this option, symbolic links are archived as such. [Alias: `L`, `h`] +- `noPax` Suppress pax extended headers. Note that this means that + long paths and linkpaths will be truncated, and large or negative + numeric values may be interpreted incorrectly. +- `noMtime` Set to true to omit writing `mtime` values for entries. + Note that this prevents using other mtime-based features like + `tar.update` or the `keepNewer` option with the resulting tar archive. + [Alias: `m`, `no-mtime`] +- `mtime` Set to a `Date` object to force a specific `mtime` for + everything added to the archive. Overridden by `noMtime`. + + +## Low-Level API + +### class tar.Pack + +A readable tar stream. + +Has all the standard readable stream interface stuff. `'data'` and +`'end'` events, `read()` method, `pause()` and `resume()`, etc. + +#### constructor(options) + +The following options are supported: + +- `onwarn` A function that will get called with `(code, message, data)` for + any warnings encountered. (See "Warnings and Errors") +- `strict` Treat warnings as crash-worthy errors. Default false. +- `cwd` The current working directory for creating the archive. + Defaults to `process.cwd()`. +- `prefix` A path portion to prefix onto the entries in the archive. +- `gzip` Set to any truthy value to create a gzipped archive, or an + object with settings for `zlib.Gzip()` +- `filter` A function that gets called with `(path, stat)` for each + entry being added. Return `true` to add the entry to the archive, + or `false` to omit it. +- `portable` Omit metadata that is system-specific: `ctime`, `atime`, + `uid`, `gid`, `uname`, `gname`, `dev`, `ino`, and `nlink`. Note + that `mtime` is still included, because this is necessary for other + time-based operations. Additionally, `mode` is set to a "reasonable + default" for most unix systems, based on a `umask` value of `0o22`. +- `preservePaths` Allow absolute paths. By default, `/` is stripped + from absolute paths. +- `linkCache` A Map object containing the device and inode value for + any file whose nlink is > 1, to identify hard links. +- `statCache` A Map object that caches calls `lstat`. +- `readdirCache` A Map object that caches calls to `readdir`. +- `jobs` A number specifying how many concurrent jobs to run. + Defaults to 4. +- `maxReadSize` The maximum buffer size for `fs.read()` operations. + Defaults to 16 MB. +- `noDirRecurse` Do not recursively archive the contents of + directories. +- `follow` Set to true to pack the targets of symbolic links. Without + this option, symbolic links are archived as such. +- `noPax` Suppress pax extended headers. Note that this means that + long paths and linkpaths will be truncated, and large or negative + numeric values may be interpreted incorrectly. +- `noMtime` Set to true to omit writing `mtime` values for entries. + Note that this prevents using other mtime-based features like + `tar.update` or the `keepNewer` option with the resulting tar archive. +- `mtime` Set to a `Date` object to force a specific `mtime` for + everything added to the archive. Overridden by `noMtime`. + +#### add(path) + +Adds an entry to the archive. Returns the Pack stream. + +#### write(path) + +Adds an entry to the archive. Returns true if flushed. + +#### end() + +Finishes the archive. + +### class tar.Pack.Sync + +Synchronous version of `tar.Pack`. + +### class tar.Unpack + +A writable stream that unpacks a tar archive onto the file system. + +All the normal writable stream stuff is supported. `write()` and +`end()` methods, `'drain'` events, etc. + +Note that all directories that are created will be forced to be +writable, readable, and listable by their owner, to avoid cases where +a directory prevents extraction of child entries by virtue of its +mode. + +`'close'` is emitted when it's done writing stuff to the file system. + +Most unpack errors will cause a `warn` event to be emitted. If the +`cwd` is missing, or not a directory, then an error will be emitted. + +#### constructor(options) + +- `cwd` Extract files relative to the specified directory. Defaults + to `process.cwd()`. If provided, this must exist and must be a + directory. +- `filter` A function that gets called with `(path, entry)` for each + entry being unpacked. Return `true` to unpack the entry from the + archive, or `false` to skip it. +- `newer` Set to true to keep the existing file on disk if it's newer + than the file in the archive. +- `keep` Do not overwrite existing files. In particular, if a file + appears more than once in an archive, later copies will not + overwrite earlier copies. +- `preservePaths` Allow absolute paths, paths containing `..`, and + extracting through symbolic links. By default, `/` is stripped from + absolute paths, `..` paths are not extracted, and any file whose + location would be modified by a symbolic link is not extracted. +- `unlink` Unlink files before creating them. Without this option, + tar overwrites existing files, which preserves existing hardlinks. + With this option, existing hardlinks will be broken, as will any + symlink that would affect the location of an extracted file. +- `strip` Remove the specified number of leading path elements. + Pathnames with fewer elements will be silently skipped. Note that + the pathname is edited after applying the filter, but before + security checks. +- `onwarn` A function that will get called with `(code, message, data)` for + any warnings encountered. (See "Warnings and Errors") +- `umask` Filter the modes of entries like `process.umask()`. +- `dmode` Default mode for directories +- `fmode` Default mode for files +- `dirCache` A Map object of which directories exist. +- `maxMetaEntrySize` The maximum size of meta entries that is + supported. Defaults to 1 MB. +- `preserveOwner` If true, tar will set the `uid` and `gid` of + extracted entries to the `uid` and `gid` fields in the archive. + This defaults to true when run as root, and false otherwise. If + false, then files and directories will be set with the owner and + group of the user running the process. This is similar to `-p` in + `tar(1)`, but ACLs and other system-specific data is never unpacked + in this implementation, and modes are set by default already. +- `win32` True if on a windows platform. Causes behavior where + filenames containing `<|>?` chars are converted to + windows-compatible values while being unpacked. +- `uid` Set to a number to force ownership of all extracted files and + folders, and all implicitly created directories, to be owned by the + specified user id, regardless of the `uid` field in the archive. + Cannot be used along with `preserveOwner`. Requires also setting a + `gid` option. +- `gid` Set to a number to force ownership of all extracted files and + folders, and all implicitly created directories, to be owned by the + specified group id, regardless of the `gid` field in the archive. + Cannot be used along with `preserveOwner`. Requires also setting a + `uid` option. +- `noMtime` Set to true to omit writing `mtime` value for extracted + entries. +- `transform` Provide a function that takes an `entry` object, and + returns a stream, or any falsey value. If a stream is provided, + then that stream's data will be written instead of the contents of + the archive entry. If a falsey value is provided, then the entry is + written to disk as normal. (To exclude items from extraction, use + the `filter` option described above.) +- `strict` Treat warnings as crash-worthy errors. Default false. +- `onentry` A function that gets called with `(entry)` for each entry + that passes the filter. +- `onwarn` A function that will get called with `(code, message, data)` for + any warnings encountered. (See "Warnings and Errors") + +### class tar.Unpack.Sync + +Synchronous version of `tar.Unpack`. + +Note that using an asynchronous stream type with the `transform` +option will cause undefined behavior in sync unpack streams. +[MiniPass](http://npm.im/minipass)-based streams are designed for this +use case. + +### class tar.Parse + +A writable stream that parses a tar archive stream. All the standard +writable stream stuff is supported. + +If the archive is gzipped, then tar will detect this and unzip it. + +Emits `'entry'` events with `tar.ReadEntry` objects, which are +themselves readable streams that you can pipe wherever. + +Each `entry` will not emit until the one before it is flushed through, +so make sure to either consume the data (with `on('data', ...)` or +`.pipe(...)`) or throw it away with `.resume()` to keep the stream +flowing. + +#### constructor(options) + +Returns an event emitter that emits `entry` events with +`tar.ReadEntry` objects. + +The following options are supported: + +- `strict` Treat warnings as crash-worthy errors. Default false. +- `filter` A function that gets called with `(path, entry)` for each + entry being listed. Return `true` to emit the entry from the + archive, or `false` to skip it. +- `onentry` A function that gets called with `(entry)` for each entry + that passes the filter. +- `onwarn` A function that will get called with `(code, message, data)` for + any warnings encountered. (See "Warnings and Errors") + +#### abort(error) + +Stop all parsing activities. This is called when there are zlib +errors. It also emits an unrecoverable warning with the error provided. + +### class tar.ReadEntry extends [MiniPass](http://npm.im/minipass) + +A representation of an entry that is being read out of a tar archive. + +It has the following fields: + +- `extended` The extended metadata object provided to the constructor. +- `globalExtended` The global extended metadata object provided to the + constructor. +- `remain` The number of bytes remaining to be written into the + stream. +- `blockRemain` The number of 512-byte blocks remaining to be written + into the stream. +- `ignore` Whether this entry should be ignored. +- `meta` True if this represents metadata about the next entry, false + if it represents a filesystem object. +- All the fields from the header, extended header, and global extended + header are added to the ReadEntry object. So it has `path`, `type`, + `size, `mode`, and so on. + +#### constructor(header, extended, globalExtended) + +Create a new ReadEntry object with the specified header, extended +header, and global extended header values. + +### class tar.WriteEntry extends [MiniPass](http://npm.im/minipass) + +A representation of an entry that is being written from the file +system into a tar archive. + +Emits data for the Header, and for the Pax Extended Header if one is +required, as well as any body data. + +Creating a WriteEntry for a directory does not also create +WriteEntry objects for all of the directory contents. + +It has the following fields: + +- `path` The path field that will be written to the archive. By + default, this is also the path from the cwd to the file system + object. +- `portable` Omit metadata that is system-specific: `ctime`, `atime`, + `uid`, `gid`, `uname`, `gname`, `dev`, `ino`, and `nlink`. Note + that `mtime` is still included, because this is necessary for other + time-based operations. Additionally, `mode` is set to a "reasonable + default" for most unix systems, based on a `umask` value of `0o22`. +- `myuid` If supported, the uid of the user running the current + process. +- `myuser` The `env.USER` string if set, or `''`. Set as the entry + `uname` field if the file's `uid` matches `this.myuid`. +- `maxReadSize` The maximum buffer size for `fs.read()` operations. + Defaults to 1 MB. +- `linkCache` A Map object containing the device and inode value for + any file whose nlink is > 1, to identify hard links. +- `statCache` A Map object that caches calls `lstat`. +- `preservePaths` Allow absolute paths. By default, `/` is stripped + from absolute paths. +- `cwd` The current working directory for creating the archive. + Defaults to `process.cwd()`. +- `absolute` The absolute path to the entry on the filesystem. By + default, this is `path.resolve(this.cwd, this.path)`, but it can be + overridden explicitly. +- `strict` Treat warnings as crash-worthy errors. Default false. +- `win32` True if on a windows platform. Causes behavior where paths + replace `\` with `/` and filenames containing the windows-compatible + forms of `<|>?:` characters are converted to actual `<|>?:` characters + in the archive. +- `noPax` Suppress pax extended headers. Note that this means that + long paths and linkpaths will be truncated, and large or negative + numeric values may be interpreted incorrectly. +- `noMtime` Set to true to omit writing `mtime` values for entries. + Note that this prevents using other mtime-based features like + `tar.update` or the `keepNewer` option with the resulting tar archive. + + +#### constructor(path, options) + +`path` is the path of the entry as it is written in the archive. + +The following options are supported: + +- `portable` Omit metadata that is system-specific: `ctime`, `atime`, + `uid`, `gid`, `uname`, `gname`, `dev`, `ino`, and `nlink`. Note + that `mtime` is still included, because this is necessary for other + time-based operations. Additionally, `mode` is set to a "reasonable + default" for most unix systems, based on a `umask` value of `0o22`. +- `maxReadSize` The maximum buffer size for `fs.read()` operations. + Defaults to 1 MB. +- `linkCache` A Map object containing the device and inode value for + any file whose nlink is > 1, to identify hard links. +- `statCache` A Map object that caches calls `lstat`. +- `preservePaths` Allow absolute paths. By default, `/` is stripped + from absolute paths. +- `cwd` The current working directory for creating the archive. + Defaults to `process.cwd()`. +- `absolute` The absolute path to the entry on the filesystem. By + default, this is `path.resolve(this.cwd, this.path)`, but it can be + overridden explicitly. +- `strict` Treat warnings as crash-worthy errors. Default false. +- `win32` True if on a windows platform. Causes behavior where paths + replace `\` with `/`. +- `onwarn` A function that will get called with `(code, message, data)` for + any warnings encountered. (See "Warnings and Errors") +- `noMtime` Set to true to omit writing `mtime` values for entries. + Note that this prevents using other mtime-based features like + `tar.update` or the `keepNewer` option with the resulting tar archive. +- `umask` Set to restrict the modes on the entries in the archive, + somewhat like how umask works on file creation. Defaults to + `process.umask()` on unix systems, or `0o22` on Windows. + +#### warn(message, data) + +If strict, emit an error with the provided message. + +Othewise, emit a `'warn'` event with the provided message and data. + +### class tar.WriteEntry.Sync + +Synchronous version of tar.WriteEntry + +### class tar.WriteEntry.Tar + +A version of tar.WriteEntry that gets its data from a tar.ReadEntry +instead of from the filesystem. + +#### constructor(readEntry, options) + +`readEntry` is the entry being read out of another archive. + +The following options are supported: + +- `portable` Omit metadata that is system-specific: `ctime`, `atime`, + `uid`, `gid`, `uname`, `gname`, `dev`, `ino`, and `nlink`. Note + that `mtime` is still included, because this is necessary for other + time-based operations. Additionally, `mode` is set to a "reasonable + default" for most unix systems, based on a `umask` value of `0o22`. +- `preservePaths` Allow absolute paths. By default, `/` is stripped + from absolute paths. +- `strict` Treat warnings as crash-worthy errors. Default false. +- `onwarn` A function that will get called with `(code, message, data)` for + any warnings encountered. (See "Warnings and Errors") +- `noMtime` Set to true to omit writing `mtime` values for entries. + Note that this prevents using other mtime-based features like + `tar.update` or the `keepNewer` option with the resulting tar archive. + +### class tar.Header + +A class for reading and writing header blocks. + +It has the following fields: + +- `nullBlock` True if decoding a block which is entirely composed of + `0x00` null bytes. (Useful because tar files are terminated by + at least 2 null blocks.) +- `cksumValid` True if the checksum in the header is valid, false + otherwise. +- `needPax` True if the values, as encoded, will require a Pax + extended header. +- `path` The path of the entry. +- `mode` The 4 lowest-order octal digits of the file mode. That is, + read/write/execute permissions for world, group, and owner, and the + setuid, setgid, and sticky bits. +- `uid` Numeric user id of the file owner +- `gid` Numeric group id of the file owner +- `size` Size of the file in bytes +- `mtime` Modified time of the file +- `cksum` The checksum of the header. This is generated by adding all + the bytes of the header block, treating the checksum field itself as + all ascii space characters (that is, `0x20`). +- `type` The human-readable name of the type of entry this represents, + or the alphanumeric key if unknown. +- `typeKey` The alphanumeric key for the type of entry this header + represents. +- `linkpath` The target of Link and SymbolicLink entries. +- `uname` Human-readable user name of the file owner +- `gname` Human-readable group name of the file owner +- `devmaj` The major portion of the device number. Always `0` for + files, directories, and links. +- `devmin` The minor portion of the device number. Always `0` for + files, directories, and links. +- `atime` File access time. +- `ctime` File change time. + +#### constructor(data, [offset=0]) + +`data` is optional. It is either a Buffer that should be interpreted +as a tar Header starting at the specified offset and continuing for +512 bytes, or a data object of keys and values to set on the header +object, and eventually encode as a tar Header. + +#### decode(block, offset) + +Decode the provided buffer starting at the specified offset. + +Buffer length must be greater than 512 bytes. + +#### set(data) + +Set the fields in the data object. + +#### encode(buffer, offset) + +Encode the header fields into the buffer at the specified offset. + +Returns `this.needPax` to indicate whether a Pax Extended Header is +required to properly encode the specified data. + +### class tar.Pax + +An object representing a set of key-value pairs in an Pax extended +header entry. + +It has the following fields. Where the same name is used, they have +the same semantics as the tar.Header field of the same name. + +- `global` True if this represents a global extended header, or false + if it is for a single entry. +- `atime` +- `charset` +- `comment` +- `ctime` +- `gid` +- `gname` +- `linkpath` +- `mtime` +- `path` +- `size` +- `uid` +- `uname` +- `dev` +- `ino` +- `nlink` + +#### constructor(object, global) + +Set the fields set in the object. `global` is a boolean that defaults +to false. + +#### encode() + +Return a Buffer containing the header and body for the Pax extended +header entry, or `null` if there is nothing to encode. + +#### encodeBody() + +Return a string representing the body of the pax extended header +entry. + +#### encodeField(fieldName) + +Return a string representing the key/value encoding for the specified +fieldName, or `''` if the field is unset. + +### tar.Pax.parse(string, extended, global) + +Return a new Pax object created by parsing the contents of the string +provided. + +If the `extended` object is set, then also add the fields from that +object. (This is necessary because multiple metadata entries can +occur in sequence.) + +### tar.types + +A translation table for the `type` field in tar headers. + +#### tar.types.name.get(code) + +Get the human-readable name for a given alphanumeric code. + +#### tar.types.code.get(name) + +Get the alphanumeric code for a given human-readable name. diff --git a/node_modules/npm-registry-fetch/node_modules/tar/index.js b/node_modules/npm-registry-fetch/node_modules/tar/index.js new file mode 100644 index 000000000..c9ae06e79 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/index.js @@ -0,0 +1,18 @@ +'use strict' + +// high-level commands +exports.c = exports.create = require('./lib/create.js') +exports.r = exports.replace = require('./lib/replace.js') +exports.t = exports.list = require('./lib/list.js') +exports.u = exports.update = require('./lib/update.js') +exports.x = exports.extract = require('./lib/extract.js') + +// classes +exports.Pack = require('./lib/pack.js') +exports.Unpack = require('./lib/unpack.js') +exports.Parse = require('./lib/parse.js') +exports.ReadEntry = require('./lib/read-entry.js') +exports.WriteEntry = require('./lib/write-entry.js') +exports.Header = require('./lib/header.js') +exports.Pax = require('./lib/pax.js') +exports.types = require('./lib/types.js') diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/create.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/create.js new file mode 100644 index 000000000..a37aa52e6 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/create.js @@ -0,0 +1,105 @@ +'use strict' + +// tar -c +const hlo = require('./high-level-opt.js') + +const Pack = require('./pack.js') +const fs = require('fs') +const fsm = require('fs-minipass') +const t = require('./list.js') +const path = require('path') + +const c = module.exports = (opt_, files, cb) => { + if (typeof files === 'function') + cb = files + + if (Array.isArray(opt_)) + files = opt_, opt_ = {} + + if (!files || !Array.isArray(files) || !files.length) + throw new TypeError('no files or directories specified') + + files = Array.from(files) + + const opt = hlo(opt_) + + if (opt.sync && typeof cb === 'function') + throw new TypeError('callback not supported for sync tar functions') + + if (!opt.file && typeof cb === 'function') + throw new TypeError('callback only supported with file option') + + return opt.file && opt.sync ? createFileSync(opt, files) + : opt.file ? createFile(opt, files, cb) + : opt.sync ? createSync(opt, files) + : create(opt, files) +} + +const createFileSync = (opt, files) => { + const p = new Pack.Sync(opt) + const stream = new fsm.WriteStreamSync(opt.file, { + mode: opt.mode || 0o666 + }) + p.pipe(stream) + addFilesSync(p, files) +} + +const createFile = (opt, files, cb) => { + const p = new Pack(opt) + const stream = new fsm.WriteStream(opt.file, { + mode: opt.mode || 0o666 + }) + p.pipe(stream) + + const promise = new Promise((res, rej) => { + stream.on('error', rej) + stream.on('close', res) + p.on('error', rej) + }) + + addFilesAsync(p, files) + + return cb ? promise.then(cb, cb) : promise +} + +const addFilesSync = (p, files) => { + files.forEach(file => { + if (file.charAt(0) === '@') + t({ + file: path.resolve(p.cwd, file.substr(1)), + sync: true, + noResume: true, + onentry: entry => p.add(entry) + }) + else + p.add(file) + }) + p.end() +} + +const addFilesAsync = (p, files) => { + while (files.length) { + const file = files.shift() + if (file.charAt(0) === '@') + return t({ + file: path.resolve(p.cwd, file.substr(1)), + noResume: true, + onentry: entry => p.add(entry) + }).then(_ => addFilesAsync(p, files)) + else + p.add(file) + } + p.end() +} + +const createSync = (opt, files) => { + const p = new Pack.Sync(opt) + addFilesSync(p, files) + return p +} + +const create = (opt, files) => { + const p = new Pack(opt) + addFilesAsync(p, files) + return p +} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/extract.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/extract.js new file mode 100644 index 000000000..cbb458a0a --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/extract.js @@ -0,0 +1,112 @@ +'use strict' + +// tar -x +const hlo = require('./high-level-opt.js') +const Unpack = require('./unpack.js') +const fs = require('fs') +const fsm = require('fs-minipass') +const path = require('path') + +const x = module.exports = (opt_, files, cb) => { + if (typeof opt_ === 'function') + cb = opt_, files = null, opt_ = {} + else if (Array.isArray(opt_)) + files = opt_, opt_ = {} + + if (typeof files === 'function') + cb = files, files = null + + if (!files) + files = [] + else + files = Array.from(files) + + const opt = hlo(opt_) + + if (opt.sync && typeof cb === 'function') + throw new TypeError('callback not supported for sync tar functions') + + if (!opt.file && typeof cb === 'function') + throw new TypeError('callback only supported with file option') + + if (files.length) + filesFilter(opt, files) + + return opt.file && opt.sync ? extractFileSync(opt) + : opt.file ? extractFile(opt, cb) + : opt.sync ? extractSync(opt) + : extract(opt) +} + +// construct a filter that limits the file entries listed +// include child entries if a dir is included +const filesFilter = (opt, files) => { + const map = new Map(files.map(f => [f.replace(/\/+$/, ''), true])) + const filter = opt.filter + + const mapHas = (file, r) => { + const root = r || path.parse(file).root || '.' + const ret = file === root ? false + : map.has(file) ? map.get(file) + : mapHas(path.dirname(file), root) + + map.set(file, ret) + return ret + } + + opt.filter = filter + ? (file, entry) => filter(file, entry) && mapHas(file.replace(/\/+$/, '')) + : file => mapHas(file.replace(/\/+$/, '')) +} + +const extractFileSync = opt => { + const u = new Unpack.Sync(opt) + + const file = opt.file + let threw = true + let fd + const stat = fs.statSync(file) + // This trades a zero-byte read() syscall for a stat + // However, it will usually result in less memory allocation + const readSize = opt.maxReadSize || 16*1024*1024 + const stream = new fsm.ReadStreamSync(file, { + readSize: readSize, + size: stat.size + }) + stream.pipe(u) +} + +const extractFile = (opt, cb) => { + const u = new Unpack(opt) + const readSize = opt.maxReadSize || 16*1024*1024 + + const file = opt.file + const p = new Promise((resolve, reject) => { + u.on('error', reject) + u.on('close', resolve) + + // This trades a zero-byte read() syscall for a stat + // However, it will usually result in less memory allocation + fs.stat(file, (er, stat) => { + if (er) + reject(er) + else { + const stream = new fsm.ReadStream(file, { + readSize: readSize, + size: stat.size + }) + stream.on('error', reject) + stream.pipe(u) + } + }) + }) + return cb ? p.then(cb, cb) : p +} + +const extractSync = opt => { + return new Unpack.Sync(opt) +} + +const extract = opt => { + return new Unpack(opt) +} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/get-write-flag.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/get-write-flag.js new file mode 100644 index 000000000..e86959996 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/get-write-flag.js @@ -0,0 +1,20 @@ +// Get the appropriate flag to use for creating files +// We use fmap on Windows platforms for files less than +// 512kb. This is a fairly low limit, but avoids making +// things slower in some cases. Since most of what this +// library is used for is extracting tarballs of many +// relatively small files in npm packages and the like, +// it can be a big boost on Windows platforms. +// Only supported in Node v12.9.0 and above. +const platform = process.env.__FAKE_PLATFORM__ || process.platform +const isWindows = platform === 'win32' +const fs = global.__FAKE_TESTING_FS__ || require('fs') + +/* istanbul ignore next */ +const { O_CREAT, O_TRUNC, O_WRONLY, UV_FS_O_FILEMAP = 0 } = fs.constants + +const fMapEnabled = isWindows && !!UV_FS_O_FILEMAP +const fMapLimit = 512 * 1024 +const fMapFlag = UV_FS_O_FILEMAP | O_TRUNC | O_CREAT | O_WRONLY +module.exports = !fMapEnabled ? () => 'w' + : size => size < fMapLimit ? fMapFlag : 'w' diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/header.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/header.js new file mode 100644 index 000000000..5d88f6cf8 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/header.js @@ -0,0 +1,288 @@ +'use strict' +// parse a 512-byte header block to a data object, or vice-versa +// encode returns `true` if a pax extended header is needed, because +// the data could not be faithfully encoded in a simple header. +// (Also, check header.needPax to see if it needs a pax header.) + +const types = require('./types.js') +const pathModule = require('path').posix +const large = require('./large-numbers.js') + +const SLURP = Symbol('slurp') +const TYPE = Symbol('type') + +class Header { + constructor (data, off, ex, gex) { + this.cksumValid = false + this.needPax = false + this.nullBlock = false + + this.block = null + this.path = null + this.mode = null + this.uid = null + this.gid = null + this.size = null + this.mtime = null + this.cksum = null + this[TYPE] = '0' + this.linkpath = null + this.uname = null + this.gname = null + this.devmaj = 0 + this.devmin = 0 + this.atime = null + this.ctime = null + + if (Buffer.isBuffer(data)) + this.decode(data, off || 0, ex, gex) + else if (data) + this.set(data) + } + + decode (buf, off, ex, gex) { + if (!off) + off = 0 + + if (!buf || !(buf.length >= off + 512)) + throw new Error('need 512 bytes for header') + + this.path = decString(buf, off, 100) + this.mode = decNumber(buf, off + 100, 8) + this.uid = decNumber(buf, off + 108, 8) + this.gid = decNumber(buf, off + 116, 8) + this.size = decNumber(buf, off + 124, 12) + this.mtime = decDate(buf, off + 136, 12) + this.cksum = decNumber(buf, off + 148, 12) + + // if we have extended or global extended headers, apply them now + // See https://github.com/npm/node-tar/pull/187 + this[SLURP](ex) + this[SLURP](gex, true) + + // old tar versions marked dirs as a file with a trailing / + this[TYPE] = decString(buf, off + 156, 1) + if (this[TYPE] === '') + this[TYPE] = '0' + if (this[TYPE] === '0' && this.path.substr(-1) === '/') + this[TYPE] = '5' + + // tar implementations sometimes incorrectly put the stat(dir).size + // as the size in the tarball, even though Directory entries are + // not able to have any body at all. In the very rare chance that + // it actually DOES have a body, we weren't going to do anything with + // it anyway, and it'll just be a warning about an invalid header. + if (this[TYPE] === '5') + this.size = 0 + + this.linkpath = decString(buf, off + 157, 100) + if (buf.slice(off + 257, off + 265).toString() === 'ustar\u000000') { + this.uname = decString(buf, off + 265, 32) + this.gname = decString(buf, off + 297, 32) + this.devmaj = decNumber(buf, off + 329, 8) + this.devmin = decNumber(buf, off + 337, 8) + if (buf[off + 475] !== 0) { + // definitely a prefix, definitely >130 chars. + const prefix = decString(buf, off + 345, 155) + this.path = prefix + '/' + this.path + } else { + const prefix = decString(buf, off + 345, 130) + if (prefix) + this.path = prefix + '/' + this.path + this.atime = decDate(buf, off + 476, 12) + this.ctime = decDate(buf, off + 488, 12) + } + } + + let sum = 8 * 0x20 + for (let i = off; i < off + 148; i++) { + sum += buf[i] + } + for (let i = off + 156; i < off + 512; i++) { + sum += buf[i] + } + this.cksumValid = sum === this.cksum + if (this.cksum === null && sum === 8 * 0x20) + this.nullBlock = true + } + + [SLURP] (ex, global) { + for (let k in ex) { + // we slurp in everything except for the path attribute in + // a global extended header, because that's weird. + if (ex[k] !== null && ex[k] !== undefined && + !(global && k === 'path')) + this[k] = ex[k] + } + } + + encode (buf, off) { + if (!buf) { + buf = this.block = Buffer.alloc(512) + off = 0 + } + + if (!off) + off = 0 + + if (!(buf.length >= off + 512)) + throw new Error('need 512 bytes for header') + + const prefixSize = this.ctime || this.atime ? 130 : 155 + const split = splitPrefix(this.path || '', prefixSize) + const path = split[0] + const prefix = split[1] + this.needPax = split[2] + + this.needPax = encString(buf, off, 100, path) || this.needPax + this.needPax = encNumber(buf, off + 100, 8, this.mode) || this.needPax + this.needPax = encNumber(buf, off + 108, 8, this.uid) || this.needPax + this.needPax = encNumber(buf, off + 116, 8, this.gid) || this.needPax + this.needPax = encNumber(buf, off + 124, 12, this.size) || this.needPax + this.needPax = encDate(buf, off + 136, 12, this.mtime) || this.needPax + buf[off + 156] = this[TYPE].charCodeAt(0) + this.needPax = encString(buf, off + 157, 100, this.linkpath) || this.needPax + buf.write('ustar\u000000', off + 257, 8) + this.needPax = encString(buf, off + 265, 32, this.uname) || this.needPax + this.needPax = encString(buf, off + 297, 32, this.gname) || this.needPax + this.needPax = encNumber(buf, off + 329, 8, this.devmaj) || this.needPax + this.needPax = encNumber(buf, off + 337, 8, this.devmin) || this.needPax + this.needPax = encString(buf, off + 345, prefixSize, prefix) || this.needPax + if (buf[off + 475] !== 0) + this.needPax = encString(buf, off + 345, 155, prefix) || this.needPax + else { + this.needPax = encString(buf, off + 345, 130, prefix) || this.needPax + this.needPax = encDate(buf, off + 476, 12, this.atime) || this.needPax + this.needPax = encDate(buf, off + 488, 12, this.ctime) || this.needPax + } + + let sum = 8 * 0x20 + for (let i = off; i < off + 148; i++) { + sum += buf[i] + } + for (let i = off + 156; i < off + 512; i++) { + sum += buf[i] + } + this.cksum = sum + encNumber(buf, off + 148, 8, this.cksum) + this.cksumValid = true + + return this.needPax + } + + set (data) { + for (let i in data) { + if (data[i] !== null && data[i] !== undefined) + this[i] = data[i] + } + } + + get type () { + return types.name.get(this[TYPE]) || this[TYPE] + } + + get typeKey () { + return this[TYPE] + } + + set type (type) { + if (types.code.has(type)) + this[TYPE] = types.code.get(type) + else + this[TYPE] = type + } +} + +const splitPrefix = (p, prefixSize) => { + const pathSize = 100 + let pp = p + let prefix = '' + let ret + const root = pathModule.parse(p).root || '.' + + if (Buffer.byteLength(pp) < pathSize) + ret = [pp, prefix, false] + else { + // first set prefix to the dir, and path to the base + prefix = pathModule.dirname(pp) + pp = pathModule.basename(pp) + + do { + // both fit! + if (Buffer.byteLength(pp) <= pathSize && + Buffer.byteLength(prefix) <= prefixSize) + ret = [pp, prefix, false] + + // prefix fits in prefix, but path doesn't fit in path + else if (Buffer.byteLength(pp) > pathSize && + Buffer.byteLength(prefix) <= prefixSize) + ret = [pp.substr(0, pathSize - 1), prefix, true] + + else { + // make path take a bit from prefix + pp = pathModule.join(pathModule.basename(prefix), pp) + prefix = pathModule.dirname(prefix) + } + } while (prefix !== root && !ret) + + // at this point, found no resolution, just truncate + if (!ret) + ret = [p.substr(0, pathSize - 1), '', true] + } + return ret +} + +const decString = (buf, off, size) => + buf.slice(off, off + size).toString('utf8').replace(/\0.*/, '') + +const decDate = (buf, off, size) => + numToDate(decNumber(buf, off, size)) + +const numToDate = num => num === null ? null : new Date(num * 1000) + +const decNumber = (buf, off, size) => + buf[off] & 0x80 ? large.parse(buf.slice(off, off + size)) + : decSmallNumber(buf, off, size) + +const nanNull = value => isNaN(value) ? null : value + +const decSmallNumber = (buf, off, size) => + nanNull(parseInt( + buf.slice(off, off + size) + .toString('utf8').replace(/\0.*$/, '').trim(), 8)) + +// the maximum encodable as a null-terminated octal, by field size +const MAXNUM = { + 12: 0o77777777777, + 8 : 0o7777777 +} + +const encNumber = (buf, off, size, number) => + number === null ? false : + number > MAXNUM[size] || number < 0 + ? (large.encode(number, buf.slice(off, off + size)), true) + : (encSmallNumber(buf, off, size, number), false) + +const encSmallNumber = (buf, off, size, number) => + buf.write(octalString(number, size), off, size, 'ascii') + +const octalString = (number, size) => + padOctal(Math.floor(number).toString(8), size) + +const padOctal = (string, size) => + (string.length === size - 1 ? string + : new Array(size - string.length - 1).join('0') + string + ' ') + '\0' + +const encDate = (buf, off, size, date) => + date === null ? false : + encNumber(buf, off, size, date.getTime() / 1000) + +// enough to fill the longest string we've got +const NULLS = new Array(156).join('\0') +// pad with nulls, return true if it's longer or non-ascii +const encString = (buf, off, size, string) => + string === null ? false : + (buf.write(string + NULLS, off, size, 'utf8'), + string.length !== Buffer.byteLength(string) || string.length > size) + +module.exports = Header diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/high-level-opt.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/high-level-opt.js new file mode 100644 index 000000000..7333db915 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/high-level-opt.js @@ -0,0 +1,29 @@ +'use strict' + +// turn tar(1) style args like `C` into the more verbose things like `cwd` + +const argmap = new Map([ + ['C', 'cwd'], + ['f', 'file'], + ['z', 'gzip'], + ['P', 'preservePaths'], + ['U', 'unlink'], + ['strip-components', 'strip'], + ['stripComponents', 'strip'], + ['keep-newer', 'newer'], + ['keepNewer', 'newer'], + ['keep-newer-files', 'newer'], + ['keepNewerFiles', 'newer'], + ['k', 'keep'], + ['keep-existing', 'keep'], + ['keepExisting', 'keep'], + ['m', 'noMtime'], + ['no-mtime', 'noMtime'], + ['p', 'preserveOwner'], + ['L', 'follow'], + ['h', 'follow'] +]) + +const parse = module.exports = opt => opt ? Object.keys(opt).map(k => [ + argmap.has(k) ? argmap.get(k) : k, opt[k] +]).reduce((set, kv) => (set[kv[0]] = kv[1], set), Object.create(null)) : {} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/large-numbers.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/large-numbers.js new file mode 100644 index 000000000..ad30bc350 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/large-numbers.js @@ -0,0 +1,97 @@ +'use strict' +// Tar can encode large and negative numbers using a leading byte of +// 0xff for negative, and 0x80 for positive. + +const encode = exports.encode = (num, buf) => { + if (!Number.isSafeInteger(num)) + // The number is so large that javascript cannot represent it with integer + // precision. + throw Error('cannot encode number outside of javascript safe integer range') + else if (num < 0) + encodeNegative(num, buf) + else + encodePositive(num, buf) + return buf +} + +const encodePositive = (num, buf) => { + buf[0] = 0x80 + + for (var i = buf.length; i > 1; i--) { + buf[i-1] = num & 0xff + num = Math.floor(num / 0x100) + } +} + +const encodeNegative = (num, buf) => { + buf[0] = 0xff + var flipped = false + num = num * -1 + for (var i = buf.length; i > 1; i--) { + var byte = num & 0xff + num = Math.floor(num / 0x100) + if (flipped) + buf[i-1] = onesComp(byte) + else if (byte === 0) + buf[i-1] = 0 + else { + flipped = true + buf[i-1] = twosComp(byte) + } + } +} + +const parse = exports.parse = (buf) => { + var post = buf[buf.length - 1] + var pre = buf[0] + var value; + if (pre === 0x80) + value = pos(buf.slice(1, buf.length)) + else if (pre === 0xff) + value = twos(buf) + else + throw Error('invalid base256 encoding') + + if (!Number.isSafeInteger(value)) + // The number is so large that javascript cannot represent it with integer + // precision. + throw Error('parsed number outside of javascript safe integer range') + + return value +} + +const twos = (buf) => { + var len = buf.length + var sum = 0 + var flipped = false + for (var i = len - 1; i > -1; i--) { + var byte = buf[i] + var f + if (flipped) + f = onesComp(byte) + else if (byte === 0) + f = byte + else { + flipped = true + f = twosComp(byte) + } + if (f !== 0) + sum -= f * Math.pow(256, len - i - 1) + } + return sum +} + +const pos = (buf) => { + var len = buf.length + var sum = 0 + for (var i = len - 1; i > -1; i--) { + var byte = buf[i] + if (byte !== 0) + sum += byte * Math.pow(256, len - i - 1) + } + return sum +} + +const onesComp = byte => (0xff ^ byte) & 0xff + +const twosComp = byte => ((0xff ^ byte) + 1) & 0xff diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/list.