From 55e0237c0b569ce3303c0f4d8f6cbe85fb471d1e Mon Sep 17 00:00:00 2001 From: Federico Rampazzo Date: Wed, 8 Aug 2018 17:11:16 +0100 Subject: [PATCH 1/4] Prevent blowing up on audit malformed response --- lib/install.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/install.js b/lib/install.js index 66f85d80a49a2..1ba32de42cc1a 100644 --- a/lib/install.js +++ b/lib/install.js @@ -834,7 +834,7 @@ Installer.prototype.printInstalledForHuman = function (diffs, auditResult) { if (removed) actions.push('removed ' + packages(removed)) if (updated) actions.push('updated ' + packages(updated)) if (moved) actions.push('moved ' + packages(moved)) - if (auditResult && auditResult.metadata.totalDependencies) { + if (auditResult && auditResult.metadata && auditResult.metadata.totalDependencies) { actions.push('audited ' + packages(auditResult.metadata.totalDependencies)) } if (actions.length === 0) { From c8a4aa7f1ff3dfa4a0afaa465eb324d1ac7fe76a Mon Sep 17 00:00:00 2001 From: Federico Rampazzo Date: Tue, 14 Aug 2018 09:04:53 +0100 Subject: [PATCH 2/4] Add warn when audit result doesn't have metadata --- lib/install.js | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/install.js b/lib/install.js index 1ba32de42cc1a..0bc9873f2d146 100644 --- a/lib/install.js +++ b/lib/install.js @@ -834,8 +834,12 @@ Installer.prototype.printInstalledForHuman = function (diffs, auditResult) { if (removed) actions.push('removed ' + packages(removed)) if (updated) actions.push('updated ' + packages(updated)) if (moved) actions.push('moved ' + packages(moved)) - if (auditResult && auditResult.metadata && auditResult.metadata.totalDependencies) { - actions.push('audited ' + packages(auditResult.metadata.totalDependencies)) + if (auditResult) { + if (auditResult.metadata && auditResult.metadata.totalDependencies) { + actions.push('audited ' + packages(auditResult.metadata.totalDependencies)) + } else { + log.warn('invalid audit result', 'audit result doesn\'t contain `metadata`') + } } if (actions.length === 0) { report += 'up to date' From c52b01374fd43eb8a12275b729fa529a2d1f9a07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kat=20March=C3=A1n?= Date: Tue, 14 Aug 2018 10:44:35 -0700 Subject: [PATCH 3/4] tweak message --- lib/install.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/install.js b/lib/install.js index 0bc9873f2d146..6ddd7183ca2aa 100644 --- a/lib/install.js +++ b/lib/install.js @@ -766,6 +766,9 @@ Installer.prototype.printInstalled = function (cb) { if (!this.auditSubmission) return return Bluebird.resolve(this.auditSubmission).timeout(10000).catch(() => null) }).then((auditResult) => { + if (auditResult && !auditResult.metadata) { + log.warn('audit', 'Audit result from registry missing metadata. This is probably an issue with the registry.') + } // maybe write audit report w/ hash of pjson & shrinkwrap for later reading by `npm audit` if (npm.config.get('json')) { return this.printInstalledForJSON(diffs, auditResult) @@ -837,8 +840,6 @@ Installer.prototype.printInstalledForHuman = function (diffs, auditResult) { if (auditResult) { if (auditResult.metadata && auditResult.metadata.totalDependencies) { actions.push('audited ' + packages(auditResult.metadata.totalDependencies)) - } else { - log.warn('invalid audit result', 'audit result doesn\'t contain `metadata`') } } if (actions.length === 0) { From 0f80d72894481a9981c4f15664a4b35bb72840b0 Mon Sep 17 00:00:00 2001 From: Federico Rampazzo Date: Tue, 14 Aug 2018 19:06:22 +0100 Subject: [PATCH 4/4] Join ifs handling audit metadata --- lib/install.js | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/install.js b/lib/install.js index 6ddd7183ca2aa..e15bc47919100 100644 --- a/lib/install.js +++ b/lib/install.js @@ -837,10 +837,8 @@ Installer.prototype.printInstalledForHuman = function (diffs, auditResult) { if (removed) actions.push('removed ' + packages(removed)) if (updated) actions.push('updated ' + packages(updated)) if (moved) actions.push('moved ' + packages(moved)) - if (auditResult) { - if (auditResult.metadata && auditResult.metadata.totalDependencies) { - actions.push('audited ' + packages(auditResult.metadata.totalDependencies)) - } + if (auditResult && auditResult.metadata && auditResult.metadata.totalDependencies) { + actions.push('audited ' + packages(auditResult.metadata.totalDependencies)) } if (actions.length === 0) { report += 'up to date'