Welcome to mirror list, hosted at ThFree Co, Russian Federation.

shrinkwrap.js « lib - github.com/npm/cli.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/shrinkwrap.js
blob: 5d4a1ada982a4956887492737d31d3e8baf13a24 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

const { resolve, basename } = require('path')
const util = require('util')
const fs = require('fs')
const { unlink } = fs.promises || { unlink: util.promisify(fs.unlink) }
const Arborist = require('@npmcli/arborist')
const log = require('npmlog')

const BaseCommand = require('./base-command.js')
class Shrinkwrap extends BaseCommand {
  /* istanbul ignore next - see test/lib/load-all-commands.js */
  static get description () {
    return 'Lock down dependency versions for publication'
  }

  /* istanbul ignore next - see test/lib/load-all-commands.js */
  static get name () {
    return 'shrinkwrap'
  }

  exec (args, cb) {
    this.shrinkwrap().then(() => cb()).catch(cb)
  }

  async shrinkwrap () {
    // if has a npm-shrinkwrap.json, nothing to do
    // if has a package-lock.json, rename to npm-shrinkwrap.json
    // if has neither, load the actual tree and save that as npm-shrinkwrap.json
    // in all cases, re-cast to current lockfile version
    //
    // loadVirtual, fall back to loadActual
    // rename shrinkwrap file type, and tree.meta.save()
    if (this.npm.config.get('global')) {
      const er = new Error('`npm shrinkwrap` does not work for global packages')
      er.code = 'ESHRINKWRAPGLOBAL'
      throw er
    }

    const path = this.npm.prefix
    const sw = resolve(path, 'npm-shrinkwrap.json')
    const arb = new Arborist({ ...this.npm.flatOptions, path })
    const tree = await arb.loadVirtual().catch(() => arb.loadActual())
    const { meta } = tree
    const newFile = meta.hiddenLockfile || !meta.loadedFromDisk
    const oldFilename = meta.filename
    const notSW = !newFile && basename(oldFilename) !== 'npm-shrinkwrap.json'

    meta.hiddenLockfile = false
    meta.filename = sw
    await meta.save()

    if (newFile)
      log.notice('', 'created a lockfile as npm-shrinkwrap.json')
    else if (notSW) {
      await unlink(oldFilename)
      log.notice('', 'package-lock.json has been renamed to npm-shrinkwrap.json')
    } else if (meta.originalLockfileVersion !== this.npm.lockfileVersion)
      log.notice('', `npm-shrinkwrap.json updated to version ${this.npm.lockfileVersion}`)
    else
      log.notice('', 'npm-shrinkwrap.json up to date')
  }
}
module.exports = Shrinkwrap
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 03:37:04 +0300