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/list.js new file mode 100644 index 000000000..9da3f812c --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/list.js @@ -0,0 +1,128 @@ +'use strict' + +// XXX: This shares a lot in common with extract.js +// maybe some DRY opportunity here? + +// tar -t +const hlo = require('./high-level-opt.js') +const Parser = require('./parse.js') +const fs = require('fs') +const fsm = require('fs-minipass') +const path = require('path') + +const t = module.exports = (opt_, files, cb) => { + if (typeof opt_ === 'function') + cb = opt_, files = null, opt_ = {} + else if (Array.isArray(opt_)) + files = opt_, opt_ = {} + + if (typeof files === 'function') + cb = files, files = null + + if (!files) + files = [] + else + files = Array.from(files) + + const opt = hlo(opt_) + + if (opt.sync && typeof cb === 'function') + throw new TypeError('callback not supported for sync tar functions') + + if (!opt.file && typeof cb === 'function') + throw new TypeError('callback only supported with file option') + + if (files.length) + filesFilter(opt, files) + + if (!opt.noResume) + onentryFunction(opt) + + return opt.file && opt.sync ? listFileSync(opt) + : opt.file ? listFile(opt, cb) + : list(opt) +} + +const onentryFunction = opt => { + const onentry = opt.onentry + opt.onentry = onentry ? e => { + onentry(e) + e.resume() + } : e => e.resume() +} + +// construct a filter that limits the file entries listed +// include child entries if a dir is included +const filesFilter = (opt, files) => { + const map = new Map(files.map(f => [f.replace(/\/+$/, ''), true])) + const filter = opt.filter + + const mapHas = (file, r) => { + const root = r || path.parse(file).root || '.' + const ret = file === root ? false + : map.has(file) ? map.get(file) + : mapHas(path.dirname(file), root) + + map.set(file, ret) + return ret + } + + opt.filter = filter + ? (file, entry) => filter(file, entry) && mapHas(file.replace(/\/+$/, '')) + : file => mapHas(file.replace(/\/+$/, '')) +} + +const listFileSync = opt => { + const p = list(opt) + const file = opt.file + let threw = true + let fd + try { + const stat = fs.statSync(file) + const readSize = opt.maxReadSize || 16*1024*1024 + if (stat.size < readSize) { + p.end(fs.readFileSync(file)) + } else { + let pos = 0 + const buf = Buffer.allocUnsafe(readSize) + fd = fs.openSync(file, 'r') + while (pos < stat.size) { + let bytesRead = fs.readSync(fd, buf, 0, readSize, pos) + pos += bytesRead + p.write(buf.slice(0, bytesRead)) + } + p.end() + } + threw = false + } finally { + if (threw && fd) + try { fs.closeSync(fd) } catch (er) {} + } +} + +const listFile = (opt, cb) => { + const parse = new Parser(opt) + const readSize = opt.maxReadSize || 16*1024*1024 + + const file = opt.file + const p = new Promise((resolve, reject) => { + parse.on('error', reject) + parse.on('end', resolve) + + fs.stat(file, (er, stat) => { + if (er) + reject(er) + else { + const stream = new fsm.ReadStream(file, { + readSize: readSize, + size: stat.size + }) + stream.on('error', reject) + stream.pipe(parse) + } + }) + }) + return cb ? p.then(cb, cb) : p +} + +const list = opt => new Parser(opt) diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/mkdir.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/mkdir.js new file mode 100644 index 000000000..381d0e1b3 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/mkdir.js @@ -0,0 +1,206 @@ +'use strict' +// wrapper around mkdirp for tar's needs. + +// TODO: This should probably be a class, not functionally +// passing around state in a gazillion args. + +const mkdirp = require('mkdirp') +const fs = require('fs') +const path = require('path') +const chownr = require('chownr') + +class SymlinkError extends Error { + constructor (symlink, path) { + super('Cannot extract through symbolic link') + this.path = path + this.symlink = symlink + } + + get name () { + return 'SylinkError' + } +} + +class CwdError extends Error { + constructor (path, code) { + super(code + ': Cannot cd into \'' + path + '\'') + this.path = path + this.code = code + } + + get name () { + return 'CwdError' + } +} + +const mkdir = module.exports = (dir, opt, cb) => { + // if there's any overlap between mask and mode, + // then we'll need an explicit chmod + const umask = opt.umask + const mode = opt.mode | 0o0700 + const needChmod = (mode & umask) !== 0 + + const uid = opt.uid + const gid = opt.gid + const doChown = typeof uid === 'number' && + typeof gid === 'number' && + ( uid !== opt.processUid || gid !== opt.processGid ) + + const preserve = opt.preserve + const unlink = opt.unlink + const cache = opt.cache + const cwd = opt.cwd + + const done = (er, created) => { + if (er) + cb(er) + else { + cache.set(dir, true) + if (created && doChown) + chownr(created, uid, gid, er => done(er)) + else if (needChmod) + fs.chmod(dir, mode, cb) + else + cb() + } + } + + if (cache && cache.get(dir) === true) + return done() + + if (dir === cwd) + return fs.stat(dir, (er, st) => { + if (er || !st.isDirectory()) + er = new CwdError(dir, er && er.code || 'ENOTDIR') + done(er) + }) + + if (preserve) + return mkdirp(dir, {mode}).then(made => done(null, made), done) + + const sub = path.relative(cwd, dir) + const parts = sub.split(/\/|\\/) + mkdir_(cwd, parts, mode, cache, unlink, cwd, null, done) +} + +const mkdir_ = (base, parts, mode, cache, unlink, cwd, created, cb) => { + if (!parts.length) + return cb(null, created) + const p = parts.shift() + const part = base + '/' + p + if (cache.get(part)) + return mkdir_(part, parts, mode, cache, unlink, cwd, created, cb) + fs.mkdir(part, mode, onmkdir(part, parts, mode, cache, unlink, cwd, created, cb)) +} + +const onmkdir = (part, parts, mode, cache, unlink, cwd, created, cb) => er => { + if (er) { + if (er.path && path.dirname(er.path) === cwd && + (er.code === 'ENOTDIR' || er.code === 'ENOENT')) + return cb(new CwdError(cwd, er.code)) + + fs.lstat(part, (statEr, st) => { + if (statEr) + cb(statEr) + else if (st.isDirectory()) + mkdir_(part, parts, mode, cache, unlink, cwd, created, cb) + else if (unlink) + fs.unlink(part, er => { + if (er) + return cb(er) + fs.mkdir(part, mode, onmkdir(part, parts, mode, cache, unlink, cwd, created, cb)) + }) + else if (st.isSymbolicLink()) + return cb(new SymlinkError(part, part + '/' + parts.join('/'))) + else + cb(er) + }) + } else { + created = created || part + mkdir_(part, parts, mode, cache, unlink, cwd, created, cb) + } +} + +const mkdirSync = module.exports.sync = (dir, opt) => { + // if there's any overlap between mask and mode, + // then we'll need an explicit chmod + const umask = opt.umask + const mode = opt.mode | 0o0700 + const needChmod = (mode & umask) !== 0 + + const uid = opt.uid + const gid = opt.gid + const doChown = typeof uid === 'number' && + typeof gid === 'number' && + ( uid !== opt.processUid || gid !== opt.processGid ) + + const preserve = opt.preserve + const unlink = opt.unlink + const cache = opt.cache + const cwd = opt.cwd + + const done = (created) => { + cache.set(dir, true) + if (created && doChown) + chownr.sync(created, uid, gid) + if (needChmod) + fs.chmodSync(dir, mode) + } + + if (cache && cache.get(dir) === true) + return done() + + if (dir === cwd) { + let ok = false + let code = 'ENOTDIR' + try { + ok = fs.statSync(dir).isDirectory() + } catch (er) { + code = er.code + } finally { + if (!ok) + throw new CwdError(dir, code) + } + done() + return + } + + if (preserve) + return done(mkdirp.sync(dir, mode)) + + const sub = path.relative(cwd, dir) + const parts = sub.split(/\/|\\/) + let created = null + for (let p = parts.shift(), part = cwd; + p && (part += '/' + p); + p = parts.shift()) { + + if (cache.get(part)) + continue + + try { + fs.mkdirSync(part, mode) + created = created || part + cache.set(part, true) + } catch (er) { + if (er.path && path.dirname(er.path) === cwd && + (er.code === 'ENOTDIR' || er.code === 'ENOENT')) + return new CwdError(cwd, er.code) + + const st = fs.lstatSync(part) + if (st.isDirectory()) { + cache.set(part, true) + continue + } else if (unlink) { + fs.unlinkSync(part) + fs.mkdirSync(part, mode) + created = created || part + cache.set(part, true) + continue + } else if (st.isSymbolicLink()) + return new SymlinkError(part, part + '/' + parts.join('/')) + } + } + + return done(created) +} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/mode-fix.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/mode-fix.js new file mode 100644 index 000000000..c3758741c --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/mode-fix.js @@ -0,0 +1,24 @@ +'use strict' +module.exports = (mode, isDir, portable) => { + mode &= 0o7777 + + // in portable mode, use the minimum reasonable umask + // if this system creates files with 0o664 by default + // (as some linux distros do), then we'll write the + // archive with 0o644 instead. Also, don't ever create + // a file that is not readable/writable by the owner. + if (portable) { + mode = (mode | 0o600) &~0o22 + } + + // if dirs are readable, then they should be listable + if (isDir) { + if (mode & 0o400) + mode |= 0o100 + if (mode & 0o40) + mode |= 0o10 + if (mode & 0o4) + mode |= 0o1 + } + return mode +} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/pack.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/pack.js new file mode 100644 index 000000000..0fca4ae25 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/pack.js @@ -0,0 +1,403 @@ +'use strict' + +// A readable tar stream creator +// Technically, this is a transform stream that you write paths into, +// and tar format comes out of. +// The `add()` method is like `write()` but returns this, +// and end() return `this` as well, so you can +// do `new Pack(opt).add('files').add('dir').end().pipe(output) +// You could also do something like: +// streamOfPaths().pipe(new Pack()).pipe(new fs.WriteStream('out.tar')) + +class PackJob { + constructor (path, absolute) { + this.path = path || './' + this.absolute = absolute + this.entry = null + this.stat = null + this.readdir = null + this.pending = false + this.ignore = false + this.piped = false + } +} + +const MiniPass = require('minipass') +const zlib = require('minizlib') +const ReadEntry = require('./read-entry.js') +const WriteEntry = require('./write-entry.js') +const WriteEntrySync = WriteEntry.Sync +const WriteEntryTar = WriteEntry.Tar +const Yallist = require('yallist') +const EOF = Buffer.alloc(1024) +const ONSTAT = Symbol('onStat') +const ENDED = Symbol('ended') +const QUEUE = Symbol('queue') +const CURRENT = Symbol('current') +const PROCESS = Symbol('process') +const PROCESSING = Symbol('processing') +const PROCESSJOB = Symbol('processJob') +const JOBS = Symbol('jobs') +const JOBDONE = Symbol('jobDone') +const ADDFSENTRY = Symbol('addFSEntry') +const ADDTARENTRY = Symbol('addTarEntry') +const STAT = Symbol('stat') +const READDIR = Symbol('readdir') +const ONREADDIR = Symbol('onreaddir') +const PIPE = Symbol('pipe') +const ENTRY = Symbol('entry') +const ENTRYOPT = Symbol('entryOpt') +const WRITEENTRYCLASS = Symbol('writeEntryClass') +const WRITE = Symbol('write') +const ONDRAIN = Symbol('ondrain') + +const fs = require('fs') +const path = require('path') +const warner = require('./warn-mixin.js') + +const Pack = warner(class Pack extends MiniPass { + constructor (opt) { + super(opt) + opt = opt || Object.create(null) + this.opt = opt + this.file = opt.file || '' + this.cwd = opt.cwd || process.cwd() + this.maxReadSize = opt.maxReadSize + this.preservePaths = !!opt.preservePaths + this.strict = !!opt.strict + this.noPax = !!opt.noPax + this.prefix = (opt.prefix || '').replace(/(\\|\/)+$/, '') + this.linkCache = opt.linkCache || new Map() + this.statCache = opt.statCache || new Map() + this.readdirCache = opt.readdirCache || new Map() + + this[WRITEENTRYCLASS] = WriteEntry + if (typeof opt.onwarn === 'function') + this.on('warn', opt.onwarn) + + this.portable = !!opt.portable + this.zip = null + if (opt.gzip) { + if (typeof opt.gzip !== 'object') + opt.gzip = {} + if (this.portable) + opt.gzip.portable = true + this.zip = new zlib.Gzip(opt.gzip) + this.zip.on('data', chunk => super.write(chunk)) + this.zip.on('end', _ => super.end()) + this.zip.on('drain', _ => this[ONDRAIN]()) + this.on('resume', _ => this.zip.resume()) + } else + this.on('drain', this[ONDRAIN]) + + this.noDirRecurse = !!opt.noDirRecurse + this.follow = !!opt.follow + this.noMtime = !!opt.noMtime + this.mtime = opt.mtime || null + + this.filter = typeof opt.filter === 'function' ? opt.filter : _ => true + + this[QUEUE] = new Yallist + this[JOBS] = 0 + this.jobs = +opt.jobs || 4 + this[PROCESSING] = false + this[ENDED] = false + } + + [WRITE] (chunk) { + return super.write(chunk) + } + + add (path) { + this.write(path) + return this + } + + end (path) { + if (path) + this.write(path) + this[ENDED] = true + this[PROCESS]() + return this + } + + write (path) { + if (this[ENDED]) + throw new Error('write after end') + + if (path instanceof ReadEntry) + this[ADDTARENTRY](path) + else + this[ADDFSENTRY](path) + return this.flowing + } + + [ADDTARENTRY] (p) { + const absolute = path.resolve(this.cwd, p.path) + if (this.prefix) + p.path = this.prefix + '/' + p.path.replace(/^\.(\/+|$)/, '') + + // in this case, we don't have to wait for the stat + if (!this.filter(p.path, p)) + p.resume() + else { + const job = new PackJob(p.path, absolute, false) + job.entry = new WriteEntryTar(p, this[ENTRYOPT](job)) + job.entry.on('end', _ => this[JOBDONE](job)) + this[JOBS] += 1 + this[QUEUE].push(job) + } + + this[PROCESS]() + } + + [ADDFSENTRY] (p) { + const absolute = path.resolve(this.cwd, p) + if (this.prefix) + p = this.prefix + '/' + p.replace(/^\.(\/+|$)/, '') + + this[QUEUE].push(new PackJob(p, absolute)) + this[PROCESS]() + } + + [STAT] (job) { + job.pending = true + this[JOBS] += 1 + const stat = this.follow ? 'stat' : 'lstat' + fs[stat](job.absolute, (er, stat) => { + job.pending = false + this[JOBS] -= 1 + if (er) + this.emit('error', er) + else + this[ONSTAT](job, stat) + }) + } + + [ONSTAT] (job, stat) { + this.statCache.set(job.absolute, stat) + job.stat = stat + + // now we have the stat, we can filter it. + if (!this.filter(job.path, stat)) + job.ignore = true + + this[PROCESS]() + } + + [READDIR] (job) { + job.pending = true + this[JOBS] += 1 + fs.readdir(job.absolute, (er, entries) => { + job.pending = false + this[JOBS] -= 1 + if (er) + return this.emit('error', er) + this[ONREADDIR](job, entries) + }) + } + + [ONREADDIR] (job, entries) { + this.readdirCache.set(job.absolute, entries) + job.readdir = entries + this[PROCESS]() + } + + [PROCESS] () { + if (this[PROCESSING]) + return + + this[PROCESSING] = true + for (let w = this[QUEUE].head; + w !== null && this[JOBS] < this.jobs; + w = w.next) { + this[PROCESSJOB](w.value) + if (w.value.ignore) { + const p = w.next + this[QUEUE].removeNode(w) + w.next = p + } + } + + this[PROCESSING] = false + + if (this[ENDED] && !this[QUEUE].length && this[JOBS] === 0) { + if (this.zip) + this.zip.end(EOF) + else { + super.write(EOF) + super.end() + } + } + } + + get [CURRENT] () { + return this[QUEUE] && this[QUEUE].head && this[QUEUE].head.value + } + + [JOBDONE] (job) { + this[QUEUE].shift() + this[JOBS] -= 1 + this[PROCESS]() + } + + [PROCESSJOB] (job) { + if (job.pending) + return + + if (job.entry) { + if (job === this[CURRENT] && !job.piped) + this[PIPE](job) + return + } + + if (!job.stat) { + if (this.statCache.has(job.absolute)) + this[ONSTAT](job, this.statCache.get(job.absolute)) + else + this[STAT](job) + } + if (!job.stat) + return + + // filtered out! + if (job.ignore) + return + + if (!this.noDirRecurse && job.stat.isDirectory() && !job.readdir) { + if (this.readdirCache.has(job.absolute)) + this[ONREADDIR](job, this.readdirCache.get(job.absolute)) + else + this[READDIR](job) + if (!job.readdir) + return + } + + // we know it doesn't have an entry, because that got checked above + job.entry = this[ENTRY](job) + if (!job.entry) { + job.ignore = true + return + } + + if (job === this[CURRENT] && !job.piped) + this[PIPE](job) + } + + [ENTRYOPT] (job) { + return { + onwarn: (code, msg, data) => this.warn(code, msg, data), + noPax: this.noPax, + cwd: this.cwd, + absolute: job.absolute, + preservePaths: this.preservePaths, + maxReadSize: this.maxReadSize, + strict: this.strict, + portable: this.portable, + linkCache: this.linkCache, + statCache: this.statCache, + noMtime: this.noMtime, + mtime: this.mtime + } + } + + [ENTRY] (job) { + this[JOBS] += 1 + try { + return new this[WRITEENTRYCLASS](job.path, this[ENTRYOPT](job)) + .on('end', () => this[JOBDONE](job)) + .on('error', er => this.emit('error', er)) + } catch (er) { + this.emit('error', er) + } + } + + [ONDRAIN] () { + if (this[CURRENT] && this[CURRENT].entry) + this[CURRENT].entry.resume() + } + + // like .pipe() but using super, because our write() is special + [PIPE] (job) { + job.piped = true + + if (job.readdir) + job.readdir.forEach(entry => { + const p = this.prefix ? + job.path.slice(this.prefix.length + 1) || './' + : job.path + + const base = p === './' ? '' : p.replace(/\/*$/, '/') + this[ADDFSENTRY](base + entry) + }) + + const source = job.entry + const zip = this.zip + + if (zip) + source.on('data', chunk => { + if (!zip.write(chunk)) + source.pause() + }) + else + source.on('data', chunk => { + if (!super.write(chunk)) + source.pause() + }) + } + + pause () { + if (this.zip) + this.zip.pause() + return super.pause() + } +}) + +class PackSync extends Pack { + constructor (opt) { + super(opt) + this[WRITEENTRYCLASS] = WriteEntrySync + } + + // pause/resume are no-ops in sync streams. + pause () {} + resume () {} + + [STAT] (job) { + const stat = this.follow ? 'statSync' : 'lstatSync' + this[ONSTAT](job, fs[stat](job.absolute)) + } + + [READDIR] (job, stat) { + this[ONREADDIR](job, fs.readdirSync(job.absolute)) + } + + // gotta get it all in this tick + [PIPE] (job) { + const source = job.entry + const zip = this.zip + + if (job.readdir) + job.readdir.forEach(entry => { + const p = this.prefix ? + job.path.slice(this.prefix.length + 1) || './' + : job.path + + const base = p === './' ? '' : p.replace(/\/*$/, '/') + this[ADDFSENTRY](base + entry) + }) + + if (zip) + source.on('data', chunk => { + zip.write(chunk) + }) + else + source.on('data', chunk => { + super[WRITE](chunk) + }) + } +} + +Pack.Sync = PackSync + +module.exports = Pack diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/parse.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/parse.js new file mode 100644 index 000000000..d9a49ad1f --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/parse.js @@ -0,0 +1,483 @@ +'use strict' + +// this[BUFFER] is the remainder of a chunk if we're waiting for +// the full 512 bytes of a header to come in. We will Buffer.concat() +// it to the next write(), which is a mem copy, but a small one. +// +// this[QUEUE] is a Yallist of entries that haven't been emitted +// yet this can only get filled up if the user keeps write()ing after +// a write() returns false, or does a write() with more than one entry +// +// We don't buffer chunks, we always parse them and either create an +// entry, or push it into the active entry. The ReadEntry class knows +// to throw data away if .ignore=true +// +// Shift entry off the buffer when it emits 'end', and emit 'entry' for +// the next one in the list. +// +// At any time, we're pushing body chunks into the entry at WRITEENTRY, +// and waiting for 'end' on the entry at READENTRY +// +// ignored entries get .resume() called on them straight away + +const warner = require('./warn-mixin.js') +const path = require('path') +const Header = require('./header.js') +const EE = require('events') +const Yallist = require('yallist') +const maxMetaEntrySize = 1024 * 1024 +const Entry = require('./read-entry.js') +const Pax = require('./pax.js') +const zlib = require('minizlib') + +const gzipHeader = Buffer.from([0x1f, 0x8b]) +const STATE = Symbol('state') +const WRITEENTRY = Symbol('writeEntry') +const READENTRY = Symbol('readEntry') +const NEXTENTRY = Symbol('nextEntry') +const PROCESSENTRY = Symbol('processEntry') +const EX = Symbol('extendedHeader') +const GEX = Symbol('globalExtendedHeader') +const META = Symbol('meta') +const EMITMETA = Symbol('emitMeta') +const BUFFER = Symbol('buffer') +const QUEUE = Symbol('queue') +const ENDED = Symbol('ended') +const EMITTEDEND = Symbol('emittedEnd') +const EMIT = Symbol('emit') +const UNZIP = Symbol('unzip') +const CONSUMECHUNK = Symbol('consumeChunk') +const CONSUMECHUNKSUB = Symbol('consumeChunkSub') +const CONSUMEBODY = Symbol('consumeBody') +const CONSUMEMETA = Symbol('consumeMeta') +const CONSUMEHEADER = Symbol('consumeHeader') +const CONSUMING = Symbol('consuming') +const BUFFERCONCAT = Symbol('bufferConcat') +const MAYBEEND = Symbol('maybeEnd') +const WRITING = Symbol('writing') +const ABORTED = Symbol('aborted') +const DONE = Symbol('onDone') +const SAW_VALID_ENTRY = Symbol('sawValidEntry') +const SAW_NULL_BLOCK = Symbol('sawNullBlock') +const SAW_EOF = Symbol('sawEOF') + +const noop = _ => true + +module.exports = warner(class Parser extends EE { + constructor (opt) { + opt = opt || {} + super(opt) + + this.file = opt.file || '' + + // set to boolean false when an entry starts. 1024 bytes of \0 + // is technically a valid tarball, albeit a boring one. + this[SAW_VALID_ENTRY] = null + + // these BADARCHIVE errors can't be detected early. listen on DONE. + this.on(DONE, _ => { + if (this[STATE] === 'begin' || this[SAW_VALID_ENTRY] === false) { + // either less than 1 block of data, or all entries were invalid. + // Either way, probably not even a tarball. + this.warn('TAR_BAD_ARCHIVE', 'Unrecognized archive format') + } + }) + + if (opt.ondone) + this.on(DONE, opt.ondone) + else + this.on(DONE, _ => { + this.emit('prefinish') + this.emit('finish') + this.emit('end') + this.emit('close') + }) + + this.strict = !!opt.strict + this.maxMetaEntrySize = opt.maxMetaEntrySize || maxMetaEntrySize + this.filter = typeof opt.filter === 'function' ? opt.filter : noop + + // have to set this so that streams are ok piping into it + this.writable = true + this.readable = false + + this[QUEUE] = new Yallist() + this[BUFFER] = null + this[READENTRY] = null + this[WRITEENTRY] = null + this[STATE] = 'begin' + this[META] = '' + this[EX] = null + this[GEX] = null + this[ENDED] = false + this[UNZIP] = null + this[ABORTED] = false + this[SAW_NULL_BLOCK] = false + this[SAW_EOF] = false + if (typeof opt.onwarn === 'function') + this.on('warn', opt.onwarn) + if (typeof opt.onentry === 'function') + this.on('entry', opt.onentry) + } + + [CONSUMEHEADER] (chunk, position) { + if (this[SAW_VALID_ENTRY] === null) + this[SAW_VALID_ENTRY] = false + let header + try { + header = new Header(chunk, position, this[EX], this[GEX]) + } catch (er) { + return this.warn('TAR_ENTRY_INVALID', er) + } + + if (header.nullBlock) { + if (this[SAW_NULL_BLOCK]) { + this[SAW_EOF] = true + // ending an archive with no entries. pointless, but legal. + if (this[STATE] === 'begin') + this[STATE] = 'header' + this[EMIT]('eof') + } else { + this[SAW_NULL_BLOCK] = true + this[EMIT]('nullBlock') + } + } else { + this[SAW_NULL_BLOCK] = false + if (!header.cksumValid) + this.warn('TAR_ENTRY_INVALID', 'checksum failure', {header}) + else if (!header.path) + this.warn('TAR_ENTRY_INVALID', 'path is required', {header}) + else { + const type = header.type + if (/^(Symbolic)?Link$/.test(type) && !header.linkpath) + this.warn('TAR_ENTRY_INVALID', 'linkpath required', {header}) + else if (!/^(Symbolic)?Link$/.test(type) && header.linkpath) + this.warn('TAR_ENTRY_INVALID', 'linkpath forbidden', {header}) + else { + const entry = this[WRITEENTRY] = new Entry(header, this[EX], this[GEX]) + + // we do this for meta & ignored entries as well, because they + // are still valid tar, or else we wouldn't know to ignore them + if (!this[SAW_VALID_ENTRY]) { + if (entry.remain) { + // this might be the one! + const onend = () => { + if (!entry.invalid) + this[SAW_VALID_ENTRY] = true + } + entry.on('end', onend) + } else { + this[SAW_VALID_ENTRY] = true + } + } + + if (entry.meta) { + if (entry.size > this.maxMetaEntrySize) { + entry.ignore = true + this[EMIT]('ignoredEntry', entry) + this[STATE] = 'ignore' + entry.resume() + } else if (entry.size > 0) { + this[META] = '' + entry.on('data', c => this[META] += c) + this[STATE] = 'meta' + } + } else { + this[EX] = null + entry.ignore = entry.ignore || !this.filter(entry.path, entry) + + if (entry.ignore) { + // probably valid, just not something we care about + this[EMIT]('ignoredEntry', entry) + this[STATE] = entry.remain ? 'ignore' : 'header' + entry.resume() + } else { + if (entry.remain) + this[STATE] = 'body' + else { + this[STATE] = 'header' + entry.end() + } + + if (!this[READENTRY]) { + this[QUEUE].push(entry) + this[NEXTENTRY]() + } else + this[QUEUE].push(entry) + } + } + } + } + } + } + + [PROCESSENTRY] (entry) { + let go = true + + if (!entry) { + this[READENTRY] = null + go = false + } else if (Array.isArray(entry)) + this.emit.apply(this, entry) + else { + this[READENTRY] = entry + this.emit('entry', entry) + if (!entry.emittedEnd) { + entry.on('end', _ => this[NEXTENTRY]()) + go = false + } + } + + return go + } + + [NEXTENTRY] () { + do {} while (this[PROCESSENTRY](this[QUEUE].shift())) + + if (!this[QUEUE].length) { + // At this point, there's nothing in the queue, but we may have an + // entry which is being consumed (readEntry). + // If we don't, then we definitely can handle more data. + // If we do, and either it's flowing, or it has never had any data + // written to it, then it needs more. + // The only other possibility is that it has returned false from a + // write() call, so we wait for the next drain to continue. + const re = this[READENTRY] + const drainNow = !re || re.flowing || re.size === re.remain + if (drainNow) { + if (!this[WRITING]) + this.emit('drain') + } else + re.once('drain', _ => this.emit('drain')) + } + } + + [CONSUMEBODY] (chunk, position) { + // write up to but no more than writeEntry.blockRemain + const entry = this[WRITEENTRY] + const br = entry.blockRemain + const c = (br >= chunk.length && position === 0) ? chunk + : chunk.slice(position, position + br) + + entry.write(c) + + if (!entry.blockRemain) { + this[STATE] = 'header' + this[WRITEENTRY] = null + entry.end() + } + + return c.length + } + + [CONSUMEMETA] (chunk, position) { + const entry = this[WRITEENTRY] + const ret = this[CONSUMEBODY](chunk, position) + + // if we finished, then the entry is reset + if (!this[WRITEENTRY]) + this[EMITMETA](entry) + + return ret + } + + [EMIT] (ev, data, extra) { + if (!this[QUEUE].length && !this[READENTRY]) + this.emit(ev, data, extra) + else + this[QUEUE].push([ev, data, extra]) + } + + [EMITMETA] (entry) { + this[EMIT]('meta', this[META]) + switch (entry.type) { + case 'ExtendedHeader': + case 'OldExtendedHeader': + this[EX] = Pax.parse(this[META], this[EX], false) + break + + case 'GlobalExtendedHeader': + this[GEX] = Pax.parse(this[META], this[GEX], true) + break + + case 'NextFileHasLongPath': + case 'OldGnuLongPath': + this[EX] = this[EX] || Object.create(null) + this[EX].path = this[META].replace(/\0.*/, '') + break + + case 'NextFileHasLongLinkpath': + this[EX] = this[EX] || Object.create(null) + this[EX].linkpath = this[META].replace(/\0.*/, '') + break + + /* istanbul ignore next */ + default: throw new Error('unknown meta: ' + entry.type) + } + } + + abort (error) { + this[ABORTED] = true + this.emit('abort', error) + // always throws, even in non-strict mode + this.warn('TAR_ABORT', error, { recoverable: false }) + } + + write (chunk) { + if (this[ABORTED]) + return + + // first write, might be gzipped + if (this[UNZIP] === null && chunk) { + if (this[BUFFER]) { + chunk = Buffer.concat([this[BUFFER], chunk]) + this[BUFFER] = null + } + if (chunk.length < gzipHeader.length) { + this[BUFFER] = chunk + return true + } + for (let i = 0; this[UNZIP] === null && i < gzipHeader.length; i++) { + if (chunk[i] !== gzipHeader[i]) + this[UNZIP] = false + } + if (this[UNZIP] === null) { + const ended = this[ENDED] + this[ENDED] = false + this[UNZIP] = new zlib.Unzip() + this[UNZIP].on('data', chunk => this[CONSUMECHUNK](chunk)) + this[UNZIP].on('error', er => this.abort(er)) + this[UNZIP].on('end', _ => { + this[ENDED] = true + this[CONSUMECHUNK]() + }) + this[WRITING] = true + const ret = this[UNZIP][ended ? 'end' : 'write' ](chunk) + this[WRITING] = false + return ret + } + } + + this[WRITING] = true + if (this[UNZIP]) + this[UNZIP].write(chunk) + else + this[CONSUMECHUNK](chunk) + this[WRITING] = false + + // return false if there's a queue, or if the current entry isn't flowing + const ret = + this[QUEUE].length ? false : + this[READENTRY] ? this[READENTRY].flowing : + true + + // if we have no queue, then that means a clogged READENTRY + if (!ret && !this[QUEUE].length) + this[READENTRY].once('drain', _ => this.emit('drain')) + + return ret + } + + [BUFFERCONCAT] (c) { + if (c && !this[ABORTED]) + this[BUFFER] = this[BUFFER] ? Buffer.concat([this[BUFFER], c]) : c + } + + [MAYBEEND] () { + if (this[ENDED] && + !this[EMITTEDEND] && + !this[ABORTED] && + !this[CONSUMING]) { + this[EMITTEDEND] = true + const entry = this[WRITEENTRY] + if (entry && entry.blockRemain) { + // truncated, likely a damaged file + const have = this[BUFFER] ? this[BUFFER].length : 0 + this.warn('TAR_BAD_ARCHIVE', `Truncated input (needed ${ + entry.blockRemain} more bytes, only ${have} available)`, {entry}) + if (this[BUFFER]) + entry.write(this[BUFFER]) + entry.end() + } + this[EMIT](DONE) + } + } + + [CONSUMECHUNK] (chunk) { + if (this[CONSUMING]) + this[BUFFERCONCAT](chunk) + else if (!chunk && !this[BUFFER]) + this[MAYBEEND]() + else { + this[CONSUMING] = true + if (this[BUFFER]) { + this[BUFFERCONCAT](chunk) + const c = this[BUFFER] + this[BUFFER] = null + this[CONSUMECHUNKSUB](c) + } else { + this[CONSUMECHUNKSUB](chunk) + } + + while (this[BUFFER] && + this[BUFFER].length >= 512 && + !this[ABORTED] && + !this[SAW_EOF]) { + const c = this[BUFFER] + this[BUFFER] = null + this[CONSUMECHUNKSUB](c) + } + this[CONSUMING] = false + } + + if (!this[BUFFER] || this[ENDED]) + this[MAYBEEND]() + } + + [CONSUMECHUNKSUB] (chunk) { + // we know that we are in CONSUMING mode, so anything written goes into + // the buffer. Advance the position and put any remainder in the buffer. + let position = 0 + let length = chunk.length + while (position + 512 <= length && !this[ABORTED] && !this[SAW_EOF]) { + switch (this[STATE]) { + case 'begin': + case 'header': + this[CONSUMEHEADER](chunk, position) + position += 512 + break + + case 'ignore': + case 'body': + position += this[CONSUMEBODY](chunk, position) + break + + case 'meta': + position += this[CONSUMEMETA](chunk, position) + break + + /* istanbul ignore next */ + default: + throw new Error('invalid state: ' + this[STATE]) + } + } + + if (position < length) { + if (this[BUFFER]) + this[BUFFER] = Buffer.concat([chunk.slice(position), this[BUFFER]]) + else + this[BUFFER] = chunk.slice(position) + } + } + + end (chunk) { + if (!this[ABORTED]) { + if (this[UNZIP]) + this[UNZIP].end(chunk) + else { + this[ENDED] = true + this.write(chunk) + } + } + } +}) diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/path-reservations.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/path-reservations.js new file mode 100644 index 000000000..3cf0c2c12 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/path-reservations.js @@ -0,0 +1,125 @@ +// A path exclusive reservation system +// reserve([list, of, paths], fn) +// When the fn is first in line for all its paths, it +// is called with a cb that clears the reservation. +// +// Used by async unpack to avoid clobbering paths in use, +// while still allowing maximal safe parallelization. + +const assert = require('assert') + +module.exports = () => { + // path => [function or Set] + // A Set object means a directory reservation + // A fn is a direct reservation on that path + const queues = new Map() + + // fn => {paths:[path,...], dirs:[path, ...]} + const reservations = new Map() + + // return a set of parent dirs for a given path + const { join } = require('path') + const getDirs = path => + join(path).split(/[\\\/]/).slice(0, -1).reduce((set, path) => + set.length ? set.concat(join(set[set.length-1], path)) : [path], []) + + // functions currently running + const running = new Set() + + // return the queues for each path the function cares about + // fn => {paths, dirs} + const getQueues = fn => { + const res = reservations.get(fn) + /* istanbul ignore if - unpossible */ + if (!res) + throw new Error('function does not have any path reservations') + return { + paths: res.paths.map(path => queues.get(path)), + dirs: [...res.dirs].map(path => queues.get(path)), + } + } + + // check if fn is first in line for all its paths, and is + // included in the first set for all its dir queues + const check = fn => { + const {paths, dirs} = getQueues(fn) + return paths.every(q => q[0] === fn) && + dirs.every(q => q[0] instanceof Set && q[0].has(fn)) + } + + // run the function if it's first in line and not already running + const run = fn => { + if (running.has(fn) || !check(fn)) + return false + running.add(fn) + fn(() => clear(fn)) + return true + } + + const clear = fn => { + if (!running.has(fn)) + return false + + const { paths, dirs } = reservations.get(fn) + const next = new Set() + + paths.forEach(path => { + const q = queues.get(path) + assert.equal(q[0], fn) + if (q.length === 1) + queues.delete(path) + else { + q.shift() + if (typeof q[0] === 'function') + next.add(q[0]) + else + q[0].forEach(fn => next.add(fn)) + } + }) + + dirs.forEach(dir => { + const q = queues.get(dir) + assert(q[0] instanceof Set) + if (q[0].size === 1 && q.length === 1) { + queues.delete(dir) + } else if (q[0].size === 1) { + q.shift() + + // must be a function or else the Set would've been reused + next.add(q[0]) + } else + q[0].delete(fn) + }) + running.delete(fn) + + next.forEach(fn => run(fn)) + return true + } + + const reserve = (paths, fn) => { + const dirs = new Set( + paths.map(path => getDirs(path)).reduce((a, b) => a.concat(b)) + ) + reservations.set(fn, {dirs, paths}) + paths.forEach(path => { + const q = queues.get(path) + if (!q) + queues.set(path, [fn]) + else + q.push(fn) + }) + dirs.forEach(dir => { + const q = queues.get(dir) + if (!q) + queues.set(dir, [new Set([fn])]) + else if (q[q.length-1] instanceof Set) + q[q.length-1].add(fn) + else + q.push(new Set([fn])) + }) + + return run(fn) + } + + return { check, reserve } +} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/pax.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/pax.js new file mode 100644 index 000000000..214a459f3 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/pax.js @@ -0,0 +1,145 @@ +'use strict' +const Header = require('./header.js') +const path = require('path') + +class Pax { + constructor (obj, global) { + this.atime = obj.atime || null + this.charset = obj.charset || null + this.comment = obj.comment || null + this.ctime = obj.ctime || null + this.gid = obj.gid || null + this.gname = obj.gname || null + this.linkpath = obj.linkpath || null + this.mtime = obj.mtime || null + this.path = obj.path || null + this.size = obj.size || null + this.uid = obj.uid || null + this.uname = obj.uname || null + this.dev = obj.dev || null + this.ino = obj.ino || null + this.nlink = obj.nlink || null + this.global = global || false + } + + encode () { + const body = this.encodeBody() + if (body === '') + return null + + const bodyLen = Buffer.byteLength(body) + // round up to 512 bytes + // add 512 for header + const bufLen = 512 * Math.ceil(1 + bodyLen / 512) + const buf = Buffer.allocUnsafe(bufLen) + + // 0-fill the header section, it might not hit every field + for (let i = 0; i < 512; i++) { + buf[i] = 0 + } + + new Header({ + // XXX split the path + // then the path should be PaxHeader + basename, but less than 99, + // prepend with the dirname + path: ('PaxHeader/' + path.basename(this.path)).slice(0, 99), + mode: this.mode || 0o644, + uid: this.uid || null, + gid: this.gid || null, + size: bodyLen, + mtime: this.mtime || null, + type: this.global ? 'GlobalExtendedHeader' : 'ExtendedHeader', + linkpath: '', + uname: this.uname || '', + gname: this.gname || '', + devmaj: 0, + devmin: 0, + atime: this.atime || null, + ctime: this.ctime || null + }).encode(buf) + + buf.write(body, 512, bodyLen, 'utf8') + + // null pad after the body + for (let i = bodyLen + 512; i < buf.length; i++) { + buf[i] = 0 + } + + return buf + } + + encodeBody () { + return ( + this.encodeField('path') + + this.encodeField('ctime') + + this.encodeField('atime') + + this.encodeField('dev') + + this.encodeField('ino') + + this.encodeField('nlink') + + this.encodeField('charset') + + this.encodeField('comment') + + this.encodeField('gid') + + this.encodeField('gname') + + this.encodeField('linkpath') + + this.encodeField('mtime') + + this.encodeField('size') + + this.encodeField('uid') + + this.encodeField('uname') + ) + } + + encodeField (field) { + if (this[field] === null || this[field] === undefined) + return '' + const v = this[field] instanceof Date ? this[field].getTime() / 1000 + : this[field] + const s = ' ' + + (field === 'dev' || field === 'ino' || field === 'nlink' + ? 'SCHILY.' : '') + + field + '=' + v + '\n' + const byteLen = Buffer.byteLength(s) + // the digits includes the length of the digits in ascii base-10 + // so if it's 9 characters, then adding 1 for the 9 makes it 10 + // which makes it 11 chars. + let digits = Math.floor(Math.log(byteLen) / Math.log(10)) + 1 + if (byteLen + digits >= Math.pow(10, digits)) + digits += 1 + const len = digits + byteLen + return len + s + } +} + +Pax.parse = (string, ex, g) => new Pax(merge(parseKV(string), ex), g) + +const merge = (a, b) => + b ? Object.keys(a).reduce((s, k) => (s[k] = a[k], s), b) : a + +const parseKV = string => + string + .replace(/\n$/, '') + .split('\n') + .reduce(parseKVLine, Object.create(null)) + +const parseKVLine = (set, line) => { + const n = parseInt(line, 10) + + // XXX Values with \n in them will fail this. + // Refactor to not be a naive line-by-line parse. + if (n !== Buffer.byteLength(line) + 1) + return set + + line = line.substr((n + ' ').length) + const kv = line.split('=') + const k = kv.shift().replace(/^SCHILY\.(dev|ino|nlink)/, '$1') + if (!k) + return set + + const v = kv.join('=') + set[k] = /^([A-Z]+\.)?([mac]|birth|creation)time$/.test(k) + ? new Date(v * 1000) + : /^[0-9]+$/.test(v) ? +v + : v + return set +} + +module.exports = Pax diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/read-entry.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/read-entry.js new file mode 100644 index 000000000..8acee94ba --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/read-entry.js @@ -0,0 +1,98 @@ +'use strict' +const types = require('./types.js') +const MiniPass = require('minipass') + +const SLURP = Symbol('slurp') +module.exports = class ReadEntry extends MiniPass { + constructor (header, ex, gex) { + super() + // read entries always start life paused. this is to avoid the + // situation where Minipass's auto-ending empty streams results + // in an entry ending before we're ready for it. + this.pause() + this.extended = ex + this.globalExtended = gex + this.header = header + this.startBlockSize = 512 * Math.ceil(header.size / 512) + this.blockRemain = this.startBlockSize + this.remain = header.size + this.type = header.type + this.meta = false + this.ignore = false + switch (this.type) { + case 'File': + case 'OldFile': + case 'Link': + case 'SymbolicLink': + case 'CharacterDevice': + case 'BlockDevice': + case 'Directory': + case 'FIFO': + case 'ContiguousFile': + case 'GNUDumpDir': + break + + case 'NextFileHasLongLinkpath': + case 'NextFileHasLongPath': + case 'OldGnuLongPath': + case 'GlobalExtendedHeader': + case 'ExtendedHeader': + case 'OldExtendedHeader': + this.meta = true + break + + // NOTE: gnutar and bsdtar treat unrecognized types as 'File' + // it may be worth doing the same, but with a warning. + default: + this.ignore = true + } + + this.path = header.path + this.mode = header.mode + if (this.mode) + this.mode = this.mode & 0o7777 + this.uid = header.uid + this.gid = header.gid + this.uname = header.uname + this.gname = header.gname + this.size = header.size + this.mtime = header.mtime + this.atime = header.atime + this.ctime = header.ctime + this.linkpath = header.linkpath + this.uname = header.uname + this.gname = header.gname + + if (ex) this[SLURP](ex) + if (gex) this[SLURP](gex, true) + } + + write (data) { + const writeLen = data.length + if (writeLen > this.blockRemain) + throw new Error('writing more to entry than is appropriate') + + const r = this.remain + const br = this.blockRemain + this.remain = Math.max(0, r - writeLen) + this.blockRemain = Math.max(0, br - writeLen) + if (this.ignore) + return true + + if (r >= writeLen) + return super.write(data) + + // r < writeLen + return super.write(data.slice(0, r)) + } + + [SLURP] (ex, global) { + for (let k in ex) { + // we slurp in everything except for the path attribute in + // a global extended header, because that's weird. + if (ex[k] !