diff --git a/.github/ISSUE_TEMPLATE/bug_7.md b/.github/ISSUE_TEMPLATE/bug_7.md index 48faa9c79ed6b..cd995b62d2bbc 100644 --- a/.github/ISSUE_TEMPLATE/bug_7.md +++ b/.github/ISSUE_TEMPLATE/bug_7.md @@ -31,5 +31,5 @@ ex. steps to reproduce the behavior: ex. - OS: Ubuntu 20.04 - Node: 13.14.0 -- npm: 6.4.12 +- npm: 7.6.3 --> diff --git a/AUTHORS b/AUTHORS index 9e5ac7fcaff39..9c67cf88ef250 100644 --- a/AUTHORS +++ b/AUTHORS @@ -759,3 +759,9 @@ Nathan Shively-Sanders <293473+sandersn@users.noreply.github.com> Bjørn Johansen Fraqe Edward Grech +Kenrick +Karthik Sundari +Jan Sepke <625043+jansepke@users.noreply.github.com> +Augusto Moura +Eric Chow +kbayrhammer diff --git a/CHANGELOG.md b/CHANGELOG.md index 0b20696a89b95..c11a44734ae8e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,79 @@ +## v7.7.0 (2021-03-23) + +### FEATURES + +* [`33c4189f9`](https://github.com/npm/cli/commit/33c4189f939aebdfaf85ea419e6ea01d0977b79d) + [#2864](https://github.com/npm/cli/issues/2864) + add `npm run-script` workspaces support + ([@ruyadorno](https://github.com/ruyadorno)) +* [`e1b3b318f`](https://github.com/npm/cli/commit/e1b3b318f095a7e1a7cc4b131907de4955275d9d) + [#2886](https://github.com/npm/cli/issues/2886) + add `npm exec` workspaces support + ([@ruyadorno](https://github.com/ruyadorno)) +* [`41facf643`](https://github.com/npm/cli/commit/41facf6435ced4e416d74111d9c3ff00ee19ab7d) + [#2859](https://github.com/npm/cli/issues/2859) + expanded "Did you mean?" suggestions for missing cmds and scripts + ([@wraithgar](https://github.com/wraithgar)) + +### BUG FIXES + +* [`8cce4282f`](https://github.com/npm/cli/commit/8cce4282f7bef11aeeb73cffd532b477b241985e) + [#2865](https://github.com/npm/cli/issues/2865) + `npm publish`: handle case where multiple config list is present + ([@kenrick95](https://github.com/kenrick95)) +* [`6598bfe86`](https://github.com/npm/cli/commit/6598bfe8697439e827d84981f8504febca64a55a) + mark deprecated configs + ([@isaacs](https://github.com/isaacs)) +* [`8a38afe77`](https://github.com/npm/cli/commit/8a38afe779ce71a10178ed62b13709d06adf7a66) + [#2881](https://github.com/npm/cli/issues/2881) + docs(package-json): document default main behavior + ([@klausbayrhammer](https://github.com/klausbayrhammer)) +* [`93a061d73`](https://github.com/npm/cli/commit/93a061d737dc769663652368e8586e4202267b9e) + [#2917](https://github.com/npm/cli/issues/2917) + add action items to `npm run` error output + ([@wraithgar](https://github.com/wraithgar)) + +### DOCUMENTATION + +* [`ad65bd910`](https://github.com/npm/cli/commit/ad65bd9101aa8e8b94bc1e48df3ef93deca6d30c) + [#2860](https://github.com/npm/cli/issues/2860) + fix link in configuring-npm + ([@varmakarthik12](https://github.com/varmakarthik12)) +* [`b419bfb02`](https://github.com/npm/cli/commit/b419bfb0259596fb338d45b2eaeab25a7a0d1f1e) + [#2876](https://github.com/npm/cli/issues/2876) + fix test-coverage command in contributing guide + ([@chowkapow](https://github.com/chowkapow)) + +### DEPENDENCIES + +* [`7b5606b93`](https://github.com/npm/cli/commit/7b5606b931083e8a70f5ea094c2b46f0b7a38a18) + `@npmcli/arborist@2.2.9` + * [#254](https://github.com/npm/arborist/pull/254) Honor explicit + prefix when saving dependencies + ([@jameschensmith](https://github.com/jameschensmith)) + * [#255](https://github.com/npm/arborist/pull/255) Never save to + `bundleDependencies` when saving a `peer` or `peerOptional` + dependency. ([@isaacs](https://github.com/isaacs)) +* [`f76e7c21f`](https://github.com/npm/cli/commit/f76e7c21ffd87b08593d8c396a78ab9c5fa790bd) + `pacote@11.3.1` + * increases tarball compression level +* [`4928512bc`](https://github.com/npm/cli/commit/4928512bcefd8448ff5852978cfc7f903e3ae996) + `semver@7.3.5` + * fix handling prereleases/ANY ranges in subset +* [`1924eb457`](https://github.com/npm/cli/commit/1924eb457aea7c93dfaf4a911355a63d84d66eee) + `libnpmversion@1.0.12` + * fix removing undescored-prefixed package.json properties in `npm version` +* [`916623056`](https://github.com/npm/cli/commit/91662305643509eebd2f79ed7e3ff01562aa4968) + `@npmcli/run-script@1.8.4` + * fix expanding windows-style environment variables +* [`a8d0751e4`](https://github.com/npm/cli/commit/a8d0751e4b7c7d8b808c8a49f288fc7272f729b0) + `npm-pick-manifest@6.1.1` + * fix running packages with a single executable binary with `npm exec` +* [`af7eaac50`](https://github.com/npm/cli/commit/af7eaac5018ed821d72d43d08f1d7e49e7491453) + `hosted-git-info@4.0.1` +* [`f52c51db1`](https://github.com/npm/cli/commit/f52c51db13c39cfbaed18dbd13ba7302a4b6a0d9) + `@npmcli/config@2.0.0` + ## v7.6.3 (2021-03-11) ### DOCUMENTATION diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 5198918f010df..4116f4e71d057 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -38,7 +38,7 @@ We expect that every new feature or bug fix comes with corresponding tests that **You can find out what the current test coverage percentage is by running...** ```bash -$ npm run test-coverage +$ npm run check-coverage ``` ## Performance & Benchmarks diff --git a/Makefile b/Makefile index 4c96615203b02..656f64f79efd5 100644 --- a/Makefile +++ b/Makefile @@ -47,7 +47,7 @@ docs-clean: ## build-time dependencies for the documentation dev-deps: - node bin/npm-cli.js install --only=dev --no-audit --ignore-scripts + node bin/npm-cli.js install --no-audit --ignore-scripts ## targets for man files, these are encouraged to be only built by running `make docs` or `make mandocs` man/man1/%.1: docs/content/commands/%.md scripts/docs-build.js @@ -68,6 +68,11 @@ man/man7/%.7: docs/content/using-npm/%.md scripts/docs-build.js @[ -d man/man7 ] || mkdir -p man/man7 node scripts/docs-build.js $< $@ +# Any time the config definitions description changes, automatically +# update the documentation to account for it +docs/content/using-npm/config.md: scripts/config-doc.js lib/utils/config/*.js + node scripts/config-doc.js + test: dev-deps node bin/npm-cli.js test diff --git a/README.md b/README.md index 8a649847ecaab..01de9e8f69445 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,7 @@ If you're looking to manage multiple versions of **`node`** &/or **`npm`**, cons * [**`n`**](https://github.com/tj/n) * [**`volta`**](https://github.com/volta-cli/volta) * [**`nodenv`**](https://github.com/nodenv/nodenv) +* [**`asdf-nodejs`**](https://github.com/asdf-vm/asdf-nodejs) ### Usage diff --git a/bin/npx-cli.js b/bin/npx-cli.js index f4a419972f7cf..a495090c64c78 100755 --- a/bin/npx-cli.js +++ b/bin/npx-cli.js @@ -24,11 +24,11 @@ const removed = new Set([ ...removedOpts ]) -const { types, shorthands } = require('../lib/utils/config.js') -const npmSwitches = Object.entries(types) - .filter(([key, type]) => type === Boolean || +const { definitions, shorthands } = require('../lib/utils/config/index.js') +const npmSwitches = Object.entries(definitions) + .filter(([key, {type}]) => type === Boolean || (Array.isArray(type) && type.includes(Boolean))) - .map(([key, type]) => key) + .map(([key]) => key) // things that don't take a value const switches = new Set([ diff --git a/docs/content/commands/npm-adduser.md b/docs/content/commands/npm-adduser.md index 7960869ad33cc..d0ddd68c2529a 100644 --- a/docs/content/commands/npm-adduser.md +++ b/docs/content/commands/npm-adduser.md @@ -12,6 +12,8 @@ npm adduser [--registry=url] [--scope=@orgname] [--always-auth] [--auth-type=leg aliases: login, add-user ``` +Note: This command is unaware of workspaces. + ### Description Create or verify a user named `` in the specified registry, and diff --git a/docs/content/commands/npm-bin.md b/docs/content/commands/npm-bin.md index 4303040e78dac..c835784f675a0 100644 --- a/docs/content/commands/npm-bin.md +++ b/docs/content/commands/npm-bin.md @@ -10,6 +10,8 @@ description: Display npm bin folder npm bin [-g|--global] ``` +Note: This command is unaware of workspaces. + ### Description Print the folder where npm will install executables. diff --git a/docs/content/commands/npm-cache.md b/docs/content/commands/npm-cache.md index 13386f2c4a439..bcc2989b7d3c3 100644 --- a/docs/content/commands/npm-cache.md +++ b/docs/content/commands/npm-cache.md @@ -18,6 +18,8 @@ aliases: npm cache clear, npm cache rm npm cache verify ``` +Note: This command is unaware of workspaces. + ### Description Used to add, list, or clean the npm cache folder. diff --git a/docs/content/commands/npm-completion.md b/docs/content/commands/npm-completion.md index 53737c8033194..9dbd960913f27 100644 --- a/docs/content/commands/npm-completion.md +++ b/docs/content/commands/npm-completion.md @@ -10,6 +10,8 @@ description: Tab Completion for npm source <(npm completion) ``` +Note: This command is unaware of workspaces. + ### Description Enables tab-completion in all npm commands. diff --git a/docs/content/commands/npm-config.md b/docs/content/commands/npm-config.md index 51caa5a61b607..31629a6b7d7a2 100644 --- a/docs/content/commands/npm-config.md +++ b/docs/content/commands/npm-config.md @@ -18,6 +18,8 @@ npm get [ [ ...]] alias: c ``` +Note: This command is unaware of workspaces. + ### Description npm gets its config settings from the command line, environment diff --git a/docs/content/commands/npm-dedupe.md b/docs/content/commands/npm-dedupe.md index 9b14e99dd14f0..c6d26126d3077 100644 --- a/docs/content/commands/npm-dedupe.md +++ b/docs/content/commands/npm-dedupe.md @@ -1,7 +1,7 @@ --- title: npm-dedupe section: 1 -description: Reduce duplication +description: Reduce duplication in the package tree --- ### Synopsis @@ -10,7 +10,7 @@ description: Reduce duplication npm dedupe npm ddp -aliases: find-dupes, ddp +aliases: ddp ``` ### Description @@ -74,6 +74,7 @@ Using `npm find-dupes` will run the command in `--dry-run` mode. ### See Also +* [npm find-dupes](/cli-commands/find-dupes) * [npm ls](/cli-commands/ls) * [npm update](/cli-commands/update) * [npm install](/cli-commands/install) diff --git a/docs/content/commands/npm-deprecate.md b/docs/content/commands/npm-deprecate.md index 139441856bb06..0603797661055 100644 --- a/docs/content/commands/npm-deprecate.md +++ b/docs/content/commands/npm-deprecate.md @@ -10,6 +10,8 @@ description: Deprecate a version of a package npm deprecate [@] ``` +Note: This command is unaware of workspaces. + ### Description This command will update the npm registry entry for a package, providing a diff --git a/docs/content/commands/npm-doctor.md b/docs/content/commands/npm-doctor.md index 2aceee2390331..9416818a40aaf 100644 --- a/docs/content/commands/npm-doctor.md +++ b/docs/content/commands/npm-doctor.md @@ -10,6 +10,8 @@ description: Check your npm environment npm doctor ``` +Note: This command is unaware of workspaces. + ### Description `npm doctor` runs a set of checks to ensure that your npm installation has diff --git a/docs/content/commands/npm-edit.md b/docs/content/commands/npm-edit.md index 40fac0408529a..20788aafb6d6a 100644 --- a/docs/content/commands/npm-edit.md +++ b/docs/content/commands/npm-edit.md @@ -10,6 +10,8 @@ description: Edit an installed package npm edit ``` +Note: This command is unaware of workspaces. + ### Description Selects a dependency in the current project and opens the package folder in diff --git a/docs/content/commands/npm-exec.md b/docs/content/commands/npm-exec.md index cb3e51c8255d4..88b98e3bce466 100644 --- a/docs/content/commands/npm-exec.md +++ b/docs/content/commands/npm-exec.md @@ -11,6 +11,7 @@ npm exec -- [@] [args...] npm exec --package=[@] -- [args...] npm exec -c ' [args...]' npm exec --package=foo -c ' [args...]' +npm exec [-ws] [-w [@] [args...] npx -p [@] [args...] @@ -145,6 +146,68 @@ $ npm x -c 'eslint && say "hooray, lint passed"' $ npx -c 'eslint && say "hooray, lint passed"' ``` +### Workspaces support + +You may use the `workspace` or `workspaces` configs in order to run an +arbitrary command from an npm package (either one installed locally, or fetched +remotely) in the context of the specified workspaces. +If no positional argument or `--call` option is provided, it will open an +interactive subshell in the context of each of these configured workspaces