Skip to content

Commit

Permalink
deps: upgrade npm to 8.3.0
Browse files Browse the repository at this point in the history
PR-URL: #41127
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
npm-robot authored and danielleadams committed Dec 13, 2021
1 parent 34c6c59 commit fae4945
Showing 39 changed files with 1,077 additions and 109 deletions.
103 changes: 103 additions & 0 deletions deps/npm/docs/content/configuring-npm/package-json.md
Original file line number Diff line number Diff line change
@@ -871,6 +871,109 @@ if (foo) {
Entries in `optionalDependencies` will override entries of the same name in
`dependencies`, so it's usually best to only put in one place.

### overrides

If you need to make specific changes to dependencies of your dependencies, for
example replacing the version of a dependency with a known security issue,
replacing an existing dependency with a fork, or making sure that the same
version of a package is used everywhere, then you may add an override.

Overrides provide a way to replace a package in your dependency tree with
another version, or another package entirely. These changes can be scoped as
specific or as vague as desired.

To make sure the package `foo` is always installed as version `1.0.0` no matter
what version your dependencies rely on:

```json
{
"overrides": {
"foo": "1.0.0"
}
}
```

The above is a short hand notation, the full object form can be used to allow
overriding a package itself as well as a child of the package. This will cause
`foo` to always be `1.0.0` while also making `bar` at any depth beyond `foo`
also `1.0.0`:

```json
{
"overrides": {
"foo": {
".": "1.0.0",
"bar": "1.0.0"
}
}
}
```

To only override `foo` to be `1.0.0` when it's a child (or grandchild, or great
grandchild, etc) of the package `bar`:
```json
{
"overrides": {
"bar": {
"foo": "1.0.0"
}
}
}
```
Keys can be nested to any arbitrary length. To override `foo` only when it's a
child of `bar` and only when `bar` is a child of `baz`:

```json
{
"overrides": {
"baz": {
"bar": {
"foo": "1.0.0"
}
}
}
}
```

The key of an override can also include a version, or range of versions.
To override `foo` to `1.0.0`, but only when it's a child of `[email protected]`:
```json
{
"overrides": {
"[email protected]": {
"foo": "1.0.0"
}
}
}
```
You may not set an override for a package that you directly depend on unless
both the dependency and the override itself share the exact same spec. To make
this limitation easier to deal with, overrides may also be defined as a
reference to a spec for a direct dependency by prefixing the name of the
package you wish the version to match with a `$`.
```json
{
"dependencies": {
"foo": "^1.0.0"
},
"overrides": {
// BAD, will throw an EOVERRIDE error
// "foo": "^2.0.0"
// GOOD, specs match so override is allowed
// "foo": "^1.0.0"
// BEST, the override is defined as a reference to the dependency
"foo": "$foo",
// the referenced package does not need to match the overridden one
"bar": "$foo"
}
}
```
### engines
You can specify the version of node that your stuff works on:
2 changes: 1 addition & 1 deletion deps/npm/docs/output/commands/npm-ls.html
Original file line number Diff line number Diff line change
@@ -160,7 +160,7 @@ <h3 id="description">Description</h3>
the results to only the paths to the packages named. Note that nested
packages will <em>also</em> show the paths to the specified packages. For
example, running <code>npm ls promzard</code> in npm's source tree will show:</p>
<pre lang="bash"><code>npm@8.2.0 /path/to/npm
<pre lang="bash"><code>npm@8.3.0 /path/to/npm
└─┬ [email protected]
└── [email protected]
</code></pre>
2 changes: 1 addition & 1 deletion deps/npm/docs/output/commands/npm.html
Original file line number Diff line number Diff line change
@@ -149,7 +149,7 @@ <h2 id="table-of-contents">Table of contents</h2>
<pre lang="bash"><code>npm &lt;command&gt; [args]
</code></pre>
<h3 id="version">Version</h3>
<p>8.2.0</p>
<p>8.3.0</p>
<h3 id="description">Description</h3>
<p>npm is the package manager for the Node JavaScript platform. It puts
modules in place so that node can find them, and manages dependency
84 changes: 83 additions & 1 deletion deps/npm/docs/output/configuring-npm/package-json.html
Original file line number Diff line number Diff line change
@@ -142,7 +142,7 @@ <h1 id="packagejson">package.json</h1>