== null && ex[k] !== undefined && + !(global && k === 'path')) + this[k] = ex[k] + } + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/replace.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/replace.js new file mode 100644 index 000000000..44126d1f8 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/replace.js @@ -0,0 +1,219 @@ +'use strict' + +// tar -r +const hlo = require('./high-level-opt.js') +const Pack = require('./pack.js') +const Parse = require('./parse.js') +const fs = require('fs') +const fsm = require('fs-minipass') +const t = require('./list.js') +const path = require('path') + +// starting at the head of the file, read a Header +// If the checksum is invalid, that's our position to start writing +// If it is, jump forward by the specified size (round up to 512) +// and try again. +// Write the new Pack stream starting there. + +const Header = require('./header.js') + +const r = module.exports = (opt_, files, cb) => { + const opt = hlo(opt_) + + if (!opt.file) + throw new TypeError('file is required') + + if (opt.gzip) + throw new TypeError('cannot append to compressed archives') + + if (!files || !Array.isArray(files) || !files.length) + throw new TypeError('no files or directories specified') + + files = Array.from(files) + + return opt.sync ? replaceSync(opt, files) + : replace(opt, files, cb) +} + +const replaceSync = (opt, files) => { + const p = new Pack.Sync(opt) + + let threw = true + let fd + let position + + try { + try { + fd = fs.openSync(opt.file, 'r+') + } catch (er) { + if (er.code === 'ENOENT') + fd = fs.openSync(opt.file, 'w+') + else + throw er + } + + const st = fs.fstatSync(fd) + const headBuf = Buffer.alloc(512) + + POSITION: for (position = 0; position < st.size; position += 512) { + for (let bufPos = 0, bytes = 0; bufPos < 512; bufPos += bytes) { + bytes = fs.readSync( + fd, headBuf, bufPos, headBuf.length - bufPos, position + bufPos + ) + + if (position === 0 && headBuf[0] === 0x1f && headBuf[1] === 0x8b) + throw new Error('cannot append to compressed archives') + + if (!bytes) + break POSITION + } + + let h = new Header(headBuf) + if (!h.cksumValid) + break + let entryBlockSize = 512 * Math.ceil(h.size / 512) + if (position + entryBlockSize + 512 > st.size) + break + // the 512 for the header we just parsed will be added as well + // also jump ahead all the blocks for the body + position += entryBlockSize + if (opt.mtimeCache) + opt.mtimeCache.set(h.path, h.mtime) + } + threw = false + + streamSync(opt, p, position, fd, files) + } finally { + if (threw) + try { fs.closeSync(fd) } catch (er) {} + } +} + +const streamSync = (opt, p, position, fd, files) => { + const stream = new fsm.WriteStreamSync(opt.file, { + fd: fd, + start: position + }) + p.pipe(stream) + addFilesSync(p, files) +} + +const replace = (opt, files, cb) => { + files = Array.from(files) + const p = new Pack(opt) + + const getPos = (fd, size, cb_) => { + const cb = (er, pos) => { + if (er) + fs.close(fd, _ => cb_(er)) + else + cb_(null, pos) + } + + let position = 0 + if (size === 0) + return cb(null, 0) + + let bufPos = 0 + const headBuf = Buffer.alloc(512) + const onread = (er, bytes) => { + if (er) + return cb(er) + bufPos += bytes + if (bufPos < 512 && bytes) + return fs.read( + fd, headBuf, bufPos, headBuf.length - bufPos, + position + bufPos, onread + ) + + if (position === 0 && headBuf[0] === 0x1f && headBuf[1] === 0x8b) + return cb(new Error('cannot append to compressed archives')) + + // truncated header + if (bufPos < 512) + return cb(null, position) + + const h = new Header(headBuf) + if (!h.cksumValid) + return cb(null, position) + + const entryBlockSize = 512 * Math.ceil(h.size / 512) + if (position + entryBlockSize + 512 > size) + return cb(null, position) + + position += entryBlockSize + 512 + if (position >= size) + return cb(null, position) + + if (opt.mtimeCache) + opt.mtimeCache.set(h.path, h.mtime) + bufPos = 0 + fs.read(fd, headBuf, 0, 512, position, onread) + } + fs.read(fd, headBuf, 0, 512, position, onread) + } + + const promise = new Promise((resolve, reject) => { + p.on('error', reject) + let flag = 'r+' + const onopen = (er, fd) => { + if (er && er.code === 'ENOENT' && flag === 'r+') { + flag = 'w+' + return fs.open(opt.file, flag, onopen) + } + + if (er) + return reject(er) + + fs.fstat(fd, (er, st) => { + if (er) + return reject(er) + getPos(fd, st.size, (er, position) => { + if (er) + return reject(er) + const stream = new fsm.WriteStream(opt.file, { + fd: fd, + start: position + }) + p.pipe(stream) + stream.on('error', reject) + stream.on('close', resolve) + addFilesAsync(p, files) + }) + }) + } + fs.open(opt.file, flag, onopen) + }) + + return cb ? promise.then(cb, cb) : promise +} + +const addFilesSync = (p, files) => { + files.forEach(file => { + if (file.charAt(0) === '@') + t({ + file: path.resolve(p.cwd, file.substr(1)), + sync: true, + noResume: true, + onentry: entry => p.add(entry) + }) + else + p.add(file) + }) + p.end() +} + +const addFilesAsync = (p, files) => { + while (files.length) { + const file = files.shift() + if (file.charAt(0) === '@') + return t({ + file: path.resolve(p.cwd, file.substr(1)), + noResume: true, + onentry: entry => p.add(entry) + }).then(_ => addFilesAsync(p, files)) + else + p.add(file) + } + p.end() +} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/types.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/types.js new file mode 100644 index 000000000..df425652b --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/types.js @@ -0,0 +1,44 @@ +'use strict' +// map types from key to human-friendly name +exports.name = new Map([ + ['0', 'File'], + // same as File + ['', 'OldFile'], + ['1', 'Link'], + ['2', 'SymbolicLink'], + // Devices and FIFOs aren't fully supported + // they are parsed, but skipped when unpacking + ['3', 'CharacterDevice'], + ['4', 'BlockDevice'], + ['5', 'Directory'], + ['6', 'FIFO'], + // same as File + ['7', 'ContiguousFile'], + // pax headers + ['g', 'GlobalExtendedHeader'], + ['x', 'ExtendedHeader'], + // vendor-specific stuff + // skip + ['A', 'SolarisACL'], + // like 5, but with data, which should be skipped + ['D', 'GNUDumpDir'], + // metadata only, skip + ['I', 'Inode'], + // data = link path of next file + ['K', 'NextFileHasLongLinkpath'], + // data = path of next file + ['L', 'NextFileHasLongPath'], + // skip + ['M', 'ContinuationFile'], + // like L + ['N', 'OldGnuLongPath'], + // skip + ['S', 'SparseFile'], + // skip + ['V', 'TapeVolumeHeader'], + // like x + ['X', 'OldExtendedHeader'] +]) + +// map the other direction +exports.code = new Map(Array.from(exports.name).map(kv => [kv[1], kv[0]])) diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/unpack.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/unpack.js new file mode 100644 index 000000000..af0e0ffa0 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/unpack.js @@ -0,0 +1,680 @@ +'use strict' + +// the PEND/UNPEND stuff tracks whether we're ready to emit end/close yet. +// but the path reservations are required to avoid race conditions where +// parallelized unpack ops may mess with one another, due to dependencies +// (like a Link depending on its target) or destructive operations (like +// clobbering an fs object to create one of a different type.) + +const assert = require('assert') +const EE = require('events').EventEmitter +const Parser = require('./parse.js') +const fs = require('fs') +const fsm = require('fs-minipass') +const path = require('path') +const mkdir = require('./mkdir.js') +const mkdirSync = mkdir.sync +const wc = require('./winchars.js') +const pathReservations = require('./path-reservations.js') + +const ONENTRY = Symbol('onEntry') +const CHECKFS = Symbol('checkFs') +const CHECKFS2 = Symbol('checkFs2') +const ISREUSABLE = Symbol('isReusable') +const MAKEFS = Symbol('makeFs') +const FILE = Symbol('file') +const DIRECTORY = Symbol('directory') +const LINK = Symbol('link') +const SYMLINK = Symbol('symlink') +const HARDLINK = Symbol('hardlink') +const UNSUPPORTED = Symbol('unsupported') +const UNKNOWN = Symbol('unknown') +const CHECKPATH = Symbol('checkPath') +const MKDIR = Symbol('mkdir') +const ONERROR = Symbol('onError') +const PENDING = Symbol('pending') +const PEND = Symbol('pend') +const UNPEND = Symbol('unpend') +const ENDED = Symbol('ended') +const MAYBECLOSE = Symbol('maybeClose') +const SKIP = Symbol('skip') +const DOCHOWN = Symbol('doChown') +const UID = Symbol('uid') +const GID = Symbol('gid') +const crypto = require('crypto') +const getFlag = require('./get-write-flag.js') + +/* istanbul ignore next */ +const neverCalled = () => { + throw new Error('sync function called cb somehow?!?') +} + +// Unlinks on Windows are not atomic. +// +// This means that if you have a file entry, followed by another +// file entry with an identical name, and you cannot re-use the file +// (because it's a hardlink, or because unlink:true is set, or it's +// Windows, which does not have useful nlink values), then the unlink +// will be committed to the disk AFTER the new file has been written +// over the old one, deleting the new file. +// +// To work around this, on Windows systems, we rename the file and then +// delete the renamed file. It's a sloppy kludge, but frankly, I do not +// know of a better way to do this, given windows' non-atomic unlink +// semantics. +// +// See: https://github.com/npm/node-tar/issues/183 +/* istanbul ignore next */ +const unlinkFile = (path, cb) => { + if (process.platform !== 'win32') + return fs.unlink(path, cb) + + const name = path + '.DELETE.' + crypto.randomBytes(16).toString('hex') + fs.rename(path, name, er => { + if (er) + return cb(er) + fs.unlink(name, cb) + }) +} + +/* istanbul ignore next */ +const unlinkFileSync = path => { + if (process.platform !== 'win32') + return fs.unlinkSync(path) + + const name = path + '.DELETE.' + crypto.randomBytes(16).toString('hex') + fs.renameSync(path, name) + fs.unlinkSync(name) +} + +// this.gid, entry.gid, this.processUid +const uint32 = (a, b, c) => + a === a >>> 0 ? a + : b === b >>> 0 ? b + : c + +class Unpack extends Parser { + constructor (opt) { + if (!opt) + opt = {} + + opt.ondone = _ => { + this[ENDED] = true + this[MAYBECLOSE]() + } + + super(opt) + + this.reservations = pathReservations() + + this.transform = typeof opt.transform === 'function' ? opt.transform : null + + this.writable = true + this.readable = false + + this[PENDING] = 0 + this[ENDED] = false + + this.dirCache = opt.dirCache || new Map() + + if (typeof opt.uid === 'number' || typeof opt.gid === 'number') { + // need both or neither + if (typeof opt.uid !== 'number' || typeof opt.gid !== 'number') + throw new TypeError('cannot set owner without number uid and gid') + if (opt.preserveOwner) + throw new TypeError( + 'cannot preserve owner in archive and also set owner explicitly') + this.uid = opt.uid + this.gid = opt.gid + this.setOwner = true + } else { + this.uid = null + this.gid = null + this.setOwner = false + } + + // default true for root + if (opt.preserveOwner === undefined && typeof opt.uid !== 'number') + this.preserveOwner = process.getuid && process.getuid() === 0 + else + this.preserveOwner = !!opt.preserveOwner + + this.processUid = (this.preserveOwner || this.setOwner) && process.getuid ? + process.getuid() : null + this.processGid = (this.preserveOwner || this.setOwner) && process.getgid ? + process.getgid() : null + + // mostly just for testing, but useful in some cases. + // Forcibly trigger a chown on every entry, no matter what + this.forceChown = opt.forceChown === true + + // turn ><?| in filenames into 0xf000-higher encoded forms + this.win32 = !!opt.win32 || process.platform === 'win32' + + // do not unpack over files that are newer than what's in the archive + this.newer = !!opt.newer + + // do not unpack over ANY files + this.keep = !!opt.keep + + // do not set mtime/atime of extracted entries + this.noMtime = !!opt.noMtime + + // allow .., absolute path entries, and unpacking through symlinks + // without this, warn and skip .., relativize absolutes, and error + // on symlinks in extraction path + this.preservePaths = !!opt.preservePaths + + // unlink files and links before writing. This breaks existing hard + // links, and removes symlink directories rather than erroring + this.unlink = !!opt.unlink + + this.cwd = path.resolve(opt.cwd || process.cwd()) + this.strip = +opt.strip || 0 + this.processUmask = process.umask() + this.umask = typeof opt.umask === 'number' ? opt.umask : this.processUmask + // default mode for dirs created as parents + this.dmode = opt.dmode || (0o0777 & (~this.umask)) + this.fmode = opt.fmode || (0o0666 & (~this.umask)) + this.on('entry', entry => this[ONENTRY](entry)) + } + + // a bad or damaged archive is a warning for Parser, but an error + // when extracting. Mark those errors as unrecoverable, because + // the Unpack contract cannot be met. + warn (code, msg, data = {}) { + if (code === 'TAR_BAD_ARCHIVE' || code === 'TAR_ABORT') + data.recoverable = false + return super.warn(code, msg, data) + } + + [MAYBECLOSE] () { + if (this[ENDED] && this[PENDING] === 0) { + this.emit('prefinish') + this.emit('finish') + this.emit('end') + this.emit('close') + } + } + + [CHECKPATH] (entry) { + if (this.strip) { + const parts = entry.path.split(/\/|\\/) + if (parts.length < this.strip) + return false + entry.path = parts.slice(this.strip).join('/') + + if (entry.type === 'Link') { + const linkparts = entry.linkpath.split(/\/|\\/) + if (linkparts.length >= this.strip) + entry.linkpath = linkparts.slice(this.strip).join('/') + } + } + + if (!this.preservePaths) { + const p = entry.path + if (p.match(/(^|\/|\\)\.\.(\\|\/|$)/)) { + this.warn('TAR_ENTRY_ERROR', `path contains '..'`, { + entry, + path: p, + }) + return false + } + + // absolutes on posix are also absolutes on win32 + // so we only need to test this one to get both + if (path.win32.isAbsolute(p)) { + const parsed = path.win32.parse(p) + entry.path = p.substr(parsed.root.length) + const r = parsed.root + this.warn('TAR_ENTRY_INFO', `stripping ${r} from absolute path`, { + entry, + path: p, + }) + } + } + + // only encode : chars that aren't drive letter indicators + if (this.win32) { + const parsed = path.win32.parse(entry.path) + entry.path = parsed.root === '' ? wc.encode(entry.path) + : parsed.root + wc.encode(entry.path.substr(parsed.root.length)) + } + + if (path.isAbsolute(entry.path)) + entry.absolute = entry.path + else + entry.absolute = path.resolve(this.cwd, entry.path) + + return true + } + + [ONENTRY] (entry) { + if (!this[CHECKPATH](entry)) + return entry.resume() + + assert.equal(typeof entry.absolute, 'string') + + switch (entry.type) { + case 'Directory': + case 'GNUDumpDir': + if (entry.mode) + entry.mode = entry.mode | 0o700 + + case 'File': + case 'OldFile': + case 'ContiguousFile': + case 'Link': + case 'SymbolicLink': + return this[CHECKFS](entry) + + case 'CharacterDevice': + case 'BlockDevice': + case 'FIFO': + return this[UNSUPPORTED](entry) + } + } + + [ONERROR] (er, entry) { + // Cwd has to exist, or else nothing works. That's serious. + // Other errors are warnings, which raise the error in strict + // mode, but otherwise continue on. + if (er.name === 'CwdError') + this.emit('error', er) + else { + this.warn('TAR_ENTRY_ERROR', er, {entry}) + this[UNPEND]() + entry.resume() + } + } + + [MKDIR] (dir, mode, cb) { + mkdir(dir, { + uid: this.uid, + gid: this.gid, + processUid: this.processUid, + processGid: this.processGid, + umask: this.processUmask, + preserve: this.preservePaths, + unlink: this.unlink, + cache: this.dirCache, + cwd: this.cwd, + mode: mode + }, cb) + } + + [DOCHOWN] (entry) { + // in preserve owner mode, chown if the entry doesn't match process + // in set owner mode, chown if setting doesn't match process + return this.forceChown || + this.preserveOwner && + ( typeof entry.uid === 'number' && entry.uid !== this.processUid || + typeof entry.gid === 'number' && entry.gid !== this.processGid ) + || + ( typeof this.uid === 'number' && this.uid !== this.processUid || + typeof this.gid === 'number' && this.gid !== this.processGid ) + } + + [UID] (entry) { + return uint32(this.uid, entry.uid, this.processUid) + } + + [GID] (entry) { + return uint32(this.gid, entry.gid, this.processGid) + } + + [FILE] (entry, fullyDone) { + const mode = entry.mode & 0o7777 || this.fmode + const stream = new fsm.WriteStream(entry.absolute, { + flags: getFlag(entry.size), + mode: mode, + autoClose: false + }) + stream.on('error', er => this[ONERROR](er, entry)) + + let actions = 1 + const done = er => { + if (er) + return this[ONERROR](er, entry) + + if (--actions === 0) { + fs.close(stream.fd, er => { + fullyDone() + er ? this[ONERROR](er, entry) : this[UNPEND]() + }) + } + } + + stream.on('finish', _ => { + // if futimes fails, try utimes + // if utimes fails, fail with the original error + // same for fchown/chown + const abs = entry.absolute + const fd = stream.fd + + if (entry.mtime && !this.noMtime) { + actions++ + const atime = entry.atime || new Date() + const mtime = entry.mtime + fs.futimes(fd, atime, mtime, er => + er ? fs.utimes(abs, atime, mtime, er2 => done(er2 && er)) + : done()) + } + + if (this[DOCHOWN](entry)) { + actions++ + const uid = this[UID](entry) + const gid = this[GID](entry) + fs.fchown(fd, uid, gid, er => + er ? fs.chown(abs, uid, gid, er2 => done(er2 && er)) + : done()) + } + + done() + }) + + const tx = this.transform ? this.transform(entry) || entry : entry + if (tx !== entry) { + tx.on('error', er => this[ONERROR](er, entry)) + entry.pipe(tx) + } + tx.pipe(stream) + } + + [DIRECTORY] (entry, fullyDone) { + const mode = entry.mode & 0o7777 || this.dmode + this[MKDIR](entry.absolute, mode, er => { + if (er) { + fullyDone() + return this[ONERROR](er, entry) + } + + let actions = 1 + const done = _ => { + if (--actions === 0) { + fullyDone() + this[UNPEND]() + entry.resume() + } + } + + if (entry.mtime && !this.noMtime) { + actions++ + fs.utimes(entry.absolute, entry.atime || new Date(), entry.mtime, done) + } + + if (this[DOCHOWN](entry)) { + actions++ + fs.chown(entry.absolute, this[UID](entry), this[GID](entry), done) + } + + done() + }) + } + + [UNSUPPORTED] (entry) { + entry.unsupported = true + this.warn('TAR_ENTRY_UNSUPPORTED', + `unsupported entry type: ${entry.type}`, {entry}) + entry.resume() + } + + [SYMLINK] (entry, done) { + this[LINK](entry, entry.linkpath, 'symlink', done) + } + + [HARDLINK] (entry, done) { + this[LINK](entry, path.resolve(this.cwd, entry.linkpath), 'link', done) + } + + [PEND] () { + this[PENDING]++ + } + + [UNPEND] () { + this[PENDING]-- + this[MAYBECLOSE]() + } + + [SKIP] (entry) { + this[UNPEND]() + entry.resume() + } + + // Check if we can reuse an existing filesystem entry safely and + // overwrite it, rather than unlinking and recreating + // Windows doesn't report a useful nlink, so we just never reuse entries + [ISREUSABLE] (entry, st) { + return entry.type === 'File' && + !this.unlink && + st.isFile() && + st.nlink <= 1 && + process.platform !== 'win32' + } + + // check if a thing is there, and if so, try to clobber it + [CHECKFS] (entry) { + this[PEND]() + const paths = [entry.path] + if (entry.linkpath) + paths.push(entry.linkpath) + this.reservations.reserve(paths, done => this[CHECKFS2](entry, done)) + } + [CHECKFS2] (entry, done) { + this[MKDIR](path.dirname(entry.absolute), this.dmode, er => { + if (er) { + done() + return this[ONERROR](er, entry) + } + fs.lstat(entry.absolute, (er, st) => { + if (st && (this.keep || this.newer && st.mtime > entry.mtime)) { + this[SKIP](entry) + done() + } else if (er || this[ISREUSABLE](entry, st)) { + this[MAKEFS](null, entry, done) + } + else if (st.isDirectory()) { + if (entry.type === 'Directory') { + if (!entry.mode || (st.mode & 0o7777) === entry.mode) + this[MAKEFS](null, entry, done) + else + fs.chmod(entry.absolute, entry.mode, + er => this[MAKEFS](er, entry, done)) + } else + fs.rmdir(entry.absolute, er => this[MAKEFS](er, entry, done)) + } else + unlinkFile(entry.absolute, er => this[MAKEFS](er, entry, done)) + }) + }) + } + + [MAKEFS] (er, entry, done) { + if (er) + return this[ONERROR](er, entry) + + switch (entry.type) { + case 'File': + case 'OldFile': + case 'ContiguousFile': + return this[FILE](entry, done) + + case 'Link': + return this[HARDLINK](entry, done) + + case 'SymbolicLink': + return this[SYMLINK](entry, done) + + case 'Directory': + case 'GNUDumpDir': + return this[DIRECTORY](entry, done) + } + } + + [LINK] (entry, linkpath, link, done) { + // XXX: get the type ('file' or 'dir') for windows + fs[link](linkpath, entry.absolute, er => { + if (er) + return this[ONERROR](er, entry) + done() + this[UNPEND]() + entry.resume() + }) + } +} + +class UnpackSync extends Unpack { + constructor (opt) { + super(opt) + } + + [CHECKFS] (entry) { + const er = this[MKDIR](path.dirname(entry.absolute), this.dmode, neverCalled) + if (er) + return this[ONERROR](er, entry) + try { + const st = fs.lstatSync(entry.absolute) + if (this.keep || this.newer && st.mtime > entry.mtime) + return this[SKIP](entry) + else if (this[ISREUSABLE](entry, st)) + return this[MAKEFS](null, entry, neverCalled) + else { + try { + if (st.isDirectory()) { + if (entry.type === 'Directory') { + if (entry.mode && (st.mode & 0o7777) !== entry.mode) + fs.chmodSync(entry.absolute, entry.mode) + } else + fs.rmdirSync(entry.absolute) + } else + unlinkFileSync(entry.absolute) + return this[MAKEFS](null, entry, neverCalled) + } catch (er) { + return this[ONERROR](er, entry) + } + } + } catch (er) { + return this[MAKEFS](null, entry, neverCalled) + } + } + + [FILE] (entry, _) { + const mode = entry.mode & 0o7777 || this.fmode + + const oner = er => { + let closeError + try { + fs.closeSync(fd) + } catch (e) { + closeError = e + } + if (er || closeError) + this[ONERROR](er || closeError, entry) + } + + let stream + let fd + try { + fd = fs.openSync(entry.absolute, getFlag(entry.size), mode) + } catch (er) { + return oner(er) + } + const tx = this.transform ? this.transform(entry) || entry : entry + if (tx !== entry) { + tx.on('error', er => this[ONERROR](er, entry)) + entry.pipe(tx) + } + + tx.on('data', chunk => { + try { + fs.writeSync(fd, chunk, 0, chunk.length) + } catch (er) { + oner(er) + } + }) + + tx.on('end', _ => { + let er = null + // try both, falling futimes back to utimes + // if either fails, handle the first error + if (entry.mtime && !this.noMtime) { + const atime = entry.atime || new Date() + const mtime = entry.mtime + try { + fs.futimesSync(fd, atime, mtime) + } catch (futimeser) { + try { + fs.utimesSync(entry.absolute, atime, mtime) + } catch (utimeser) { + er = futimeser + } + } + } + + if (this[DOCHOWN](entry)) { + const uid = this[UID](entry) + const gid = this[GID](entry) + + try { + fs.fchownSync(fd, uid, gid) + } catch (fchowner) { + try { + fs.chownSync(entry.absolute, uid, gid) + } catch (chowner) { + er = er || fchowner + } + } + } + + oner(er) + }) + } + + [DIRECTORY] (entry, _) { + const mode = entry.mode & 0o7777 || this.dmode + const er = this[MKDIR](entry.absolute, mode) + if (er) + return this[ONERROR](er, entry) + if (entry.mtime && !this.noMtime) { + try { + fs.utimesSync(entry.absolute, entry.atime || new Date(), entry.mtime) + } catch (er) {} + } + if (this[DOCHOWN](entry)) { + try { + fs.chownSync(entry.absolute, this[UID](entry), this[GID](entry)) + } catch (er) {} + } + entry.resume() + } + + [MKDIR] (dir, mode) { + try { + return mkdir.sync(dir, { + uid: this.uid, + gid: this.gid, + processUid: this.processUid, + processGid: this.processGid, + umask: this.processUmask, + preserve: this.preservePaths, + unlink: this.unlink, + cache: this.dirCache, + cwd: this.cwd, + mode: mode + }) + } catch (er) { + return er + } + } + + [LINK] (entry, linkpath, link, _) { + try { + fs[link + 'Sync'](linkpath, entry.absolute) + entry.resume() + } catch (er) { + return this[ONERROR](er, entry) + } + } +} + +Unpack.Sync = UnpackSync +module.exports = Unpack diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/update.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/update.js new file mode 100644 index 000000000..16c3e93ed --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/update.js @@ -0,0 +1,36 @@ +'use strict' + +// tar -u + +const hlo = require('./high-level-opt.js') +const r = require('./replace.js') +// just call tar.r with the filter and mtimeCache + +const u = module.exports = (opt_, files, cb) => { + const opt = hlo(opt_) + + if (!opt.file) + throw new TypeError('file is required') + + if (opt.gzip) + throw new TypeError('cannot append to compressed archives') + + if (!files || !Array.isArray(files) || !files.length) + throw new TypeError('no files or directories specified') + + files = Array.from(files) + + mtimeFilter(opt) + return r(opt, files, cb) +} + +const mtimeFilter = opt => { + const filter = opt.filter + + if (!opt.mtimeCache) + opt.mtimeCache = new Map() + + opt.filter = filter ? (path, stat) => + filter(path, stat) && !(opt.mtimeCache.get(path) > stat.mtime) + : (path, stat) => !(opt.mtimeCache.get(path) > stat.mtime) +} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/warn-mixin.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/warn-mixin.js new file mode 100644 index 000000000..11eb52cc6 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/warn-mixin.js @@ -0,0 +1,21 @@ +'use strict' +module.exports = Base => class extends Base { + warn (code, message, data = {}) { + if (this.file) + data.file = this.file + if (this.cwd) + data.cwd = this.cwd + data.code = message instanceof Error && message.code || code + data.tarCode = code + if (!this.strict && data.recoverable !== false) { + if (message instanceof Error) { + data = Object.assign(message, data) + message = message.message + } + this.emit('warn', data.tarCode, message, data) + } else if (message instanceof Error) { + this.emit('error', Object.assign(message, data)) + } else + this.emit('error', Object.assign(new Error(`${code}: ${message}`), data)) + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/winchars.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/winchars.js new file mode 100644 index 000000000..cf6ea0606 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/winchars.js @@ -0,0 +1,23 @@ +'use strict' + +// When writing files on Windows, translate the characters to their +// 0xf000 higher-encoded versions. + +const raw = [ + '|', + '<', + '>', + '?', + ':' +] + +const win = raw.map(char => + String.fromCharCode(0xf000 + char.charCodeAt(0))) + +const toWin = new Map(raw.map((char, i) => [char, win[i]])) +const toRaw = new Map(win.map((char, i) => [char, raw[i]])) + +module.exports = { + encode: s => raw.reduce((s, c) => s.split(c).join(toWin.get(c)), s), + decode: s => win.reduce((s, c) => s.split(c).join(toRaw.get(c)), s) +} diff --git a/node_modules/npm-registry-fetch/node_modules/tar/lib/write-entry.js b/node_modules/npm-registry-fetch/node_modules/tar/lib/write-entry.js new file mode 100644 index 000000000..0e33cb59d --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/lib/write-entry.js @@ -0,0 +1,436 @@ +'use strict' +const MiniPass = require('minipass') +const Pax = require('./pax.js') +const Header = require('./header.js') +const ReadEntry = require('./read-entry.js') +const fs = require('fs') +const path = require('path') + +const types = require('./types.js') +const maxReadSize = 16 * 1024 * 1024 +const PROCESS = Symbol('process') +const FILE = Symbol('file') +const DIRECTORY = Symbol('directory') +const SYMLINK = Symbol('symlink') +const HARDLINK = Symbol('hardlink') +const HEADER = Symbol('header') +const READ = Symbol('read') +const LSTAT = Symbol('lstat') +const ONLSTAT = Symbol('onlstat') +const ONREAD = Symbol('onread') +const ONREADLINK = Symbol('onreadlink') +const OPENFILE = Symbol('openfile') +const ONOPENFILE = Symbol('onopenfile') +const CLOSE = Symbol('close') +const MODE = Symbol('mode') +const warner = require('./warn-mixin.js') +const winchars = require('./winchars.js') + +const modeFix = require('./mode-fix.js') + +const WriteEntry = warner(class WriteEntry extends MiniPass { + constructor (p, opt) { + opt = opt || {} + super(opt) + if (typeof p !== 'string') + throw new TypeError('path is required') + this.path = p + // suppress atime, ctime, uid, gid, uname, gname + this.portable = !!opt.portable + // until node has builtin pwnam functions, this'll have to do + this.myuid = process.getuid && process.getuid() + this.myuser = process.env.USER || '' + this.maxReadSize = opt.maxReadSize || maxReadSize + this.linkCache = opt.linkCache || new Map() + this.statCache = opt.statCache || new Map() + this.preservePaths = !!opt.preservePaths + this.cwd = opt.cwd || process.cwd() + this.strict = !!opt.strict + this.noPax = !!opt.noPax + this.noMtime = !!opt.noMtime + this.mtime = opt.mtime || null + + if (typeof opt.onwarn === 'function') + this.on('warn', opt.onwarn) + + let pathWarn = false + if (!this.preservePaths && path.win32.isAbsolute(p)) { + // absolutes on posix are also absolutes on win32 + // so we only need to test this one to get both + const parsed = path.win32.parse(p) + this.path = p.substr(parsed.root.length) + pathWarn = parsed.root + } + + this.win32 = !!opt.win32 || process.platform === 'win32' + if (this.win32) { + this.path = winchars.decode(this.path.replace(/\\/g, '/')) + p = p.replace(/\\/g, '/') + } + + this.absolute = opt.absolute || path.resolve(this.cwd, p) + + if (this.path === '') + this.path = './' + + if (pathWarn) { + this.warn('TAR_ENTRY_INFO', `stripping ${pathWarn} from absolute path`, { + entry: this, + path: pathWarn + this.path, + }) + } + + if (this.statCache.has(this.absolute)) + this[ONLSTAT](this.statCache.get(this.absolute)) + else + this[LSTAT]() + } + + [LSTAT] () { + fs.lstat(this.absolute, (er, stat) => { + if (er) + return this.emit('error', er) + this[ONLSTAT](stat) + }) + } + + [ONLSTAT] (stat) { + this.statCache.set(this.absolute, stat) + this.stat = stat + if (!stat.isFile()) + stat.size = 0 + this.type = getType(stat) + this.emit('stat', stat) + this[PROCESS]() + } + + [PROCESS] () { + switch (this.type) { + case 'File': return this[FILE]() + case 'Directory': return this[DIRECTORY]() + case 'SymbolicLink': return this[SYMLINK]() + // unsupported types are ignored. + default: return this.end() + } + } + + [MODE] (mode) { + return modeFix(mode, this.type === 'Directory', this.portable) + } + + [HEADER] () { + if (this.type === 'Directory' && this.portable) + this.noMtime = true + + this.header = new Header({ + path: this.path, + linkpath: this.linkpath, + // only the permissions and setuid/setgid/sticky bitflags + // not the higher-order bits that specify file type + mode: this[MODE](this.stat.mode), + uid: this.portable ? null : this.stat.uid, + gid: this.portable ? null : this.stat.gid, + size: this.stat.size, + mtime: this.noMtime ? null : this.mtime || this.stat.mtime, + type: this.type, + uname: this.portable ? null : + this.stat.uid === this.myuid ? this.myuser : '', + atime: this.portable ? null : this.stat.atime, + ctime: this.portable ? null : this.stat.ctime + }) + + if (this.header.encode() && !this.noPax) + this.write(new Pax({ + atime: this.portable ? null : this.header.atime, + ctime: this.portable ? null : this.header.ctime, + gid: this.portable ? null : this.header.gid, + mtime: this.noMtime ? null : this.mtime || this.header.mtime, + path: this.path, + linkpath: this.linkpath, + size: this.header.size, + uid: this.portable ? null : this.header.uid, + uname: this.portable ? null : this.header.uname, + dev: this.portable ? null : this.stat.dev, + ino: this.portable ? null : this.stat.ino, + nlink: this.portable ? null : this.stat.nlink + }).encode()) + this.write(this.header.block) + } + + [DIRECTORY] () { + if (this.path.substr(-1) !== '/') + this.path += '/' + this.stat.size = 0 + this[HEADER]() + this.end() + } + + [SYMLINK] () { + fs.readlink(this.absolute, (er, linkpath) => { + if (er) + return this.emit('error', er) + this[ONREADLINK](linkpath) + }) + } + + [ONREADLINK] (linkpath) { + this.linkpath = linkpath.replace(/\\/g, '/') + this[HEADER]() + this.end() + } + + [HARDLINK] (linkpath) { + this.type = 'Link' + this.linkpath = path.relative(this.cwd, linkpath).replace(/\\/g, '/') + this.stat.size = 0 + this[HEADER]() + this.end() + } + + [FILE] () { + if (this.stat.nlink > 1) { + const linkKey = this.stat.dev + ':' + this.stat.ino + if (this.linkCache.has(linkKey)) { + const linkpath = this.linkCache.get(linkKey) + if (linkpath.indexOf(this.cwd) === 0) + return this[HARDLINK](linkpath) + } + this.linkCache.set(linkKey, this.absolute) + } + + this[HEADER]() + if (this.stat.size === 0) + return this.end() + + this[OPENFILE]() + } + + [OPENFILE] () { + fs.open(this.absolute, 'r', (er, fd) => { + if (er) + return this.emit('error', er) + this[ONOPENFILE](fd) + }) + } + + [ONOPENFILE] (fd) { + const blockLen = 512 * Math.ceil(this.stat.size / 512) + const bufLen = Math.min(blockLen, this.maxReadSize) + const buf = Buffer.allocUnsafe(bufLen) + this[READ](fd, buf, 0, buf.length, 0, this.stat.size, blockLen) + } + + [READ] (fd, buf, offset, length, pos, remain, blockRemain) { + fs.read(fd, buf, offset, length, pos, (er, bytesRead) => { + if (er) { + // ignoring the error from close(2) is a bad practice, but at + // this point we already have an error, don't need another one + return this[CLOSE](fd, () => this.emit('error', er)) + } + this[ONREAD](fd, buf, offset, length, pos, remain, blockRemain, bytesRead) + }) + } + + [CLOSE] (fd, cb) { + fs.close(fd, cb) + } + + [ONREAD] (fd, buf, offset, length, pos, remain, blockRemain, bytesRead) { + if (bytesRead <= 0 && remain > 0) { + const er = new Error('encountered unexpected EOF') + er.path = this.absolute + er.syscall = 'read' + er.code = 'EOF' + return this[CLOSE](fd, () => this.emit('error', er)) + } + + if (bytesRead > remain) { + const er = new Error('did not encounter expected EOF') + er.path = this.absolute + er.syscall = 'read' + er.code = 'EOF' + return this[CLOSE](fd, () => this.emit('error', er)) + } + + // null out the rest of the buffer, if we could fit the block padding + if (bytesRead === remain) { + for (let i = bytesRead; i < length && bytesRead < blockRemain; i++) { + buf[i + offset] = 0 + bytesRead ++ + remain ++ + } + } + + const writeBuf = offset === 0 && bytesRead === buf.length ? + buf : buf.slice(offset, offset + bytesRead) + remain -= bytesRead + blockRemain -= bytesRead + pos += bytesRead + offset += bytesRead + + this.write(writeBuf) + + if (!remain) { + if (blockRemain) + this.write(Buffer.alloc(blockRemain)) + return this[CLOSE](fd, er => er ? this.emit('error', er) : this.end()) + } + + if (offset >= length) { + buf = Buffer.allocUnsafe(length) + offset = 0 + } + length = buf.length - offset + this[READ](fd, buf, offset, length, pos, remain, blockRemain) + } +}) + +class WriteEntrySync extends WriteEntry { + constructor (path, opt) { + super(path, opt) + } + + [LSTAT] () { + this[ONLSTAT](fs.lstatSync(this.absolute)) + } + + [SYMLINK] () { + this[ONREADLINK](fs.readlinkSync(this.absolute)) + } + + [OPENFILE] () { + this[ONOPENFILE](fs.openSync(this.absolute, 'r')) + } + + [READ] (fd, buf, offset, length, pos, remain, blockRemain) { + let threw = true + try { + const bytesRead = fs.readSync(fd, buf, offset, length, pos) + this[ONREAD](fd, buf, offset, length, pos, remain, blockRemain, bytesRead) + threw = false + } finally { + // ignoring the error from close(2) is a bad practice, but at + // this point we already have an error, don't need another one + if (threw) + try { this[CLOSE](fd, () => {}) } catch (er) {} + } + } + + [CLOSE] (fd, cb) { + fs.closeSync(fd) + cb() + } +} + +const WriteEntryTar = warner(class WriteEntryTar extends MiniPass { + constructor (readEntry, opt) { + opt = opt || {} + super(opt) + this.preservePaths = !!opt.preservePaths + this.portable = !!opt.portable + this.strict = !!opt.strict + this.noPax = !!opt.noPax + this.noMtime = !!opt.noMtime + + this.readEntry = readEntry + this.type = readEntry.type + if (this.type === 'Directory' && this.portable) + this.noMtime = true + + this.path = readEntry.path + this.mode = this[MODE](readEntry.mode) + this.uid = this.portable ? null : readEntry.uid + this.gid = this.portable ? null : readEntry.gid + this.uname = this.portable ? null : readEntry.uname + this.gname = this.portable ? null : readEntry.gname + this.size = readEntry.size + this.mtime = this.noMtime ? null : opt.mtime || readEntry.mtime + this.atime = this.portable ? null : readEntry.atime + this.ctime = this.portable ? null : readEntry.ctime + this.linkpath = readEntry.linkpath + + if (typeof opt.onwarn === 'function') + this.on('warn', opt.onwarn) + + let pathWarn = false + if (path.isAbsolute(this.path) && !this.preservePaths) { + const parsed = path.parse(this.path) + pathWarn = parsed.root + this.path = this.path.substr(parsed.root.length) + } + + this.remain = readEntry.size + this.blockRemain = readEntry.startBlockSize + + this.header = new Header({ + path: this.path, + linkpath: this.linkpath, + // only the permissions and setuid/setgid/sticky bitflags + // not the higher-order bits that specify file type + mode: this.mode, + uid: this.portable ? null : this.uid, + gid: this.portable ? null : this.gid, + size: this.size, + mtime: this.noMtime ? null : this.mtime, + type: this.type, + uname: this.portable ? null : this.uname, + atime: this.portable ? null : this.atime, + ctime: this.portable ? null : this.ctime + }) + + if (pathWarn) { + this.warn('TAR_ENTRY_INFO', `stripping ${pathWarn} from absolute path`, { + entry: this, + path: pathWarn + this.path, + }) + } + + if (this.header.encode() && !this.noPax) + super.write(new Pax({ + atime: this.portable ? null : this.atime, + ctime: this.portable ? null : this.ctime, + gid: this.portable ? null : this.gid, + mtime: this.noMtime ? null : this.mtime, + path: this.path, + linkpath: this.linkpath, + size: this.size, + uid: this.portable ? null : this.uid, + uname: this.portable ? null : this.uname, + dev: this.portable ? null : this.readEntry.dev, + ino: this.portable ? null : this.readEntry.ino, + nlink: this.portable ? null : this.readEntry.nlink + }).encode()) + + super.write(this.header.block) + readEntry.pipe(this) + } + + [MODE] (mode) { + return modeFix(mode, this.type === 'Directory', this.portable) + } + + write (data) { + const writeLen = data.length + if (writeLen > this.blockRemain) + throw new Error('writing more to entry than is appropriate') + this.blockRemain -= writeLen + return super.write(data) + } + + end () { + if (this.blockRemain) + this.write(Buffer.alloc(this.blockRemain)) + return super.end() + } +}) + +WriteEntry.Sync = WriteEntrySync +WriteEntry.Tar = WriteEntryTar + +const getType = stat => + stat.isFile() ? 