one +at a time. + +Given a project with configured workspaces, e.g: + +``` +. ++-- package.json +`-- packages + +-- a + | `-- package.json + +-- b + | `-- package.json + `-- c + `-- package.json +``` + +Assuming the workspace configuration is properly set up at the root level +`package.json` file. e.g: + +``` +{ + "workspaces": [ "./packages/*" ] +} +``` + +You can execute an arbitrary command from a package in the context of each of +the configured workspaces when using the `workspaces` configuration options, +in this example we're using **eslint** to lint any js file found within each +workspace folder: + +``` +npm exec -ws -- eslint ./*.js +``` + +#### Filtering workspaces + +It's also possible to execute a command in a single workspace using the +`workspace` config along with a name or directory path: + +``` +npm exec --workspace=a -- eslint ./*.js +``` + +The `workspace` config can also be specified multiple times in order to run a +specific script in the context of multiple workspaces. When defining values for +the `workspace` config in the command line, it also possible to use `-w` as a +shorthand, e.g: + +``` +npm exec -w a -w b -- eslint ./*.js +``` + +This last command will run the `eslint` command in both `./packages/a` and +`./packages/b` folders. + ### Compatibility with Older npx Versions The `npx` binary was rewritten in npm v7.0.0, and the standalone `npx` @@ -195,6 +258,30 @@ requested from the server. To force full offline mode, use `offline`. Forces full offline mode. Any packages not locally cached will result in an error. +#### workspace + +* Alias: `-w` +* Type: Array +* Default: `[]` + +Enable running scripts in the context of workspaces while also filtering by +the provided names or paths provided. + +Valid values for the `workspace` config are either: +- Workspace names +- Path to a workspace directory +- Path to a parent workspace directory (will result to selecting all of the +children workspaces) + +#### workspaces + +* Alias: `-ws` +* Type: Boolean +* Default: `false` + +Run scripts in the context of all configured workspaces for the current +project. + ### See Also * [npm run-script](/commands/npm-run-script) diff --git a/docs/content/commands/npm-explore.md b/docs/content/commands/npm-explore.md index e467a755753b4..7e2004b84c041 100644 --- a/docs/content/commands/npm-explore.md +++ b/docs/content/commands/npm-explore.md @@ -10,6 +10,8 @@ description: Browse an installed package npm explore [ -- ] ``` +Note: This command is unaware of workspaces. + ### Description Spawn a subshell in the directory of the installed package specified. diff --git a/docs/content/commands/npm-find-dupes.md b/docs/content/commands/npm-find-dupes.md new file mode 100644 index 0000000000000..6f55d47bfd7f3 --- /dev/null +++ b/docs/content/commands/npm-find-dupes.md @@ -0,0 +1,24 @@ +--- +title: npm-find-dupes +section: 1 +description: Find duplication in the package tree +--- + +### Synopsis + +```bash +npm find-dupes +``` + +### Description + +Runs `npm dedupe` in `--dry-run` mode, making npm only output the +duplications, without actually changing the package tree. + +### See Also + +* [npm dedupe](/cli-commands/dedupe) +* [npm ls](/cli-commands/ls) +* [npm update](/cli-commands/update) +* [npm install](/cli-commands/install) + diff --git a/docs/content/commands/npm-help-search.md b/docs/content/commands/npm-help-search.md index e10638efa07d9..51c7b43fb54f1 100644 --- a/docs/content/commands/npm-help-search.md +++ b/docs/content/commands/npm-help-search.md @@ -10,6 +10,8 @@ description: Search npm help documentation npm help-search ``` +Note: This command is unaware of workspaces. + ### Description This command will search the npm markdown documentation files for the terms diff --git a/docs/content/commands/npm-help.md b/docs/content/commands/npm-help.md index 56e46645522ba..57c5efc8ed5eb 100644 --- a/docs/content/commands/npm-help.md +++ b/docs/content/commands/npm-help.md @@ -10,6 +10,8 @@ description: Get help on npm npm help [] ``` +Note: This command is unaware of workspaces. + ### Description If supplied a topic, then show the appropriate documentation page. diff --git a/docs/content/commands/npm-hook.md b/docs/content/commands/npm-hook.md index 2ac548ada0c21..6effc9b7d223b 100644 --- a/docs/content/commands/npm-hook.md +++ b/docs/content/commands/npm-hook.md @@ -13,6 +13,8 @@ npm hook update [secret] npm hook rm ``` +Note: This command is unaware of workspaces. + ### Description Allows you to manage [npm diff --git a/docs/content/commands/npm-init.md b/docs/content/commands/npm-init.md index 8a40d90e8354d..4b0b8c4c43e73 100644 --- a/docs/content/commands/npm-init.md +++ b/docs/content/commands/npm-init.md @@ -1,7 +1,7 @@ --- title: npm-init section: 1 -description: create a package.json file +description: Create a package.json file --- ### Synopsis diff --git a/docs/content/commands/npm-logout.md b/docs/content/commands/npm-logout.md index 7fa858a99993d..1172a3f0f560a 100644 --- a/docs/content/commands/npm-logout.md +++ b/docs/content/commands/npm-logout.md @@ -10,6 +10,8 @@ description: Log out of the registry npm logout [--registry=] [--scope=<@scope>] ``` +Note: This command is unaware of workspaces. + ### Description When logged into a registry that supports token-based authentication, tell diff --git a/docs/content/commands/npm-org.md b/docs/content/commands/npm-org.md index 18047d109cc0b..384f5b99fd42e 100644 --- a/docs/content/commands/npm-org.md +++ b/docs/content/commands/npm-org.md @@ -12,6 +12,8 @@ npm org rm npm org ls [] ``` +Note: This command is unaware of workspaces. + ### Example Add a new developer to an org: diff --git a/docs/content/commands/npm-owner.md b/docs/content/commands/npm-owner.md index 69eba56afd97d..b30bbc8dc68ef 100644 --- a/docs/content/commands/npm-owner.md +++ b/docs/content/commands/npm-owner.md @@ -14,6 +14,8 @@ npm owner ls [<@scope>/] aliases: author ``` +Note: This command is unaware of workspaces. + ### Description Manage ownership of published packages. diff --git a/docs/content/commands/npm-ping.md b/docs/content/commands/npm-ping.md index 8de06aa184836..f640bf060c750 100644 --- a/docs/content/commands/npm-ping.md +++ b/docs/content/commands/npm-ping.md @@ -10,6 +10,8 @@ description: Ping npm registry npm ping [--registry ] ``` +Note: This command is unaware of workspaces. + ### Description Ping the configured or given npm registry and verify authentication. diff --git a/docs/content/commands/npm-prefix.md b/docs/content/commands/npm-prefix.md index 9c33bb18901ef..4e3edf1902301 100644 --- a/docs/content/commands/npm-prefix.md +++ b/docs/content/commands/npm-prefix.md @@ -10,6 +10,8 @@ description: Display prefix npm prefix [-g] ``` +Note: This command is unaware of workspaces. + ### Description Print the local prefix to standard output. This is the closest parent directory diff --git a/docs/content/commands/npm-profile.md b/docs/content/commands/npm-profile.md index 88edf26d87c41..b4e2fdaee6cb1 100644 --- a/docs/content/commands/npm-profile.md +++ b/docs/content/commands/npm-profile.md @@ -14,6 +14,8 @@ npm profile enable-2fa [auth-and-writes|auth-only] npm profile disable-2fa ``` +Note: This command is unaware of workspaces. + ### Description Change your profile information on the registry. Note that this command diff --git a/docs/content/commands/npm-run-script.md b/docs/content/commands/npm-run-script.md index 8b89435e1a97b..076dfd7addcc3 100644 --- a/docs/content/commands/npm-run-script.md +++ b/docs/content/commands/npm-run-script.md @@ -8,6 +8,8 @@ description: Run arbitrary package scripts ```bash npm run-script [--if-present] [--silent] [-- ] +npm run-script [--workspace=] +npm run-script [--workspaces] aliases: run, rum, urn ``` @@ -78,6 +80,65 @@ If you try to run a script without having a `node_modules` directory and it fails, you will be given a warning to run `npm install`, just in case you've forgotten. +### Workspaces support + +You may use the `workspace` or `workspaces` configs in order to run an +arbitrary command from a package's `"scripts"` object in the context of the +specified workspaces. If no `"command"` is provided, it will list the available +scripts for each of these configured workspaces. + +Given a project with configured workspaces, e.g: + +``` +. ++-- package.json +`-- packages + +-- a + | `-- package.json + +-- b + | `-- package.json + `-- c + `-- package.json +``` + +Assuming the workspace configuration is properly set up at the root level +`package.json` file. e.g: + +``` +{ + "workspaces": [ "./packages/*" ] +} +``` + +And that each of the configured workspaces has a configured `test` script, +we can run tests in all of them using the `workspaces` config: + +``` +npm test --workspaces +``` + +#### Filtering workspaces + +It's also possible to run a script in a single workspace using the `workspace` +config along with a name or directory path: + +``` +npm test --workspace=a +``` + +The `workspace` config can also be specified multiple times in order to run a +specific script in the context of multiple workspaces. When defining values for +the `workspace` config in the command line, it also possible to use `-w` as a +shorthand, e.g: + +``` +npm test -w a -w b +``` + +This last command will run `test` in both `./packages/a` and `./packages/b` +packages. + + ### Configuration #### if-present @@ -111,6 +172,30 @@ to `/bin/sh` on Unix, defaults to `env.comspec` or `cmd.exe` on Windows. You can use the `--silent` flag to prevent showing `npm ERR!` output on error. +#### workspace + +* Alias: `-w` +* Type: Array +* Default: `[]` + +Enable running scripts in the context of workspaces while also filtering by +the provided names or paths provided. + +Valid values for the `workspace` config are either: +- Workspace names +- Path to a workspace directory +- Path to a parent workspace directory (will result to selecting all of the +children workspaces) + +#### workspaces + +* Alias: `-ws` +* Type: Boolean +* Default: `false` + +Run scripts in the context of all configured workspaces for the current +project. + ### See Also * [npm scripts](/using-npm/scripts) diff --git a/docs/content/commands/npm-search.md b/docs/content/commands/npm-search.md index 35178bcb0a580..046c9334ff062 100644 --- a/docs/content/commands/npm-search.md +++ b/docs/content/commands/npm-search.md @@ -12,6 +12,8 @@ npm search [-l|--long] [--json] [--parseable] [--no-description] [search terms . aliases: s, se, find ``` +Note: This command is unaware of workspaces. + ### Description Search the registry for packages matching the search terms. `npm search` diff --git a/docs/content/commands/npm-shrinkwrap.md b/docs/content/commands/npm-shrinkwrap.md index dce50b7843bc3..6786229469d2c 100644 --- a/docs/content/commands/npm-shrinkwrap.md +++ b/docs/content/commands/npm-shrinkwrap.md @@ -10,6 +10,8 @@ description: Lock down dependency versions for publication npm shrinkwrap ``` +Note: This command is unaware of workspaces. + ### Description This command repurposes `package-lock.json` into a publishable diff --git a/docs/content/commands/npm-star.md b/docs/content/commands/npm-star.md index aab6e107747fd..e624b92480f91 100644 --- a/docs/content/commands/npm-star.md +++ b/docs/content/commands/npm-star.md @@ -10,6 +10,8 @@ description: Mark your favorite packages npm star [...] ``` +Note: This command is unaware of workspaces. + ### Description "Starring" a package means that you have some interest in it. It's diff --git a/docs/content/commands/npm-stars.md b/docs/content/commands/npm-stars.md index dab11bc669d1a..80217ee044aa8 100644 --- a/docs/content/commands/npm-stars.md +++ b/docs/content/commands/npm-stars.md @@ -9,6 +9,8 @@ description: View packages marked as favorites npm stars [] ``` +Note: This command is unaware of workspaces. + ### Description If you have starred a lot of neat things and want to find them again diff --git a/docs/content/commands/npm-team.md b/docs/content/commands/npm-team.md index 96aacd8ae95f2..04e1d7f9eb1a5 100644 --- a/docs/content/commands/npm-team.md +++ b/docs/content/commands/npm-team.md @@ -16,6 +16,8 @@ npm team rm npm team ls | ``` +Note: This command is unaware of workspaces. + ### Description Used to manage teams in organizations, and change team memberships. Does not diff --git a/docs/content/commands/npm-token.md b/docs/content/commands/npm-token.md index 652079453702e..bafc7fc45c677 100644 --- a/docs/content/commands/npm-token.md +++ b/docs/content/commands/npm-token.md @@ -9,7 +9,9 @@ description: Manage your authentication tokens npm token list [--json|--parseable] npm token create [--read-only] [--cidr=1.1.1.1/24,2.2.2.2/16] npm token revoke - ``` +``` + +Note: This command is unaware of workspaces. ### Description diff --git a/docs/content/commands/npm-unstar.md b/docs/content/commands/npm-unstar.md index 5471d908004e1..bad1917593841 100644 --- a/docs/content/commands/npm-unstar.md +++ b/docs/content/commands/npm-unstar.md @@ -10,6 +10,8 @@ description: Remove an item from your favorite packages npm unstar [...] ``` +Note: This command is unaware of workspaces. + ### Description "Unstarring" a package is the opposite of [`npm star`](/commands/npm-star), diff --git a/docs/content/commands/npm-whoami.md b/docs/content/commands/npm-whoami.md index 43b301c51707a..892adeea3db7c 100644 --- a/docs/content/commands/npm-whoami.md +++ b/docs/content/commands/npm-whoami.md @@ -10,6 +10,8 @@ description: Display npm username npm whoami [--registry ] ``` +Note: This command is unaware of workspaces. + ### Description Print the `username` config to standard output. diff --git a/docs/content/configuring-npm/package-json.md b/docs/content/configuring-npm/package-json.md index 4b3fd2ba93459..f3a186f436e02 100644 --- a/docs/content/configuring-npm/package-json.md +++ b/docs/content/configuring-npm/package-json.md @@ -325,6 +325,8 @@ This should be a module relative to the root of your package folder. For most modules, it makes the most sense to have a main script and often not much else. +If `main` is not set it defaults to `index.js` in the packages root folder. + ### browser If your module is meant to be used client-side the browser field should be @@ -562,8 +564,7 @@ tarball or git URL. **Please do not put test harnesses or transpilers or other "development" time tools in your `dependencies` object.** See `devDependencies`, below. -See [semver]([/using-npm/semver](https://github.com/npm/node-semver#versions)) -for more details about specifying version ranges. +See [semver](/using-npm/semver#versions) for more details about specifying version ranges. * `version` Must match `version` exactly * `>version` Must be greater than `version` diff --git a/docs/content/using-npm/config.md b/docs/content/using-npm/config.md index 1032adafbeb22..da69ad4632530 100644 --- a/docs/content/using-npm/config.md +++ b/docs/content/using-npm/config.md @@ -59,30 +59,48 @@ internal to npm, and are defaults if nothing else is specified. The following shorthands are parsed on the command-line: -* `-v`: `--version` -* `-h`, `-?`, `--help`, `-H`: `--usage` -* `-s`, `--silent`: `--loglevel silent` -* `-q`, `--quiet`: `--loglevel warn` -* `-d`: `--loglevel info` -* `-dd`, `--verbose`: `--loglevel verbose` -* `-ddd`: `--loglevel silly` + + +* `-a`: `--all` +* `--enjoy-by`: `--before` +* `-c`: `--call` +* `--desc`: `--description` +* `-f`: `--force` * `-g`: `--global` -* `-C`: `--prefix` +* `-d`: `--loglevel info` +* `-s`: `--loglevel silent` +* `--silent`: `--loglevel silent` +* `--ddd`: `--loglevel silly` +* `--dd`: `--loglevel verbose` +* `--verbose`: `--loglevel verbose` +* `-q`: `--loglevel warn` +* `--quiet`: `--loglevel warn` * `-l`: `--long` * `-m`: `--message` -* `-p`, `--porcelain`: `--parseable` -* `-reg`: `--registry` -* `-f`: `--force` -* `-desc`: `--description` +* `--local`: `--no-global` +* `-n`: `--no-yes` +* `--no`: `--no-yes` +* `-p`: `--parseable` +* `--porcelain`: `--parseable` +* `-C`: `--prefix` +* `--readonly`: `--read-only` +* `--reg`: `--registry` * `-S`: `--save` -* `-P`: `--save-prod` -* `-D`: `--save-dev` -* `-O`: `--save-optional` * `-B`: `--save-bundle` +* `-D`: `--save-dev` * `-E`: `--save-exact` +* `-O`: `--save-optional` +* `-P`: `--save-prod` +* `-?`: `--usage` +* `-h`: `--usage` +* `-H`: `--usage` +* `--help`: `--usage` +* `-v`: `--version` +* `-w`: `--workspace` +* `--ws`: `--workspaces` * `-y`: `--yes` -* `-n`: `--yes false` -* `ll` and `la` commands: `ls --long` + + If the specified configuration param resolves unambiguously to a known configuration parameter, then it is expanded to that configuration @@ -107,26 +125,39 @@ npm ls --global --parseable --long --loglevel info ### Config Settings -#### access + + +#### `_auth` + +* Default: null +* Type: null or String + +A basic-auth string to use when authenticating against the npm registry. + +Warning: This should generally not be set via a command-line option. It is +safer to use a registry-provided authentication bearer token stored in the +~/.npmrc file by running `npm login`. -* Default: `restricted` -* Type: Access +#### `access` -When publishing scoped packages, the access level defaults to `restricted`. If -you want your scoped package to be publicly viewable (and installable) set -`--access=public`. The only valid values for `access` are `public` and +* Default: 'restricted' for scoped packages, 'public' for unscoped packages +* Type: null, "restricted", or "public" + +When publishing scoped packages, the access level defaults to `restricted`. +If you want your scoped package to be publicly viewable (and installable) +set `--access=public`. The only valid values for `access` are `public` and `restricted`. Unscoped packages _always_ have an access level of `public`. -#### all +#### `all` -* Default: `false` +* Default: false * Type: Boolean When running `npm outdated` and `npm ls`, setting `--all` will show all outdated or installed packages, rather than only those directly depended upon by the current project. -#### allow-same-version +#### `allow-same-version` * Default: false * Type: Boolean @@ -134,78 +165,62 @@ upon by the current project. Prevents throwing an error when `npm version` is used to set the new version to the same value as the current version. -#### always-auth +#### `always-auth` * Default: false * Type: Boolean -Force npm to always require authentication when accessing the registry, -even for `GET` requests. - -#### also - -* Default: null -* Type: String - -When "dev" or "development" and running local `npm shrinkwrap`, -`npm outdated`, or `npm update`, is an alias for `--dev`. +Force npm to always require authentication when accessing the registry, even +for `GET` requests. -#### audit +#### `audit` * Default: true * Type: Boolean When "true" submit audit reports alongside `npm install` runs to the default -registry and all registries configured for scopes. See the documentation -for [`npm audit`](/commands/npm-audit) for details on what is submitted. - -#### audit-level - -* Default: `"low"` -* Type: `'low'`, `'moderate'`, `'high'`, `'critical'` - -The minimum level of vulnerability for `npm audit` to exit with -a non-zero exit code. +registry and all registries configured for scopes. See the documentation for +[`npm audit`](/commands/npm-audit) for details on what is submitted. -#### auth-type +#### `audit-level` -* Default: `'legacy'` -* Type: `'legacy'`, `'sso'`, `'saml'`, `'oauth'` +* Default: null +* Type: "low", "moderate", "high", "critical", "none", or null -What authentication strategy to use with `adduser`/`login`. +The minimum level of vulnerability for `npm audit` to exit with a non-zero +exit code. -#### before +#### `before` -* Alias: enjoy-by * Default: null -* Type: Date +* Type: null or Date -If passed to `npm install`, will rebuild the npm tree such that only versions -that were available **on or before** the `--before` time get installed. -If there's no versions available for the current set of direct dependencies, the -command will error. +If passed to `npm install`, will rebuild the npm tree such that only +versions that were available **on or before** the `--before` time get +installed. If there's no versions available for the current set of direct +dependencies, the command will error. If the requested version is a `dist-tag` and the given tag does not pass the -`--before` filter, the most recent version less than or equal to that tag will -be used. For example, `foo@latest` might install `foo@1.2` even though `latest` -is `2.0`. +`--before` filter, the most recent version less than or equal to that tag +will be used. For example, `foo@latest` might install `foo@1.2` even though +`latest` is `2.0`. -#### bin-links +#### `bin-links` -* Default: `true` +* Default: true * Type: Boolean Tells npm to create symlinks (or `.cmd` shims on Windows) for package executables. -Set to false to have it not do this. This can be used to work around -the fact that some file systems don't support symlinks, even on -ostensibly Unix systems. +Set to false to have it not do this. This can be used to work around the +fact that some file systems don't support symlinks, even on ostensibly Unix +systems. -#### browser +#### `browser` * Default: OS X: `"open"`, Windows: `"start"`, Others: `"xdg-open"` -* Type: String or Boolean +* Type: null, Boolean, or String The browser that is called by npm commands to open websites. @@ -214,87 +229,50 @@ terminal. Set to `true` to use default system URL opener. -#### ca +#### `ca` -* Default: The npm CA certificate -* Type: String, Array or null +* Default: null +* Type: null or String (can be set multiple times) The Certificate Authority signing certificate that is trusted for SSL -connections to the registry. Values should be in PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines -replaced by the string "\n". For example: +connections to the registry. Values should be in PEM format (Windows calls +it "Base-64 encoded X.509 (.CER)") with newlines replaced by the string +"\n". For example: -```bash +```ini ca="-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----" ``` -Set to `null` to only allow "known" registrars, or to a specific CA cert -to trust only that specific signing authority. +Set to `null` to only allow "known" registrars, or to a specific CA cert to +trust only that specific signing authority. Multiple CAs can be trusted by specifying an array of certificates: -```bash +```ini ca[]="..." ca[]="..." ``` See also the `strict-ssl` config. -#### cafile - -* Default: `null` -* Type: path - -A path to a file containing one or multiple Certificate Authority signing -certificates. Similar to the `ca` setting, but allows for multiple CA's, as -well as for the CA information to be stored in a file on disk. - -#### cache - -* Default: Windows: `%AppData%\npm-cache`, Posix: `~/.npm` -* Type: path - -The location of npm's cache directory. See [`npm cache`](/commands/npm-cache) - -#### cache-lock-stale - -* Default: 60000 (1 minute) -* Type: Number - -The number of ms before cache folder lockfiles are considered stale. - -#### cache-lock-retries - -* Default: 10 -* Type: Number +#### `cache` -Number of times to retry to acquire a lock on cache folder lockfiles. +* Default: Windows: `%LocalAppData%\npm-cache`, Posix: `~/.npm` +* Type: Path -#### cache-lock-wait +The location of npm's cache directory. See [`npm +cache`](/commands/npm-cache) -* Default: 10000 (10 seconds) -* Type: Number +#### `cafile` -Number of ms to wait for cache lock files to expire. - -#### cache-max - -* Default: Infinity -* Type: Number - -**DEPRECATED**: This option has been deprecated in favor of `--prefer-online`. - -`--cache-max=0` is an alias for `--prefer-online`. - -#### cache-min - -* Default: 10 -* Type: Number - -**DEPRECATED**: This option has been deprecated in favor of `--prefer-offline`. +* Default: null +* Type: Path -`--cache-min=9999 (or bigger)` is an alias for `--prefer-offline`. +A path to a file containing one or multiple Certificate Authority signing +certificates. Similar to the `ca` setting, but allows for multiple CA's, as +well as for the CA