<section id="table_of_contents">
<h2 id="table-of-contents">Table of contents</h2>
<div id="_table_of_contents"><ul><li><a href="#description">Description</a></li><li><a href="#name">name</a></li><li><a href="#version">version</a></li><li><a href="#description2">description</a></li><li><a href="#keywords">keywords</a></li><li><a href="#homepage">homepage</a></li><li><a href="#bugs">bugs</a></li><li><a href="#license">license</a></li><li><a href="#people-fields-author-contributors">people fields: author, contributors</a></li><li><a href="#funding">funding</a></li><li><a href="#files">files</a></li><li><a href="#main">main</a></li><li><a href="#browser">browser</a></li><li><a href="#bin">bin</a></li><li><a href="#man">man</a></li><li><a href="#directories">directories</a></li><ul><li><a href="#directoriesbin">directories.bin</a></li><li><a href="#directoriesman">directories.man</a></li></ul><li><a href="#repository">repository</a></li><li><a href="#scripts">scripts</a></li><li><a href="#config">config</a></li><li><a href="#dependencies">dependencies</a></li><ul><li><a href="#urls-as-dependencies">URLs as Dependencies</a></li><li><a href="#git-urls-as-dependencies">Git URLs as Dependencies</a></li><li><a href="#github-urls">GitHub URLs</a></li><li><a href="#local-paths">Local Paths</a></li></ul><li><a href="#devdependencies">devDependencies</a></li><li><a href="#peerdependencies">peerDependencies</a></li><li><a href="#peerdependenciesmeta">peerDependenciesMeta</a></li><li><a href="#bundleddependencies">bundledDependencies</a></li><li><a href="#optionaldependencies">optionalDependencies</a></li><li><a href="#engines">engines</a></li><li><a href="#os">os</a></li><li><a href="#cpu">cpu</a></li><li><a href="#private">private</a></li><li><a href="#publishconfig">publishConfig</a></li><li><a href="#workspaces">workspaces</a></li><li><a href="#default-values">DEFAULT VALUES</a></li><li><a href="#see-also">SEE ALSO</a></li></ul></div>
<div id="_table_of_contents"><ul><li><a href="#description">Description</a></li><li><a href="#name">name</a></li><li><a href="#version">version</a></li><li><a href="#description2">description</a></li><li><a href="#keywords">keywords</a></li><li><a href="#homepage">homepage</a></li><li><a href="#bugs">bugs</a></li><li><a href="#license">license</a></li><li><a href="#people-fields-author-contributors">people fields: author, contributors</a></li><li><a href="#funding">funding</a></li><li><a href="#files">files</a></li><li><a href="#main">main</a></li><li><a href="#browser">browser</a></li><li><a href="#bin">bin</a></li><li><a href="#man">man</a></li><li><a href="#directories">directories</a></li><ul><li><a href="#directoriesbin">directories.bin</a></li><li><a href="#directoriesman">directories.man</a></li></ul><li><a href="#repository">repository</a></li><li><a href="#scripts">scripts</a></li><li><a href="#config">config</a></li><li><a href="#dependencies">dependencies</a></li><ul><li><a href="#urls-as-dependencies">URLs as Dependencies</a></li><li><a href="#git-urls-as-dependencies">Git URLs as Dependencies</a></li><li><a href="#github-urls">GitHub URLs</a></li><li><a href="#local-paths">Local Paths</a></li></ul><li><a href="#devdependencies">devDependencies</a></li><li><a href="#peerdependencies">peerDependencies</a></li><li><a href="#peerdependenciesmeta">peerDependenciesMeta</a></li><li><a href="#bundleddependencies">bundledDependencies</a></li><li><a href="#optionaldependencies">optionalDependencies</a></li><li><a href="#overrides">overrides</a></li><li><a href="#engines">engines</a></li><li><a href="#os">os</a></li><li><a href="#cpu">cpu</a></li><li><a href="#private">private</a></li><li><a href="#publishconfig">publishConfig</a></li><li><a href="#workspaces">workspaces</a></li><li><a href="#default-values">DEFAULT VALUES</a></li><li><a href="#see-also">SEE ALSO</a></li></ul></div>
</section>