'File' + : stat.isDirectory() ? 'Directory' + : stat.isSymbolicLink() ? 'SymbolicLink' + : 'Unsupported' + +module.exports = WriteEntry diff --git a/node_modules/npm-registry-fetch/node_modules/tar/package.json b/node_modules/npm-registry-fetch/node_modules/tar/package.json new file mode 100644 index 000000000..f22ea2e84 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/tar/package.json @@ -0,0 +1,81 @@ +{ + "_from": "tar@^6.0.0", + "_id": "tar@6.0.1", + "_inBundle": false, + "_integrity": "sha512-bKhKrrz2FJJj5s7wynxy/fyxpE0CmCjmOQ1KV4KkgXFWOgoIT/NbTMnB1n+LFNrNk0SSBVGGxcK5AGsyC+pW5Q==", + "_location": "/npm-registry-fetch/tar", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "tar@^6.0.0", + "name": "tar", + "escapedName": "tar", + "rawSpec": "^6.0.0", + "saveSpec": null, + "fetchSpec": "^6.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch/cacache" + ], + "_resolved": "https://registry.npmjs.org/tar/-/tar-6.0.1.tgz", + "_shasum": "7b3bd6c313cb6e0153770108f8d70ac298607efa", + "_spec": "tar@^6.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/cacache", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/npm/node-tar/issues" + }, + "bundleDependencies": false, + "dependencies": { + "chownr": "^1.1.3", + "fs-minipass": "^2.0.0", + "minipass": "^3.0.0", + "minizlib": "^2.1.0", + "mkdirp": "^1.0.3", + "yallist": "^4.0.0" + }, + "deprecated": false, + "description": "tar for node", + "devDependencies": { + "chmodr": "^1.2.0", + "end-of-stream": "^1.4.3", + "events-to-array": "^1.1.2", + "mutate-fs": "^2.1.1", + "rimraf": "^2.7.1", + "tap": "^14.9.2", + "tar-fs": "^1.16.3", + "tar-stream": "^1.6.2" + }, + "engines": { + "node": ">= 10" + }, + "files": [ + "index.js", + "lib/*.js" + ], + "homepage": "https://github.com/npm/node-tar#readme", + "license": "ISC", + "name": "tar", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/node-tar.git" + }, + "scripts": { + "bench": "for i in benchmarks/*/*.js; do echo $i; for j in {1..5}; do node $i || break; done; done", + "genparse": "node scripts/generate-parse-fixtures.js", + "postpublish": "git push origin --follow-tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap" + }, + "tap": { + "coverage-map": "map.js", + "check-coverage": true + }, + "version": "6.0.1" +} diff --git a/node_modules/npm-registry-fetch/node_modules/yallist/LICENSE b/node_modules/npm-registry-fetch/node_modules/yallist/LICENSE new file mode 100644 index 000000000..19129e315 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/yallist/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) Isaac Z. Schlueter and Contributors + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-registry-fetch/node_modules/yallist/README.md b/node_modules/npm-registry-fetch/node_modules/yallist/README.md new file mode 100644 index 000000000..f58610186 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/yallist/README.md @@ -0,0 +1,204 @@ +# yallist + +Yet Another Linked List + +There are many doubly-linked list implementations like it, but this +one is mine. + +For when an array would be too big, and a Map can't be iterated in +reverse order. + + +[](https://travis-ci.org/isaacs/yallist) [](https://coveralls.io/github/isaacs/yallist) + +## basic usage + +```javascript +var yallist = require('yallist') +var myList = yallist.create([1, 2, 3]) +myList.push('foo') +myList.unshift('bar') +// of course pop() and shift() are there, too +console.log(myList.toArray()) // ['bar', 1, 2, 3, 'foo'] +myList.forEach(function (k) { + // walk the list head to tail +}) +myList.forEachReverse(function (k, index, list) { + // walk the list tail to head +}) +var myDoubledList = myList.map(function (k) { + return k + k +}) +// now myDoubledList contains ['barbar', 2, 4, 6, 'foofoo'] +// mapReverse is also a thing +var myDoubledListReverse = myList.mapReverse(function (k) { + return k + k +}) // ['foofoo', 6, 4, 2, 'barbar'] + +var reduced = myList.reduce(function (set, entry) { + set += entry + return set +}, 'start') +console.log(reduced) // 'startfoo123bar' +``` + +## api + +The whole API is considered "public". + +Functions with the same name as an Array method work more or less the +same way. + +There's reverse versions of most things because that's the point. + +### Yallist + +Default export, the class that holds and manages a list. + +Call it with either a forEach-able (like an array) or a set of +arguments, to initialize the list. + +The Array-ish methods all act like you'd expect. No magic length, +though, so if you change that it won't automatically prune or add +empty spots. + +### Yallist.create(..) + +Alias for Yallist function. Some people like factories. + +#### yallist.head + +The first node in the list + +#### yallist.tail + +The last node in the list + +#### yallist.length + +The number of nodes in the list. (Change this at your peril. It is +not magic like Array length.) + +#### yallist.toArray() + +Convert the list to an array. + +#### yallist.forEach(fn, [thisp]) + +Call a function on each item in the list. + +#### yallist.forEachReverse(fn, [thisp]) + +Call a function on each item in the list, in reverse order. + +#### yallist.get(n) + +Get the data at position `n` in the list. If you use this a lot, +probably better off just using an Array. + +#### yallist.getReverse(n) + +Get the data at position `n`, counting from the tail. + +#### yallist.map(fn, thisp) + +Create a new Yallist with the result of calling the function on each +item. + +#### yallist.mapReverse(fn, thisp) + +Same as `map`, but in reverse. + +#### yallist.pop() + +Get the data from the list tail, and remove the tail from the list. + +#### yallist.push(item, ...) + +Insert one or more items to the tail of the list. + +#### yallist.reduce(fn, initialValue) + +Like Array.reduce. + +#### yallist.reduceReverse + +Like Array.reduce, but in reverse. + +#### yallist.reverse + +Reverse the list in place. + +#### yallist.shift() + +Get the data from the list head, and remove the head from the list. + +#### yallist.slice([from], [to]) + +Just like Array.slice, but returns a new Yallist. + +#### yallist.sliceReverse([from], [to]) + +Just like yallist.slice, but the result is returned in reverse. + +#### yallist.toArray() + +Create an array representation of the list. + +#### yallist.toArrayReverse() + +Create a reversed array representation of the list. + +#### yallist.unshift(item, ...) + +Insert one or more items to the head of the list. + +#### yallist.unshiftNode(node) + +Move a Node object to the front of the list. (That is, pull it out of +wherever it lives, and make it the new head.) + +If the node belongs to a different list, then that list will remove it +first. + +#### yallist.pushNode(node) + +Move a Node object to the end of the list. (That is, pull it out of +wherever it lives, and make it the new tail.) + +If the node belongs to a list already, then that list will remove it +first. + +#### yallist.removeNode(node) + +Remove a node from the list, preserving referential integrity of head +and tail and other nodes. + +Will throw an error if you try to have a list remove a node that +doesn't belong to it. + +### Yallist.Node + +The class that holds the data and is actually the list. + +Call with `var n = new Node(value, previousNode, nextNode)` + +Note that if you do direct operations on Nodes themselves, it's very +easy to get into weird states where the list is broken. Be careful :) + +#### node.next + +The next node in the list. + +#### node.prev + +The previous node in the list. + +#### node.value + +The data the node contains. + +#### node.list + +The list to which this node belongs. (Null if it does not belong to +any list.) diff --git a/node_modules/npm-registry-fetch/node_modules/yallist/iterator.js b/node_modules/npm-registry-fetch/node_modules/yallist/iterator.js new file mode 100644 index 000000000..d41c97a19 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/yallist/iterator.js @@ -0,0 +1,8 @@ +'use strict' +module.exports = function (Yallist) { + Yallist.prototype[Symbol.iterator] = function* () { + for (let walker = this.head; walker; walker = walker.next) { + yield walker.value + } + } +} diff --git a/node_modules/npm-registry-fetch/node_modules/yallist/package.json b/node_modules/npm-registry-fetch/node_modules/yallist/package.json new file mode 100644 index 000000000..8ed57e50d --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/yallist/package.json @@ -0,0 +1,64 @@ +{ + "_from": "yallist@^4.0.0", + "_id": "yallist@4.0.0", + "_inBundle": false, + "_integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "_location": "/npm-registry-fetch/yallist", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "yallist@^4.0.0", + "name": "yallist", + "escapedName": "yallist", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch/minipass", + "/npm-registry-fetch/minizlib", + "/npm-registry-fetch/tar" + ], + "_resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "_shasum": "9bb92790d9c0effec63be73519e11a35019a3a72", + "_spec": "yallist@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/minipass", + "author": { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me", + "url": "http://blog.izs.me/" + }, + "bugs": { + "url": "https://github.com/isaacs/yallist/issues" + }, + "bundleDependencies": false, + "dependencies": {}, + "deprecated": false, + "description": "Yet Another Linked List", + "devDependencies": { + "tap": "^12.1.0" + }, + "directories": { + "test": "test" + }, + "files": [ + "yallist.js", + "iterator.js" + ], + "homepage": "https://github.com/isaacs/yallist#readme", + "license": "ISC", + "main": "yallist.js", + "name": "yallist", + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/yallist.git" + }, + "scripts": { + "postpublish": "git push origin --all; git push origin --tags", + "postversion": "npm publish", + "preversion": "npm test", + "test": "tap test/*.js --100" + }, + "version": "4.0.0" +} diff --git a/node_modules/npm-registry-fetch/node_modules/yallist/yallist.js b/node_modules/npm-registry-fetch/node_modules/yallist/yallist.js new file mode 100644 index 000000000..4e83ab1c5 --- /dev/null +++ b/node_modules/npm-registry-fetch/node_modules/yallist/yallist.js @@ -0,0 +1,426 @@ +'use strict' +module.exports = Yallist + +Yallist.Node = Node +Yallist.create = Yallist + +function Yallist (list) { + var self = this + if (!(self instanceof Yallist)) { + self = new Yallist() + } + + self.tail = null + self.head = null + self.length = 0 + + if (list && typeof list.forEach === 'function') { + list.forEach(function (item) { + self.push(item) + }) + } else if (arguments.length > 0) { + for (var i = 0, l = arguments.length; i < l; i++) { + self.push(arguments[i]) + } + } + + return self +} + +Yallist.prototype.removeNode = function (node) { + if (node.list !== this) { + throw new Error('removing node which does not belong to this list') + } + + var next = node.next + var prev = node.prev + + if (next) { + next.prev = prev + } + + if (prev) { + prev.next = next + } + + if (node === this.head) { + this.head = next + } + if (node === this.tail) { + this.tail = prev + } + + node.list.length-- + node.next = null + node.prev = null + node.list = null + + return next +} + +Yallist.prototype.unshiftNode = function (node) { + if (node === this.head) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var head = this.head + node.list = this + node.next = head + if (head) { + head.prev = node + } + + this.head = node + if (!this.tail) { + this.tail = node + } + this.length++ +} + +Yallist.prototype.pushNode = function (node) { + if (node === this.tail) { + return + } + + if (node.list) { + node.list.removeNode(node) + } + + var tail = this.tail + node.list = this + node.prev = tail + if (tail) { + tail.next = node + } + + this.tail = node + if (!this.head) { + this.head = node + } + this.length++ +} + +Yallist.prototype.push = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + push(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.unshift = function () { + for (var i = 0, l = arguments.length; i < l; i++) { + unshift(this, arguments[i]) + } + return this.length +} + +Yallist.prototype.pop = function () { + if (!this.tail) { + return undefined + } + + var res = this.tail.value + this.tail = this.tail.prev + if (this.tail) { + this.tail.next = null + } else { + this.head = null + } + this.length-- + return res +} + +Yallist.prototype.shift = function () { + if (!this.head) { + return undefined + } + + var res = this.head.value + this.head = this.head.next + if (this.head) { + this.head.prev = null + } else { + this.tail = null + } + this.length-- + return res +} + +Yallist.prototype.forEach = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.head, i = 0; walker !== null; i++) { + fn.call(thisp, walker.value, i, this) + walker = walker.next + } +} + +Yallist.prototype.forEachReverse = function (fn, thisp) { + thisp = thisp || this + for (var walker = this.tail, i = this.length - 1; walker !== null; i--) { + fn.call(thisp, walker.value, i, this) + walker = walker.prev + } +} + +Yallist.prototype.get = function (n) { + for (var i = 0, walker = this.head; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.next + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.getReverse = function (n) { + for (var i = 0, walker = this.tail; walker !== null && i < n; i++) { + // abort out of the list early if we hit a cycle + walker = walker.prev + } + if (i === n && walker !== null) { + return walker.value + } +} + +Yallist.prototype.map = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.head; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.next + } + return res +} + +Yallist.prototype.mapReverse = function (fn, thisp) { + thisp = thisp || this + var res = new Yallist() + for (var walker = this.tail; walker !== null;) { + res.push(fn.call(thisp, walker.value, this)) + walker = walker.prev + } + return res +} + +Yallist.prototype.reduce = function (fn, initial) { + var acc + var walker = this.head + if (arguments.length > 1) { + acc = initial + } else if (this.head) { + walker = this.head.next + acc = this.head.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = 0; walker !== null; i++) { + acc = fn(acc, walker.value, i) + walker = walker.next + } + + return acc +} + +Yallist.prototype.reduceReverse = function (fn, initial) { + var acc + var walker = this.tail + if (arguments.length > 1) { + acc = initial + } else if (this.tail) { + walker = this.tail.prev + acc = this.tail.value + } else { + throw new TypeError('Reduce of empty list with no initial value') + } + + for (var i = this.length - 1; walker !== null; i--) { + acc = fn(acc, walker.value, i) + walker = walker.prev + } + + return acc +} + +Yallist.prototype.toArray = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.head; walker !== null; i++) { + arr[i] = walker.value + walker = walker.next + } + return arr +} + +Yallist.prototype.toArrayReverse = function () { + var arr = new Array(this.length) + for (var i = 0, walker = this.tail; walker !== null; i++) { + arr[i] = walker.value + walker = walker.prev + } + return arr +} + +Yallist.prototype.slice = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = 0, walker = this.head; walker !== null && i < from; i++) { + walker = walker.next + } + for (; walker !== null && i < to; i++, walker = walker.next) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.sliceReverse = function (from, to) { + to = to || this.length + if (to < 0) { + to += this.length + } + from = from || 0 + if (from < 0) { + from += this.length + } + var ret = new Yallist() + if (to < from || to < 0) { + return ret + } + if (from < 0) { + from = 0 + } + if (to > this.length) { + to = this.length + } + for (var i = this.length, walker = this.tail; walker !== null && i > to; i--) { + walker = walker.prev + } + for (; walker !== null && i > from; i--, walker = walker.prev) { + ret.push(walker.value) + } + return ret +} + +Yallist.prototype.splice = function (start, deleteCount, ...nodes) { + if (start > this.length) { + start = this.length - 1 + } + if (start < 0) { + start = this.length + start; + } + + for (var i = 0, walker = this.head; walker !== null && i < start; i++) { + walker = walker.next + } + + var ret = [] + for (var i = 0; walker && i < deleteCount; i++) { + ret.push(walker.value) + walker = this.removeNode(walker) + } + if (walker === null) { + walker = this.tail + } + + if (walker !== this.head && walker !== this.tail) { + walker = walker.prev + } + + for (var i = 0; i < nodes.length; i++) { + walker = insert(this, walker, nodes[i]) + } + return ret; +} + +Yallist.prototype.reverse = function () { + var head = this.head + var tail = this.tail + for (var walker = head; walker !== null; walker = walker.prev) { + var p = walker.prev + walker.prev = walker.next + walker.next = p + } + this.head = tail + this.tail = head + return this +} + +function insert (self, node, value) { + var inserted = node === self.head ? + new Node(value, null, node, self) : + new Node(value, node, node.next, self) + + if (inserted.next === null) { + self.tail = inserted + } + if (inserted.prev === null) { + self.head = inserted + } + + self.length++ + + return inserted +} + +function push (self, item) { + self.tail = new Node(item, self.tail, null, self) + if (!self.head) { + self.head = self.tail + } + self.length++ +} + +function unshift (self, item) { + self.head = new Node(item, null, self.head, self) + if (!self.tail) { + self.tail = self.head + } + self.length++ +} + +function Node (value, prev, next, list) { + if (!(this instanceof Node)) { + return new Node(value, prev, next, list) + } + + this.list = list + this.value = value + + if (prev) { + prev.next = this + this.prev = prev + } else { + this.prev = null + } + + if (next) { + next.prev = this + this.next = next + } else { + this.next = null + } +} + +try { + // add if support for Symbol.iterator is present + require('./iterator.js')(Yallist) +} catch (er) {} diff --git a/node_modules/npm-registry-fetch/package.json b/node_modules/npm-registry-fetch/package.json index c1582514e..dc942d669 100644 --- a/node_modules/npm-registry-fetch/package.json +++ b/node_modules/npm-registry-fetch/package.json @@ -1,37 +1,51 @@ { - "_from": "npm-registry-fetch@4.0.4", - "_id": "npm-registry-fetch@4.0.4", + "_from": "npm-registry-fetch@6.0.0", + "_id": "npm-registry-fetch@6.0.0", "_inBundle": false, - "_integrity": "sha512-6jb34hX/iYNQebqWUHtU8YF6Cjb1H6ouTFPClYsyiW6lpFkljTpdeftm53rRojtja1rKAvKNIIiTS5Sjpw4wsA==", + "_integrity": "sha512-TSzEzudrky0ArPskchM/7F5SrawBY5acMNtRqFuacEI2lCKEyfBjaENuuIU5Uq2CyHfJ+gWp5QlCprolKa5wKg==", "_location": "/npm-registry-fetch", - "_phantomChildren": {}, + "_phantomChildren": { + "chownr": "1.1.3", + "depd": "1.1.2", + "figgy-pudding": "3.5.1", + "glob": "7.1.4", + "graceful-fs": "4.2.3", + "humanize-ms": "1.2.1", + "infer-owner": "1.0.4", + "is-lambda": "1.0.1", + "lru-cache": "5.1.1", + "minipass-collect": "1.0.2", + "minipass-fetch": "1.2.1", + "minipass-flush": "1.0.5", + "minipass-pipeline": "1.2.2", + "move-concurrently": "1.0.1", + "ms": "2.1.1", + "osenv": "0.1.5", + "p-map": "3.0.0", + "promise-inflight": "1.0.1", + "promise-retry": "1.1.1", + "socks-proxy-agent": "4.0.2", + "unique-filename": "1.1.1", + "validate-npm-package-name": "3.0.0" + }, "_requested": { "type": "version", "registry": true, - "raw": "npm-registry-fetch@4.0.4", + "raw": "npm-registry-fetch@6.0.0", "name": "npm-registry-fetch", "escapedName": "npm-registry-fetch", - "rawSpec": "4.0.4", + "rawSpec": "6.0.0", "saveSpec": null, - "fetchSpec": "4.0.4" + "fetchSpec": "6.0.0" }, "_requiredBy": [ "#USER", - "/", - "/libnpm", - "/libnpmaccess", - "/libnpmhook", - "/libnpmorg", - "/libnpmpublish", - "/libnpmsearch", - "/libnpmteam", - "/npm-profile", - "/pacote" + "/" ], - "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.4.tgz", - "_shasum": "2da1ecf3f43d419d96abf313664291a4623d3ea5", - "_spec": "npm-registry-fetch@4.0.4", - "_where": "/Users/ruyadorno/Documents/workspace/cli", + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-6.0.0.tgz", + "_shasum": "260974e4f8f76536312749dc53a2bf08cce1b331", + "_spec": "npm-registry-fetch@6.0.0", + "_where": "/Users/mperrotte/npminc/cli", "author": { "name": "Kat Marchán", "email": "kzm@sykosomatic.org" @@ -40,38 +54,34 @@ "url": "https://github.com/npm/registry-fetch/issues" }, "bundleDependencies": false, - "config": { - "nyc": { - "exclude": [ - "node_modules/**", - "test/**" - ] - } - }, "dependencies": { - "JSONStream": "^1.3.4", - "bluebird": "^3.5.1", + "@npmcli/ci-detect": "^1.0.0", "figgy-pudding": "^3.4.1", "lru-cache": "^5.1.1", - "make-fetch-happen": "^5.0.0", - "npm-package-arg": "^6.1.0", - "safe-buffer": "^5.2.0" + "make-fetch-happen": "^7.1.0", + "minipass": "^3.0.0", + "minipass-fetch": "^1.1.2", + "minipass-json-stream": "^1.0.1", + "minizlib": "^2.0.0", + "npm-package-arg": "^8.0.0", + "safe-buffer": "^5.2.0", + "semver": "^7.0.0" }, "deprecated": false, "description": "Fetch-based http client for use with npm registry APIs", "devDependencies": { - "cacache": "^12.0.0", - "get-stream": "^4.0.0", + "cacache": "^13.0.1", "mkdirp": "^0.5.1", - "nock": "^9.4.3", + "nock": "^11.7.0", "npmlog": "^4.1.2", "rimraf": "^2.6.2", - "ssri": "^6.0.0", - "standard": "^11.0.1", - "standard-version": "^4.4.0", - "tap": "^12.0.1", - "weallbehave": "^1.2.0", - "weallcontribute": "^1.0.8" + "ssri": "^7.1.0", + "standard": "^14.3.1", + "standard-version": "^7.0.1", + "tap": "^14.10.4" + }, + "engines": { + "node": ">=10" }, "files": [ "*.js", @@ -86,21 +96,21 @@ "license": "ISC", "main": "index.js", "name": "npm-registry-fetch", - "publishConfig": { - "tag": "latest-v4" - }, "repository": { "type": "git", "url": "git+https://github.com/npm/registry-fetch.git" }, "scripts": { - "postrelease": "npm publish && git push --follow-tags", + "postrelease": "npm publish", + "posttest": "standard", + "prepublishOnly": "git push --follow-tags", "prerelease": "npm t", - "pretest": "standard", "release": "standard-version -s", - "test": "tap -J --coverage test/*.js", - "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", - "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + "test": "tap" + }, + "tap": { + "check-coverage": true, + "test-ignore": "test[\\\\/](util|cache)[\\\\/]" }, - "version": "4.0.4" + "version": "6.0.0" } diff --git a/node_modules/p-map/index.d.ts b/node_modules/p-map/index.d.ts new file mode 100644 index 000000000..8f796295d --- /dev/null +++ b/node_modules/p-map/index.d.ts @@ -0,0 +1,65 @@ +declare namespace pMap { + interface Options { + /** + Number of concurrently pending promises returned by `mapper`. + + @default Infinity + */ + readonly concurrency?: number; + + /** + When set to `false`, instead of stopping when a promise rejects, it will wait for all the promises to settle and then reject with an [aggregated error](https://github.com/sindresorhus/aggregate-error) containing all the errors from the rejected promises. + + @default true + */ + readonly stopOnError?: boolean; + } + + /** + Function which is called for every item in `input`. Expected to return a `Promise` or value. + + @param element - Iterated element. + @param index - Index of the element in the source array. + */ + type Mapper<Element = any, NewElement = any> = ( + element: Element, + index: number + ) => NewElement | Promise<NewElement>; +} + +/** +@param input - Iterated over concurrently in the `mapper` function. +@param mapper - Function which is called for every item in `input`. Expected to return a `Promise` or value. +@returns A `Promise` that is fulfilled when all promises in `input` and ones returned from `mapper` are fulfilled, or rejects if any of the promises reject. The fulfilled value is an `Array` of the fulfilled values returned from `mapper` in `input` order. + +@example +``` +import pMap = require('p-map'); +import got = require('got'); + +const sites = [ + getWebsiteFromUsername('https://sindresorhus'), //=> Promise + 'https://ava.li', + 'https://github.com' +]; + +(async () => { + const mapper = async site => { + const {requestUrl} = await got.head(site); + return requestUrl; + }; + + const result = await pMap(sites, mapper, {concurrency: 2}); + + console.log(result); + //=> ['https://sindresorhus.com/', 'https://ava.li/', 'https://github.com/'] +})(); +``` +*/ +declare function pMap<Element, NewElement>( + input: Iterable<Element>, + mapper: pMap.Mapper<Element, NewElement>, + options?: pMap.Options +): Promise<NewElement[]>; + +export = pMap; diff --git a/node_modules/p-map/index.js b/node_modules/p-map/index.js new file mode 100644 index 000000000..5a8aeb256 --- /dev/null +++ b/node_modules/p-map/index.js @@ -0,0 +1,81 @@ +'use strict'; +const AggregateError = require('aggregate-error'); + +module.exports = async ( + iterable, + mapper, + { + concurrency = Infinity, + stopOnError = true + } = {} +) => { + return new Promise((resolve, reject) => { + if (typeof mapper !== 'function') { + throw new TypeError('Mapper function is required'); + } + + if (!(typeof concurrency === 'number' && concurrency >= 1)) { + throw new TypeError(`Expected \`concurrency\` to be a number from 1 and up, got \`${concurrency}\` (${typeof concurrency})`); + } + + const ret = []; + const errors = []; + const iterator = iterable[Symbol.iterator](); + let isRejected = false; + let isIterableDone = false; + let resolvingCount = 0; + let currentIndex = 0; + + const next = () => { + if (isRejected) { + return; + } + + const nextItem = iterator.next(); + const i = currentIndex; + currentIndex++; + + if (nextItem.done) { + isIterableDone = true; + + if (resolvingCount === 0) { + if (!stopOnError && errors.length !== 0) { + reject(new AggregateError(errors)); + } else { + resolve(ret); + } + } + + return; + } + + resolvingCount++; + + (async () => { + try { + const element = await nextItem.value; + ret[i] = await mapper(element, i); + resolvingCount--; + next(); + } catch (error) { + if (stopOnError) { + isRejected = true; + reject(error); + } else { + errors.push(error); + resolvingCount--; + next(); + } + } + })(); + }; + + for (let i = 0; i < concurrency; i++) { + next(); + + if (isIterableDone) { + break; + } + } + }); +}; diff --git a/node_modules/p-map/license b/node_modules/p-map/license new file mode 100644 index 000000000..e7af2f771 --- /dev/null +++ b/node_modules/p-map/license @@ -0,0 +1,9 @@ +MIT License + +Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/p-map/package.json b/node_modules/p-map/package.json new file mode 100644 index 000000000..21aff08b2 --- /dev/null +++ b/node_modules/p-map/package.json @@ -0,0 +1,84 @@ +{ + "_from": "p-map@^3.0.0", + "_id": "p-map@3.0.0", + "_inBundle": false, + "_integrity": "sha512-d3qXVTF/s+W+CdJ5A29wywV2n8CQQYahlgz2bFiA+4eVNJbHJodPZ+/gXwPGh0bOqA+j8S+6+ckmvLGPk1QpxQ==", + "_location": "/p-map", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "p-map@^3.0.0", + "name": "p-map", + "escapedName": "p-map", + "rawSpec": "^3.0.0", + "saveSpec": null, + "fetchSpec": "^3.0.0" + }, + "_requiredBy": [ + "/npm-registry-fetch/cacache" + ], + "_resolved": "https://registry.npmjs.org/p-map/-/p-map-3.0.0.tgz", + "_shasum": "d704d9af8a2ba684e2600d9a215983d4141a979d", + "_spec": "p-map@^3.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/npm-registry-fetch/node_modules/cacache", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/p-map/issues" + }, + "bundleDependencies": false, + "dependencies": { + "aggregate-error": "^3.0.0" + }, + "deprecated": false, + "description": "Map over promises concurrently", + "devDependencies": { + "ava": "^2.2.0", + "delay": "^4.1.0", + "in-range": "^2.0.0", + "random-int": "^2.0.0", + "time-span": "^3.1.0", + "tsd": "^0.7.2", + "xo": "^0.24.0" + }, + "engines": { + "node": ">=8" + }, + "files": [ + "index.js", + "index.d.ts" + ], + "homepage": "https://github.com/sindresorhus/p-map#readme", + "keywords": [ + "promise", + "map", + "resolved", + "wait", + "collection", + "iterable", + "iterator", + "race", + "fulfilled", + "async", + "await", + "promises", + "concurrently", + "concurrency", + "parallel", + "bluebird" + ], + "license": "MIT", + "name": "p-map", + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/p-map.git" + }, + "scripts": { + "test": "xo && ava && tsd" + }, + "version": "3.0.0" +} diff --git a/node_modules/p-map/readme.md b/node_modules/p-map/readme.md new file mode 100644 index 000000000..4941cb773 --- /dev/null +++ b/node_modules/p-map/readme.md @@ -0,0 +1,99 @@ +# p-map [](https://travis-ci.org/sindresorhus/p-map) + +> Map over promises concurrently + +Useful when you need to run promise-returning & async functions multiple times with different inputs concurrently. + + +## Install + +``` +$ npm install p-map +``` + + +## Usage + +```js +const pMap = require('p-map'); +const got = require('got'); + +const sites = [ + getWebsiteFromUsername('https://sindresorhus'), //=> Promise + 'https://ava.li', + 'https://github.com' +]; + +(async () => { + const mapper = async site => { + const {requestUrl} = await got.head(site); + return requestUrl; + }; + + const result = await pMap(sites, mapper, {concurrency: 2}); + + console.log(result); + //=> ['https://sindresorhus.com/', 'https://ava.li/', 'https://github.com/'] +})(); +``` + +## API + +### pMap(input, mapper, options?) + +Returns a `Promise` that is fulfilled when all promises in `input` and ones returned from `mapper` are fulfilled, or rejects if any of the promises reject. The fulfilled value is an `Array` of the fulfilled values returned from `mapper` in `input` order. + +#### input + +Type: `Iterable<Promise | unknown>` + +Iterated over concurrently in the `mapper` function. + +#### mapper(element, index) + +Type: `Function` + +Expected to return a `Promise` or value. + +#### options + +Type: `object` + +##### concurrency + +Type: `number`<br> +Default: `Infinity`<br> +Minimum: `1` + +Number of concurrently pending promises returned by `mapper`. + +##### stopOnError + +Type: `boolean`<br> +Default: `true` + +When set to `false`, instead of stopping when a promise rejects, it will wait for all the promises to settle and then reject with an [aggregated error](https://github.com/sindresorhus/aggregate-error) containing all the errors from the rejected promises. + + +## Related + +- [p-all](https://github.com/sindresorhus/p-all) - Run promise-returning & async functions concurrently with optional limited concurrency +- [p-filter](https://github.com/sindresorhus/p-filter) - Filter promises concurrently +- [p-times](https://github.com/sindresorhus/p-times) - Run promise-returning & async functions a specific number of times concurrently +- [p-props](https://github.com/sindresorhus/p-props) - Like `Promise.all()` but for `Map` and `Object` +- [p-map-series](https://github.com/sindresorhus/p-map-series) - Map over promises serially +- [p-queue](https://github.com/sindresorhus/p-queue) - Promise queue with concurrency control +- [More…](https://github.com/sindresorhus/promise-fun) + + +--- + +<div align="center"> + <b> + <a href="https://tidelift.com/subscription/pkg/npm-p-map?utm_source=npm-p-map&utm_medium=referral&utm_campaign=readme">Get professional support for this package with a Tidelift subscription</a> + </b> + <br> + <sub> + Tidelift helps make open source sustainable for maintainers while giving companies<br>assurances about security, maintenance, and licensing for their dependencies. + </sub> +</div> diff --git a/node_modules/pacote/node_modules/npm-pick-manifest/CHANGELOG.md b/node_modules/pacote/node_modules/npm-pick-manifest/CHANGELOG.md new file mode 100644 index 000000000..c594ba140 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-pick-manifest/CHANGELOG.md @@ -0,0 +1,167 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="3.0.2"></a> +## [3.0.2](https://github.com/npm/npm-pick-manifest/compare/v3.0.1...v3.0.2) (2019-08-30) + + + +<a name="3.0.1"></a> +## [3.0.1](https://github.com/npm/npm-pick-manifest/compare/v3.0.0...v3.0.1) (2019-08-28) + + +### Bug Fixes + +* throw 403 for forbidden major/minor versions ([003286e](https://github.com/npm/npm-pick-manifest/commit/003286e)), closes [#2](https://github.com/npm/npm-pick-manifest/issues/2) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/npm-pick-manifest/compare/v2.2.3...v3.0.0) (2019-08-20) + + +### Features + +* throw forbidden error when package is blocked by policy ([ad2a962](https://github.com/npm/npm-pick-manifest/commit/ad2a962)), closes [#1](https://github.com/npm/npm-pick-manifest/issues/1) + + +### BREAKING CHANGES + +* This adds a new error code when package versions are +blocked. + +PR-URL: https://github.com/npm/npm-pick-manifest/pull/1 +Credit: @claudiahdz + + + +<a name="2.2.3"></a> +## [2.2.3](https://github.com/npm/npm-pick-manifest/compare/v2.2.2...v2.2.3) (2018-10-31) + + +### Bug Fixes + +* **enjoyBy:** rework semantics for enjoyBy again ([5e89b62](https://github.com/npm/npm-pick-manifest/commit/5e89b62)) + + + +<a name="2.2.2"></a> +## [2.2.2](https://github.com/npm/npm-pick-manifest/compare/v2.2.1...v2.2.2) (2018-10-31) + + +### Bug Fixes + +* **enjoyBy:** rework semantics for enjoyBy ([5684f45](https://github.com/npm/npm-pick-manifest/commit/5684f45)) + + + +<a name="2.2.1"></a> +## [2.2.1](https://github.com/npm/npm-pick-manifest/compare/v2.2.0...v2.2.1) (2018-10-30) + + + +<a name="2.2.0"></a> +# [2.2.0](https://github.com/npm/npm-pick-manifest/compare/v2.1.0...v2.2.0) (2018-10-30) + + +### Bug Fixes + +* **audit:** npm audit fix --force ([d5ae6c4](https://github.com/npm/npm-pick-manifest/commit/d5ae6c4)) + + +### Features + +* **enjoyBy:** add opts.enjoyBy option to filter versions by date ([0b8a790](https://github.com/npm/npm-pick-manifest/commit/0b8a790)) + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/npm/npm-pick-manifest/compare/v2.0.1...v2.1.0) (2017-10-18) + + +### Features + +* **selection:** allow manually disabling deprecation skipping ([0d239d3](https://github.com/npm/npm-pick-manifest/commit/0d239d3)) + + + +<a name="2.0.1"></a> +## [2.0.1](https://github.com/npm/npm-pick-manifest/compare/v2.0.0...v2.0.1) (2017-10-18) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/npm-pick-manifest/compare/v1.0.4...v2.0.0) (2017-10-03) + + +### Bug Fixes + +* **license:** relicense project according to npm policy (#3) ([ed743a0](https://github.com/npm/npm-pick-manifest/commit/ed743a0)) + + +### Features + +* **selection:** Avoid matching deprecated packages if possible ([3fc6c3a](https://github.com/npm/npm-pick-manifest/commit/3fc6c3a)) + + +### BREAKING CHANGES + +* **selection:** deprecated versions may be skipped now +* **license:** This moves the license from CC0 to ISC and properly documents the copyright as belonging to npm, Inc. + + + +<a name="1.0.4"></a> +## [1.0.4](https://github.com/npm/npm-pick-manifest/compare/v1.0.3...v1.0.4) (2017-06-29) + + +### Bug Fixes + +* **npa:** bump npa version for bugfixes ([7cdaca7](https://github.com/npm/npm-pick-manifest/commit/7cdaca7)) +* **semver:** use loose semver parsing for *all* ops ([bbc0daa](https://github.com/npm/npm-pick-manifest/commit/bbc0daa)) + + + +<a name="1.0.3"></a> +## [1.0.3](https://github.com/npm/npm-pick-manifest/compare/v1.0.2...v1.0.3) (2017-05-04) + + +### Bug Fixes + +* **semver:** use semver.clean() instead ([f4133b5](https://github.com/npm/npm-pick-manifest/commit/f4133b5)) + + + +<a name="1.0.2"></a> +## [1.0.2](https://github.com/npm/npm-pick-manifest/compare/v1.0.1...v1.0.2) (2017-05-04) + + +### Bug Fixes + +* **picker:** spaces in `wanted` prevented match ([97a7d0a](https://github.com/npm/npm-pick-manifest/commit/97a7d0a)) + + + +<a name="1.0.1"></a> +## [1.0.1](https://github.com/npm/npm-pick-manifest/compare/v1.0.0...v1.0.1) (2017-04-24) + + +### Bug Fixes + +* **deps:** forgot to add semver ([1876f4f](https://github.com/npm/npm-pick-manifest/commit/1876f4f)) + + + +<a name="1.0.0"></a> +# 1.0.0 (2017-04-24) + + +### Features + +* **api:** initial implementation. ([b086912](https://github.com/npm/npm-pick-manifest/commit/b086912)) + + +### BREAKING CHANGES + +* **api:** ex nihilo diff --git a/node_modules/pacote/node_modules/npm-pick-manifest/LICENSE.md b/node_modules/pacote/node_modules/npm-pick-manifest/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-pick-manifest/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/pacote/node_modules/npm-pick-manifest/README.md b/node_modules/pacote/node_modules/npm-pick-manifest/README.md new file mode 100644 index 000000000..d32d47af1 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-pick-manifest/README.md @@ -0,0 +1,84 @@ +# npm-pick-manifest [](https://npm.im/npm-pick-manifest) [](https://npm.im/npm-pick-manifest) [](https://travis-ci.org/npm/npm-pick-manifest) [](https://ci.appveyor.com/project/npm/npm-pick-manifest) [](https://coveralls.io/github/npm/npm-pick-manifest?branch=latest) + +[`npm-pick-manifest`](https://github.com/npm/npm-pick-manifest) is a standalone +implementation of [npm](https://npmjs.com)'s semver range resolution algorithm. + +## Install + +`$ npm install --save npm-pick-manifest` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * [`pickManifest()`](#pick-manifest) + +### Example + +```javascript +const pickManifest = require('npm-pick-manifest') + +fetch('https://registry.npmjs.org/npm-pick-manifest').then(res => { + return res.json() +}).then(packument => { + return pickManifest(packument, '^1.0.0') +}) // get same manifest as npm would get if you `npm i npm-pick-manifest@^1.0.0` +``` + +### Features + +* Uses npm's exact semver resolution algorithm +* Supports ranges, tags, and versions + +### Contributing + +The npm-pick-manifest team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +### API + +#### <a name="pick-manifest"></a> `> pickManifest(packument, selector, [opts]) -> manifest` + +Returns the manifest that matches `selector`, or throws an error. + +Packuments are anything returned by metadata URLs from the npm registry. That +is, they're objects with the following shape (only fields used by +`npm-pick-manifest` included): + +```javascript +{ + name: 'some-package', + 'dist-tags': { + foo: '1.0.1' + }, + versions: { + '1.0.0': { version: '1.0.0' }, + '1.0.1': { version: '1.0.1' }, + '1.0.2': { version: '1.0.2' }, + '2.0.0': { version: '2.0.0' } + } +} +``` + +The algorithm will follow npm's algorithm for semver resolution, and only `tag`, +`range`, and `version` selectors are supported. + +The function will throw `ETARGET` if there was no matching manifest, and +`ENOVERSIONS` if the packument object has no valid versions in `versions`. + +If `opts.defaultTag` is provided, it will be used instead of `latest`. That is, +if that tag matches the selector, it will be used, even if a higher available +version matches the range. + +If `opts.enjoyBy` is provided, it should be something that can be passed to `new +Date(x)`, such as a `Date` object or a timestamp string. It will be used to +filter the selected versions such that only versions less than or equal to +`enjoyBy` are considered. + +If `opts.includeDeprecated` passed in as true, deprecated versions will be +selected. By default, deprecated versions other than `defaultTag` are ignored. diff --git a/node_modules/pacote/node_modules/npm-pick-manifest/index.js b/node_modules/pacote/node_modules/npm-pick-manifest/index.js new file mode 100644 index 000000000..9eb2d82d1 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-pick-manifest/index.js @@ -0,0 +1,136 @@ +'use strict' + +const figgyPudding = require('figgy-pudding') +const npa = require('npm-package-arg') +const semver = require('semver') + +const PickerOpts = figgyPudding({ + defaultTag: { default: 'latest' }, + enjoyBy: {}, + includeDeprecated: { default: false } +}) + +module.exports = pickManifest +function pickManifest (packument, wanted, opts) { + opts = PickerOpts(opts) + const time = opts.enjoyBy && packument.time && +(new Date(opts.enjoyBy)) + const spec = npa.resolve(packument.name, wanted) + const type = spec.type + if (type === 'version' || type === 'range') { + wanted = semver.clean(wanted, true) || wanted + } + const distTags = packument['dist-tags'] || {} + const versions = Object.keys(packument.versions || {}).filter(v => { + return semver.valid(v, true) + }) + const policyRestrictions = packument.policyRestrictions + const restrictedVersions = policyRestrictions + ? Object.keys(policyRestrictions.versions) : [] + + function enjoyableBy (v) { + return !time || ( + packument.time[v] && time >= +(new Date(packument.time[v])) + ) + } + + let err + + if (!versions.length && !restrictedVersions.length) { + err = new Error(`No valid versions available for ${packument.name}`) + err.code = 'ENOVERSIONS' + err.name = packument.name + err.type = type + err.wanted = wanted + throw err + } + + let target + + if (type === 'tag' && enjoyableBy(distTags[wanted])) { + target = distTags[wanted] + } else if (type === 'version') { + target = wanted + } else if (type !