information to be stored in a file on disk. -#### call +#### `call` * Default: "" * Type: String @@ -306,154 +284,206 @@ custom command to be run along with the installed packages. npm exec --package yo --package generator-node --call "yo node" ``` -#### cert -* Default: `null` -* Type: String +#### `cert` + +* Default: null +* Type: null or String -A client certificate to pass when accessing the registry. Values should be in -PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with newlines replaced by the string "\n". For example: +A client certificate to pass when accessing the registry. Values should be +in PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with +newlines replaced by the string "\n". For example: -```bash +```ini cert="-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----" ``` -It is _not_ the path to a certificate file (and there is no "certfile" option). +It is _not_ the path to a certificate file (and there is no "certfile" +option). -#### cidr +#### `ci-name` -* Default: `null` -* Type: String, Array, null +* Default: The name of the current CI system, or `null` when not on a known CI + platform. +* Type: null or String -This is a list of CIDR address to be used when configuring limited access tokens with the `npm token create` command. +The name of a continuous integration system. If not set explicitly, npm will +detect the current CI environment using the +[`@npmcli/ci-detect`](http://npm.im/@npmcli/ci-detect) module. -#### commit-hooks +#### `cidr` -* Default: `true` -* Type: Boolean +* Default: null +* Type: null or String (can be set multiple times) -Run git commit hooks when using the `npm version` command. +This is a list of CIDR address to be used when configuring limited access +tokens with the `npm token create` command. -#### color +#### `color` -* Default: true -* Type: Boolean or `"always"` +* Default: true unless the NO_COLOR environ is set to something other than '0' +* Type: "always" or Boolean -If false, never shows colors. If `"always"` then always shows colors. -If true, then only prints color codes for tty file descriptors. +If false, never shows colors. If `"always"` then always shows colors. If +true, then only prints color codes for tty file descriptors. -This option can also be changed using the environment: colors are -disabled when the environment variable `NO_COLOR` is set to any value. +#### `commit-hooks` -#### depth +* Default: true +* Type: Boolean -* Default: null +Run git commit hooks when using the `npm version` command. + +#### `depth` + +* Default: `Infinity` if `--all` is set, otherwise `1` * Type: null or Number The depth to go when recursing packages for `npm ls`. -To make this default to `Infinity` instead of `null`, set `--all`. +If not set, `npm ls` will show only the immediate dependencies of the root +project. If `--all` is set, then npm will show all dependencies by default. -#### description +#### `description` * Default: true * Type: Boolean Show the description in `npm search` -#### dev +#### `diff` + +* Default: +* Type: String (can be set multiple times) + +Define arguments to compare in `npm diff`. + +#### `diff-dst-prefix` + +* Default: "b/" +* Type: String + +Destination prefix to be used in `npm diff` output. + +#### `diff-ignore-all-space` * Default: false * Type: Boolean -\[Deprecated\] Install `dev-dependencies` along with packages. +Ignore whitespace when comparing lines in `npm diff`. -#### dry-run +#### `diff-name-only` * Default: false * Type: Boolean -Indicates that you don't want npm to make any changes and that it should -only report what it would have done. This can be passed into any of the -commands that modify your local installation, eg, `install`, `update`, -`dedupe`, `uninstall`. This is NOT currently honored by some network related -commands, eg `dist-tags`, `owner`, etc. +Prints only filenames when using `npm diff`. -#### diff +#### `diff-no-prefix` -* Default: null -* Type: String, Array, null +* Default: false +* Type: Boolean -Define arguments to compare in `npm diff`. +Do not show any source or destination prefix in `npm diff` output. + +Note: this causes `npm diff` to ignore the `--diff-src-prefix` and +`--diff-dst-prefix` configs. + +#### `diff-src-prefix` + +* Default: "a/" +* Type: String + +Source prefix to be used in `npm diff` output. -#### diff-name-only +#### `diff-text` * Default: false * Type: Boolean -Prints only filenames when using `npm diff`. +Treat all files as text in `npm diff`. -#### diff-unified +#### `diff-unified` -* Type: number -* Default: `3` +* Default: 3 +* Type: Number The number of lines of context to print in `npm diff`. -#### diff-ignore-all-space +#### `dry-run` -* Type: Boolean * Default: false +* Type: Boolean -Ignore whitespace when comparing lines in `npm diff. +Indicates that you don't want npm to make any changes and that it should +only report what it would have done. This can be passed into any of the +commands that modify your local installation, eg, `install`, `update`, +`dedupe`, `uninstall`, as well as `pack` and `publish`. -#### diff-no-prefix +Note: This is NOT honored by other network related commands, eg `dist-tags`, +`owner`, etc. + +#### `editor` + +* Default: The EDITOR or VISUAL environment variables, or 'notepad.exe' on + Windows, or 'vim' on Unix systems +* Type: String + +The command to run for `npm edit` and `npm config edit`. + +#### `engine-strict` -* Type: Boolean * Default: false +* Type: Boolean -Do not show any source or destination prefix in `npm diff` output. +If set to true, then npm will stubbornly refuse to install (or even consider +installing) any package that claims to not be compatible with the current +Node.js version. -#### diff-src-prefix +This can be overridden by setting the `--force` flag. -* Type: String -* Default: `"a/"` +#### `fetch-retries` -Source prefix to be used in `npm diff` output. +* Default: 2 +* Type: Number -#### diff-dst-prefix +The "retries" config for the `retry` module to use when fetching packages +from the