<div id="_content"><h3 id="description">Description</h3>
@@ -800,6 +800,88 @@ <h3 id="optionaldependencies">optionalDependencies</h3>
</code></pre>
<p>Entries in <code>optionalDependencies</code> will override entries of the same name in
<code>dependencies</code>, so it's usually best to only put in one place.</p>
<h3 id="overrides">overrides</h3>
<p>If you need to make specific changes to dependencies of your dependencies, for
example replacing the version of a dependency with a known security issue,
replacing an existing dependency with a fork, or making sure that the same
version of a package is used everywhere, then you may add an override.</p>
<p>Overrides provide a way to replace a package in your dependency tree with
another version, or another package entirely. These changes can be scoped as
specific or as vague as desired.</p>
<p>To make sure the package <code>foo</code> is always installed as version <code>1.0.0</code> no matter
what version your dependencies rely on:</p>
<pre lang="json"><code>{
"overrides": {
"foo": "1.0.0"
}
}
</code></pre>
<p>The above is a short hand notation, the full object form can be used to allow
overriding a package itself as well as a child of the package. This will cause
<code>foo</code> to always be <code>1.0.0</code> while also making <code>bar</code> at any depth beyond <code>foo</code>
also <code>1.0.0</code>:</p>
<pre lang="json"><code>{
"overrides": {
"foo": {
".": "1.0.0",
"bar": "1.0.0"
}
}
}
</code></pre>
<p>To only override <code>foo</code> to be <code>1.0.0</code> when it's a child (or grandchild, or great
grandchild, etc) of the package <code>bar</code>:</p>
<pre lang="json"><code>{
"overrides": {
"bar": {
"foo": "1.0.0"
}
}
}
</code></pre>
<p>Keys can be nested to any arbitrary length. To override <code>foo</code> only when it's a
child of <code>bar</code> and only when <code>bar</code> is a child of <code>baz</code>:</p>
<pre lang="json"><code>{
"overrides": {
"baz": {
"bar": {
"foo": "1.0.0"
}
}
}
}
</code></pre>
<p>The key of an override can also include a version, or range of versions.
To override <code>foo</code> to <code>1.0.0</code>, but only when it's a child of <code>[email protected]</code>:</p>
<pre lang="json"><code>{
"overrides": {
"[email protected]": {
"foo": "1.0.0"
}
}
}
</code></pre>
<p>You may not set an override for a package that you directly depend on unless
both the dependency and the override itself share the exact same spec. To make
this limitation easier to deal with, overrides may also be defined as a
reference to a spec for a direct dependency by prefixing the name of the
package you wish the version to match with a <code>$</code>.</p>
<pre lang="json"><code>{
"dependencies": {
"foo": "^1.0.0"
},
"overrides": {
// BAD, will throw an EOVERRIDE error
// "foo": "^2.0.0"
// GOOD, specs match so override is allowed
// "foo": "^1.0.0"
// BEST, the override is defined as a reference to the dependency
"foo": "$foo",
// the referenced package does not need to match the overridden one
"bar": "$foo"
}
}
</code></pre>
<h3 id="engines">engines</h3>
<p>You can specify the version of node that your stuff works on:</p>
<pre lang="json"><code>{
34 changes: 31 additions & 3 deletions deps/npm/lib/commands/config.js
Original file line number Diff line number Diff line change
@@ -2,7 +2,7 @@
const configDefs = require('../utils/config/index.js')

const mkdirp = require('mkdirp-infer-owner')
const { dirname } = require('path')
const { dirname, resolve } = require('path')
const { promisify } = require('util')
const fs = require('fs')
const readFile = promisify(fs.readFile)
@@ -11,6 +11,7 @@ const { spawn } = require('child_process')
const { EOL } = require('os')
const ini = require('ini')
const localeCompare = require('@isaacs/string-locale-compare')('en')
const rpj = require('read-package-json-fast')
const log = require('../utils/log-shim.js')

// take an array of `[key, value, k2=v2, k3, v3, ...]` and turn into
@@ -28,7 +29,17 @@ const keyValues = args => {
return kv
}

const publicVar = k => !/^(\/\/[^:]+:)?_/.test(k)
const publicVar = k => {
// _password
if (k.startsWith('_')) {
return false
}
// //localhost:8080/:_password
if (k.startsWith('//') && k.includes(':_')) {
return false
}
return true
}

const BaseCommand = require('../base-command.js')
class Config extends BaseCommand {
@@ -147,7 +158,7 @@ class Config extends BaseCommand {
const out = []
for (const key of keys) {
if (!publicVar(key)) {
throw `The ${key} option is protected, and cannot be retrieved in this way`
throw new Error(`The ${key} option is protected, and cannot be retrieved in this way`)
}