== 'range' && enjoyableBy(distTags[wanted])) { + throw new Error('Only tag, version, and range are supported') + } + + const tagVersion = distTags[opts.defaultTag] + + if ( + !target && + tagVersion && + packument.versions[tagVersion] && + enjoyableBy(tagVersion) && + semver.satisfies(tagVersion, wanted, true) + ) { + target = tagVersion + } + + if (!target && !opts.includeDeprecated) { + const undeprecated = versions.filter(v => !packument.versions[v].deprecated && enjoyableBy(v) + ) + target = semver.maxSatisfying(undeprecated, wanted, true) + } + if (!target) { + const stillFresh = versions.filter(enjoyableBy) + target = semver.maxSatisfying(stillFresh, wanted, true) + } + + if (!target && wanted === '*' && enjoyableBy(tagVersion)) { + // This specific corner is meant for the case where + // someone is using `*` as a selector, but all versions + // are pre-releases, which don't match ranges at all. + target = tagVersion + } + + if ( + !target && + time && + type === 'tag' && + distTags[wanted] && + !enjoyableBy(distTags[wanted]) + ) { + const stillFresh = versions.filter(v => + enjoyableBy(v) && semver.lte(v, distTags[wanted], true) + ).sort(semver.rcompare) + target = stillFresh[0] + } + + if (!target && restrictedVersions) { + target = semver.maxSatisfying(restrictedVersions, wanted, true) + } + + const manifest = ( + target && + packument.versions[target] + ) + if (!manifest) { + // Check if target is forbidden + const isForbidden = target && policyRestrictions && policyRestrictions.versions[target] + const pckg = `${packument.name}@${wanted}${ + opts.enjoyBy + ? ` with an Enjoy By date of ${ + new Date(opts.enjoyBy).toLocaleString() + }. Maybe try a different date?` + : '' + }` + + if (isForbidden) { + err = new Error(`Could not download ${pckg} due to policy violations.\n${policyRestrictions.message}\n`) + err.code = 'E403' + } else { + err = new Error(`No matching version found for ${pckg}.`) + err.code = 'ETARGET' + } + + err.name = packument.name + err.type = type + err.wanted = wanted + err.versions = versions + err.distTags = distTags + err.defaultTag = opts.defaultTag + throw err + } else { + return manifest + } +} diff --git a/node_modules/pacote/node_modules/npm-pick-manifest/package.json b/node_modules/pacote/node_modules/npm-pick-manifest/package.json new file mode 100644 index 000000000..146982059 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-pick-manifest/package.json @@ -0,0 +1,82 @@ +{ + "_from": "npm-pick-manifest@^3.0.0", + "_id": "npm-pick-manifest@3.0.2", + "_inBundle": false, + "_integrity": "sha512-wNprTNg+X5nf+tDi+hbjdHhM4bX+mKqv6XmPh7B5eG+QY9VARfQPfCEH013H5GqfNj6ee8Ij2fg8yk0mzps1Vw==", + "_location": "/pacote/npm-pick-manifest", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-pick-manifest@^3.0.0", + "name": "npm-pick-manifest", + "escapedName": "npm-pick-manifest", + "rawSpec": "^3.0.0", + "saveSpec": null, + "fetchSpec": "^3.0.0" + }, + "_requiredBy": [ + "/pacote" + ], + "_resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-3.0.2.tgz", + "_shasum": "f4d9e5fd4be2153e5f4e5f9b7be8dc419a99abb7", + "_spec": "npm-pick-manifest@^3.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/pacote", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/npm-pick-manifest/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "figgy-pudding": "^3.5.1", + "npm-package-arg": "^6.0.0", + "semver": "^5.4.1" + }, + "deprecated": false, + "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", + "devDependencies": { + "nyc": "^13.1.0", + "standard": "^10.0.3", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js" + ], + "homepage": "https://github.com/npm/npm-pick-manifest#readme", + "keywords": [ + "npm", + "semver", + "package manager" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-pick-manifest", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/npm-pick-manifest.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --100 --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "3.0.2" +} diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/CHANGELOG.md b/node_modules/pacote/node_modules/npm-registry-fetch/CHANGELOG.md new file mode 100644 index 000000000..8eee50a47 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/CHANGELOG.md @@ -0,0 +1,239 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="4.0.2"></a> +## [4.0.2](https://github.com/npm/registry-fetch/compare/v4.0.0...v4.0.2) (2019-10-04) + + +### Bug Fixes + +* Add null check on body on 401 errors ([e3a0186](https://github.com/npm/registry-fetch/commit/e3a0186)), closes [#9](https://github.com/npm/registry-fetch/issues/9) +* **deps:** Add explicit dependency on safe-buffer ([8eae5f0](https://github.com/npm/registry-fetch/commit/8eae5f0)), closes [npm/libnpmaccess#2](https://github.com/npm/libnpmaccess/issues/2) [#3](https://github.com/npm/registry-fetch/issues/3) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/npm/registry-fetch/compare/v3.9.1...v4.0.0) (2019-07-15) + + +* cacache@12.0.0, infer uid from cache folder ([0c4f060](https://github.com/npm/registry-fetch/commit/0c4f060)) + + +### BREAKING CHANGES + +* uid and gid are inferred from cache folder, rather than +being passed in as options. + + + +<a name="3.9.1"></a> +## [3.9.1](https://github.com/npm/registry-fetch/compare/v3.9.0...v3.9.1) (2019-07-02) + + + +<a name="3.9.0"></a> +# [3.9.0](https://github.com/npm/registry-fetch/compare/v3.8.0...v3.9.0) (2019-01-24) + + +### Features + +* **auth:** support username:password encoded legacy _auth ([a91f90c](https://github.com/npm/registry-fetch/commit/a91f90c)) + + + +<a name="3.8.0"></a> +# [3.8.0](https://github.com/npm/registry-fetch/compare/v3.7.0...v3.8.0) (2018-08-23) + + +### Features + +* **mapJson:** add support for passing in json stream mapper ([0600986](https://github.com/npm/registry-fetch/commit/0600986)) + + + +<a name="3.7.0"></a> +# [3.7.0](https://github.com/npm/registry-fetch/compare/v3.6.0...v3.7.0) (2018-08-23) + + +### Features + +* **json.stream:** add utility function for streamed JSON parsing ([051d969](https://github.com/npm/registry-fetch/commit/051d969)) + + + +<a name="3.6.0"></a> +# [3.6.0](https://github.com/npm/registry-fetch/compare/v3.5.0...v3.6.0) (2018-08-22) + + +### Bug Fixes + +* **docs:** document opts.forceAuth ([40bcd65](https://github.com/npm/registry-fetch/commit/40bcd65)) + + +### Features + +* **opts.ignoreBody:** add a boolean to throw away response bodies ([6923702](https://github.com/npm/registry-fetch/commit/6923702)) + + + +<a name="3.5.0"></a> +# [3.5.0](https://github.com/npm/registry-fetch/compare/v3.4.0...v3.5.0) (2018-08-22) + + +### Features + +* **pkgid:** heuristic pkgid calculation for errors ([2e789a5](https://github.com/npm/registry-fetch/commit/2e789a5)) + + + +<a name="3.4.0"></a> +# [3.4.0](https://github.com/npm/registry-fetch/compare/v3.3.0...v3.4.0) (2018-08-22) + + +### Bug Fixes + +* **deps:** use new figgy-pudding with aliases fix ([0308f54](https://github.com/npm/registry-fetch/commit/0308f54)) + + +### Features + +* **auth:** add forceAuth option to force a specific auth mechanism ([4524d17](https://github.com/npm/registry-fetch/commit/4524d17)) + + + +<a name="3.3.0"></a> +# [3.3.0](https://github.com/npm/registry-fetch/compare/v3.2.1...v3.3.0) (2018-08-21) + + +### Bug Fixes + +* **query:** stop including undefined keys ([4718b1b](https://github.com/npm/registry-fetch/commit/4718b1b)) + + +### Features + +* **otp:** use heuristic detection for malformed EOTP responses ([f035194](https://github.com/npm/registry-fetch/commit/f035194)) + + + +<a name="3.2.1"></a> +## [3.2.1](https://github.com/npm/registry-fetch/compare/v3.2.0...v3.2.1) (2018-08-16) + + +### Bug Fixes + +* **opts:** pass through non-null opts.retry ([beba040](https://github.com/npm/registry-fetch/commit/beba040)) + + + +<a name="3.2.0"></a> +# [3.2.0](https://github.com/npm/registry-fetch/compare/v3.1.1...v3.2.0) (2018-07-27) + + +### Features + +* **gzip:** add opts.gzip convenience opt ([340abe0](https://github.com/npm/registry-fetch/commit/340abe0)) + + + +<a name="3.1.1"></a> +## [3.1.1](https://github.com/npm/registry-fetch/compare/v3.1.0...v3.1.1) (2018-04-09) + + + +<a name="3.1.0"></a> +# [3.1.0](https://github.com/npm/registry-fetch/compare/v3.0.0...v3.1.0) (2018-04-09) + + +### Features + +* **config:** support no-proxy and https-proxy options ([9aa906b](https://github.com/npm/registry-fetch/commit/9aa906b)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/npm/registry-fetch/compare/v2.1.0...v3.0.0) (2018-04-09) + + +### Bug Fixes + +* **api:** pacote integration-related fixes ([a29de4f](https://github.com/npm/registry-fetch/commit/a29de4f)) +* **config:** stop caring about opts.config ([5856a6f](https://github.com/npm/registry-fetch/commit/5856a6f)) + + +### BREAKING CHANGES + +* **config:** opts.config is no longer supported. Pass the options down in opts itself. + + + +<a name="2.1.0"></a> +# [2.1.0](https://github.com/npm/registry-fetch/compare/v2.0.0...v2.1.0) (2018-04-08) + + +### Features + +* **token:** accept opts.token for opts._authToken ([108c9f0](https://github.com/npm/registry-fetch/commit/108c9f0)) + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/npm/registry-fetch/compare/v1.1.1...v2.0.0) (2018-04-08) + + +### meta + +* drop support for node@4 ([758536e](https://github.com/npm/registry-fetch/commit/758536e)) + + +### BREAKING CHANGES + +* node@4 is no longer supported + + + +<a name="1.1.1"></a> +## [1.1.1](https://github.com/npm/registry-fetch/compare/v1.1.0...v1.1.1) (2018-04-06) + + + +<a name="1.1.0"></a> +# [1.1.0](https://github.com/npm/registry-fetch/compare/v1.0.1...v1.1.0) (2018-03-16) + + +### Features + +* **specs:** can use opts.spec to trigger pickManifest ([85c4ac9](https://github.com/npm/registry-fetch/commit/85c4ac9)) + + + +<a name="1.0.1"></a> +## [1.0.1](https://github.com/npm/registry-fetch/compare/v1.0.0...v1.0.1) (2018-03-16) + + +### Bug Fixes + +* **query:** oops console.log ([870e4f5](https://github.com/npm/registry-fetch/commit/870e4f5)) + + + +<a name="1.0.0"></a> +# 1.0.0 (2018-03-16) + + +### Bug Fixes + +* **auth:** get auth working with all the little details ([84b94ba](https://github.com/npm/registry-fetch/commit/84b94ba)) +* **deps:** add bluebird as an actual dep ([1286e31](https://github.com/npm/registry-fetch/commit/1286e31)) +* **errors:** Unknown auth errors use default code ([#1](https://github.com/npm/registry-fetch/issues/1)) ([3d91b93](https://github.com/npm/registry-fetch/commit/3d91b93)) +* **standard:** remove args from invocation ([9620a0a](https://github.com/npm/registry-fetch/commit/9620a0a)) + + +### Features + +* **api:** baseline kinda-working API impl ([bf91f9f](https://github.com/npm/registry-fetch/commit/bf91f9f)) +* **body:** automatic handling of different opts.body values ([f3b97db](https://github.com/npm/registry-fetch/commit/f3b97db)) +* **config:** nicer input config input handling ([b9ce21d](https://github.com/npm/registry-fetch/commit/b9ce21d)) +* **opts:** use figgy-pudding for opts handling ([0abd527](https://github.com/npm/registry-fetch/commit/0abd527)) +* **query:** add query utility support ([65ea8b1](https://github.com/npm/registry-fetch/commit/65ea8b1)) diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/LICENSE.md b/node_modules/pacote/node_modules/npm-registry-fetch/LICENSE.md new file mode 100644 index 000000000..8d28acf86 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/README.md b/node_modules/pacote/node_modules/npm-registry-fetch/README.md new file mode 100644 index 000000000..0c3f4f946 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/README.md @@ -0,0 +1,609 @@ +# npm-registry-fetch [](https://npm.im/npm-registry-fetch) [](https://npm.im/npm-registry-fetch) [](https://travis-ci.org/npm/npm-registry-fetch) [](https://ci.appveyor.com/project/npm/npm-registry-fetch) [](https://coveralls.io/github/npm/npm-registry-fetch?branch=latest) + +[`npm-registry-fetch`](https://github.com/npm/npm-registry-fetch) is a Node.js +library that implements a `fetch`-like API for accessing npm registry APIs +consistently. It's able to consume npm-style configuration values and has all +the necessary logic for picking registries, handling scopes, and dealing with +authentication details built-in. + +This package is meant to replace the older +[`npm-registry-client`](https://npm.im/npm-registry-client). + +## Example + +```javascript +const npmFetch = require('npm-registry-fetch') + +console.log( + await npmFetch.json('/-/ping') +) +``` + +## Table of Contents + +* [Installing](#install) +* [Example](#example) +* [Contributing](#contributing) +* [API](#api) + * [`fetch`](#fetch) + * [`fetch.json`](#fetch-json) + * [`fetch` options](#fetch-opts) + +### Install + +`$ npm install npm-registry-fetch` + +### Contributing + +The npm team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +All participants and maintainers in this project are expected to follow [Code of +Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. + +Please refer to the [Changelog](CHANGELOG.md) for project history details, too. + +Happy hacking! + +### API + +#### <a name="fetch"></a> `> fetch(url, [opts]) -> Promise<Response>` + +Performs a request to a given URL. + +The URL can be either a full URL, or a path to one. The appropriate registry +will be automatically picked if only a URL path is given. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch('/-/ping') +console.log(res.headers) +res.on('data', d => console.log(d.toString('utf8'))) +``` + +#### <a name="fetch-json"></a> `> fetch.json(url, [opts]) -> Promise<ResponseJSON>` + +Performs a request to a given registry URL, parses the body of the response as +JSON, and returns it as its final value. This is a utility shorthand for +`fetch(url).then(res => res.json())`. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +const res = await fetch.json('/-/ping') +console.log(res) // Body parsed as JSON +``` + +#### <a name="fetch-json-stream"></a> `> fetch.json.stream(url, jsonPath, [opts]) -> Stream` + +Performs a request to a given registry URL and parses the body of the response +as JSON, with each entry being emitted through the stream. + +The `jsonPath` argument is a [`JSONStream.parse()` +path](https://github.com/dominictarr/JSONStream#jsonstreamparsepath), and the +returned stream (unlike default `JSONStream`s), has a valid +`Symbol.asyncIterator` implementation. + +For available options, please see the section on [`fetch` options](#fetch-opts). + +##### Example + +```javascript +console.log('https://npm.im/~zkat has access to the following packages:') +for await (let {key, value} of fetch.json.stream('/-/user/zkat/package', '$*')) { + console.log(`https://npm.im/${key} (perms: ${value})`) +} +``` + +#### <a name="fetch-opts"></a> `fetch` Options + +Fetch options are optional, and can be passed in as either a Map-like object +(one with a `.get()` method), a plain javascript object, or a +[`figgy-pudding`](https://npm.im/figgy-pudding) instance. + +##### <a name="opts-agent"></a> `opts.agent` + +* Type: http.Agent +* Default: an appropriate agent based on URL protocol and proxy settings + +An [`Agent`](https://nodejs.org/api/http.html#http_class_http_agent) instance to +be shared across requests. This allows multiple concurrent `fetch` requests to +happen on the same socket. + +You do _not_ need to provide this option unless you want something particularly +specialized, since proxy configurations and http/https agents are already +automatically managed internally when this option is not passed through. + +##### <a name="opts-body"></a> `opts.body` + +* Type: Buffer | Stream | Object +* Default: null + +Request body to send through the outgoing request. Buffers and Streams will be +passed through as-is, with a default `content-type` of +`application/octet-stream`. Plain JavaScript objects will be `JSON.stringify`ed +and the `content-type` will default to `application/json`. + +Use [`opts.headers`](#opts-headers) to set the content-type to something else. + +##### <a name="opts-ca"></a> `opts.ca` + +* Type: String, Array, or null +* Default: null + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls it +"Base-64 encoded X.509 (.CER)") with newlines replaced by the string `'\n'`. For +example: + +``` +{ + ca: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +Set to `null` to only allow "known" registrars, or to a specific CA cert +to trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates instead of a +single string. + +See also [`opts.strict-ssl`](#opts-strict-ssl), [`opts.ca`](#opts-ca) and +[`opts.key`](#opts-key) + +##### <a name="opts-cache"></a> `opts.cache` + +* Type: path +* Default: null + +The location of the http cache directory. If provided, certain cachable requests +will be cached according to [IETF RFC 7234](https://tools.ietf.org/html/rfc7234) +rules. This will speed up future requests, as well as make the cached data +available offline if necessary/requested. + +See also [`offline`](#opts-offline), [`prefer-offline`](#opts-prefer-offline), +and [`prefer-online`](#opts-prefer-online). + +##### <a name="opts-cert"></a> `opts.cert` + +* Type: String +* Default: null + +A client certificate to pass when accessing the registry. Values should be in +PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines +replaced by the string `'\n'`. For example: + +``` +{ + cert: '-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----' +} +``` + +It is _not_ the path to a certificate file (and there is no "certfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.key`](#opts-key) + +##### <a name="opts-fetch-retries"></a> `opts.fetch-retries` + +* Type: Number +* Default: 2 + +The "retries" config for [`retry`](https://npm.im/retry) to use when fetching +packages from the registry. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-factor"></a> `opts.fetch-retry-factor` + +* Type: Number +* Default: 10 + +The "factor" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-mintimeout"></a> `opts.fetch-retry-mintimeout` + +* Type: Number +* Default: 10000 (10 seconds) + +The "minTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-fetch-retry-maxtimeout"></a> `opts.fetch-retry-maxtimeout` + +* Type: Number +* Default: 60000 (1 minute) + +The "maxTimeout" config for [`retry`](https://npm.im/retry) to use when fetching +packages. + +See also [`opts.retry`](#opts-retry) to provide all retry options as a single +object. + +##### <a name="opts-force-auth"></a> `opts.force-auth` + +* Alias: `opts.forceAuth` +* Type: Object +* Default: null + +If present, other auth-related values in `opts` will be completely ignored, +including `alwaysAuth`, `email`, and `otp`, when calculating auth for a request, +and the auth details in `opts.forceAuth` will be used instead. + +##### <a name="opts-gzip"></a> `opts.gzip` + +* Type: Boolean +* Default: false + +If true, `npm-registry-fetch` will set the `Content-Encoding` header to `gzip` +and use `zlib.gzip()` or `zlib.createGzip()` to gzip-encode +[`opts.body`](#opts-body). + +##### <a name="opts-headers"></a> `opts.headers` + +* Type: Object +* Default: null + +Additional headers for the outgoing request. This option can also be used to +override headers automatically generated by `npm-registry-fetch`, such as +`Content-Type`. + +##### <a name="opts-ignore-body"></a> `opts.ignore-body` + +* Alias: `opts.ignoreBody` +* Type: Boolean +* Default: false + +If true, the **response body** will be thrown away and `res.body` set to `null`. +This will prevent dangling response sockets for requests where you don't usually +care what the response body is. + +##### <a name="opts-integrity"></a> `opts.integrity` + +* Type: String | [SRI object](https://npm.im/ssri) +* Default: null + +If provided, the response body's will be verified against this integrity string, +using [`ssri`](https://npm.im/ssri). If verification succeeds, the response will +complete as normal. If verification fails, the response body will error with an +`EINTEGRITY` error. + +Body integrity is only verified if the body is actually consumed to completion -- +that is, if you use `res.json()`/`res.buffer()`, or if you consume the default +`res` stream data to its end. + +Cached data will have its integrity automatically verified using the +previously-generated integrity hash for the saved request information, so +`EINTEGRITY` errors can happen if [`opts.cache`](#opts-cache) is used, even if +`opts.integrity` is not passed in. + +##### <a name='opts-is-from-ci'></a> `opts.is-from-ci` + +* Alias: `opts.isFromCI` +* Type: Boolean +* Default: Based on environment variables + +This is used to populate the `npm-in-ci` request header sent to the registry. + +##### <a name="opts-key"></a> `opts.key` + +* Type: String +* Default: null + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string `'\n'`. For example: + +``` +{ + key: '-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----' +} +``` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +See also: [`opts.ca`](#opts-ca) and [`opts.cert`](#opts-cert) + +##### <a name="opts-local-address"></a> `opts.local-address` + +* Type: IP Address String +* Default: null + +The IP address of the local interface to use when making connections +to the registry. + +See also [`opts.proxy`](#opts-proxy) + +##### <a name="opts-log"></a> `opts.log` + +* Type: [`npmlog`](https://npm.im/npmlog)-like +* Default: null + +Logger object to use for logging operation details. Must have the same methods +as `npmlog`. + +##### <a name="opts-map-json"></a> `opts.map-json` + +* Alias: `mapJson`, `mapJSON` +* Type: Function +* Default: undefined + +When using `fetch.json.stream()` (NOT `fetch.json()`), this will be passed down +to [`JSONStream`](https://npm.im/JSONStream) as the second argument to +`JSONStream.parse`, and can be used to transform stream data before output. + +##### <a name="opts-maxsockets"></a> `opts.maxsockets` + +* Alias: `opts.max-sockets` +* Type: Integer +* Default: 12 + +Maximum number of sockets to keep open during requests. Has no effect if +[`opts.agent`](#opts-agent) is used. + +##### <a name="opts-method"></a> `opts.method` + +* Type: String +* Default: 'GET' + +HTTP method to use for the outgoing request. Case-insensitive. + +##### <a name="opts-noproxy"></a> `opts.noproxy` + +* Type: Boolean +* Default: process.env.NOPROXY + +If true, proxying will be disabled even if [`opts.proxy`](#opts-proxy) is used. + +##### <a name="opts-npm-session"></a> `opts.npm-session` + +* Alias: `opts.npmSession` +* Type: String +* Default: null + +If provided, will be sent in the `npm-session` header. This header is used by +the npm registry to identify individual user sessions (usually individual +invocations of the CLI). + +##### <a name="opts-offline"></a> `opts.offline` + +* Type: Boolean +* Default: false + +Force offline mode: no network requests will be done during install. To allow +`npm-registry-fetch` to fill in missing cache data, see +[`opts.prefer-offline`](#opts-prefer-offline). + +This option is only really useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-otp"></a> `opts.otp` + +* Type: Number | String +* Default: null + +This is a one-time password from a two-factor authenticator. It is required for +certain registry interactions when two-factor auth is enabled for a user +account. + +##### <a name="opts-password"></a> `opts.password` + +* Alias: _password +* Type: String +* Default: null + +Password used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:password': 't0k3nH34r' +} +``` + +See also [`opts.username`](#opts-username) + +##### <a name="opts-prefer-offline"></a> `opts.prefer-offline` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +[`opts.offline`](#opts-offline). + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + +##### <a name="opts-prefer-online"></a> `opts.prefer-online` + +* Type: Boolean +* Default: false + +If true, staleness checks for cached data will be forced, making the CLI look +for updates immediately even for fresh package data. + +This option is generally only useful if you're also using +[`opts.cache`](#opts-cache). + + +##### <a name="opts-project-scope"></a> `opts.project-scope` + +* Alias: `opts.projectScope` +* Type: String +* Default: null + +If provided, will be sent in the `npm-scope` header. This header is used by the +npm registry to identify the toplevel package scope that a particular project +installation is using. + +##### <a name="opts-proxy"></a> `opts.proxy` + +* Type: url +* Default: null + +A proxy to use for outgoing http requests. If not passed in, the `HTTP(S)_PROXY` +environment variable will be used. + +##### <a name="opts-query"></a> `opts.query` + +* Type: String | Object +* Default: null + +If provided, the request URI will have a query string appended to it using this +query. If `opts.query` is an object, it will be converted to a query string +using +[`querystring.stringify()`](https://nodejs.org/api/querystring.html#querystring_querystring_stringify_obj_sep_eq_options). + +If the request URI already has a query string, it will be merged with +`opts.query`, preferring `opts.query` values. + +##### <a name="opts-refer"></a> `opts.refer` + +* Alias: `opts.referer` +* Type: String +* Default: null + +Value to use for the `Referer` header. The npm CLI itself uses this to serialize +the npm command line using the given request. + +##### <a name="opts-registry"></a> `opts.registry` + +* Type: URL +* Default: `'https://registry.npmjs.org'` + +Registry configuration for a request. If a request URL only includes the URL +path, this registry setting will be prepended. This configuration is also used +to determine authentication details, so even if the request URL references a +completely different host, `opts.registry` will be used to find the auth details +for that request. + +See also [`opts.scope`](#opts-scope), [`opts.spec`](#opts-spec), and +[`opts.<scope>:registry`](#opts-scope-registry) which can all affect the actual +registry URL used by the outgoing request. + +##### <a name="opts-retry"></a> `opts.retry` + +* Type: Object +* Default: null + +Single-object configuration for request retry settings. If passed in, will +override individually-passed `fetch-retry-*` settings. + +##### <a name="opts-scope"></a> `opts.scope` + +* Type: String +* Default: null + +Associate an operation with a scope for a scoped registry. This option can force +lookup of scope-specific registries and authentication. + +See also [`opts.<scope>:registry`](#opts-scope-registry) and +[`opts.spec`](#opts-spec) for interactions with this option. + +##### <a name="opts-scope-registry"></a> `opts.<scope>:registry` + +* Type: String +* Default: null + +This option type can be used to configure the registry used for requests +involving a particular scope. For example, `opts['@myscope:registry'] = +'https://scope-specific.registry/'` will make it so requests go out to this +registry instead of [`opts.registry`](#opts-registry) when +[`opts.scope`](#opts-scope) is used, or when [`opts.spec`](#opts-spec) is a +scoped package spec. + +The `@` before the scope name is optional, but recommended. + +##### <a name="opts-spec"></a> `opts.spec` + +* Type: String | [`npm-registry-arg`](https://npm.im/npm-registry-arg) object. +* Default: null + +If provided, can be used to automatically configure [`opts.scope`](#opts-scope) +based on a specific package name. Non-registry package specs will throw an +error. + +##### <a name="opts-strict-ssl"></a> `opts.strict-ssl` + +* Type: Boolean +* Default: true + +Whether or not to do SSL key validation when making requests to the +registry via https. + +See also [`opts.ca`](#opts-ca). + +##### <a name="opts-timeout"></a> `opts.timeout` + +* Type: Milliseconds +* Default: 30000 (30 seconds) + +Time before a hanging request times out. + +##### <a name="opts-token"></a> `opts.token` + +* Alias: `opts._authToken` +* Type: String +* Default: null + +Authentication token string. + +Can be scoped to a registry by using a "nerf dart" for that registry. That is: + +``` +{ + '//registry.npmjs.org/:token': 't0k3nH34r' +} +``` + +##### <a name="opts-user-agent"></a> `opts.user-agent` + +* Type: String +* Default: `'npm-registry-fetch@<version>/node@<node-version>+<arch> (<platform>)'` + +User agent string to send in the `User-Agent` header. + +##### <a name="opts-username"></a> `opts.username` + +* Type: String +* Default: null + +Username used for basic authentication. For the more modern authentication +method, please use the (more secure) [`opts.token`](#opts-token) + +Can optionally be scoped to a registry by using a "nerf dart" for that registry. +That is: + +``` +{ + '//registry.npmjs.org/:username': 't0k3nH34r' +} +``` + +See also [`opts.password`](#opts-password) + +##### <a name="opts-auth"></a> `opts._auth` + +* Type: String +* Default: null + +** DEPRECATED ** This is a legacy authentication token supported only for +*compatibility. Please use [`opts.token`](#opts-token) instead. diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/auth.js b/node_modules/pacote/node_modules/npm-registry-fetch/auth.js new file mode 100644 index 000000000..d583982d0 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/auth.js @@ -0,0 +1,57 @@ +'use strict' + +const config = require('./config.js') +const url = require('url') + +module.exports = getAuth +function getAuth (registry, opts) { + if (!registry) { throw new Error('registry is required') } + opts = config(opts) + let AUTH = {} + const regKey = registry && registryKey(registry) + if (opts.forceAuth) { + opts = opts.forceAuth + } + const doKey = (key, alias) => addKey(opts, AUTH, regKey, key, alias) + doKey('token') + doKey('_authToken', 'token') + doKey('username') + doKey('password') + doKey('_password', 'password') + doKey('email') + doKey('_auth') + doKey('otp') + doKey('always-auth', 'alwaysAuth') + if (AUTH.password) { + AUTH.password = Buffer.from(AUTH.password, 'base64').toString('utf8') + } + if (AUTH._auth && !(AUTH.username && AUTH.password)) { + let auth = Buffer.from(AUTH._auth, 'base64').toString() + auth = auth.split(':') + AUTH.username = auth.shift() + AUTH.password = auth.join(':') + } + AUTH.alwaysAuth = AUTH.alwaysAuth === 'false' ? false : !!AUTH.alwaysAuth + return AUTH +} + +function addKey (opts, obj, scope, key, objKey) { + if (opts[key]) { + obj[objKey || key] = opts[key] + } + if (scope && opts[`${scope}:${key}`]) { + obj[objKey || key] = opts[`${scope}:${key}`] + } +} + +// Called a nerf dart in the main codebase. Used as a "safe" +// key when fetching registry info from config. +function registryKey (registry) { + const parsed = url.parse(registry) + const formatted = url.format({ + host: parsed.host, + pathname: parsed.pathname, + slashes: parsed.slashes + }) + return url.resolve(formatted, '.') +} diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/check-response.js b/node_modules/pacote/node_modules/npm-registry-fetch/check-response.js new file mode 100644 index 000000000..14058239b --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/check-response.js @@ -0,0 +1,109 @@ +'use strict' + +const config = require('./config.js') +const errors = require('./errors.js') +const LRU = require('lru-cache') + +module.exports = checkResponse +function checkResponse (method, res, registry, startTime, opts) { + opts = config(opts) + if (res.headers.has('npm-notice') && !res.headers.has('x-local-cache')) { + opts.log.notice('', res.headers.get('npm-notice')) + } + checkWarnings(res, registry, opts) + if (res.status >= 400) { + logRequest(method, res, startTime, opts) + return checkErrors(method, res, startTime, opts) + } else { + res.body.on('end', () => logRequest(method, res, startTime, opts)) + if (opts.ignoreBody) { + res.body.resume() + res.body = null + } + return res + } +} + +function logRequest (method, res, startTime, opts) { + const elapsedTime = Date.now() - startTime + const attempt = res.headers.get('x-fetch-attempts') + const attemptStr = attempt && attempt > 1 ? ` attempt #${attempt}` : '' + const cacheStr = res.headers.get('x-local-cache') ? ' (from cache)' : '' + opts.log.http( + 'fetch', + `${method.toUpperCase()} ${res.status} ${res.url} ${elapsedTime}ms${attemptStr}${cacheStr}` + ) +} + +const WARNING_REGEXP = /^\s*(\d{3})\s+(\S+)\s+"(.*)"\s+"([^"]+)"/ +const BAD_HOSTS = new LRU({ max: 50 }) + +function checkWarnings (res, registry, opts) { + if (res.headers.has('warning') && !BAD_HOSTS.has(registry)) { + const warnings = {} + res.headers.raw()['warning'].forEach(w => { + const match = w.match(WARNING_REGEXP) + if (match) { + warnings[match[1]] = { + code: match[1], + host: match[2], + message: match[3], + date: new Date(match[4]) + } + } + }) + BAD_HOSTS.set(registry, true) + if (warnings['199']) { + if (warnings['199'].message.match(/ENOTFOUND/)) { + opts.log.warn('registry', `Using stale data from ${registry} because the host is inaccessible -- are you offline?`) + } else { + opts.log.warn('registry', `Unexpected warning for ${registry}: ${warnings['199'].message}`) + } + } + if (warnings['111']) { + // 111 Revalidation failed -- we're using stale data + opts.log.warn( + 'registry', + `Using stale data from ${registry} due to a request error during revalidation.` + ) + } + } +} + +function checkErrors (method, res, startTime, opts) { + return res.buffer() + .catch(() => null) + .then(body => { + let parsed = body + try { + parsed = JSON.parse(body.toString('utf8')) + } catch (e) {} + if (res.status === 401 && res.headers.get('www-authenticate')) { + const auth = res.headers.get('www-authenticate') + .split(/,\s*/) + .map(s => s.toLowerCase()) + if (auth.indexOf('ipaddress') !== -1) { + throw new errors.HttpErrorAuthIPAddress( + method, res, parsed, opts.spec + ) + } else if (auth.indexOf('otp') !== -1) { + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorAuthUnknown( + method, res, parsed, opts.spec + ) + } + } else if (res.status === 401 && body != null && /one-time pass/.test(body.toString('utf8'))) { + // Heuristic for malformed OTP responses that don't include the www-authenticate header. + throw new errors.HttpErrorAuthOTP( + method, res, parsed, opts.spec + ) + } else { + throw new errors.HttpErrorGeneral( + method, res, parsed, opts.spec + ) + } + }) +} diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/config.js b/node_modules/pacote/node_modules/npm-registry-fetch/config.js new file mode 100644 index 000000000..1c43b26ea --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/config.js @@ -0,0 +1,96 @@ +'use strict' + +const pkg = require('./package.json') +const figgyPudding = require('figgy-pudding') +const silentLog = require('./silentlog.js') + +const AUTH_REGEX = /^(?:.*:)?(token|_authToken|username|_password|password|email|always-auth|_auth|otp)$/ +const SCOPE_REGISTRY_REGEX = /@.*:registry$/gi +module.exports = figgyPudding({ + 'agent': {}, + 'algorithms': {}, + 'body': {}, + 'ca': {}, + 'cache': {}, + 'cert': {}, + 'fetch-retries': {}, + 'fetch-retry-factor': {}, + 'fetch-retry-maxtimeout': {}, + 'fetch-retry-mintimeout': {}, + 'force-auth': {}, + forceAuth: 'force-auth', + 'gzip': {}, + 'headers': {}, + 'https-proxy': {}, + 'ignore-body': {}, + ignoreBody: 'ignore-body', + 'integrity': {}, + 'is-from-ci': 'isFromCI', + 'isFromCI': { + default () { + return ( + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ) + } + }, + 'key': {}, + 'local-address': {}, + 'log': { + default: silentLog + }, + 'map-json': 'mapJson', + 'mapJSON': 'mapJson', + 'mapJson': {}, + 'max-sockets': 'maxsockets', + 'maxsockets': { + default: 12 + }, + 'memoize': {}, + 'method': { + default: 'GET' + }, + 'no-proxy': {}, + 'noproxy': {}, + 'npm-session': 'npmSession', + 'npmSession': {}, + 'offline': {}, + 'otp': {}, + 'prefer-offline': {}, + 'prefer-online': {}, + 'projectScope': {}, + 'project-scope': 'projectScope', + 'Promise': {default: () => Promise}, + 'proxy': {}, + 'query': {}, + 'refer': {}, + 'referer': 'refer', + 'registry': { + default: 'https://registry.npmjs.org/' + }, + 'retry': {}, + 'scope': {}, + 'spec': {}, + 'strict-ssl': {}, + 'timeout': {}, + 'user-agent': { + default: `${ + pkg.name + }@${ + pkg.version + }/node@${ + process.version + }+${ + process.arch + } (${ + process.platform + })` + } +}, { + other (key) { + return key.match(AUTH_REGEX) || key.match(SCOPE_REGISTRY_REGEX) + } +}) diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/errors.js b/node_modules/pacote/node_modules/npm-registry-fetch/errors.js new file mode 100644 index 000000000..ba78735fc --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/errors.js @@ -0,0 +1,79 @@ +'use strict' + +const url = require('url') + +function packageName (href) { + try { + let basePath = url.parse(href).pathname.substr(1) + if (!basePath.match(/^-/)) { + basePath = basePath.split('/') + var index = basePath.indexOf('_rewrite') + if (index === -1) { + index = basePath.length - 1 + } else { + index++ + } + return decodeURIComponent(basePath[index]) + } + } catch (_) { + // this is ok + } +} + +class HttpErrorBase extends Error { + constructor (method, res, body, spec) { + super() + this.headers = res.headers.raw() + this.statusCode = res.status + this.code = `E${res.status}` + this.method = method + this.uri = res.url + this.body = body + this.pkgid = spec ? spec.toString() : packageName(res.url) + } +} +module.exports.HttpErrorBase = HttpErrorBase + +class HttpErrorGeneral extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = `${res.status} ${res.statusText} - ${ + this.method.toUpperCase() + } ${ + this.spec || this.uri + }${ + (body && body.error) ? ' - ' + body.error : '' + }` + Error.captureStackTrace(this, HttpErrorGeneral) + } +} +module.exports.HttpErrorGeneral = HttpErrorGeneral + +class HttpErrorAuthOTP extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'OTP required for authentication' + this.code = 'EOTP' + Error.captureStackTrace(this, HttpErrorAuthOTP) + } +} +module.exports.HttpErrorAuthOTP = HttpErrorAuthOTP + +class HttpErrorAuthIPAddress extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Login is not allowed from your IP address' + this.code = 'EAUTHIP' + Error.captureStackTrace(this, HttpErrorAuthIPAddress) + } +} +module.exports.HttpErrorAuthIPAddress = HttpErrorAuthIPAddress + +class HttpErrorAuthUnknown extends HttpErrorBase { + constructor (method, res, body, spec) { + super(method, res, body, spec) + this.message = 'Unable to authenticate, need: ' + res.headers.get('www-authenticate') + Error.captureStackTrace(this, HttpErrorAuthUnknown) + } +} +module.exports.HttpErrorAuthUnknown = HttpErrorAuthUnknown diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/index.js b/node_modules/pacote/node_modules/npm-registry-fetch/index.js new file mode 100644 index 000000000..c18487388 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/index.js @@ -0,0 +1,191 @@ +'use strict' + +const Buffer = require('safe-buffer').Buffer + +const checkResponse = require('./check-response.js') +const config = require('./config.js') +const getAuth = require('./auth.js') +const fetch = require('make-fetch-happen') +const JSONStream = require('JSONStream') +const npa = require('npm-package-arg') +const {PassThrough} = require('stream') +const qs = require('querystring') +const url = require('url') +const zlib = require('zlib') + +module.exports = regFetch +function regFetch (uri, opts) { + opts = config(opts) + const registry = ( + (opts.spec && pickRegistry(opts.spec, opts)) || + opts.registry || + 'https://registry.npmjs.org/' + ) + uri = url.parse(uri).protocol + ? uri + : `${ + registry.trim().replace(/\/?