const pref = keys.length > 1 ? `${key}=` : ''
@@ -257,6 +268,23 @@ ${defData}
`; HOME = ${process.env.HOME}`,
'; Run `npm config ls -l` to show all defaults.'
)
msg.push('')
}

if (!this.npm.config.get('global')) {
const pkgPath = resolve(this.npm.prefix, 'package.json')
const pkg = await rpj(pkgPath).catch(() => ({}))

if (pkg.publishConfig) {
msg.push(`; "publishConfig" from ${pkgPath}`)
msg.push('; This set of config values will be used at publish-time.', '')
const pkgKeys = Object.keys(pkg.publishConfig).sort(localeCompare)
for (const k of pkgKeys) {
const v = publicVar(k) ? JSON.stringify(pkg.publishConfig[k]) : '(protected)'
msg.push(`${k} = ${v}`)
}
msg.push('')
}
}

this.npm.output(msg.join('\n').trim())
10 changes: 7 additions & 3 deletions deps/npm/lib/commands/publish.js
Original file line number Diff line number Diff line change
@@ -104,11 +104,15 @@ class Publish extends BaseCommand {
const resolved = npa.resolve(manifest.name, manifest.version)
const registry = npmFetch.pickRegistry(resolved, opts)
const creds = this.npm.config.getCredentialsByURI(registry)
const outputRegistry = replaceInfo(registry)
if (!creds.token && !creds.username) {
throw Object.assign(new Error('This command requires you to be logged in.'), {
code: 'ENEEDAUTH',
})
throw Object.assign(
new Error(`This command requires you to be logged in to ${outputRegistry}`), {
code: 'ENEEDAUTH',
}
)
}
log.notice('', `Publishing to ${outputRegistry}`)
await otplease(opts, opts => libpub(manifest, tarballData, opts))
}

1 change: 1 addition & 0 deletions deps/npm/lib/utils/exit-handler.js
Original file line number Diff line number Diff line change
@@ -116,6 +116,7 @@ const exitHandler = err => {
exitCode = err.code
noLogMessage = true
} else if (typeof err === 'string') {
// XXX: we should stop throwing strings
log.error('', err)
noLogMessage = true
} else if (!(err instanceof Error)) {
43 changes: 19 additions & 24 deletions deps/npm/lib/utils/log-file.js
Original file line number Diff line number Diff line change
@@ -8,6 +8,8 @@ const fsMiniPass = require('fs-minipass')
const log = require('./log-shim')
const withChownSync = require('./with-chown-sync')

const padZero = (n, length) => n.toString().padStart(length.toString().length, '0')

const _logHandler = Symbol('logHandler')
const _formatLogItem = Symbol('formatLogItem')
const _getLogFilePath = Symbol('getLogFilePath')
@@ -34,7 +36,7 @@ class LogFiles {
// here for infinite loops that still log. This is also partially handled
// by the config.get('max-files') option, but this is a failsafe to
// prevent runaway log file creation
#MAX_LOG_FILES_PER_PROCESS = null
#MAX_FILES_PER_PROCESS = null

#fileLogCount = 0
#totalLogCount = 0
@@ -48,18 +50,14 @@ class LogFiles {
} = {}) {
this.#logId = LogFiles.logId(new Date())
this.#MAX_LOGS_PER_FILE = maxLogsPerFile
this.#MAX_LOG_FILES_PER_PROCESS = maxFilesPerProcess
this.#MAX_FILES_PER_PROCESS = maxFilesPerProcess
this.on()
}

static logId (d) {
return d.toISOString().replace(/[.:]/g, '_')
}

static fileName (prefix, suffix) {
return `${prefix}-debug-${suffix}.log`
}

static format (count, level, title, ...args) {
let prefix = `${count} ${level}`
if (title) {
@@ -149,7 +147,7 @@ class LogFiles {
if (this.#fileLogCount >= this.#MAX_LOGS_PER_FILE) {
// Write last chunk to the file and close it
this[_endStream](logOutput)
if (this.#files.length >= this.#MAX_LOG_FILES_PER_PROCESS) {
if (this.#files.length >= this.#MAX_FILES_PER_PROCESS) {
// but if its way too many then we just stop listening
this.off()
} else {
@@ -166,23 +164,21 @@ class LogFiles {
return LogFiles.format(this.#totalLogCount++, ...args)
}

[_getLogFilePath] (prefix, suffix) {
return path.resolve(this.#dir, LogFiles.fileName(prefix, suffix))
[_getLogFilePath] (prefix, suffix, sep = '-') {
return path.resolve(this.#dir, prefix + sep + 'debug' + sep + suffix + '.log')
}

[_openLogFile] () {
// Count in filename will be 0 indexed
const count = this.#files.length

// Pad with zeros so that our log files are always sorted properly
// We never want to write files ending in `-9.log` and `-10.log` because
// log file cleaning is done by deleting the oldest so in this example
// `-10.log` would be deleted next
const countDigits = this.#MAX_LOG_FILES_PER_PROCESS.toString().length

try {
const logStream = withChownSync(
this[_getLogFilePath](this.#logId, count.toString().padStart(countDigits, '0')),
// Pad with zeros so that our log files are always sorted properly
// We never want to write files ending in `-9.log` and `-10.log` because
// log file cleaning is done by deleting the oldest so in this example
// `-10.log` would be deleted next
this[_getLogFilePath](this.#logId, padZero(count, this.#MAX_FILES_PER_PROCESS)),
// Some effort was made to make the async, but we need to write logs
// during process.on('exit') which has to be synchronous. So in order
// to never drop log messages, it is easiest to make it sync all the time
@@ -214,14 +210,13 @@ class LogFiles {
return
}

// Add 1 to account for the current log file and make
// minimum config 0 so current log file is never deleted
// XXX: we should make a separate documented option to
// disable log file writing
const max = Math.max(this.#logsMax, 0) + 1
try {
const files = await glob(this[_getLogFilePath]('*', '*'))
const toDelete = files.length - max
// Handle the old (prior to 8.2.0) log file names which did not have an counter suffix
// so match by anything after `-debug` and before `.log` (including nothing)
const logGlob = this[_getLogFilePath]('*-', '*', '')
// Always ignore the currently written files
const files = await glob(logGlob, { ignore: this.#files })
const toDelete = files.length - this.#logsMax