$/g, '') + }/${ + uri.trim().replace(/^\//, '') + }` + // through that takes into account the scope, the prefix of `uri`, etc + const startTime = Date.now() + const headers = getHeaders(registry, uri, opts) + let body = opts.body + const bodyIsStream = body && + typeof body === 'object' && + typeof body.pipe === 'function' + if (body && !bodyIsStream && typeof body !== 'string' && !Buffer.isBuffer(body)) { + headers['content-type'] = headers['content-type'] || 'application/json' + body = JSON.stringify(body) + } else if (body && !headers['content-type']) { + headers['content-type'] = 'application/octet-stream' + } + if (opts.gzip) { + headers['content-encoding'] = 'gzip' + if (bodyIsStream) { + const gz = zlib.createGzip() + body.on('error', err => gz.emit('error', err)) + body = body.pipe(gz) + } else { + body = new opts.Promise((resolve, reject) => { + zlib.gzip(body, (err, gz) => err ? reject(err) : resolve(gz)) + }) + } + } + if (opts.query) { + let q = opts.query + if (typeof q === 'string') { + q = qs.parse(q) + } + Object.keys(q).forEach(key => { + if (q[key] === undefined) { + delete q[key] + } + }) + if (Object.keys(q).length) { + const parsed = url.parse(uri) + parsed.search = '?' + qs.stringify( + parsed.query + ? Object.assign(qs.parse(parsed.query), q) + : q + ) + uri = url.format(parsed) + } + } + return opts.Promise.resolve(body).then(body => fetch(uri, { + agent: opts.agent, + algorithms: opts.algorithms, + body, + cache: getCacheMode(opts), + cacheManager: opts.cache, + ca: opts.ca, + cert: opts.cert, + headers, + integrity: opts.integrity, + key: opts.key, + localAddress: opts['local-address'], + maxSockets: opts.maxsockets, + memoize: opts.memoize, + method: opts.method || 'GET', + noProxy: opts['no-proxy'] || opts.noproxy, + Promise: opts.Promise, + proxy: opts['https-proxy'] || opts.proxy, + referer: opts.refer, + retry: opts.retry != null ? opts.retry : { + retries: opts['fetch-retries'], + factor: opts['fetch-retry-factor'], + minTimeout: opts['fetch-retry-mintimeout'], + maxTimeout: opts['fetch-retry-maxtimeout'] + }, + strictSSL: !!opts['strict-ssl'], + timeout: opts.timeout + }).then(res => checkResponse( + opts.method || 'GET', res, registry, startTime, opts + ))) +} + +module.exports.json = fetchJSON +function fetchJSON (uri, opts) { + return regFetch(uri, opts).then(res => res.json()) +} + +module.exports.json.stream = fetchJSONStream +function fetchJSONStream (uri, jsonPath, opts) { + opts = config(opts) + const parser = JSONStream.parse(jsonPath, opts.mapJson) + const pt = parser.pipe(new PassThrough({objectMode: true})) + parser.on('error', err => pt.emit('error', err)) + regFetch(uri, opts).then(res => { + res.body.on('error', err => parser.emit('error', err)) + res.body.pipe(parser) + }, err => pt.emit('error', err)) + return pt +} + +module.exports.pickRegistry = pickRegistry +function pickRegistry (spec, opts) { + spec = npa(spec) + opts = config(opts) + let registry = spec.scope && + opts[spec.scope.replace(/^@?/, '@') + ':registry'] + + if (!registry && opts.scope) { + registry = opts[opts.scope.replace(/^@?/, '@') + ':registry'] + } + + if (!registry) { + registry = opts.registry || 'https://registry.npmjs.org/' + } + + return registry +} + +function getCacheMode (opts) { + return opts.offline + ? 'only-if-cached' + : opts['prefer-offline'] + ? 'force-cache' + : opts['prefer-online'] + ? 'no-cache' + : 'default' +} + +function getHeaders (registry, uri, opts) { + const headers = Object.assign({ + 'npm-in-ci': !!( + opts['is-from-ci'] || + process.env['CI'] === 'true' || + process.env['TDDIUM'] || + process.env['JENKINS_URL'] || + process.env['bamboo.buildKey'] || + process.env['GO_PIPELINE_NAME'] + ), + 'npm-scope': opts['project-scope'], + 'npm-session': opts['npm-session'], + 'user-agent': opts['user-agent'], + 'referer': opts.refer + }, opts.headers) + + const auth = getAuth(registry, opts) + // If a tarball is hosted on a different place than the manifest, only send + // credentials on `alwaysAuth` + const shouldAuth = ( + auth.alwaysAuth || + url.parse(uri).host === url.parse(registry).host + ) + if (shouldAuth && auth.token) { + headers.authorization = `Bearer ${auth.token}` + } else if (shouldAuth && auth.username && auth.password) { + const encoded = Buffer.from( + `${auth.username}:${auth.password}`, 'utf8' + ).toString('base64') + headers.authorization = `Basic ${encoded}` + } else if (shouldAuth && auth._auth) { + headers.authorization = `Basic ${auth._auth}` + } + if (shouldAuth && auth.otp) { + headers['npm-otp'] = auth.otp + } + return headers +} diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/LICENSE b/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/LICENSE new file mode 100644 index 000000000..0c068ceec --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) Feross Aboukhadijeh + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/README.md b/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/README.md new file mode 100644 index 000000000..356e35193 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/README.md @@ -0,0 +1,586 @@ +# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] + +[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg +[travis-url]: https://travis-ci.org/feross/safe-buffer +[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg +[npm-url]: https://npmjs.org/package/safe-buffer +[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg +[downloads-url]: https://npmjs.org/package/safe-buffer +[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg +[standard-url]: https://standardjs.com + +#### Safer Node.js Buffer API + +**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`, +`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.** + +**Uses the built-in implementation when available.** + +## install + +``` +npm install safe-buffer +``` + +[Get supported safe-buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-safe-buffer?utm_source=npm-safe-buffer&utm_medium=referral&utm_campaign=readme) + +## usage + +The goal of this package is to provide a safe replacement for the node.js `Buffer`. + +It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to +the top of your node.js modules: + +```js +var Buffer = require('safe-buffer').Buffer + +// Existing buffer code will continue to work without issues: + +new Buffer('hey', 'utf8') +new Buffer([1, 2, 3], 'utf8') +new Buffer(obj) +new Buffer(16) // create an uninitialized buffer (potentially unsafe) + +// But you can use these new explicit APIs to make clear what you want: + +Buffer.from('hey', 'utf8') // convert from many types to a Buffer +Buffer.alloc(16) // create a zero-filled buffer (safe) +Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe) +``` + +## api + +### Class Method: Buffer.from(array) +<!-- YAML +added: v3.0.0 +--> + +* `array` {Array} + +Allocates a new `Buffer` using an `array` of octets. + +```js +const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]); + // creates a new Buffer containing ASCII bytes + // ['b','u','f','f','e','r'] +``` + +A `TypeError` will be thrown if `array` is not an `Array`. + +### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]]) +<!-- YAML +added: v5.10.0 +--> + +* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or + a `new ArrayBuffer()` +* `byteOffset` {Number} Default: `0` +* `length` {Number} Default: `arrayBuffer.length - byteOffset` + +When passed a reference to the `.buffer` property of a `TypedArray` instance, +the newly created `Buffer` will share the same allocated memory as the +TypedArray. + +```js +const arr = new Uint16Array(2); +arr[0] = 5000; +arr[1] = 4000; + +const buf = Buffer.from(arr.buffer); // shares the memory with arr; + +console.log(buf); + // Prints: <Buffer 88 13 a0 0f> + +// changing the TypedArray changes the Buffer also +arr[1] = 6000; + +console.log(buf); + // Prints: <Buffer 88 13 70 17> +``` + +The optional `byteOffset` and `length` arguments specify a memory range within +the `arrayBuffer` that will be shared by the `Buffer`. + +```js +const ab = new ArrayBuffer(10); +const buf = Buffer.from(ab, 0, 2); +console.log(buf.length); + // Prints: 2 +``` + +A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`. + +### Class Method: Buffer.from(buffer) +<!-- YAML +added: v3.0.0 +--> + +* `buffer` {Buffer} + +Copies the passed `buffer` data onto a new `Buffer` instance. + +```js +const buf1 = Buffer.from('buffer'); +const buf2 = Buffer.from(buf1); + +buf1[0] = 0x61; +console.log(buf1.toString()); + // 'auffer' +console.log(buf2.toString()); + // 'buffer' (copy is not changed) +``` + +A `TypeError` will be thrown if `buffer` is not a `Buffer`. + +### Class Method: Buffer.from(str[, encoding]) +<!-- YAML +added: v5.10.0 +--> + +* `str` {String} String to encode. +* `encoding` {String} Encoding to use, Default: `'utf8'` + +Creates a new `Buffer` containing the given JavaScript string `str`. If +provided, the `encoding` parameter identifies the character encoding. +If not provided, `encoding` defaults to `'utf8'`. + +```js +const buf1 = Buffer.from('this is a tést'); +console.log(buf1.toString()); + // prints: this is a tést +console.log(buf1.toString('ascii')); + // prints: this is a tC)st + +const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex'); +console.log(buf2.toString()); + // prints: this is a tést +``` + +A `TypeError` will be thrown if `str` is not a string. + +### Class Method: Buffer.alloc(size[, fill[, encoding]]) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} +* `fill` {Value} Default: `undefined` +* `encoding` {String} Default: `utf8` + +Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the +`Buffer` will be *zero-filled*. + +```js +const buf = Buffer.alloc(5); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +The `size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +If `fill` is specified, the allocated `Buffer` will be initialized by calling +`buf.fill(fill)`. See [`buf.fill()`][] for more information. + +```js +const buf = Buffer.alloc(5, 'a'); +console.log(buf); + // <Buffer 61 61 61 61 61> +``` + +If both `fill` and `encoding` are specified, the allocated `Buffer` will be +initialized by calling `buf.fill(fill, encoding)`. For example: + +```js +const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64'); +console.log(buf); + // <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64> +``` + +Calling `Buffer.alloc(size)` can be significantly slower than the alternative +`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance +contents will *never contain sensitive data*. + +A `TypeError` will be thrown if `size` is not a number. + +### Class Method: Buffer.allocUnsafe(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* `Buffer` of `size` bytes. The `size` must +be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit +architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is +thrown. A zero-length Buffer will be created if a `size` less than or equal to +0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +```js +const buf = Buffer.allocUnsafe(5); +console.log(buf); + // <Buffer 78 e0 82 02 01> + // (octets will be different, every time) +buf.fill(0); +console.log(buf); + // <Buffer 00 00 00 00 00> +``` + +A `TypeError` will be thrown if `size` is not a number. + +Note that the `Buffer` module pre-allocates an internal `Buffer` instance of +size `Buffer.poolSize` that is used as a pool for the fast allocation of new +`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated +`new Buffer(size)` constructor) only when `size` is less than or equal to +`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default +value of `Buffer.poolSize` is `8192` but can be modified. + +Use of this pre-allocated internal memory pool is a key difference between +calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`. +Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer +pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal +Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The +difference is subtle but can be important when an application requires the +additional performance that `Buffer.allocUnsafe(size)` provides. + +### Class Method: Buffer.allocUnsafeSlow(size) +<!-- YAML +added: v5.10.0 +--> + +* `size` {Number} + +Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes. The +`size` must be less than or equal to the value of +`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is +`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will +be created if a `size` less than or equal to 0 is specified. + +The underlying memory for `Buffer` instances created in this way is *not +initialized*. The contents of the newly created `Buffer` are unknown and +*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such +`Buffer` instances to zeroes. + +When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances, +allocations under 4KB are, by default, sliced from a single pre-allocated +`Buffer`. This allows applications to avoid the garbage collection overhead of +creating many individually allocated Buffers. This approach improves both +performance and memory usage by eliminating the need to track and cleanup as +many `Persistent` objects. + +However, in the case where a developer may need to retain a small chunk of +memory from a pool for an indeterminate amount of time, it may be appropriate +to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then +copy out the relevant bits. + +```js +// need to keep around a few small chunks of memory +const store = []; + +socket.on('readable', () => { + const data = socket.read(); + // allocate for retained data + const sb = Buffer.allocUnsafeSlow(10); + // copy the data into the new allocation + data.copy(sb, 0, 0, 10); + store.push(sb); +}); +``` + +Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after* +a developer has observed undue memory retention in their applications. + +A `TypeError` will be thrown if `size` is not a number. + +### All the Rest + +The rest of the `Buffer` API is exactly the same as in node.js. +[See the docs](https://nodejs.org/api/buffer.html). + + +## Related links + +- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660) +- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4) + +## Why is `Buffer` unsafe? + +Today, the node.js `Buffer` constructor is overloaded to handle many different argument +types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.), +`ArrayBuffer`, and also `Number`. + +The API is optimized for convenience: you can throw any type at it, and it will try to do +what you want. + +Because the Buffer constructor is so powerful, you often see code like this: + +```js +// Convert UTF-8 strings to hex +function toHex (str) { + return new Buffer(str).toString('hex') +} +``` + +***But what happens if `toHex` is called with a `Number` argument?*** + +### Remote Memory Disclosure + +If an attacker can make your program call the `Buffer` constructor with a `Number` +argument, then they can make it allocate uninitialized memory from the node.js process. +This could potentially disclose TLS private keys, user data, or database passwords. + +When the `Buffer` constructor is passed a `Number` argument, it returns an +**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like +this, you **MUST** overwrite the contents before returning it to the user. + +From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size): + +> `new Buffer(size)` +> +> - `size` Number +> +> The underlying memory for `Buffer` instances created in this way is not initialized. +> **The contents of a newly created `Buffer` are unknown and could contain sensitive +> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes. + +(Emphasis our own.) + +Whenever the programmer intended to create an uninitialized `Buffer` you often see code +like this: + +```js +var buf = new Buffer(16) + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### Would this ever be a problem in real code? + +Yes. It's surprisingly common to forget to check the type of your variables in a +dynamically-typed language like JavaScript. + +Usually the consequences of assuming the wrong type is that your program crashes with an +uncaught exception. But the failure mode for forgetting to check the type of arguments to +the `Buffer` constructor is more catastrophic. + +Here's an example of a vulnerable service that takes a JSON payload and converts it to +hex: + +```js +// Take a JSON payload {str: "some string"} and convert it to hex +var server = http.createServer(function (req, res) { + var data = '' + req.setEncoding('utf8') + req.on('data', function (chunk) { + data += chunk + }) + req.on('end', function () { + var body = JSON.parse(data) + res.end(new Buffer(body.str).toString('hex')) + }) +}) + +server.listen(8080) +``` + +In this example, an http client just has to send: + +```json +{ + "str": 1000 +} +``` + +and it will get back 1,000 bytes of uninitialized memory from the server. + +This is a very serious bug. It's similar in severity to the +[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process +memory by remote attackers. + + +### Which real-world packages were vulnerable? + +#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht) + +[Mathias Buus](https://github.com/mafintosh) and I +([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages, +[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow +anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get +them to reveal 20 bytes at a time of uninitialized memory from the node.js process. + +Here's +[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8) +that fixed it. We released a new fixed version, created a +[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all +vulnerable versions on npm so users will get a warning to upgrade to a newer version. + +#### [`ws`](https://www.npmjs.com/package/ws) + +That got us wondering if there were other vulnerable packages. Sure enough, within a short +period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the +most popular WebSocket implementation in node.js. + +If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as +expected, then uninitialized server memory would be disclosed to the remote peer. + +These were the vulnerable methods: + +```js +socket.send(number) +socket.ping(number) +socket.pong(number) +``` + +Here's a vulnerable socket server with some echo functionality: + +```js +server.on('connection', function (socket) { + socket.on('message', function (message) { + message = JSON.parse(message) + if (message.type === 'echo') { + socket.send(message.data) // send back the user's message + } + }) +}) +``` + +`socket.send(number)` called on the server, will disclose server memory. + +Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue +was fixed, with a more detailed explanation. Props to +[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the +[Node Security Project disclosure](https://nodesecurity.io/advisories/67). + + +### What's the solution? + +It's important that node.js offers a fast way to get memory otherwise performance-critical +applications would needlessly get a lot slower. + +But we need a better way to *signal our intent* as programmers. **When we want +uninitialized memory, we should request it explicitly.** + +Sensitive functionality should not be packed into a developer-friendly API that loosely +accepts many different types. This type of API encourages the lazy practice of passing +variables in without checking the type very carefully. + +#### A new API: `Buffer.allocUnsafe(number)` + +The functionality of creating buffers with uninitialized memory should be part of another +API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that +frequently gets user input of all sorts of different types passed into it. + +```js +var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory! + +// Immediately overwrite the uninitialized buffer with data from another buffer +for (var i = 0; i < buf.length; i++) { + buf[i] = otherBuf[i] +} +``` + + +### How do we fix node.js core? + +We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as +`semver-major`) which defends against one case: + +```js +var str = 16 +new Buffer(str, 'utf8') +``` + +In this situation, it's implied that the programmer intended the first argument to be a +string, since they passed an encoding as a second argument. Today, node.js will allocate +uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not +what the programmer intended. + +But this is only a partial solution, since if the programmer does `new Buffer(variable)` +(without an `encoding` parameter) there's no way to know what they intended. If `variable` +is sometimes a number, then uninitialized memory will sometimes be returned. + +### What's the real long-term fix? + +We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when +we need uninitialized memory. But that would break 1000s of packages. + +~~We believe the best solution is to:~~ + +~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~ + +~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~ + +#### Update + +We now support adding three new APIs: + +- `Buffer.from(value)` - convert from any type to a buffer +- `Buffer.alloc(size)` - create a zero-filled buffer +- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size + +This solves the core problem that affected `ws` and `bittorrent-dht` which is +`Buffer(variable)` getting tricked into taking a number argument. + +This way, existing code continues working and the impact on the npm ecosystem will be +minimal. Over time, npm maintainers can migrate performance-critical code to use +`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`. + + +### Conclusion + +We think there's a serious design issue with the `Buffer` API as it exists today. It +promotes insecure software by putting high-risk functionality into a convenient API +with friendly "developer ergonomics". + +This wasn't merely a theoretical exercise because we found the issue in some of the +most popular npm packages. + +Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of +`buffer`. + +```js +var Buffer = require('safe-buffer').Buffer +``` + +Eventually, we hope that node.js core can switch to this new, safer behavior. We believe +the impact on the ecosystem would be minimal since it's not a breaking change. +Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while +older, insecure packages would magically become safe from this attack vector. + + +## links + +- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514) +- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67) +- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68) + + +## credit + +The original issues in `bittorrent-dht` +([disclosure](https://nodesecurity.io/advisories/68)) and +`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by +[Mathias Buus](https://github.com/mafintosh) and +[Feross Aboukhadijeh](http://feross.org/). + +Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues +and for his work running the [Node Security Project](https://nodesecurity.io/). + +Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and +auditing the code. + + +## license + +MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org) diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/index.d.ts b/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/index.d.ts new file mode 100644 index 000000000..e9fed809a --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/index.d.ts @@ -0,0 +1,187 @@ +declare module "safe-buffer" { + export class Buffer { + length: number + write(string: string, offset?: number, length?: number, encoding?: string): number; + toString(encoding?: string, start?: number, end?: number): string; + toJSON(): { type: 'Buffer', data: any[] }; + equals(otherBuffer: Buffer): boolean; + compare(otherBuffer: Buffer, targetStart?: number, targetEnd?: number, sourceStart?: number, sourceEnd?: number): number; + copy(targetBuffer: Buffer, targetStart?: number, sourceStart?: number, sourceEnd?: number): number; + slice(start?: number, end?: number): Buffer; + writeUIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeUIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + writeIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number; + readUIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readUIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntLE(offset: number, byteLength: number, noAssert?: boolean): number; + readIntBE(offset: number, byteLength: number, noAssert?: boolean): number; + readUInt8(offset: number, noAssert?: boolean): number; + readUInt16LE(offset: number, noAssert?: boolean): number; + readUInt16BE(offset: number, noAssert?: boolean): number; + readUInt32LE(offset: number, noAssert?: boolean): number; + readUInt32BE(offset: number, noAssert?: boolean): number; + readInt8(offset: number, noAssert?: boolean): number; + readInt16LE(offset: number, noAssert?: boolean): number; + readInt16BE(offset: number, noAssert?: boolean): number; + readInt32LE(offset: number, noAssert?: boolean): number; + readInt32BE(offset: number, noAssert?: boolean): number; + readFloatLE(offset: number, noAssert?: boolean): number; + readFloatBE(offset: number, noAssert?: boolean): number; + readDoubleLE(offset: number, noAssert?: boolean): number; + readDoubleBE(offset: number, noAssert?: boolean): number; + swap16(): Buffer; + swap32(): Buffer; + swap64(): Buffer; + writeUInt8(value: number, offset: number, noAssert?: boolean): number; + writeUInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeUInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeInt8(value: number, offset: number, noAssert?: boolean): number; + writeInt16LE(value: number, offset: number, noAssert?: boolean): number; + writeInt16BE(value: number, offset: number, noAssert?: boolean): number; + writeInt32LE(value: number, offset: number, noAssert?: boolean): number; + writeInt32BE(value: number, offset: number, noAssert?: boolean): number; + writeFloatLE(value: number, offset: number, noAssert?: boolean): number; + writeFloatBE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleLE(value: number, offset: number, noAssert?: boolean): number; + writeDoubleBE(value: number, offset: number, noAssert?: boolean): number; + fill(value: any, offset?: number, end?: number): this; + indexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + lastIndexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number; + includes(value: string | number | Buffer, byteOffset?: number, encoding?: string): boolean; + + /** + * Allocates a new buffer containing the given {str}. + * + * @param str String to store in buffer. + * @param encoding encoding to use, optional. Default is 'utf8' + */ + constructor (str: string, encoding?: string); + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + */ + constructor (size: number); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: Uint8Array); + /** + * Produces a Buffer backed by the same allocated memory as + * the given {ArrayBuffer}. + * + * + * @param arrayBuffer The ArrayBuffer with which to share memory. + */ + constructor (arrayBuffer: ArrayBuffer); + /** + * Allocates a new buffer containing the given {array} of octets. + * + * @param array The octets to store. + */ + constructor (array: any[]); + /** + * Copies the passed {buffer} data onto a new {Buffer} instance. + * + * @param buffer The buffer to copy. + */ + constructor (buffer: Buffer); + prototype: Buffer; + /** + * Allocates a new Buffer using an {array} of octets. + * + * @param array + */ + static from(array: any[]): Buffer; + /** + * When passed a reference to the .buffer property of a TypedArray instance, + * the newly created Buffer will share the same allocated memory as the TypedArray. + * The optional {byteOffset} and {length} arguments specify a memory range + * within the {arrayBuffer} that will be shared by the Buffer. + * + * @param arrayBuffer The .buffer property of a TypedArray or a new ArrayBuffer() + * @param byteOffset + * @param length + */ + static from(arrayBuffer: ArrayBuffer, byteOffset?: number, length?: number): Buffer; + /** + * Copies the passed {buffer} data onto a new Buffer instance. + * + * @param buffer + */ + static from(buffer: Buffer): Buffer; + /** + * Creates a new Buffer containing the given JavaScript string {str}. + * If provided, the {encoding} parameter identifies the character encoding. + * If not provided, {encoding} defaults to 'utf8'. + * + * @param str + */ + static from(str: string, encoding?: string): Buffer; + /** + * Returns true if {obj} is a Buffer + * + * @param obj object to test. + */ + static isBuffer(obj: any): obj is Buffer; + /** + * Returns true if {encoding} is a valid encoding argument. + * Valid string encodings in Node 0.12: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'binary'(deprecated)|'hex' + * + * @param encoding string to test. + */ + static isEncoding(encoding: string): boolean; + /** + * Gives the actual byte length of a string. encoding defaults to 'utf8'. + * This is not the same as String.prototype.length since that returns the number of characters in a string. + * + * @param string string to test. + * @param encoding encoding used to evaluate (defaults to 'utf8') + */ + static byteLength(string: string, encoding?: string): number; + /** + * Returns a buffer which is the result of concatenating all the buffers in the list together. + * + * If the list has no items, or if the totalLength is 0, then it returns a zero-length buffer. + * If the list has exactly one item, then the first item of the list is returned. + * If the list has more than one item, then a new Buffer is created. + * + * @param list An array of Buffer objects to concatenate + * @param totalLength Total length of the buffers when concatenated. + * If totalLength is not provided, it is read from the buffers in the list. However, this adds an additional loop to the function, so it is faster to provide the length explicitly. + */ + static concat(list: Buffer[], totalLength?: number): Buffer; + /** + * The same as buf1.compare(buf2). + */ + static compare(buf1: Buffer, buf2: Buffer): number; + /** + * Allocates a new buffer of {size} octets. + * + * @param size count of octets to allocate. + * @param fill if specified, buffer will be initialized by calling buf.fill(fill). + * If parameter is omitted, buffer will be filled with zeros. + * @param encoding encoding used for call to buf.fill while initalizing + */ + static alloc(size: number, fill?: string | Buffer | number, encoding?: string): Buffer; + /** + * Allocates a new buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafe(size: number): Buffer; + /** + * Allocates a new non-pooled buffer of {size} octets, leaving memory not initialized, so the contents + * of the newly created Buffer are unknown and may contain sensitive data. + * + * @param size count of octets to allocate + */ + static allocUnsafeSlow(size: number): Buffer; + } +}
\ No newline at end of file diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/index.js b/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/index.js new file mode 100644 index 000000000..054c8d30d --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/index.js @@ -0,0 +1,64 @@ +/* eslint-disable node/no-deprecated-api */ +var buffer = require('buffer') +var Buffer = buffer.Buffer + +// alternative to using Object.keys for old browsers +function copyProps (src, dst) { + for (var key in src) { + dst[key] = src[key] + } +} +if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) { + module.exports = buffer +} else { + // Copy properties from require('buffer') + copyProps(buffer, exports) + exports.Buffer = SafeBuffer +} + +function SafeBuffer (arg, encodingOrOffset, length) { + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.prototype = Object.create(Buffer.prototype) + +// Copy static methods from Buffer +copyProps(Buffer, SafeBuffer) + +SafeBuffer.from = function (arg, encodingOrOffset, length) { + if (typeof arg === 'number') { + throw new TypeError('Argument must not be a number') + } + return Buffer(arg, encodingOrOffset, length) +} + +SafeBuffer.alloc = function (size, fill, encoding) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + var buf = Buffer(size) + if (fill !== undefined) { + if (typeof encoding === 'string') { + buf.fill(fill, encoding) + } else { + buf.fill(fill) + } + } else { + buf.fill(0) + } + return buf +} + +SafeBuffer.allocUnsafe = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return Buffer(size) +} + +SafeBuffer.allocUnsafeSlow = function (size) { + if (typeof size !== 'number') { + throw new TypeError('Argument must be a number') + } + return buffer.SlowBuffer(size) +} diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/package.json b/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/package.json new file mode 100644 index 000000000..5f40b4432 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/node_modules/safe-buffer/package.json @@ -0,0 +1,62 @@ +{ + "_from": "safe-buffer@^5.2.0", + "_id": "safe-buffer@5.2.0", + "_inBundle": false, + "_integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==", + "_location": "/pacote/npm-registry-fetch/safe-buffer", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "safe-buffer@^5.2.0", + "name": "safe-buffer", + "escapedName": "safe-buffer", + "rawSpec": "^5.2.0", + "saveSpec": null, + "fetchSpec": "^5.2.0" + }, + "_requiredBy": [ + "/pacote/npm-registry-fetch" + ], + "_resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "_shasum": "b74daec49b1148f88c64b68d49b1e815c1f2f519", + "_spec": "safe-buffer@^5.2.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/pacote/node_modules/npm-registry-fetch", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/safe-buffer/issues" + }, + "bundleDependencies": false, + "deprecated": false, + "description": "Safer Node.js Buffer API", + "devDependencies": { + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/safe-buffer", + "keywords": [ + "buffer", + "buffer allocate", + "node security", + "safe", + "safe-buffer", + "security", + "uninitialized" + ], + "license": "MIT", + "main": "index.js", + "name": "safe-buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/safe-buffer.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "types": "index.d.ts", + "version": "5.2.0" +} diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/package.json b/node_modules/pacote/node_modules/npm-registry-fetch/package.json new file mode 100644 index 000000000..e01daa82e --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/package.json @@ -0,0 +1,93 @@ +{ + "_from": "npm-registry-fetch@^4.0.0", + "_id": "npm-registry-fetch@4.0.2", + "_inBundle": false, + "_integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "_location": "/pacote/npm-registry-fetch", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "npm-registry-fetch@^4.0.0", + "name": "npm-registry-fetch", + "escapedName": "npm-registry-fetch", + "rawSpec": "^4.0.0", + "saveSpec": null, + "fetchSpec": "^4.0.0" + }, + "_requiredBy": [ + "/pacote" + ], + "_resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "_shasum": "2b1434f93ccbe6b6385f8e45f45db93e16921d7a", + "_spec": "npm-registry-fetch@^4.0.0", + "_where": "/Users/mperrotte/npminc/cli/node_modules/pacote", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bugs": { + "url": "https://github.com/npm/registry-fetch/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + }, + "deprecated": false, + "description": "Fetch-based http client for use with npm registry APIs", + "devDependencies": { + "cacache": "^12.0.0", + "get-stream": "^4.0.0", + "mkdirp": "^0.5.1", + "nock": "^9.4.3", + "npmlog": "^4.1.2", + "rimraf": "^2.6.2", + "ssri": "^6.0.0", + "standard": "^11.0.1", + "standard-version": "^4.4.0", + "tap": "^12.0.1", + "weallbehave": "^1.2.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js", + "lib" + ], + "homepage": "https://github.com/npm/registry-fetch#readme", + "keywords": [ + "npm", + "registry", + "fetch" + ], + "license": "ISC", + "main": "index.js", + "name": "npm-registry-fetch", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/registry-fetch.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.0.2" +} diff --git a/node_modules/pacote/node_modules/npm-registry-fetch/silentlog.js b/node_modules/pacote/node_modules/npm-registry-fetch/silentlog.js new file mode 100644 index 000000000..886c5d55b --- /dev/null +++ b/node_modules/pacote/node_modules/npm-registry-fetch/silentlog.js @@ -0,0 +1,14 @@ +'use strict' + +const noop = Function.prototype +module.exports = { + error: noop, + warn: noop, + notice: noop, + info: noop, + verbose: noop, + silly: noop, + http: noop, + pause: noop, + resume: noop +} diff --git a/node_modules/parallel-transform/node_modules/readable-stream/CONTRIBUTING.md b/node_modules/parallel-transform/node_modules/readable-stream/CONTRIBUTING.md new file mode 100644 index 000000000..f478d58dc --- /dev/null +++ b/node_modules/parallel-transform/node_modules/readable-stream/CONTRIBUTING.md @@ -0,0 +1,38 @@ +# Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. + +## Moderation Policy + +The [Node.js Moderation Policy] applies to this WG. + +## Code of Conduct + +The [Node.js Code of Conduct][] applies to this WG. + +[Node.js Code of Conduct]: +https://github.com/nodejs/node/blob/master/CODE_OF_CONDUCT.md +[Node.js Moderation Policy]: +https://github.com/nodejs/TSC/blob/master/Moderation-Policy.md diff --git a/node_modules/rc/node_modules/minimist/example/parse.js b/node_modules/rc/node_modules/minimist/example/parse.js index f7c8d4980..abff3e8ee 100644 --- a/node_modules/rc/node_modules/minimist/example/parse.js +++ b/node_modules/rc/node_modules/minimist/example/parse.js @@ -1,2 +1,2 @@ var argv = require('../')(process.argv.slice(2)); -console.log(argv); +console.dir(argv); diff --git a/node_modules/rc/node_modules/minimist/index.js b/node_modules/rc/node_modules/minimist/index.js index d2afe5e4d..6a0559d58 100644 --- a/node_modules/rc/node_modules/minimist/index.js +++ b/node_modules/rc/node_modules/minimist/index.js @@ -68,21 +68,12 @@ module.exports = function (args, opts) { function setKey (obj, keys, value) { var o = obj; - for (var i = 0; i < keys.length-1; i++) { - var key = keys[i]; - if (key === '__proto__') return; + keys.slice(0,-1).forEach(function (key) { if (o[key] === undefined) o[key] = {}; - if (o[key] === Object.prototype || o[key] === Number.prototype - || o[key] === String.prototype) o[key] = {}; - if (o[key] === Array.prototype) o[key] = []; o = o[key]; - } + }); var key = keys[keys.length - 1]; - if (key === '__proto__') return; - if (o === Object.prototype || o === Number.prototype - || o === String.prototype) o = {}; - if (o === Array.prototype) o = []; if (o[key] === undefined || flags.bools[key] || typeof o[key] === 'boolean') { o[key] = value; } @@ -180,7 +171,7 @@ module.exports = function (args, opts) { setArg(key, args[i+1], arg); i++; } - else if (args[i+1] && /^(true|false)$/.test(args[i+1])) { + else if (args[i+1] && /true|false/.test(args[i+1])) { setArg(key, args[i+1] === 'true', arg); i++; } diff --git a/node_modules/rc/node_modules/minimist/package.json b/node_modules/rc/node_modules/minimist/package.json index 86e9c8ee2..e22b6fc47 100644 --- a/node_modules/rc/node_modules/minimist/package.json +++ b/node_modules/rc/node_modules/minimist/package.json @@ -1,8 +1,8 @@ { "_from": "minimist@^1.2.0", - "_id": "minimist@1.2.5", + "_id": "minimist@1.2.0", "_inBundle": false, - "_integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", + "_integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=", "_location": "/rc/minimist", "_phantomChildren": {}, "_requested": { @@ -18,10 +18,10 @@ "_requiredBy": [ "/rc" ], - "_resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "_shasum": "67d66014b66a6a8aaa0c083c5fd58df4e4e97602", + "_resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz", + "_shasum": "a35008b20f41383eec1fb914f4cd5df79a264284", "_spec": "minimist@^1.2.0", - "_where": "/Users/ruyadorno/Documents/workspace/cli/node_modules/rc", + "_where": "/Users/rebecca/code/npm/node_modules/rc", "author": { "name": "James Halliday", "email": "mail@substack.net", @@ -69,5 +69,5 @@ "opera/12" ] }, - "version": "1.2.5" + "version": "1.2.0" } diff --git a/node_modules/rc/node_modules/minimist/readme.markdown b/node_modules/rc/node_modules/minimist/readme.markdown index 5fd97ab11..30a74cf8c 100644 --- a/node_modules/rc/node_modules/minimist/readme.markdown +++ b/node_modules/rc/node_modules/minimist/readme.markdown @@ -5,11 +5,15 @@ parse argument options This module is the guts of optimist's argument parser without all the fanciful decoration. +[](http://ci.testling.com/substack/minimist) + +[](http://travis-ci.org/substack/minimist) + # example ``` js var argv = require('minimist')(process.argv.slice(2)); -console.log(argv); +console.dir(argv); ``` ``` @@ -29,13 +33,6 @@ $ node example/parse.js -x 3 -y 4 -n5 -abc --beep=boop foo bar baz beep: 'boop' } ``` -# security - -Previous versions had a prototype pollution bug that could cause privilege -escalation in some circumstances when handling untrusted user input. - -Please use version 1.2.3 or later: https://snyk.io/vuln/SNYK-JS-MINIMIST-559764 - # methods ``` js @@ -68,20 +65,19 @@ argument names to use as aliases first non-option * `opts['--']` - when true, populate `argv._` with everything before the `--` and `argv['--']` with everything after the `--`. Here's an example: - - ``` - > require('./')('one two three -- four five --six'.split(' '), { '--': true }) - { _: [ 'one', 'two', 'three' ], - '--': [ 'four', 'five', '--six' ] } - ``` - - Note that with `opts['--']` set, parsing for arguments still stops after the - `--`. - * `opts.unknown` - a function which is invoked with a command line parameter not defined in the `opts` configuration object. If the function returns `false`, the unknown option is not added to `argv`. +``` +> require('./')('one two three -- four five --six'.split(' '), { '--': true }) +{ _: [ 'one', 'two', 'three' ], + '--': [ 'four', 'five', '--six' ] } +``` + +Note that with `opts['--']` set, parsing for arguments still stops after the +`--`. + # install With [npm](https://npmjs.org) do: diff --git a/node_modules/rc/node_modules/minimist/test/bool.js b/node_modules/rc/node_modules/minimist/test/bool.js index 5f7dbde16..14b0717ce 100644 --- a/node_modules/rc/node_modules/minimist/test/bool.js +++ b/node_modules/rc/node_modules/minimist/test/bool.js @@ -164,15 +164,3 @@ test('boolean --boool=false', function (t) { t.same(parsed.boool, false); t.end(); }); - -test('boolean using something similar to true', function (t) { - var opts = { boolean: 'h' }; - var result = parse(['-h', 'true.txt'], opts); - var expected = { - h: true, - '_': ['true.txt'] - }; - - t.same(result, expected); - t.end(); -});
\ No newline at end of file diff --git a/node_modules/rc/package.json b/node_modules/rc/package.json index db6599e66..ba78e395b 100644 --- a/node_modules/rc/package.json +++ b/node_modules/rc/package.json @@ -1,8 +1,8 @@ { "_from": "rc@^1.1.6", - "_id": "rc@1.2.8", + "_id": "rc@1.2.7", "_inBundle": false, - "_integrity": "sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==", + "_integrity": "sha512-LdLD8xD4zzLsAT5xyushXDNscEjB7+2ulnl8+r1pnESlYtlJtVSoCMBGr30eDRJ3+2Gq89jK9P9e4tCEH1+ywA==", "_location": "/rc", "_phantomChildren": {}, "_requested": { @@ -19,17 +19,17 @@ "/registry-auth-token", "/registry-url" ], - "_resolved": "https://registry.npmjs.org/rc/-/rc-1.2.8.tgz", - "_shasum": "cd924bf5200a075b83c188cd6b9e211b7fc0d3ed", + "_resolved": "https://registry.npmjs.org/rc/-/rc-1.2.7.tgz", + "_shasum": "8a10ca30d588d00464360372b890d06dacd02297", "_spec": "rc@^1.1.6", - "_where": "/Users/ruyadorno/Documents/workspace/cli/node_modules/registry-auth-token", + "_where": "/Users/rebecca/code/npm/node_modules/registry-auth-token", "author": { "name": "Dominic Tarr", "email": "dominic.tarr@gmail.com", "url": "dominictarr.com" }, "bin": { - "rc": "cli.js" + "rc": "./cli.js" }, "browser": "browser.js", "bugs": { @@ -37,7 +37,7 @@ }, "bundleDependencies": false, "dependencies": { - "deep-extend": "^0.6.0", + "deep-extend": "^0.5.1", "ini": "~1.3.0", "minimist": "^1.2.0", "strip-json-comments": "~2.0.1" @@ -61,5 +61,5 @@ "scripts": { "test": "set -e; node test/test.js; node test/ini.js; node test/nested-env-vars.js" }, - "version": "1.2.8" + "version": "1.2.7" } diff --git a/node_modules/readable-stream/CONTRIBUTING.md b/node_modules/readable-stream/CONTRIBUTING.md new file mode 100644 index 000000000..f478d58dc --- /dev/null +++ b/node_modules/readable-stream/CONTRIBUTING.md @@ -0,0 +1,38 @@ +# Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. + +## Moderation Policy + +The [Node.js Moderation Policy] applies to this WG. + +## Code of Conduct + +The [Node.js Code of Conduct][] applies to this WG. + +[Node.js Code of Conduct]: +https://github.com/nodejs/node/blob/master/CODE_OF_CONDUCT.md +[Node.js Moderation Policy]: +https://github.com/nodejs/TSC/blob/master/Moderation-Policy.md diff --git a/node_modules/readable-stream/README.md b/node_modules/readable-stream/README.md index 6f035ab16..28ccae161 100644 --- a/node_modules/readable-stream/README.md +++ b/node_modules/readable-stream/README.md @@ -15,7 +15,7 @@ npm install --save readable-stream This package is a mirror of the streams implementations in Node.js. -Full documentation may be found on the [Node.js website](https://nodejs.org/dist/v10.19.0/docs/api/stream.html). +Full documentation may be found on the [Node.js website](https://nodejs.org/dist/v10.15.3/docs/api/stream.html). If you want to guarantee a stable streams base, regardless of what version of Node you, or the users of your libraries are using, use **readable-stream** *only* and avoid the *"stream"* module in Node-core, for background see [this blogpost](http://r.va.gg/2014/06/why-i-dont-use-nodes-core-stream-module.html). @@ -24,7 +24,10 @@ As of version 2.0.0 **readable-stream** uses semantic versioning. ## Version 3.x.x -v3.x.x of `readable-stream` is a cut from Node 10. This version supports Node 6, 8, and 10, as well as evergreen browsers, IE 11 and latest Safari. The breaking changes introduced by v3 are composed by the combined breaking changes in [Node v9](https://nodejs.org/en/blog/release/v9.0.0/) and [Node v10](https://nodejs.org/en/blog/release/v10.0.0/), as follows: +v3.x.x of `readable-stream` supports Node 6, 8, and 10, as well as +evergreen browsers, IE 11 and latest Safari. The breaking changes +introduced by v3 are composed by the combined breaking changes in [Node v9](https://nodejs.org/en/blog/release/v9.0.0/) +and [Node v10](https://nodejs.org/en/blog/release/v10.0.0/), as follows: 1. Error codes: https://github.com/nodejs/node/pull/13310, https://github.com/nodejs/node/pull/13291, @@ -48,7 +51,9 @@ v3.x.x of `readable-stream` is a cut from Node 10. This version supports Node 6, https://github.com/nodejs/node/pull/17979 ## Version 2.x.x -v2.x.x of `readable-stream` is a cut of the stream module from Node 8 (there have been no semver-major changes from Node 4 to 8). This version supports all Node.js versions from 0.8, as well as evergreen browsers and IE 10 & 11. + +v2.x.x of `readable-stream` supports all Node.js version from 0.8, as well as +evergreen browsers and IE 10 & 11. ### Big Thanks diff --git a/node_modules/readable-stream/lib/_stream_readable.js b/node_modules/readable-stream/lib/_stream_readable.js index 192d45148..33f478d7e 100644 --- a/node_modules/readable-stream/lib/_stream_readable.js +++ b/node_modules/readable-stream/lib/_stream_readable.js @@ -80,16 +80,17 @@ var _require$codes = require('../errors').codes, ERR_INVALID_ARG_TYPE = _require$codes.ERR_INVALID_ARG_TYPE, ERR_STREAM_PUSH_AFTER_EOF = _require$codes.ERR_STREAM_PUSH_AFTER_EOF, ERR_METHOD_NOT_IMPLEMENTED = _require$codes.ERR_METHOD_NOT_IMPLEMENTED, - ERR_STREAM_UNSHIFT_AFTER_END_EVENT = _require$codes.ERR_STREAM_UNSHIFT_AFTER_END_EVENT; // Lazy loaded to improve the startup performance. + ERR_STREAM_UNSHIFT_AFTER_END_EVENT = _require$codes.ERR_STREAM_UNSHIFT_AFTER_END_EVENT; + +var _require2 = require('../experimentalWarning'), + emitExperimentalWarning = _require2.emitExperimentalWarning; // Lazy loaded to improve the startup performance. var StringDecoder; var createReadableStreamAsyncIterator; -var from; require('inherits')(Readable, Stream); -var errorOrDestroy = destroyImpl.errorOrDestroy; var kProxyEvents = ['error', 'close', 'destroy', 'pause', 'resume']; function prependListener(emitter, event, fn) { @@ -143,9 +144,7 @@ function ReadableState(options, stream, isDuplex) { this.resumeScheduled = false; this.paused = true; // Should close be emitted on destroy. Defaults to true. - this.emitClose = options.emitClose !== false; // Should .destroy() be called after 'end' (and potentially 'finish') - - this.autoDestroy = !!options.autoDestroy; // has it been destroyed + this.emitClose = options.emitClose !== false; // has it been destroyed this.destroyed = false; // Crypto is kind of old and crusty. Historically, its default string // encoding is 'binary' so we have to make this configurable. @@ -258,16 +257,16 @@ function readableAddChunk(stream, chunk, encoding, addToFront, skipChunkCheck) { if (!skipChunkCheck) er = chunkInvalid(state, chunk); if (er) { - errorOrDestroy(stream, er); + stream.emit('error', er); } else if (state.objectMode || chunk && chunk.length > 0) { if (typeof chunk !== 'string' && !state.objectMode && Object.getPrototypeOf(chunk) !== Buffer.prototype) { chunk = _uint8ArrayToBuffer(chunk); } if (addToFront) { - if (state.endEmitted) errorOrDestroy(stream, new ERR_STREAM_UNSHIFT_AFTER_END_EVENT());else addChunk(stream, state, chunk, true); + if (state.endEmitted) stream.emit('error', new ERR_STREAM_UNSHIFT_AFTER_END_EVENT());else addChunk(stream, state, chunk, true); } else if (state.ended) { - errorOrDestroy(stream, new ERR_STREAM_PUSH_AFTER_EOF()); + stream.emit('error', new ERR_STREAM_PUSH_AFTER_EOF()); } else if (state.destroyed) { return false; } else { @@ -323,32 +322,17 @@ Readable.prototype.isPaused = function () { Readable.prototype.setEncoding = function (enc) { if (!StringDecoder) StringDecoder = require('string_decoder/').StringDecoder; - var decoder = new StringDecoder(enc); - this._readableState.decoder = decoder; // If setEncoding(null), decoder.encoding equals utf8 - - this._readableState.encoding = this._readableState.decoder.encoding; // Iterate over current buffer to convert already stored Buffers: - - var p = this._readableState.buffer.head; - var content = ''; - - while (p !== null) { - content += decoder.write(p.data); - p = p.next; - } - - this._readableState.buffer.clear(); + this._readableState.decoder = new StringDecoder(enc); // if setEncoding(null), decoder.encoding equals utf8 - if (content !== '') this._readableState.buffer.push(content); - this._readableState.length = content.length; + this._readableState.encoding = this._readableState.decoder.encoding; return this; -}; // Don't raise the hwm > 1GB +}; // Don't raise the hwm > 8MB -var MAX_HWM = 0x40000000; +var MAX_HWM = 0x800000; function computeNewHighWaterMark(n) { if (n >= MAX_HWM) { - // TODO(ronag): Throw ERR_VALUE_OUT_OF_RANGE. n = MAX_HWM; } else { // Get the next highest power of 2 to prevent increasing hwm excessively in @@ -465,7 +449,7 @@ Readable.prototype.read = function (n) { if (n > 0) ret = fromList(n, state);else ret = null; if (ret === null) { - state.needReadable = state.length <= state.highWaterMark; + state.needReadable = true; n = 0; } else { state.length -= n; @@ -485,7 +469,6 @@ Readable.prototype.read = function (n) { }; function onEofChunk(stream, state) { - debug('onEofChunk'); if (state.ended) return; if (state.decoder) { @@ -520,7 +503,6 @@ function onEofChunk(stream, state) { function emitReadable(stream) { var state = stream._readableState; - debug('emitReadable', state.needReadable, state.emittedReadable); state.needReadable = false; if (!state.emittedReadable) { @@ -536,7 +518,6 @@ function emitReadable_(stream) { if (!state.destroyed && (state.length || state.ended)) { stream.emit('readable'); - state.emittedReadable = false; } // The stream needs another readable event if // 1. It is not flowing, as the flow mechanism will take // care of it. @@ -602,7 +583,7 @@ function maybeReadMore_(stream, state) { Readable.prototype._read = function (n) { - errorOrDestroy(this, new ERR_METHOD_NOT_IMPLEMENTED('_read()')); + this.emit('error', new ERR_METHOD_NOT_IMPLEMENTED('_read()')); }; Readable.prototype.pipe = function (dest, pipeOpts) { @@ -701,7 +682,7 @@ Readable.prototype.pipe = function (dest, pipeOpts) { debug('onerror', er); unpipe(); dest.removeListener('error', onerror); - if (EElistenerCount(dest, 'error') === 0) errorOrDestroy(dest, er); + if (EElistenerCount(dest, 'error') === 0) dest.emit('error', er); } // Make sure our error handler is attached before userland ones. @@ -1005,6 +986,8 @@ Readable.prototype.wrap = function (stream) { if (typeof Symbol === 'function') { Readable.prototype[Symbol.asyncIterator] = function () { + emitExperimentalWarning('Readable[Symbol.asyncIterator]'); + if (createReadableStreamAsyncIterator === undefined) { createReadableStreamAsyncIterator = require('./internal/streams/async_iterator'); } @@ -1092,29 +1075,9 @@ function endReadableNT(state, stream) { state.endEmitted = true; stream.readable = false; stream.emit('end'); - - if (state.autoDestroy) { - // In case of duplex streams we need a way to detect - // if the writable side is ready for autoDestroy as well - var wState = stream._writableState; - - if (!wState || wState.autoDestroy && wState.finished) { - stream.destroy(); - } - } } } -if (typeof Symbol === 'function') { - Readable.from = function (iterable, opts) { - if (from === undefined) { - from = require('./internal/streams/from'); - } - - return from(Readable, iterable, opts); - }; -} - function indexOf(xs, x) { for (var i = 0, l = xs.length; i < l; i++) { if (xs[i] === x) return i; diff --git a/node_modules/readable-stream/lib/_stream_writable.js b/node_modules/readable-stream/lib/_stream_writable.js index a2634d7c2..b35447aed 100644 --- a/node_modules/readable-stream/lib/_stream_writable.js +++ b/node_modules/readable-stream/lib/_stream_writable.js @@ -94,8 +94,6 @@ var _require$codes = require('../errors').codes, ERR_STREAM_WRITE_AFTER_END = _require$codes.ERR_STREAM_WRITE_AFTER_END, ERR_UNKNOWN_ENCODING = _require$codes.ERR_UNKNOWN_ENCODING; -var errorOrDestroy = destroyImpl.errorOrDestroy; - require('inherits')(Writable, Stream); function nop() {} @@ -175,9 +173,7 @@ function WritableState(options, stream, isDuplex) { this.errorEmitted = false; // Should close be emitted on destroy. Defaults to true. - this.emitClose = options.emitClose !== false; // Should .destroy() be called after 'finish' (and potentially 'end') - - this.autoDestroy = !!options.autoDestroy; // count buffered requests + this.emitClose = options.emitClose !== false; // count buffered requests this.bufferedRequestCount = 0; // allocate the first CorkedRequest, there is always // one allocated and free to use, and we maintain at most two @@ -254,13 +250,13 @@ function Writable(options) { Writable.prototype.pipe = function () { - errorOrDestroy(this, new ERR_STREAM_CANNOT_PIPE()); + this.emit('error', new ERR_STREAM_CANNOT_PIPE()); }; function writeAfterEnd(stream, cb) { var er = new ERR_STREAM_WRITE_AFTER_END(); // TODO: defer error events consistently everywhere, not just the cb - errorOrDestroy(stream, er); + stream.emit('error', er); process.nextTick(cb, er); } // Checks that a user-supplied chunk is valid, especially for the particular // mode the stream is in. Currently this means that `null` is never accepted @@ -277,7 +273,7 @@ function validChunk(stream, state, chunk, cb) { } if (er) { - errorOrDestroy(stream, er); + stream.emit('error', er); process.nextTick(cb, er); return false; } @@ -421,13 +417,13 @@ function onwriteError(stream, state, sync, er, cb) { process.nextTick(finishMaybe, stream, state); stream._writableState.errorEmitted = true; - errorOrDestroy(stream, er); + stream.emit('error', er); } else { // the caller expect this to happen before if // it is async cb(er); stream._writableState.errorEmitted = true; - errorOrDestroy(stream, er); // this can emit finish, but finish must + stream.emit('error', er); // this can emit finish, but finish must // always follow error finishMaybe(stream, state); @@ -591,7 +587,7 @@ function callFinal(stream, state) { state.pendingcb--; if (err) { - errorOrDestroy(stream, err); + stream.emit('error', err); } state.prefinished = true; @@ -622,16 +618,6 @@ function finishMaybe(stream, state) { if (state.pendingcb === 0) { state.finished = true; stream.emit('finish'); - - if (state.autoDestroy) { - // In case of duplex streams we need a way to detect - // if the readable side is ready for autoDestroy as well - var rState = stream._readableState; - - if (!rState || rState.autoDestroy && rState.endEmitted) { - stream.destroy(); - } - } } } diff --git a/node_modules/readable-stream/lib/internal/streams/buffer_list.js b/node_modules/readable-stream/lib/internal/streams/buffer_list.js index cdea425f1..ebaf5c72a 100644 --- a/node_modules/readable-stream/lib/internal/streams/buffer_list.js +++ b/node_modules/readable-stream/lib/internal/streams/buffer_list.js @@ -1,17 +1,9 @@ 'use strict'; -function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); if (enumerableOnly) symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; }); keys.push.apply(keys, symbols); } return keys; } - -function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i] != null ? arguments[i] : {}; if (i % 2) { ownKeys(Object(source), true).forEach(function (key) { _defineProperty(target, key, source[key]); }); } else if (Object.getOwnPropertyDescriptors) { Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)); } else { ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } } return target; } +function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i] != null ? arguments[i] : {}; var ownKeys = Object.keys(source); if (typeof Object.getOwnPropertySymbols === 'function') { ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function (sym) { return Object.getOwnPropertyDescriptor(source, sym).enumerable; })); } ownKeys.forEach(function (key) { _defineProperty(target, key, source[key]); }); } return target; } function _defineProperty(obj, key, value) { if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; } -function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } } - -function _defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } - -function _createClass(Constructor, protoProps, staticProps) { if (protoProps) _defineProperties(Constructor.prototype, protoProps); if (staticProps) _defineProperties(Constructor, staticProps); return Constructor; } - var _require = require('buffer'), Buffer = _require.Buffer; @@ -28,183 +20,170 @@ module.exports = /*#__PURE__*/ function () { function BufferList() { - _classCallCheck(this, BufferList); - this.head = null; this.tail = null; this.length = 0; } - _createClass(BufferList, [{ - key: "push", - value: function push(v) { - var entry = { - data: v, - next: null - }; - if (this.length > 0) this.tail.next = entry;else this.head = entry; - this.tail = entry; - ++this.length; - } - }, { - key: "unshift", - value: function unshift(v) { - var entry = { - data: v, - next: this.head - }; - if (this.length === 0) this.tail = entry; - this.head = entry; - ++this.length; - } - }, { - key: "shift", - value: function shift() { - if (this.length === 0) return; - var ret = this.head.data; - if (this.length === 1) this.head = this.tail = null;else this.head = this.head.next; - --this.length; - return ret; - } - }, { - key: "clear", - value: function clear() { - this.head = this.tail = null; - this.length = 0; - } - }, { - key: "join", - value: function join(s) { - if (this.length === 0) return ''; - var p = this.head; - var ret = '' + p.data; - - while (p = p.next) { - ret += s + p.data; - } + var _proto = BufferList.prototype; + + _proto.push = function push(v) { + var entry = { + data: v, + next: null + }; + if (this.length > 0) this.tail.next = entry;else this.head = entry; + this.tail = entry; + ++this.length; + }; + + _proto.unshift = function unshift(v) { + var entry = { + data: v, + next: this.head + }; + if (this.length === 0) this.tail = entry; + this.head = entry; + ++this.length; + }; + + _proto.shift = function shift() { + if (this.length === 0) return; + var ret = this.head.data; + if (this.length === 1) this.head = this.tail = null;else this.head = this.head.next; + --this.length; + return ret; + }; + + _proto.clear = function clear() { + this.head = this.tail = null; + this.length = 0; + }; - return ret; + _proto.join = function join(s) { + if (this.length === 0) return ''; + var p = this.head; + var ret = '' + p.data; + + while (p = p.next) { + ret += s + p.data; } - }, { - key: "concat", - value: function concat(n) { - if (this.length === 0) return Buffer.alloc(0); - var ret = Buffer.allocUnsafe(n >>> 0); - var p = this.head; - var i = 0; - - while (p) { - copyBuffer(p.data, ret, i); - i += p.data.length; - p = p.next; - } - return ret; - } // Consumes a specified amount of bytes or characters from the buffered data. - - }, { - key: "consume", - value: function consume(n, hasStrings) { - var ret; - - if (n < this.head.data.length) { - // `slice` is the same for buffers and strings. - ret = this.head.data.slice(0, n); - this.head.data = this.head.data.slice(n); - } else if (n === this.head.data.length) { - // First chunk is a perfect match. - ret = this.shift(); - } else { - // Result spans more than one buffer. - ret = hasStrings ? this._getString(n) : this._getBuffer(n); - } + return ret; + }; + + _proto.concat = function concat(n) { + if (this.length === 0) return Buffer.alloc(0); + var ret = Buffer.allocUnsafe(n >>> 0); + var p = this.head; + var i = 0; + + while (p) { + copyBuffer(p.data, ret, i); + i += p.data.length; + p = p.next; + } - return ret; + return ret; + } // Consumes a specified amount of bytes or characters from the buffered data. + ; + + _proto.consume = function consume(n, hasStrings) { + var ret; + + if (n < this.head.data.length) { + // `slice` is the same for buffers and strings. + ret = this.head.data.slice(0, n); + this.head.data = this.head.data.slice(n); + } else if (n === this.head.data.length) { + // First chunk is a perfect match. + ret = this.shift(); + } else { + // Result spans more than one buffer. + ret = hasStrings ? this._getString(n) : this._getBuffer(n); } - }, { - key: "first", - value: function first() { - return this.head.data; - } // Consumes a specified amount of characters from the buffered data. - - }, { - key: "_getString", - value: function _getString(n) { - var p = this.head; - var c = 1; - var ret = p.data; - n -= ret.length; - - while (p = p.next) { - var str = p.data; - var nb = n > str.length ? str.length : n; - if (nb === str.length) ret += str;else ret += str.slice(0, n); - n -= nb; - - if (n === 0) { - if (nb === str.length) { - ++c; - if (p.next) this.head = p.next;else this.head = this.tail = null; - } else { - this.head = p; - p.data = str.slice(nb); - } - - break; + + return ret; + }; + + _proto.first = function first() { + return this.head.data; + } // Consumes a specified amount of characters from the buffered data. + ; + + _proto._getString = function _getString(n) { + var p = this.head; + var c = 1; + var ret = p.data; + n -= ret.length; + + while (p = p.next) { + var str = p.data; + var nb = n > str.length ? str.length : n; + if (nb === str.length) ret += str;else ret += str.slice(0, n); + n -= nb; + + if (n === 0) { + if (nb === str.length) { + ++c; + if (p.next) this.head = p.next;else this.head = this.tail = null; + } else { + this.head = p; + p.data = str.slice(nb); } - ++c; + break; } - this.length -= c; - return ret; - } // Consumes a specified amount of bytes from the buffered data. - - }, { - key: "_getBuffer", - value: function _getBuffer(n) { - var ret = Buffer.allocUnsafe(n); - var p = this.head; - var c = 1; - p.data.copy(ret); - n -= p.data.length; - - while (p = p.next) { - var buf = p.data; - var nb = n > buf.length ? buf.length : n; - buf.copy(ret, ret.length - n, 0, nb); - n -= nb; - - if (n === 0) { - if (nb === buf.length) { - ++c; - if (p.next) this.head = p.next;else this.head = this.tail = null; - } else { - this.head = p; - p.data = buf.slice(nb); - } - - break; + ++c; + } + + this.length -= c; + return ret; + } // Consumes a specified amount of bytes from the buffered data. + ; + + _proto._getBuffer = function _getBuffer(n) { + var ret = Buffer.allocUnsafe(n); + var p = this.head; + var c = 1; + p.data.copy(ret); + n -= p.data.length; + + while (p = p.next) { + var buf = p.data; + var nb = n > buf.length ? buf.length : n; + buf.copy(ret, ret.length - n, 0, nb); + n -= nb; + + if (n === 0) { + if (nb === buf.length) { + ++c; + if (p.next) this.head = p.next;else this.head = this.tail = null; + } else { + this.head = p; + p.data = buf.slice(nb); } - ++c; + break; } - this.length -= c; - return ret; - } // Make sure the linked list only shows the minimal necessary information. - - }, { - key: custom, - value: function value(_, options) { - return inspect(this, _objectSpread({}, options, { - // Only inspect one level. - depth: 0, - // It should not recurse. - customInspect: false - })); + ++c; } - }]); + + this.length -= c; + return ret; + } // Make sure the linked list only shows the minimal necessary information. + ; + + _proto[custom] = function (_, options) { + return inspect(this, _objectSpread({}, options, { + // Only inspect one level. + depth: 0, + // It should not recurse. + customInspect: false + })); + }; return BufferList; }();
\ No newline at end of file diff --git a/node_modules/readable-stream/lib/internal/streams/destroy.js b/node_modules/readable-stream/lib/internal/streams/destroy.js index 3268a16f3..63ae49928 100644 --- a/node_modules/readable-stream/lib/internal/streams/destroy.js +++ b/node_modules/readable-stream/lib/internal/streams/destroy.js @@ -9,13 +9,8 @@ function destroy(err, cb) { if (readableDestroyed || writableDestroyed) { if (cb) { cb(err); - } else if (err) { - if (!this._writableState) { - process.nextTick(emitErrorNT, this, err); - } else if (!this._writableState.errorEmitted) { - this._writableState.errorEmitted = true; - process.nextTick(emitErrorNT, this, err); - } + } else if (err && (!this._writableState || !this._writableState.errorEmitted)) { + process.nextTick(emitErrorNT, this, err); } return this; @@ -34,13 +29,10 @@ function destroy(err, cb) { this._destroy(err || null, function (err) { if (!cb && err) { - if (!_this._writableState) { - process.nextTick(emitErrorAndCloseNT, _this, err); - } else if (!_this._writableState.errorEmitted) { + process.nextTick(emitErrorAndCloseNT, _this, err); + + if (_this._writableState) { _this._writableState.errorEmitted = true; - process.nextTick(emitErrorAndCloseNT, _this, err); - } else { - process.nextTick(emitCloseNT, _this); } } else if (cb) { process.nextTick(emitCloseNT, _this); @@ -87,19 +79,7 @@ function emitErrorNT(self, err) { self.emit('error', err); } -function errorOrDestroy(stream, err) { - // We have tests that rely on errors being emitted - // in the same tick, so changing this is semver major. - // For now when you opt-in to autoDestroy we allow - // the error to be emitted nextTick. In a future - // semver major update we should change the default to this. - var rState = stream._readableState; - var wState = stream._writableState; - if (rState && rState.autoDestroy || wState && wState.autoDestroy) stream.destroy(err);else stream.emit('error', err); -} - module.exports = { destroy: destroy, - undestroy: undestroy, - errorOrDestroy: errorOrDestroy + undestroy: undestroy };
\ No newline at end of file diff --git a/node_modules/readable-stream/package.json b/node_modules/readable-stream/package.json index 9c29e095c..67c7e602f 100644 --- a/node_modules/readable-stream/package.json +++ b/node_modules/readable-stream/package.json @@ -1,19 +1,19 @@ { - "_from": "readable-stream@3.6.0", - "_id": "readable-stream@3.6.0", + "_from": "readable-stream@3.4.0", + "_id": "readable-stream@3.4.0", "_inBundle": false, - "_integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==", + "_integrity": "sha512-jItXPLmrSR8jmTRmRWJXCnGJsfy85mB3Wd/uINMXA65yrnFo0cPClFIUWzo2najVNSl+mx7/4W8ttlLWJe99pQ==", "_location": "/readable-stream", "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "readable-stream@3.6.0", + "raw": "readable-stream@3.4.0", "name": "readable-stream", "escapedName": "readable-stream", - "rawSpec": "3.6.0", + "rawSpec": "3.4.0", "saveSpec": null, - "fetchSpec": "3.6.0" + "fetchSpec": "3.4.0" }, "_requiredBy": [ "#USER", @@ -21,16 +21,15 @@ "/bl", "/tar-stream" ], - "_resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz", - "_shasum": "337bbda3adc0706bd3e024426a286d4b4b2c9198", - "_spec": "readable-stream@3.6.0", - "_where": "/Users/darcyclarke/Documents/Repos/npm/cli", + "_resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.4.0.tgz", + "_shasum": "a51c26754658e0a3c21dbf59163bd45ba6f447fc", + "_spec": "readable-stream@3.4.0", + "_where": "/Users/isaacs/dev/npm/cli", "browser": { "util": false, "worker_threads": false, "./errors": "./errors-browser.js", "./readable.js": "./readable-browser.js", - "./lib/internal/streams/from.js": "./lib/internal/streams/from-browser.js", "./lib/internal/streams/stream.js": "./lib/internal/streams/stream-browser.js" }, "bugs": { @@ -53,7 +52,6 @@ "assert": "^1.4.0", "bl": "^2.0.0", "deep-strict-equal": "^0.2.0", - "events.once": "^2.0.2", "glob": "^7.1.2", "gunzip-maybe": "^1.4.1", "hyperquest": "^2.1.3", @@ -96,5 +94,5 @@ "test-browsers": "airtap --sauce-connect --loopback airtap.local -- test/browser.js", "update-browser-errors": "babel -o errors-browser.js errors.js" }, - "version": "3.6.0" + "version": "3.4.0" } diff --git a/node_modules/registry-auth-token/CHANGELOG.md b/node_modules/registry-auth-token/CHANGELOG.md index 20e82e870..75f7b6f2f 100644 --- a/node_modules/registry-auth-token/CHANGELOG.md +++ b/node_modules/registry-auth-token/CHANGELOG.md @@ -2,12 +2,6 @@ All notable changes will be documented in this file. -## [3.4.0] - 2019-03-20 - -### Changes - -- Enabled legacy auth token to be read from environment variable (Martin Flodin) - ## [3.3.2] - 2018-01-26 ### Changes diff --git a/node_modules/registry-auth-token/index.js b/node_modules/registry-auth-token/index.js index f8c6216ea..d68f7eeb4 100644 --- a/node_modules/registry-auth-token/index.js +++ b/node_modules/registry-auth-token/index.js @@ -52,13 +52,10 @@ function getRegistryAuthInfo (checkUrl, options) { } function getLegacyAuthInfo (npmrc) { - if (!npmrc._auth) { - return undefined + if (npmrc._auth) { + return {token: npmrc._auth, type: 'Basic'} } - - var token = replaceEnvironmentVariable(npmrc._auth) - - return {token: token, type: 'Basic'} + return undefined } function normalizePath (path) { @@ -83,19 +80,15 @@ function getAuthInfoForUrl (regUrl, npmrc) { return undefined } -function replaceEnvironmentVariable (token) { - return token.replace(/^\$\{?([^}]*)\}?$/, function (fullMatch, envVar) { - return process.env[envVar] - }) -} - function getBearerToken (tok) { if (!tok) { return undefined } - // check if bearer token is set as environment variable - var token = replaceEnvironmentVariable(tok) + // check if bearer token + var token = tok.replace(/^\$\{?([^}]*)\}?$/, function (fullMatch, envVar) { + return process.env[envVar] + }) return {token: token, type: 'Bearer'} } @@ -107,7 +100,9 @@ function getTokenForUsernameAndPassword (username, password) { // passwords are base64 encoded, so we need to decode it // See https://github.com/npm/npm/blob/v3.10.6/lib/config/set-credentials-by-uri.js#L26 - var pass = decodeBase64(replaceEnvironmentVariable(password)) + var pass = decodeBase64(password.replace(/^\$\{?([^}]*)\}?$/, function (fullMatch, envVar) { + return process.env[envVar] + })) // a basic auth token is base64 encoded 'username:password' // See https://github.com/npm/npm/blob/v3.10.6/lib/config/get-credentials-by-uri.js#L70 diff --git a/node_modules/registry-auth-token/package.json b/node_modules/registry-auth-token/package.json index dd090a836..3be95088b 100644 --- a/node_modules/registry-auth-token/package.json +++ b/node_modules/registry-auth-token/package.json @@ -1,8 +1,8 @@ { "_from": "registry-auth-token@^3.0.1", - "_id": "registry-auth-token@3.4.0", + "_id": "registry-auth-token@3.3.2", "_inBundle": false, - "_integrity": "sha512-4LM6Fw8eBQdwMYcES4yTnn2TqIasbXuwDx3um+QRs7S55aMKCBKBxvPXl2RiUjHwuJLTyYfxSpmfSAjQpcuP+A==", + "_integrity": "sha512-JL39c60XlzCVgNrO+qq68FoNb56w/m7JYvGR2jT5iR1xBrUA3Mfx5Twk5rqTThPmQKMWydGmq8oFtDlxfrmxnQ==", "_location": "/registry-auth-token", "_phantomChildren": {}, "_requested": { @@ -18,10 +18,10 @@ "_requiredBy": [ "/package-json" ], - "_resolved": "https://registry.npmjs.org/registry-auth-token/-/registry-auth-token-3.4.0.tgz", - "_shasum": "d7446815433f5d5ed6431cd5dca21048f66b397e", + "_resolved": "https://registry.npmjs.org/registry-auth-token/-/registry-auth-token-3.3.2.tgz", + "_shasum": "851fd49038eecb586911115af845260eec983f20", "_spec": "registry-auth-token@^3.0.1", - "_where": "/Users/ruyadorno/Documents/workspace/cli/node_modules/package-json", + "_where": "/Users/rebecca/code/npm/node_modules/package-json", "author": { "name": "Espen Hovlandsdal", "email": "espen@hovlandsdal.com" @@ -70,5 +70,5 @@ "coverage/**" ] }, - "version": "3.4.0" + "version": "3.3.2" } diff --git a/node_modules/registry-auth-token/test/auth-token.test.js b/node_modules/registry-auth-token/test/auth-token.test.js index 5db6f5a19..824d1bf92 100644 --- a/node_modules/registry-auth-token/test/auth-token.test.js +++ b/node_modules/registry-auth-token/test/auth-token.test.js @@ -50,42 +50,6 @@ describe('auth-token', function () { done() }) }) - - it('should return legacy auth token defined by reference to an environment variable (with curly braces)', function (done) { - var environmentVariable = '__REGISTRY_AUTH_TOKEN_NPM_TOKEN__' - var content = [ - '_auth=${' + environmentVariable + '}', - 'registry=http://registry.foobar.eu/' - ].join('\n') - - process.env[environmentVariable] = 'foobar' - - fs.writeFile(npmRcPath, content, function (err) { - var getAuthToken = requireUncached('../index') - assert(!err, err) - assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Basic'}) - delete process.env[environmentVariable] - done() - }) - }) - - it('should return legacy auth token defined by reference to an environment variable (without curly braces)', function (done) { - var environmentVariable = '__REGISTRY_AUTH_TOKEN_NPM_TOKEN__' - var content = [ - '_auth=$' + environmentVariable, - 'registry=http://registry.foobar.eu/' - ].join('\n') - - process.env[environmentVariable] = 'foobar' - - fs.writeFile(npmRcPath, content, function (err) { - var getAuthToken = requireUncached('../index') - assert(!err, err) - assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Basic'}) - delete process.env[environmentVariable] - done() - }) - }) }) describe('bearer token', function () { diff --git a/node_modules/registry-auth-token/yarn.lock b/node_modules/registry-auth-token/yarn.lock index 46c135727..23f7b13a7 100644 --- a/node_modules/registry-auth-token/yarn.lock +++ b/node_modules/registry-auth-token/yarn.lock @@ -234,9 +234,9 @@ decamelize@^1.0.0: version "1.2.0" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" -deep-extend@^0.6.0: - version "0.6.0" - resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.6.0.tgz#c4fa7c95404a17a9c3e8ca7e1537312b736330ac" +deep-extend@~0.4.0: + version "0.4.2" + resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.4.2.tgz#48b699c27e334bf89f10892be432f6e4c7d34a7f" deep-is@~0.1.3: version "0.1.3" @@ -1197,11 +1197,11 @@ progress@^1.1.8: version "1.1.8" resolved "https://registry.yarnpkg.com/progress/-/progress-1.1.8.tgz#e260c78f6161cdd9b0e56cc3e0a85de17c7a57be" -rc@^1.2.8: - version "1.2.8" - resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.8.tgz#cd924bf5200a075b83c188cd6b9e211b7fc0d3ed" +rc@^1.1.6: + version "1.2.4" + resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.4.tgz#a0f606caae2a3b862bbd0ef85482c0125b315fa3" dependencies: - deep-extend "^0.6.0" + deep-extend "~0.4.0" ini "~1.3.0" minimist "^1.2.0" strip-json-comments "~2.0.1" @@ -1290,11 +1290,7 @@ rx-lite@^3.1.2: version "3.1.2" resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102" -safe-buffer@^5.1.2: - version "5.1.2" - resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d" - -safe-buffer@~5.1.0, safe-buffer@~5.1.1: +safe-buffer@^5.0.1, safe-buffer@~5.1.0, safe-buffer@~5.1.1: version "5.1.1" resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" diff --git a/node_modules/rimraf/package.json b/node_modules/rimraf/package.json index 48f172fb2..a82c85a69 100644 --- a/node_modules/rimraf/package.json +++ b/node_modules/rimraf/package.json @@ -1,47 +1,46 @@ { - "_from": "rimraf@2.7.1", - "_id": "rimraf@2.7.1", + "_from": "rimraf@2.6.3", + "_id": "rimraf@2.6.3", "_inBundle": false, - "_integrity": "sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==", + "_integrity": "sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==", "_location": "/rimraf", "_phantomChildren": {}, "_requested": { "type": "version", "registry": true, - "raw": "rimraf@2.7.1", + "raw": "rimraf@2.6.3", "name": "rimraf", "escapedName": "rimraf", - "rawSpec": "2.7.1", + "rawSpec": "2.6.3", "saveSpec": null, - "fetchSpec": "2.7.1" + "fetchSpec": "2.6.3" }, "_requiredBy": [ "#USER", "/", "/cacache", "/copy-concurrently", + "/flat-cache", "/fs-vacuum", - "/istanbul-lib-source-maps", + "/fstream", "/libcipm", "/libnpx", "/move-concurrently", "/node-gyp", - "/nyc", "/pacote", - "/spawn-wrap", "/tap" ], - "_resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.7.1.tgz", - "_shasum": "35797f13a7fdadc566142c29d4f07ccad483e3ec", - "_spec": "rimraf@2.7.1", - "_where": "/Users/darcyclarke/Documents/Repos/npm/npm/cli", + "_resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz", + "_shasum": "b2d104fe0d8fb27cf9e0a1cda8262dd3833c6cab", + "_spec": "rimraf@2.6.3", + "_where": "/Users/aeschright/code/cli", "author": { "name": "Isaac Z. Schlueter", "email": "i@izs.me", "url": "http://blog.izs.me/" }, "bin": { - "rimraf": "bin.js" + "rimraf": "./bin.js" }, "bugs": { "url": "https://github.com/isaacs/rimraf/issues" @@ -76,5 +75,5 @@ "preversion": "npm test", "test": "tap test/*.js" }, - "version": "2.7.1" + "version": "2.6.3" } diff --git a/node_modules/rimraf/rimraf.js b/node_modules/rimraf/rimraf.js index a90ad029f..e80dd1069 100644 --- a/node_modules/rimraf/rimraf.js +++ b/node_modules/rimraf/rimraf.js @@ -4,12 +4,7 @@ rimraf.sync = rimrafSync var assert = require("assert") var path = require("path") var fs = require("fs") -var glob = undefined -try { - glob = require("glob") -} catch (_err) { - // treat glob as optional. -} +var glob = require("glob") var _0666 = parseInt('666', 8) var defaultGlobOpts = { @@ -42,9 +37,6 @@ function defaults (options) { if (options.glob === false) { options.disableGlob = true } - if (options.disableGlob !