if (toDelete <= 0) {
return
@@ -233,7 +228,7 @@ class LogFiles {
try {
await rimraf(file)
} catch (e) {
log.warn('logfile', 'error removing log file', file, e)
log.silly('logfile', 'error removing log file', file, e)
}
}
} catch (e) {
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm-ls.1
Original file line number Diff line number Diff line change
@@ -26,7 +26,7 @@ example, running \fBnpm ls promzard\fP in npm's source tree will show:
.P
.RS 2
.nf
npm@8\.2\.0 /path/to/npm
npm@8\.3\.0 /path/to/npm
└─┬ init\-package\-json@0\.0\.4
└── promzard@0\.1\.5
.fi
2 changes: 1 addition & 1 deletion deps/npm/man/man1/npm.1
Original file line number Diff line number Diff line change
@@ -10,7 +10,7 @@ npm <command> [args]
.RE
.SS Version
.P
8\.2\.0
8\.3\.0
.SS Description
.P
npm is the package manager for the Node JavaScript platform\. It puts
114 changes: 114 additions & 0 deletions deps/npm/man/man5/package-json.5
Original file line number Diff line number Diff line change
@@ -960,6 +960,120 @@ if (foo) {
.P
Entries in \fBoptionalDependencies\fP will override entries of the same name in
\fBdependencies\fP, so it's usually best to only put in one place\.
.SS overrides
.P
If you need to make specific changes to dependencies of your dependencies, for
example replacing the version of a dependency with a known security issue,
replacing an existing dependency with a fork, or making sure that the same
version of a package is used everywhere, then you may add an override\.
.P
Overrides provide a way to replace a package in your dependency tree with
another version, or another package entirely\. These changes can be scoped as
specific or as vague as desired\.
.P
To make sure the package \fBfoo\fP is always installed as version \fB1\.0\.0\fP no matter
what version your dependencies rely on:
.P
.RS 2
.nf
{
"overrides": {
"foo": "1\.0\.0"
}
}
.fi
.RE
.P
The above is a short hand notation, the full object form can be used to allow
overriding a package itself as well as a child of the package\. This will cause
\fBfoo\fP to always be \fB1\.0\.0\fP while also making \fBbar\fP at any depth beyond \fBfoo\fP
also \fB1\.0\.0\fP:
.P
.RS 2
.nf
{
"overrides": {
"foo": {
"\.": "1\.0\.0",
"bar": "1\.0\.0"
}
}
}
.fi
.RE
.P
To only override \fBfoo\fP to be \fB1\.0\.0\fP when it's a child (or grandchild, or great
grandchild, etc) of the package \fBbar\fP:
.P
.RS 2
.nf
{
"overrides": {
"bar": {
"foo": "1\.0\.0"
}
}
}
.fi
.RE
.P
Keys can be nested to any arbitrary length\. To override \fBfoo\fP only when it's a
child of \fBbar\fP and only when \fBbar\fP is a child of \fBbaz\fP:
.P
.RS 2
.nf
{
"overrides": {
"baz": {
"bar": {
"foo": "1\.0\.0"
}
}
}
}
.fi
.RE
.P
The key of an override can also include a version, or range of versions\.
To override \fBfoo\fP to \fB1\.0\.0\fP, but only when it's a child of \fBbar@2\.0\.0\fP:
.P
.RS 2
.nf
{
"overrides": {
"bar@2\.0\.0": {
"foo": "1\.0\.0"
}
}
}
.fi
.RE
.P
You may not set an override for a package that you directly depend on unless
both the dependency and the override itself share the exact same spec\. To make
this limitation easier to deal with, overrides may also be defined as a
reference to a spec for a direct dependency by prefixing the name of the
package you wish the version to match with a \fB$\fP\|\.
.P
.RS 2
.nf
{
"dependencies": {
"foo": "^1\.0\.0"
},
"overrides": {
// BAD, will throw an EOVERRIDE error
// "foo": "^2\.0\.0"
// GOOD, specs match so override is allowed
// "foo": "^1\.0\.0"
// BEST, the override is defined as a reference to the dependency
"foo": "$foo",
// the referenced package does not need to match the overridden one
"bar": "$foo"
}
}
.fi
.RE
.SS engines
.P
You can specify the version of node that your stuff works on:
4 changes: 2 additions & 2 deletions deps/npm/node_modules/@npmcli/arborist/README.md
24 changes: 21 additions & 3 deletions deps/npm/node_modules/@npmcli/arborist/lib/arborist/load-actual.js
41 changes: 38 additions & 3 deletions deps/npm/node_modules/@npmcli/arborist/lib/edge.js
45 changes: 45 additions & 0 deletions deps/npm/node_modules/@npmcli/arborist/lib/node.js
123 changes: 123 additions & 0 deletions deps/npm/node_modules/@npmcli/arborist/lib/override-set.js
1 change: 1 addition & 0 deletions deps/npm/node_modules/@npmcli/arborist/lib/place-dep.js
13 changes: 11 additions & 2 deletions deps/npm/node_modules/@npmcli/arborist/lib/printable.js
9 changes: 5 additions & 4 deletions deps/npm/node_modules/@npmcli/arborist/package.json
110 changes: 110 additions & 0 deletions deps/npm/node_modules/just-diff-apply/index.mjs
12 changes: 10 additions & 2 deletions deps/npm/node_modules/just-diff-apply/package.json
3 changes: 3 additions & 0 deletions deps/npm/node_modules/just-diff-apply/rollup.config.js
146 changes: 146 additions & 0 deletions deps/npm/node_modules/just-diff/index.mjs
2 changes: 1 addition & 1 deletion deps/npm/node_modules/just-diff/index.tests.ts
14 changes: 11 additions & 3 deletions deps/npm/node_modules/just-diff/package.json
3 changes: 3 additions & 0 deletions deps/npm/node_modules/just-diff/rollup.config.js
7 changes: 6 additions & 1 deletion deps/npm/node_modules/minipass/index.js
2 changes: 1 addition & 1 deletion deps/npm/node_modules/minipass/package.json
15 changes: 0 additions & 15 deletions deps/npm/node_modules/parse-conflict-json/LICENSE

This file was deleted.

20 changes: 20 additions & 0 deletions deps/npm/node_modules/parse-conflict-json/LICENSE.md
30 changes: 21 additions & 9 deletions deps/npm/node_modules/parse-conflict-json/package.json
8 changes: 4 additions & 4 deletions deps/npm/package.json
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"version": "8.2.0",
"version": "8.3.0",
"name": "npm",
"description": "a package manager for JavaScript",
"workspaces": [
@@ -55,7 +55,7 @@
},
"dependencies": {
"@isaacs/string-locale-compare": "^1.1.0",
"@npmcli/arborist": "^4.0.5",
"@npmcli/arborist": "^4.1.1",
"@npmcli/ci-detect": "^1.4.0",
"@npmcli/config": "^2.3.2",
"@npmcli/map-workspaces": "^2.0.0",
@@ -91,7 +91,7 @@
"libnpmteam": "^2.0.3",
"libnpmversion": "^2.0.1",
"make-fetch-happen": "^9.1.0",
"minipass": "^3.1.3",
"minipass": "^3.1.6",
"minipass-pipeline": "^1.2.4",
"mkdirp": "^1.0.4",
"mkdirp-infer-owner": "^2.0.0",
@@ -108,7 +108,7 @@
"npmlog": "^6.0.0",
"opener": "^1.5.2",
"pacote": "^12.0.2",
"parse-conflict-json": "^1.1.1",
"parse-conflict-json": "^2.0.1",
"proc-log": "^1.0.0",
"qrcode-terminal": "^0.12.0",
"read": "~1.0.7",
41 changes: 41 additions & 0 deletions deps/npm/tap-snapshots/test/lib/commands/config.js.test.cjs
Original file line number Diff line number Diff line change
@@ -342,3 +342,44 @@ userconfig = "{HOME}/.npmrc"
; HOME = {HOME}
; Run \`npm config ls -l\` to show all defaults.
`

exports[`test/lib/commands/config.js TAP config list with publishConfig > output matches snapshot 1`] = `
; "cli" config from command line options
cache = "{NPMDIR}/test/lib/commands/tap-testdir-config-config-list-with-publishConfig-sandbox/cache"
prefix = "{LOCALPREFIX}"
userconfig = "{HOME}/.npmrc"
; node bin location = {EXECPATH}
; cwd = {NPMDIR}
; HOME = {HOME}
; Run \`npm config ls -l\` to show all defaults.
; "publishConfig" from {LOCALPREFIX}/package.json
; This set of config values will be used at publish-time.
_authToken = (protected)
registry = "https://some.registry"
; "env" config from environment
; cache = "{NPMDIR}/test/lib/commands/tap-testdir-config-config-list-with-publishConfig-sandbox/cache" ; overridden by cli
global-prefix = "{LOCALPREFIX}"
globalconfig = "{GLOBALPREFIX}/npmrc"
init-module = "{HOME}/.npm-init.js"
local-prefix = "{LOCALPREFIX}"
; prefix = "{LOCALPREFIX}" ; overridden by cli
user-agent = "npm/{NPM-VERSION} node/{NODE-VERSION} {PLATFORM} {ARCH} workspaces/false"
; userconfig = "{HOME}/.npmrc" ; overridden by cli
; "cli" config from command line options
cache = "{NPMDIR}/test/lib/commands/tap-testdir-config-config-list-with-publishConfig-sandbox/cache"
global = true
prefix = "{LOCALPREFIX}"
userconfig = "{HOME}/.npmrc"
; node bin location = {EXECPATH}
; cwd = {NPMDIR}
; HOME = {HOME}
; Run \`npm config ls -l\` to show all defaults.
`
28 changes: 27 additions & 1 deletion deps/npm/test/lib/commands/config.js
Original file line number Diff line number Diff line change
@@ -107,6 +107,26 @@ t.test('config list --json', async t => {
t.matchSnapshot(sandbox.output, 'output matches snapshot')
})

t.test('config list with publishConfig', async t => {
const temp = t.testdir({
project: {
'package.json': JSON.stringify({
publishConfig: {
registry: 'https://some.registry',
_authToken: 'mytoken',
},
}),
},
})
const project = join(temp, 'project')

const sandbox = new Sandbox(t, { project })
await sandbox.run('config', ['list', ''])
await sandbox.run('config', ['list', '--global'])

t.matchSnapshot(sandbox.output, 'output matches snapshot')
})

t.test('config delete no args', async t => {
const sandbox = new Sandbox(t)