== true && glob === undefined) { - throw Error('glob dependency not found, set `options.disableGlob = true` if intentional') - } options.disableGlob = options.disableGlob || false options.glob = options.glob || defaultGlobOpts } diff --git a/node_modules/stream-iterate/node_modules/readable-stream/CONTRIBUTING.md b/node_modules/stream-iterate/node_modules/readable-stream/CONTRIBUTING.md new file mode 100644 index 000000000..f478d58dc --- /dev/null +++ b/node_modules/stream-iterate/node_modules/readable-stream/CONTRIBUTING.md @@ -0,0 +1,38 @@ +# Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. + +## Moderation Policy + +The [Node.js Moderation Policy] applies to this WG. + +## Code of Conduct + +The [Node.js Code of Conduct][] applies to this WG. + +[Node.js Code of Conduct]: +https://github.com/nodejs/node/blob/master/CODE_OF_CONDUCT.md +[Node.js Moderation Policy]: +https://github.com/nodejs/TSC/blob/master/Moderation-Policy.md diff --git a/node_modules/string_decoder/package.json b/node_modules/string_decoder/package.json index cc843b660..0b704d99a 100644 --- a/node_modules/string_decoder/package.json +++ b/node_modules/string_decoder/package.json @@ -1,8 +1,8 @@ { "_from": "string_decoder@^1.1.1", - "_id": "string_decoder@1.3.0", + "_id": "string_decoder@1.2.0", "_inBundle": false, - "_integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", + "_integrity": "sha512-6YqyX6ZWEYguAxgZzHGL7SsCeGx3V2TtOTqZz1xSTSWnqsbWwbptafNyvf/ACquZUXV3DANr5BDIwNYe1mN42w==", "_location": "/string_decoder", "_phantomChildren": {}, "_requested": { @@ -18,16 +18,16 @@ "_requiredBy": [ "/readable-stream" ], - "_resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", - "_shasum": "42f114594a46cf1a8e30b0a84f56c78c3edac21e", + "_resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.2.0.tgz", + "_shasum": "fe86e738b19544afe70469243b2a1ee9240eae8d", "_spec": "string_decoder@^1.1.1", - "_where": "/Users/darcyclarke/Documents/Repos/npm/cli/node_modules/readable-stream", + "_where": "/Users/aeschright/code/cli/node_modules/readable-stream", "bugs": { "url": "https://github.com/nodejs/string_decoder/issues" }, "bundleDependencies": false, "dependencies": { - "safe-buffer": "~5.2.0" + "safe-buffer": "~5.1.0" }, "deprecated": false, "description": "The string_decoder module from Node core", @@ -58,5 +58,5 @@ "ci": "tap test/parallel/*.js test/ours/*.js --tap | tee test.tap && node test/verify-dependencies.js", "test": "tap test/parallel/*.js && node test/verify-dependencies" }, - "version": "1.3.0" + "version": "1.2.0" } diff --git a/node_modules/term-size/vendor/macos/term-size b/node_modules/term-size/vendor/macos/term-size Binary files differindex c32a1fdc1..e383cc737 100755 --- a/node_modules/term-size/vendor/macos/term-size +++ b/node_modules/term-size/vendor/macos/term-size diff --git a/node_modules/through2/node_modules/readable-stream/CONTRIBUTING.md b/node_modules/through2/node_modules/readable-stream/CONTRIBUTING.md new file mode 100644 index 000000000..f478d58dc --- /dev/null +++ b/node_modules/through2/node_modules/readable-stream/CONTRIBUTING.md @@ -0,0 +1,38 @@ +# Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +* (a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +* (b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +* (c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +* (d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. + +## Moderation Policy + +The [Node.js Moderation Policy] applies to this WG. + +## Code of Conduct + +The [Node.js Code of Conduct][] applies to this WG. + +[Node.js Code of Conduct]: +https://github.com/nodejs/node/blob/master/CODE_OF_CONDUCT.md +[Node.js Moderation Policy]: +https://github.com/nodejs/TSC/blob/master/Moderation-Policy.md diff --git a/node_modules/update-notifier/package.json b/node_modules/update-notifier/package.json index c2c81fb3c..836b3df25 100644 --- a/node_modules/update-notifier/package.json +++ b/node_modules/update-notifier/package.json @@ -1,4 +1,10 @@ { + "_args": [ + [ + "update-notifier@2.5.0", + "/Users/rebecca/code/npm" + ] + ], "_from": "update-notifier@2.5.0", "_id": "update-notifier@2.5.0", "_inBundle": false, @@ -16,14 +22,12 @@ "fetchSpec": "2.5.0" }, "_requiredBy": [ - "#USER", "/", "/libnpx" ], "_resolved": "https://registry.npmjs.org/update-notifier/-/update-notifier-2.5.0.tgz", - "_shasum": "d0744593e13f161e406acb1d9408b72cad08aff6", - "_spec": "update-notifier@2.5.0", - "_where": "/Users/ruyadorno/Documents/workspace/cli", + "_spec": "2.5.0", + "_where": "/Users/rebecca/code/npm", "author": { "name": "Sindre Sorhus", "email": "sindresorhus@gmail.com", @@ -32,7 +36,6 @@ "bugs": { "url": "https://github.com/yeoman/update-notifier/issues" }, - "bundleDependencies": false, "dependencies": { "boxen": "^1.2.1", "chalk": "^2.0.1", @@ -45,7 +48,6 @@ "semver-diff": "^2.0.0", "xdg-basedir": "^3.0.0" }, - "deprecated": false, "description": "Update notifications for your CLI app", "devDependencies": { "ava": "*", diff --git a/node_modules/verror/CONTRIBUTING.md b/node_modules/verror/CONTRIBUTING.md new file mode 100644 index 000000000..750cef8df --- /dev/null +++ b/node_modules/verror/CONTRIBUTING.md @@ -0,0 +1,19 @@ +# Contributing + +This repository uses [cr.joyent.us](https://cr.joyent.us) (Gerrit) for new +changes. Anyone can submit changes. To get started, see the [cr.joyent.us user +guide](https://github.com/joyent/joyent-gerrit/blob/master/docs/user/README.md). +This repo does not use GitHub pull requests. + +See the [Joyent Engineering +Guidelines](https://github.com/joyent/eng/blob/master/docs/index.md) for general +best practices expected in this repository. + +Contributions should be "make prepush" clean. The "prepush" target runs the +"check" target, which requires these separate tools: + +* https://github.com/davepacheco/jsstyle +* https://github.com/davepacheco/javascriptlint + +If you're changing something non-trivial or user-facing, you may want to submit +an issue first. diff --git a/node_modules/widest-line/index.js b/node_modules/widest-line/index.js index a9865d00a..173cec4f2 100644 --- a/node_modules/widest-line/index.js +++ b/node_modules/widest-line/index.js @@ -1,8 +1,5 @@ 'use strict'; const stringWidth = require('string-width'); -module.exports = input => { - let max = 0; - for (const s of input.split('\n')) max = Math.max(max, stringWidth(s)); - return max; -}; +module.exports = input => Math.max.apply(null, input.split('\n').map(x => stringWidth(x))); + diff --git a/node_modules/widest-line/package.json b/node_modules/widest-line/package.json index fc4bcfcbe..2eb1d53fc 100644 --- a/node_modules/widest-line/package.json +++ b/node_modules/widest-line/package.json @@ -1,8 +1,8 @@ { "_from": "widest-line@^2.0.0", - "_id": "widest-line@2.0.1", + "_id": "widest-line@2.0.0", "_inBundle": false, - "_integrity": "sha512-Ba5m9/Fa4Xt9eb2ELXt77JxVDV8w7qQrH0zS/TWSJdLyAwQjWoOzpzj5lwVftDz6n/EOu3tNACS84v509qwnJA==", + "_integrity": "sha1-AUKk6KJD+IgsAjOqDgKBqnYVInM=", "_location": "/widest-line", "_phantomChildren": {}, "_requested": { @@ -18,10 +18,10 @@ "_requiredBy": [ "/boxen" ], - "_resolved": "https://registry.npmjs.org/widest-line/-/widest-line-2.0.1.tgz", - "_shasum": "7438764730ec7ef4381ce4df82fb98a53142a3fc", + "_resolved": "https://registry.npmjs.org/widest-line/-/widest-line-2.0.0.tgz", + "_shasum": "0142a4e8a243f8882c0233aa0e0281aa76152273", "_spec": "widest-line@^2.0.0", - "_where": "/Users/ruyadorno/Documents/workspace/cli/node_modules/boxen", + "_where": "/Users/rebecca/code/npm/node_modules/boxen", "author": { "name": "Sindre Sorhus", "email": "sindresorhus@gmail.com", @@ -82,5 +82,5 @@ "scripts": { "test": "xo && ava" }, - "version": "2.0.1" + "version": "2.0.0" } diff --git a/package-lock.json b/package-lock.json index 7261d0b2f..57ce8f6df 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "npm", - "version": "6.14.5", + "version": "6.13.7", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -136,6 +136,11 @@ "integrity": "sha512-KyqT0kkdxgbGys9mvo/1Mgdt/LGvUFPCZIK9pWPIfOM2mYzMDd/eVYy4sMP1YqvVI129k0alxRyM53H2MAs/Nw==", "dev": true }, + "@npmcli/ci-detect": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@npmcli/ci-detect/-/ci-detect-1.1.1.tgz", + "integrity": "sha512-h5eW3DljLypyhvfK94FkSSm4qtSUFddth/xW+7vnkVCEUJR38MYvctCSZkxqrzmXZSzpfImuAwwKvRqkEuDvCQ==" + }, "@types/caseless": { "version": "0.12.2", "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", @@ -143,15 +148,15 @@ "dev": true }, "@types/node": { - "version": "13.9.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-13.9.1.tgz", - "integrity": "sha512-E6M6N0blf/jiZx8Q3nb0vNaswQeEyn0XlupO+xN6DtJ6r6IT4nXrTry7zhIfYvFCl3/8Cu6WIysmUBKiqV0bqQ==", + "version": "12.6.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-12.6.8.tgz", + "integrity": "sha512-aX+gFgA5GHcDi89KG5keey2zf0WfZk/HAQotEamsK2kbey+8yGKcson0hbK8E+v0NArlCJQCqMP161YhV6ZXLg==", "dev": true }, "@types/request": { - "version": "2.48.4", - "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.4.tgz", - "integrity": "sha512-W1t1MTKYR8PxICH+A4HgEIPuAC3sbljoEVfyZbeFJJDbr30guDspJri2XOaM2E+Un7ZjrihaDi7cf6fPa2tbgw==", + "version": "2.48.2", + "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.2.tgz", + "integrity": "sha512-gP+PSFXAXMrd5PcD7SqHeUjdGshAI8vKQ3+AvpQr3ht9iQea+59LOKvKITcQI+Lg+1EIkDP6AFSBUJPWG8GDyA==", "dev": true, "requires": { "@types/caseless": "*", @@ -161,9 +166,9 @@ }, "dependencies": { "form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.0.tgz", + "integrity": "sha512-WXieX3G/8side6VIqx44ablyULoGruSde5PNTxoUyo5CeyAMX6nVWUd0rgist/EuX655cjhUhTo1Fo3tRYqbcA==", "dev": true, "requires": { "asynckit": "^0.4.0", @@ -174,9 +179,9 @@ } }, "@types/tough-cookie": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-2.3.6.tgz", - "integrity": "sha512-wHNBMnkoEBiRAd3s8KTKwIuO9biFtTf0LehITzBhSco+HQI0xkXZbLOD55SW3Aqw3oUkHstkm5SPv58yaAdFPQ==", + "version": "2.3.5", + "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-2.3.5.tgz", + "integrity": "sha512-SCcK7mvGi3+ZNz833RRjFIxrn4gI1PPR3NtuIS+6vMkvmsGjosqTJwRt5bAEFLRz+wtJMWv8+uOnZf2hi2QXTg==", "dev": true }, "JSONStream": { @@ -232,6 +237,15 @@ "humanize-ms": "^1.2.1" } }, + "aggregate-error": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.0.1.tgz", + "integrity": "sha512-quoaXsZ9/BLNae5yiNoUz+Nhkwz83GhWwtYFglcjEQB2NDHCIpApbqXxIFnm4Pq/Nvhrsq5sYJFyohrrxnTGAA==", + "requires": { + "clean-stack": "^2.0.0", + "indent-string": "^4.0.0" + } + }, "ajv": { "version": "5.5.2", "resolved": "https://registry.npmjs.org/ajv/-/ajv-5.5.2.tgz", @@ -666,9 +680,9 @@ "dev": true }, "chownr": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", - "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==" + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.3.tgz", + "integrity": "sha512-i70fVHhmV3DtTl6nqvZOnIjbY0Pe4kAUjwHj8z0zAdgBtYrJyYwLKCCuRBQ5ppkyL0AkN7HKRnETdmdp1zqNXw==" }, "ci-info": { "version": "2.0.0", @@ -689,6 +703,11 @@ "integrity": "sha512-UZK3NBx2Mca+b5LsG7bY183pHWt5Y1xts4P3Pz7ENTwGVnJOUWbRb3ocjvX7hx9tq/yTAdclXm9sZ38gNuem4A==", "dev": true }, + "clean-stack": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz", + "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==" + }, "clean-yaml-object": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/clean-yaml-object/-/clean-yaml-object-0.1.0.tgz", @@ -1179,9 +1198,9 @@ "dev": true }, "deep-extend": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz", - "integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==" + "version": "0.5.1", + "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.5.1.tgz", + "integrity": "sha512-N8vBdOa+DF7zkRrDCsaOXoCs/E2fJfx9B9MrKnnSiHNh4ws7eSys6YQE4KvT1cecKmOASYQBhbKjeuDD9lT81w==" }, "deep-is": { "version": "0.1.3", @@ -1238,6 +1257,11 @@ "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", "integrity": "sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o=" }, + "depd": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", + "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=" + }, "detect-indent": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/detect-indent/-/detect-indent-5.0.0.tgz", @@ -1978,17 +2002,6 @@ "graceful-fs": "^4.1.2", "rimraf": "~2.6.2", "write": "^0.2.1" - }, - "dependencies": { - "rimraf": { - "version": "2.6.3", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz", - "integrity": "sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==", - "dev": true, - "requires": { - "glob": "^7.1.3" - } - } } }, "flush-write-stream": { @@ -2319,9 +2332,9 @@ } }, "glob": { - "version": "7.1.6", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz", - "integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==", + "version": "7.1.4", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.4.tgz", + "integrity": "sha512-hkLPepehmnKk41pUGm3sYxoFs/umurYfYJCerbXEyFIWcAzvpipAgVkBqqT9RBKMGjnq6kMuyYwha6csxbiM1A==", "requires": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -2371,9 +2384,9 @@ } }, "graceful-fs": { - "version": "4.2.4", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.4.tgz", - "integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==" + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.3.tgz", + "integrity": "sha512-a30VEBm4PEdx1dRB7MFK7BejejvCvBronbLjht+sHuGYj8PHs7M/5Z+rt5lw551vZ7yfTCj4Vuyy3mSJytDWRQ==" }, "growl": { "version": "1.10.5", @@ -2490,9 +2503,9 @@ } }, "hosted-git-info": { - "version": "2.8.8", - "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.8.tgz", - "integrity": "sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==" + "version": "2.8.5", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.5.tgz", + "integrity": "sha512-kssjab8CvdXfcXMXVcvsXum4Hwdq9XGtRD3TteMEvEbq0LXyiNQr6AprqKqfeaDXze7SxWvRxdpwE6ku7ikLkg==" }, "http-cache-semantics": { "version": "3.8.1", @@ -2591,6 +2604,11 @@ "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=" }, + "indent-string": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==" + }, "infer-owner": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/infer-owner/-/infer-owner-1.0.4.tgz", @@ -2696,11 +2714,11 @@ "integrity": "sha512-r5p9sxJjYnArLjObpjA4xu5EKI3CuKHkJXMhT7kwbpUyIFD1n5PMAsoPvWnvtZiNz7LjkYDRZhd7FlI0eMijEA==" }, "is-ci": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-1.2.1.tgz", - "integrity": "sha512-s6tfsaQaQi3JNciBH6shVqEDvhGut0SUXr31ag8Pd8BBbVVlcGfWhpPmEOoM6RJ5TFhbypvf5yyRw/VXW1IiWg==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-1.1.0.tgz", + "integrity": "sha512-c7TnwxLePuqIlxHgr7xtxzycJPegNHFuIrBkwbf8hc58//+Op1CqFkyS+xnIMkwn9UsJIwc174BIjkyBmSpjKg==", "requires": { - "ci-info": "^1.5.0" + "ci-info": "^1.0.0" }, "dependencies": { "ci-info": { @@ -2740,6 +2758,11 @@ "is-path-inside": "^1.0.0" } }, + "is-lambda": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-lambda/-/is-lambda-1.0.1.tgz", + "integrity": "sha1-PZh3iZ5qU+/AFgUEzeFfgubwYdU=" + }, "is-npm": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/is-npm/-/is-npm-1.0.0.tgz", @@ -2784,9 +2807,9 @@ "dev": true }, "is-retry-allowed": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.2.0.tgz", - "integrity": "sha512-RUbUeKwvm3XG2VYamhJL1xFktgjvPzL0Hq8C+6yrWIswDy3BIXGqCxhxkc30N9jqK311gVU137K8Ei55/zVJRg==" + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz", + "integrity": "sha1-EaBgVotnM5REAz0BJaYaINVk+zQ=" }, "is-stream": { "version": "1.1.0", @@ -3127,6 +3150,27 @@ "pacote": "^9.5.3", "read-package-json": "^2.0.13", "stringify-package": "^1.0.0" + }, + "dependencies": { + "npm-registry-fetch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + } + }, + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + } } }, "libnpmaccess": { @@ -3138,6 +3182,27 @@ "get-stream": "^4.0.0", "npm-package-arg": "^6.1.0", "npm-registry-fetch": "^4.0.0" + }, + "dependencies": { + "npm-registry-fetch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + } + }, + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + } } }, "libnpmconfig": { @@ -3199,6 +3264,27 @@ "figgy-pudding": "^3.4.1", "get-stream": "^4.0.0", "npm-registry-fetch": "^4.0.0" + }, + "dependencies": { + "npm-registry-fetch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + } + }, + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + } } }, "libnpmorg": { @@ -3210,6 +3296,27 @@ "figgy-pudding": "^3.4.1", "get-stream": "^4.0.0", "npm-registry-fetch": "^4.0.0" + }, + "dependencies": { + "npm-registry-fetch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + } + }, + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + } } }, "libnpmpublish": { @@ -3226,6 +3333,27 @@ "npm-registry-fetch": "^4.0.0", "semver": "^5.5.1", "ssri": "^6.0.1" + }, + "dependencies": { + "npm-registry-fetch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + } + }, + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + } } }, "libnpmsearch": { @@ -3236,6 +3364,27 @@ "figgy-pudding": "^3.5.1", "get-stream": "^4.0.0", "npm-registry-fetch": "^4.0.0" + }, + "dependencies": { + "npm-registry-fetch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + } + }, + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + } } }, "libnpmteam": { @@ -3247,6 +3396,27 @@ "figgy-pudding": "^3.4.1", "get-stream": "^4.0.0", "npm-registry-fetch": "^4.0.0" + }, + "dependencies": { + "npm-registry-fetch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + } + }, + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + } } }, "libnpx": { @@ -3574,8 +3744,7 @@ "minimist": { "version": "0.0.8", "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz", - "integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0=", - "dev": true + "integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0=" }, "minipass": { "version": "2.3.3", @@ -3595,6 +3764,158 @@ } } }, + "minipass-collect": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/minipass-collect/-/minipass-collect-1.0.2.tgz", + "integrity": "sha512-6T6lH0H8OG9kITm/Jm6tdooIbogG9e0tLgpY6mphXSm/A9u8Nq1ryBG+Qspiub9LjWlBPsPS3tWQ/Botq4FdxA==", + "requires": { + "minipass": "^3.0.0" + }, + "dependencies": { + "minipass": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "requires": { + "yallist": "^4.0.0" + } + }, + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + } + } + }, + "minipass-fetch": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-1.2.1.tgz", + "integrity": "sha512-ssHt0dkljEDaKmTgQ04DQgx2ag6G2gMPxA5hpcsoeTbfDgRf2fC2gNSRc6kISjD7ckCpHwwQvXxuTBK8402fXg==", + "requires": { + "encoding": "^0.1.12", + "minipass": "^3.1.0", + "minipass-pipeline": "^1.2.2", + "minipass-sized": "^1.0.3", + "minizlib": "^2.0.0" + }, + "dependencies": { + "minipass": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "requires": { + "yallist": "^4.0.0" + } + }, + "minizlib": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.0.tgz", + "integrity": "sha512-EzTZN/fjSvifSX0SlqUERCN39o6T40AMarPbv0MrarSFtIITCBh7bi+dU8nxGFHuqs9jdIAeoYoKuQAAASsPPA==", + "requires": { + "minipass": "^3.0.0", + "yallist": "^4.0.0" + } + }, + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + } + } + }, + "minipass-flush": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/minipass-flush/-/minipass-flush-1.0.5.tgz", + "integrity": "sha512-JmQSYYpPUqX5Jyn1mXaRwOda1uQ8HP5KAT/oDSLCzt1BYRhQU0/hDtsB1ufZfEEzMZ9aAVmsBw8+FWsIXlClWw==", + "requires": { + "minipass": "^3.0.0" + }, + "dependencies": { + "minipass": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "requires": { + "yallist": "^4.0.0" + } + }, + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + } + } + }, + "minipass-json-stream": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/minipass-json-stream/-/minipass-json-stream-1.0.1.tgz", + "integrity": "sha512-ODqY18UZt/I8k+b7rl2AENgbWE8IDYam+undIJONvigAz8KR5GWblsFTEfQs0WODsjbSXWlm+JHEv8Gr6Tfdbg==", + "requires": { + "jsonparse": "^1.3.1", + "minipass": "^3.0.0" + }, + "dependencies": { + "minipass": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "requires": { + "yallist": "^4.0.0" + } + }, + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + } + } + }, + "minipass-pipeline": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/minipass-pipeline/-/minipass-pipeline-1.2.2.tgz", + "integrity": "sha512-3JS5A2DKhD2g0Gg8x3yamO0pj7YeKGwVlDS90pF++kxptwx/F+B//roxf9SqYil5tQo65bijy+dAuAFZmYOouA==", + "requires": { + "minipass": "^3.0.0" + }, + "dependencies": { + "minipass": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "requires": { + "yallist": "^4.0.0" + } + }, + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + } + } + }, + "minipass-sized": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/minipass-sized/-/minipass-sized-1.0.3.tgz", + "integrity": "sha512-MbkQQ2CTiBMlA2Dm/5cY+9SWFEN8pzzOXi6rlM5Xxq0Yqbda5ZQy9sU75a673FE9ZK0Zsbr6Y5iP6u9nktfg2g==", + "requires": { + "minipass": "^3.0.0" + }, + "dependencies": { + "minipass": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "requires": { + "yallist": "^4.0.0" + } + }, + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + } + } + }, "minizlib": { "version": "1.3.3", "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-1.3.3.tgz", @@ -3632,18 +3953,11 @@ } }, "mkdirp": { - "version": "0.5.5", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.5.tgz", - "integrity": "sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==", + "version": "0.5.1", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz", + "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=", "requires": { - "minimist": "^1.2.5" - }, - "dependencies": { - "minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" - } + "minimist": "0.0.8" } }, "move-concurrently": { @@ -3677,13 +3991,13 @@ "integrity": "sha1-MHXOk7whuPq0PhvE2n6BFe0ee6s=" }, "nano": { - "version": "8.2.2", - "resolved": "https://registry.npmjs.org/nano/-/nano-8.2.2.tgz", - "integrity": "sha512-1/rAvpd1J0Os0SazgutWQBx2buAq3KwJpmdIylPDqOwy73iQeAhTSCq3uzbGzvcNNW16Vv/BLXkk+DYcdcH+aw==", + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/nano/-/nano-8.1.0.tgz", + "integrity": "sha512-suMHW9XtTP8doR4FnId5+6ZfbAvDIZOAVp3qe7zTHXp7BvT/Cf4G9xBjXAthrIzoa+fkcionEr9xo8cZtvqMmg==", "dev": true, "requires": { - "@types/request": "^2.48.4", - "cloudant-follow": "^0.18.2", + "@types/request": "^2.47.1", + "cloudant-follow": "^0.18.1", "debug": "^4.1.1", "errs": "^0.3.2", "request": "^2.88.0" @@ -3734,9 +4048,9 @@ } }, "node-gyp": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-5.1.0.tgz", - "integrity": "sha512-OUTryc5bt/P8zVgNUmC6xdXiDJxLMAW8cF5tLQOT9E5sOQj+UeQxnnPy74K3CLCa/SOjjBlbuzDLR8ANwA+wmw==", + "version": "5.0.7", + "resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-5.0.7.tgz", + "integrity": "sha512-K8aByl8OJD51V0VbUURTKsmdswkQQusIvlvmTyhHlIT1hBvaSxzdxpSle857XuXa7uc02UEZx9OR5aDxSWS5Qw==", "requires": { "env-paths": "^2.2.0", "glob": "^7.1.4", @@ -3752,9 +4066,9 @@ } }, "nopt": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/nopt/-/nopt-4.0.3.tgz", - "integrity": "sha512-CvaGwVMztSMJLOeXPrez7fyfObdZqNUK1cPAEzLHrTybIua9pMdmmPR5YwtfNftIOMv3DPUhFaxsZMNTQO20Kg==", + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/nopt/-/nopt-4.0.1.tgz", + "integrity": "sha1-0NRoWv1UFRk8jHUFYC0NF81kR00=", "requires": { "abbrev": "1", "osenv": "^0.1.4" @@ -3854,39 +4168,93 @@ } }, "npm-packlist": { - "version": "1.4.8", - "resolved": "https://registry.npmjs.org/npm-packlist/-/npm-packlist-1.4.8.tgz", - "integrity": "sha512-5+AZgwru5IevF5ZdnFglB5wNlHG1AOOuw28WhUq8/8emhBmLv6jX5by4WJCh7lW0uSYZYS6DXqIsyZVIXRZU9A==", + "version": "1.4.7", + "resolved": "https://registry.npmjs.org/npm-packlist/-/npm-packlist-1.4.7.tgz", + "integrity": "sha512-vAj7dIkp5NhieaGZxBJB8fF4R0078rqsmhJcAfXZ6O7JJhjhPK96n5Ry1oZcfLXgfun0GWTZPOxaEyqv8GBykQ==", "requires": { "ignore-walk": "^3.0.1", - "npm-bundled": "^1.0.1", - "npm-normalize-package-bin": "^1.0.1" + "npm-bundled": "^1.0.1" } }, "npm-pick-manifest": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-3.0.2.tgz", - "integrity": "sha512-wNprTNg+X5nf+tDi+hbjdHhM4bX+mKqv6XmPh7B5eG+QY9VARfQPfCEH013H5GqfNj6ee8Ij2fg8yk0mzps1Vw==", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-6.0.0.tgz", + "integrity": "sha512-PdJpXMvjqt4nftNEDpCgjBUF8yI3Q3MyuAmVB9nemnnCg32F4BPL/JFBfdj8DubgHCYUFQhtLWmBPvdsFtjWMg==", "requires": { - "figgy-pudding": "^3.5.1", - "npm-package-arg": "^6.0.0", - "semver": "^5.4.1" + "npm-install-checks": "^4.0.0", + "npm-package-arg": "^8.0.0", + "semver": "^7.0.0" + }, + "dependencies": { + "hosted-git-info": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-3.0.2.tgz", + "integrity": "sha512-ezZMWtHXm7Eb7Rq4Mwnx2vs79WUx2QmRg3+ZqeGroKzfDO+EprOcgRPYghsOP9JuYBfK18VojmRTGCg8Ma+ktw==", + "requires": { + "lru-cache": "^5.1.1" + } + }, + "npm-install-checks": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/npm-install-checks/-/npm-install-checks-4.0.0.tgz", + "integrity": "sha512-09OmyDkNLYwqKPOnbI8exiOZU2GVVmQp7tgez2BPi5OZC8M82elDAps7sxC4l//uSUtotWqoEIDwjRvWH4qz8w==", + "requires": { + "semver": "^7.1.1" + } + }, + "npm-package-arg": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-8.0.0.tgz", + "integrity": "sha512-JgqZHCEUKvhX7EehLNdySiuB227a0QYra9wpZOkW+jvwsRYKkce7y5Rv2axkxScJU1EP+L32jT2PLhQz7IWHlw==", + "requires": { + "hosted-git-info": "^3.0.2", + "osenv": "^0.1.5", + "semver": "^7.0.0", + "validate-npm-package-name": "^3.0.0" + } + }, + "semver": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.1.3.tgz", + "integrity": "sha512-ekM0zfiA9SCBlsKa2X1hxyxiI4L3B6EbVJkkdgQXnSEEaHlGdvyodMruTiulSRWMMB4NeIuYNMC9rTKTz97GxA==" + } } }, "npm-profile": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/npm-profile/-/npm-profile-4.0.4.tgz", - "integrity": "sha512-Ta8xq8TLMpqssF0H60BXS1A90iMoM6GeKwsmravJ6wYjWwSzcYBTdyWa3DZCYqPutacBMEm7cxiOkiIeCUAHDQ==", + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/npm-profile/-/npm-profile-4.0.2.tgz", + "integrity": "sha512-VRsC04pvRH+9cF+PoVh2nTmJjiG21yu59IHpsBpkxk+jaGAV8lxx96G4SDc0jOHAkfWLXbc6kIph3dGAuRnotQ==", "requires": { "aproba": "^1.1.2 || 2", "figgy-pudding": "^3.4.1", "npm-registry-fetch": "^4.0.0" + }, + "dependencies": { + "npm-registry-fetch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + } + }, + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + } } }, "npm-registry-couchapp": { - "version": "2.7.4", - "resolved": "https://registry.npmjs.org/npm-registry-couchapp/-/npm-registry-couchapp-2.7.4.tgz", - "integrity": "sha512-8ZZ4zKvRqGhBw3qYGoLhFTltjz7V2ntO+qqrSwMBeYfSIoHt1w/xqqSMG76gM1jhEzv+/WWSJYvOpA8D2Qt7dw==", + "version": "2.7.3", + "resolved": "https://registry.npmjs.org/npm-registry-couchapp/-/npm-registry-couchapp-2.7.3.tgz", + "integrity": "sha512-Gdp4WHF6pl4Qke4CCuV34AiDzkNk6tOWAddR28LC2BG0AooTO6AY7wbWU+l/2zHwX7+sKWJFqzMlp6j7qI+SUw==", "dev": true, "requires": { "couchapp": "~0.11.0", @@ -3903,30 +4271,217 @@ } }, "npm-registry-fetch": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.4.tgz", - "integrity": "sha512-6jb34hX/iYNQebqWUHtU8YF6Cjb1H6ouTFPClYsyiW6lpFkljTpdeftm53rRojtja1rKAvKNIIiTS5Sjpw4wsA==", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-6.0.0.tgz", + "integrity": "sha512-TSzEzudrky0ArPskchM/7F5SrawBY5acMNtRqFuacEI2lCKEyfBjaENuuIU5Uq2CyHfJ+gWp5QlCprolKa5wKg==", "requires": { - "JSONStream": "^1.3.4", - "bluebird": "^3.5.1", + "@npmcli/ci-detect": "^1.0.0", "figgy-pudding": "^3.4.1", "lru-cache": "^5.1.1", - "make-fetch-happen": "^5.0.0", - "npm-package-arg": "^6.1.0", - "safe-buffer": "^5.2.0" + "make-fetch-happen": "^7.1.0", + "minipass": "^3.0.0", + "minipass-fetch": "^1.1.2", + "minipass-json-stream": "^1.0.1", + "minizlib": "^2.0.0", + "npm-package-arg": "^8.0.0", + "safe-buffer": "^5.2.0", + "semver": "^7.0.0" }, "dependencies": { + "agent-base": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-5.1.1.tgz", + "integrity": "sha512-TMeqbNl2fMW0nMjTEPOwe3J/PRFP4vqeoNuQMG0HlMrtm5QxKqdvAkZ1pRBQ/ulIyDD5Yq0nJ7YbdD8ey0TO3g==" + }, + "agentkeepalive": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/agentkeepalive/-/agentkeepalive-4.1.0.tgz", + "integrity": "sha512-CW/n1wxF8RpEuuiq6Vbn9S8m0VSYDMnZESqaJ6F2cWN9fY8rei2qaxweIaRgq+ek8TqfoFIsUjaGNKGGEHElSg==", + "requires": { + "debug": "^4.1.0", + "depd": "^1.1.2", + "humanize-ms": "^1.2.1" + } + }, + "cacache": { + "version": "14.0.0", + "resolved": "https://registry.npmjs.org/cacache/-/cacache-14.0.0.tgz", + "integrity": "sha512-+Nr/BnA/tjAUXza9gH8F+FSP+1HvWqCKt4c95dQr4EDVJVafbzmPZpLKCkLYexs6vSd2B/1TOXrAoNnqVPfvRA==", + "requires": { + "chownr": "^1.1.2", + "figgy-pudding": "^3.5.1", + "fs-minipass": "^2.0.0", + "glob": "^7.1.4", + "graceful-fs": "^4.2.2", + "infer-owner": "^1.0.4", + "lru-cache": "^5.1.1", + "minipass": "^3.0.0", + "minipass-collect": "^1.0.2", + "minipass-flush": "^1.0.5", + "minipass-pipeline": "^1.2.2", + "mkdirp": "^1.0.3", + "move-concurrently": "^1.0.1", + "p-map": "^3.0.0", + "promise-inflight": "^1.0.1", + "rimraf": "^2.7.1", + "ssri": "^7.0.0", + "tar": "^6.0.0", + "unique-filename": "^1.1.1" + } + }, + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "requires": { + "ms": "^2.1.1" + } + }, + "fs-minipass": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", + "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", + "requires": { + "minipass": "^3.0.0" + } + }, + "hosted-git-info": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-3.0.2.tgz", + "integrity": "sha512-ezZMWtHXm7Eb7Rq4Mwnx2vs79WUx2QmRg3+ZqeGroKzfDO+EprOcgRPYghsOP9JuYBfK18VojmRTGCg8Ma+ktw==", + "requires": { + "lru-cache": "^5.1.1" + } + }, + "http-cache-semantics": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.0.3.tgz", + "integrity": "sha512-TcIMG3qeVLgDr1TEd2XvHaTnMPwYQUQMIBLy+5pLSDKYFc7UIqj39w8EGzZkaxoLv/l2K8HaI0t5AVA+YYgUew==" + }, + "http-proxy-agent": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-3.0.0.tgz", + "integrity": "sha512-uGuJaBWQWDQCJI5ip0d/VTYZW0nRrlLWXA4A7P1jrsa+f77rW2yXz315oBt6zGCF6l8C2tlMxY7ffULCj+5FhA==", + "requires": { + "agent-base": "5", + "debug": "4" + } + }, + "https-proxy-agent": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-4.0.0.tgz", + "integrity": "sha512-zoDhWrkR3of1l9QAL8/scJZyLu8j/gBkcwcaQOZh7Gyh/+uJQzGVETdgT30akuwkpL8HTRfssqI3BZuV18teDg==", + "requires": { + "agent-base": "5", + "debug": "4" + } + }, + "make-fetch-happen": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-7.1.1.tgz", + "integrity": "sha512-7fNjiOXNZhNGQzG5P15nU97aZQtzPU2GVgVd7pnqnl5gnpLzMAD8bAe5YG4iW2s0PTqaZy9xGv4Wfqe872kRNQ==", + "requires": { + "agentkeepalive": "^4.1.0", + "cacache": "^14.0.0", + "http-cache-semantics": "^4.0.3", + "http-proxy-agent": "^3.0.0", + "https-proxy-agent": "^4.0.0", + "is-lambda": "^1.0.1", + "lru-cache": "^5.1.1", + "minipass": "^3.0.0", + "minipass-collect": "^1.0.2", + "minipass-fetch": "^1.1.2", + "minipass-flush": "^1.0.5", + "minipass-pipeline": "^1.2.2", + "promise-retry": "^1.1.1", + "socks-proxy-agent": "^4.0.0", + "ssri": "^7.0.1" + } + }, + "minipass": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.1.tgz", + "integrity": "sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==", + "requires": { + "yallist": "^4.0.0" + } + }, + "minizlib": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.0.tgz", + "integrity": "sha512-EzTZN/fjSvifSX0SlqUERCN39o6T40AMarPbv0MrarSFtIITCBh7bi+dU8nxGFHuqs9jdIAeoYoKuQAAASsPPA==", + "requires": { + "minipass": "^3.0.0", + "yallist": "^4.0.0" + } + }, + "mkdirp": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.3.tgz", + "integrity": "sha512-6uCP4Qc0sWsgMLy1EOqqS/3rjDHOEnsStVr/4vtAIK2Y5i2kA7lFFejYrpIyiN9w0pYf4ckeCYT9f1r1P9KX5g==" + }, + "npm-package-arg": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-8.0.0.tgz", + "integrity": "sha512-JgqZHCEUKvhX7EehLNdySiuB227a0QYra9wpZOkW+jvwsRYKkce7y5Rv2axkxScJU1EP+L32jT2PLhQz7IWHlw==", + "requires": { + "hosted-git-info": "^3.0.2", + "osenv": "^0.1.5", + "semver": "^7.0.0", + "validate-npm-package-name": "^3.0.0" + } + }, + "rimraf": { + "version": "2.7.1", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.7.1.tgz", + "integrity": "sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==", + "requires": { + "glob": "^7.1.3" + } + }, "safe-buffer": { "version": "5.2.0", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + }, + "semver": { + "version": "7.1.2", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.1.2.tgz", + "integrity": "sha512-BJs9T/H8sEVHbeigqzIEo57Iu/3DG6c4QoqTfbQB3BPA4zgzAomh/Fk9E7QtjWQ8mx2dgA9YCfSF4y9k9bHNpQ==" + }, + "ssri": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/ssri/-/ssri-7.1.0.tgz", + "integrity": "sha512-77/WrDZUWocK0mvA5NTRQyveUf+wsrIc6vyrxpS8tVvYBcX215QbafrJR3KtkpskIzoFLqqNuuYQvxaMjXJ/0g==", + "requires": { + "figgy-pudding": "^3.5.1", + "minipass": "^3.1.1" + } + }, + "tar": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.0.1.tgz", + "integrity": "sha512-bKhKrrz2FJJj5s7wynxy/fyxpE0CmCjmOQ1KV4KkgXFWOgoIT/NbTMnB1n+LFNrNk0SSBVGGxcK5AGsyC+pW5Q==", + "requires": { + "chownr": "^1.1.3", + "fs-minipass": "^2.0.0", + "minipass": "^3.0.0", + "minizlib": "^2.1.0", + "mkdirp": "^1.0.3", + "yallist": "^4.0.0" + } + }, + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" } } }, "npm-registry-mock": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/npm-registry-mock/-/npm-registry-mock-1.3.1.tgz", - "integrity": "sha512-UWg3QEnW/sQbQ6/esApzSkEWzuXJUCz8VDgZWfnKmMPG5KTlvfLqDm1x0rP08w3XvzuZWte1JaNOaHzjILgMfg==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/npm-registry-mock/-/npm-registry-mock-1.3.0.tgz", + "integrity": "sha512-xjue2BSruEF8NM5IjFNq6w9qjZObR1XqqNe0aqM865wtqOmzXtt2yALsyEEJc5cuwCeHYrTHIjNByWeAypewsg==", "dev": true, "requires": { "hock": "~0.2.5", @@ -4434,6 +4989,14 @@ "p-limit": "^1.1.0" } }, + "p-map": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/p-map/-/p-map-3.0.0.tgz", + "integrity": "sha512-d3qXVTF/s+W+CdJ5A29wywV2n8CQQYahlgz2bFiA+4eVNJbHJodPZ+/gXwPGh0bOqA+j8S+6+ckmvLGPk1QpxQ==", + "requires": { + "aggregate-error": "^3.0.0" + } + }, "p-try": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/p-try/-/p-try-1.0.0.tgz", @@ -4507,6 +5070,37 @@ "safe-buffer": "^5.1.2", "yallist": "^3.0.0" } + }, + "npm-pick-manifest": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-3.0.2.tgz", + "integrity": "sha512-wNprTNg+X5nf+tDi+hbjdHhM4bX+mKqv6XmPh7B5eG+QY9VARfQPfCEH013H5GqfNj6ee8Ij2fg8yk0mzps1Vw==", + "requires": { + "figgy-pudding": "^3.5.1", + "npm-package-arg": "^6.0.0", + "semver": "^5.4.1" + } + }, + "npm-registry-fetch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz", + "integrity": "sha512-Z0IFtPEozNdeZRPh3aHHxdG+ZRpzcbQaJLthsm3VhNf6DScicTFRHZzK82u8RsJUsUHkX+QH/zcB/5pmd20H4A==", + "requires": { + "JSONStream": "^1.3.4", + "bluebird": "^3.5.1", + "figgy-pudding": "^3.4.1", + "lru-cache": "^5.1.1", + "make-fetch-happen": "^5.0.0", + "npm-package-arg": "^6.1.0", + "safe-buffer": "^5.2.0" + }, + "dependencies": { + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + } + } } } }, @@ -4869,20 +5463,20 @@ "integrity": "sha1-77/cdA+a0FQwRCassYNBLMi5ltQ=" }, "rc": { - "version": "1.2.8", - "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.8.tgz", - "integrity": "sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==", + "version": "1.2.7", + "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.7.tgz", + "integrity": "sha512-LdLD8xD4zzLsAT5xyushXDNscEjB7+2ulnl8+r1pnESlYtlJtVSoCMBGr30eDRJ3+2Gq89jK9P9e4tCEH1+ywA==", "requires": { - "deep-extend": "^0.6.0", + "deep-extend": "^0.5.1", "ini": "~1.3.0", "minimist": "^1.2.0", "strip-json-comments": "~2.0.1" }, "dependencies": { "minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz", + "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=" } } }, @@ -4960,9 +5554,9 @@ } }, "readable-stream": { - "version": "3.6.0", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz", - "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==", + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.4.0.tgz", + "integrity": "sha512-jItXPLmrSR8jmTRmRWJXCnGJsfy85mB3Wd/uINMXA65yrnFo0cPClFIUWzo2najVNSl+mx7/4W8ttlLWJe99pQ==", "requires": { "inherits": "^2.0.3", "string_decoder": "^1.1.1", @@ -4981,9 +5575,9 @@ } }, "registry-auth-token": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/registry-auth-token/-/registry-auth-token-3.4.0.tgz", - "integrity": "sha512-4LM6Fw8eBQdwMYcES4yTnn2TqIasbXuwDx3um+QRs7S55aMKCBKBxvPXl2RiUjHwuJLTyYfxSpmfSAjQpcuP+A==", + "version": "3.3.2", + "resolved": "https://registry.npmjs.org/registry-auth-token/-/registry-auth-token-3.3.2.tgz", + "integrity": "sha512-JL39c60XlzCVgNrO+qq68FoNb56w/m7JYvGR2jT5iR1xBrUA3Mfx5Twk5rqTThPmQKMWydGmq8oFtDlxfrmxnQ==", "requires": { "rc": "^1.1.6", "safe-buffer": "^5.0.1" @@ -5100,9 +5694,9 @@ "integrity": "sha1-G0KmJmoh8HQh0bC1S33BZ7AcATs=" }, "rimraf": { - "version": "2.7.1", - "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.7.1.tgz", - "integrity": "sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==", + "version": "2.6.3", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz", + "integrity": "sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==", "requires": { "glob": "^7.1.3" } @@ -5587,18 +6181,11 @@ } }, "string_decoder": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", - "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.2.0.tgz", + "integrity": "sha512-6YqyX6ZWEYguAxgZzHGL7SsCeGx3V2TtOTqZz1xSTSWnqsbWwbptafNyvf/ACquZUXV3DANr5BDIwNYe1mN42w==", "requires": { - "safe-buffer": "~5.2.0" - }, - "dependencies": { - "safe-buffer": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", - "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" - } + "safe-buffer": "~5.1.0" } }, "stringify-package": { @@ -6472,9 +7059,9 @@ } }, "widest-line": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/widest-line/-/widest-line-2.0.1.tgz", - "integrity": "sha512-Ba5m9/Fa4Xt9eb2ELXt77JxVDV8w7qQrH0zS/TWSJdLyAwQjWoOzpzj5lwVftDz6n/EOu3tNACS84v509qwnJA==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/widest-line/-/widest-line-2.0.0.tgz", + "integrity": "sha1-AUKk6KJD+IgsAjOqDgKBqnYVInM=", "requires": { "string-width": "^2.1.1" } diff --git a/package.json b/package.json index ca5afc35c..2b99137c9 100644 --- a/package.json +++ b/package.json @@ -1,5 +1,5 @@ { - "version": "6.14.5", + "version": "6.13.7", "name": "npm", "description": "a package manager for JavaScript", "keywords": [ @@ -44,7 +44,7 @@ "byte-size": "^5.0.1", "cacache": "^12.0.3", "call-limit": "^1.1.1", - "chownr": "^1.1.4", + "chownr": "^1.1.3", "ci-info": "^2.0.0", "cli-columns": "^3.1.2", "cli-table3": "^0.5.1", @@ -60,10 +60,10 @@ "fs-vacuum": "~1.2.10", "fs-write-stream-atomic": "~1.0.10", "gentle-fs": "^2.3.0", - "glob": "^7.1.6", - "graceful-fs": "^4.2.4", + "glob": "^7.1.4", + "graceful-fs": "^4.2.3", "has-unicode": "~2.0.1", - "hosted-git-info": "^2.8.8", + "hosted-git-info": "^2.8.5", "iferr": "^1.0.2", "infer-owner": "^1.0.4", "inflight": "~1.0.6", @@ -91,20 +91,20 @@ "lru-cache": "^5.1.1", "meant": "~1.0.1", "mississippi": "^3.0.0", - "mkdirp": "^0.5.5", + "mkdirp": "~0.5.1", "move-concurrently": "^1.0.1", - "node-gyp": "^5.1.0", - "nopt": "^4.0.3", + "node-gyp": "^5.0.7", + "nopt": "~4.0.1", "normalize-package-data": "^2.5.0", "npm-audit-report": "^1.3.2", "npm-cache-filename": "~1.0.2", "npm-install-checks": "^3.0.2", "npm-lifecycle": "^3.1.4", "npm-package-arg": "^6.1.1", - "npm-packlist": "^1.4.8", - "npm-pick-manifest": "^3.0.2", - "npm-profile": "^4.0.4", - "npm-registry-fetch": "^4.0.4", + "npm-packlist": "^1.4.7", + "npm-pick-manifest": "^6.0.0", + "npm-profile": "^4.0.2", + "npm-registry-fetch": "^6.0.0", "npm-user-validate": "~1.0.0", "npmlog": "~4.1.2", "once": "~1.4.0", @@ -121,11 +121,11 @@ "read-installed": "~4.0.3", "read-package-json": "^2.1.1", "read-package-tree": "^5.3.1", - "readable-stream": "^3.6.0", + "readable-stream": "^3.4.0", "readdir-scoped-modules": "^1.1.0", "request": "^2.88.0", "retry": "^0.12.0", - "rimraf": "^2.7.1", + "rimraf": "^2.6.3", "safe-buffer": "^5.1.2", "semver": "^5.7.1", "sha": "^3.0.0", @@ -280,8 +280,8 @@ "licensee": "^7.0.3", "marked": "^0.6.3", "marked-man": "^0.6.0", - "npm-registry-couchapp": "^2.7.4", - "npm-registry-mock": "^1.3.1", + "npm-registry-couchapp": "^2.7.3", + "npm-registry-mock": "^1.3.0", "require-inject": "^1.4.4", "sprintf-js": "^1.1.2", "standard": "^11.0.1", |