@@ -333,7 +353,13 @@ t.test('config get private key', async t => {

await t.rejects(
sandbox.run('config', ['get', '_authToken']),
'_authToken is protected',
/_authToken option is protected/,
'rejects with protected string'
)

await t.rejects(
sandbox.run('config', ['get', '//localhost:8080/:_password']),
/_password option is protected/,
'rejects with protected string'
)
})
18 changes: 12 additions & 6 deletions deps/npm/test/lib/commands/publish.js
Original file line number Diff line number Diff line change
@@ -341,8 +341,10 @@ t.test('can publish a tarball', async t => {

t.test('should check auth for default registry', async t => {
t.plan(2)
const Publish = t.mock('../../../lib/commands/publish.js')
const npm = mockNpm()
const registry = npm.config.get('registry')
const errorMessage = `This command requires you to be logged in to ${registry}`
const Publish = t.mock('../../../lib/commands/publish.js')
npm.config.getCredentialsByURI = uri => {
t.same(uri, npm.config.get('registry'), 'gets credentials for expected registry')
return {}
@@ -351,14 +353,15 @@ t.test('should check auth for default registry', async t => {

await t.rejects(
publish.exec([]),
{ message: 'This command requires you to be logged in.', code: 'ENEEDAUTH' },
{ message: errorMessage, code: 'ENEEDAUTH' },
'throws when not logged in'
)
})

t.test('should check auth for configured registry', async t => {
t.plan(2)
const registry = 'https://some.registry'
const errorMessage = 'This command requires you to be logged in to https://some.registry'
const Publish = t.mock('../../../lib/commands/publish.js')
const npm = mockNpm({
flatOptions: { registry },
@@ -371,14 +374,15 @@ t.test('should check auth for configured registry', async t => {

await t.rejects(
publish.exec([]),
{ message: 'This command requires you to be logged in.', code: 'ENEEDAUTH' },
{ message: errorMessage, code: 'ENEEDAUTH' },
'throws when not logged in'
)
})

t.test('should check auth for scope specific registry', async t => {
t.plan(2)
const registry = 'https://some.registry'
const errorMessage = 'This command requires you to be logged in to https://some.registry'
const testDir = t.testdir({
'package.json': JSON.stringify(
{
@@ -402,7 +406,7 @@ t.test('should check auth for scope specific registry', async t => {

await t.rejects(
publish.exec([testDir]),
{ message: 'This command requires you to be logged in.', code: 'ENEEDAUTH' },
{ message: errorMessage, code: 'ENEEDAUTH' },
'throws when not logged in'
)
})
@@ -735,7 +739,7 @@ t.test('private workspaces', async t => {
})

t.test('unexpected error', async t => {
t.plan(1)
t.plan(2)

const Publish = t.mock('../../../lib/commands/publish.js', {
...mocks,
@@ -749,7 +753,9 @@ t.test('private workspaces', async t => {
},
},
'proc-log': {
notice () {},
notice (__, msg) {
t.match(msg, 'Publishing to https://registry.npmjs.org/')
},
verbose () {},
},
})
25 changes: 21 additions & 4 deletions deps/npm/test/lib/utils/log-file.js
Original file line number Diff line number Diff line change
@@ -12,15 +12,20 @@ t.cleanSnapshot = (path) => cleanCwd(path)

const last = arr => arr[arr.length - 1]
const range = (n) => Array.from(Array(n).keys())
const makeOldLogs = (count) => {
const makeOldLogs = (count, oldStyle) => {
const d = new Date()
d.setHours(-1)
d.setSeconds(0)
return range(count / 2).reduce((acc, i) => {
return range(oldStyle ? count : (count / 2)).reduce((acc, i) => {
const cloneDate = new Date(d.getTime())
cloneDate.setSeconds(i)
acc[LogFile.fileName(LogFile.logId(cloneDate), 0)] = 'hello'
acc[LogFile.fileName(LogFile.logId(cloneDate), 1)] = 'hello'
const dateId = LogFile.logId(cloneDate)
if (oldStyle) {
acc[`${dateId}-debug.log`] = 'hello'
} else {
acc[`${dateId}-debug-0.log`] = 'hello'
acc[`${dateId}-debug-1.log`] = 'hello'
}
return acc
}, {})
}
@@ -247,6 +252,18 @@ t.test('glob error', async t => {
t.match(last(logs).content, /error cleaning log files .* bad glob/)
})

t.test('cleans old style logs too', async t => {
const logsMax = 5
const oldLogs = 10
const { readLogs } = await loadLogFile(t, {
logsMax,
testdir: makeOldLogs(oldLogs, false),
})

const logs = await readLogs()
t.equal(logs.length, logsMax + 1)
})

t.test('rimraf error', async t => {
const logsMax = 5
const oldLogs = 10

0 comments on commit fae4945

Please sign in to comment.