registry. -* Type: String -* Default: `"b/"` +npm will retry idempotent read requests to the registry in the case of +network failures or 5xx HTTP errors. -Destination prefix to be used in `npm diff` output. +#### `fetch-retry-factor` -#### diff-text +* Default: 10 +* Type: Number -* Alias: `-a` -* Type: Boolean -* Default: false +The "factor" config for the `retry` module to use when fetching packages. -Treat all files as text in `npm diff`. +#### `fetch-retry-maxtimeout` -#### editor +* Default: 60000 (1 minute) +* Type: Number -* Default: `EDITOR` environment variable if set, or `"vi"` on Posix, - or `"notepad"` on Windows. -* Type: path +The "maxTimeout" config for the `retry` module to use when fetching +packages. -The command to run for `npm edit` or `npm config edit`. +#### `fetch-retry-mintimeout` -#### engine-strict +* Default: 10000 (10 seconds) +* Type: Number -* Default: false -* Type: Boolean +The "minTimeout" config for the `retry` module to use when fetching +packages. + +#### `fetch-timeout` -If set to true, then npm will stubbornly refuse to install (or even -consider installing) any package that claims to not be compatible with -the current Node.js version. +* Default: 300000 (5 minutes) +* Type: Number + +The maximum amount of time to wait for HTTP requests to complete. -#### force +#### `force` * Default: false * Type: Boolean @@ -467,17 +497,16 @@ mistakes, unnecessary performance degradation, and malicious input. * Allow installing packages that have an `engines` declaration requiring a different version of npm. * Allow installing packages that have an `engines` declaration requiring a - different version of `node`, even if `--engines-strict` is enabled. + different version of `node`, even if `--engine-strict` is enabled. * Allow `npm audit fix` to install modules outside your stated dependency range (including SemVer-major changes). -* Allow a module to be installed as a direct dependency of itself. * Allow unpublishing all versions of a published package. * Allow conflicting peerDependencies to be installed in the root project. If you don't have a clear idea of what you want to do, it is strongly recommended that you do not use this option! -#### foreground-scripts +#### `foreground-scripts` * Default: false * Type: Boolean @@ -486,249 +515,217 @@ Run all build scripts (ie, `preinstall`, `install`, and `postinstall`) scripts for installed packages in the foreground process, sharing standard input, output, and error with the main npm process. -Note that this will generally make installs run slower, and be much -noisier, but can be useful for debugging. +Note that this will generally make installs run slower, and be much noisier, +but can be useful for debugging. -#### format-package-lock +#### `format-package-lock` * Default: true * Type: Boolean -Format `package-lock.json` or `npm-shrinkwrap.json` as a human readable file. +Format `package-lock.json` or `npm-shrinkwrap.json` as a human readable +file. -#### fund +#### `fund` * Default: true * Type: Boolean When "true" displays the message at the end of each `npm install` -acknowledging the number of dependencies looking for funding. -See [`npm fund`](/commands/npm-fund) for details. +acknowledging the number of dependencies looking for funding. See [`npm +fund`](/commands/npm-fund) for details. -#### fetch-retries +#### `git` -* Default: 2 -* Type: Number - -The "retries" config for the `retry` module to use when fetching -packages from the registry. - -#### fetch-retry-factor - -* Default: 10 -* Type: Number - -The "factor" config for the `retry` module to use when fetching -packages. - -#### fetch-retry-mintimeout - -* Default: 10000 (10 seconds) -* Type: Number - -The "minTimeout" config for the `retry` module to use when fetching -packages. - -#### fetch-retry-maxtimeout - -* Default: 60000 (1 minute) -* Type: Number - -The "maxTimeout" config for the `retry` module to use when fetching -packages. - -#### fetch-timeout - -* Default: 300000 (5 minutes) -* Type: Number - -The maximum amount of time to wait for HTTP requests to complete. - -#### git - -* Default: `"git"` +* Default: "git" * Type: String -The command to use for git commands. If git is installed on the -computer, but is not in the `PATH`, then set this to the full path to -the git binary. +The command to use for git commands. If git is installed on the computer, +but is not in the `PATH`, then set this to the full path to the git binary. -#### git-tag-version +#### `git-tag-version` -* Default: `true` +* Default: true * Type: Boolean Tag the commit when using the `npm version` command. -#### global +#### `global` * Default: false * Type: Boolean -Operates in "global" mode, so that packages are installed into the -`prefix` folder instead of the current working directory. See +Operates in "global" mode, so that packages are installed into the `prefix` +folder instead of the current working directory. See [folders](/configuring-npm/folders) for more on the differences in behavior. -* packages are installed into the `{prefix}/lib/node_modules` folder, instead of the - current working directory. +* packages are installed into the `{prefix}/lib/node_modules` folder, instead + of the current working directory. * bin files are linked to `{prefix}/bin` * man pages are linked to `{prefix}/share/man` -#### globalconfig - -* Default: {prefix}/etc/npmrc -* Type: path - -The config file to read for global config options. - -#### global-style +#### `global-style` * Default: false * Type: Boolean Causes npm to install the package into your local `node_modules` folder with -the same layout it uses with the global `node_modules` folder. Only your +the same layout it uses with the global `node_modules` folder. Only your direct dependencies will show in `node_modules` and everything they depend -on will be flattened in their `node_modules` folders. This obviously will -eliminate some deduping. If used with `legacy-bundling`, `legacy-bundling` will be -preferred. +on will be flattened in their `node_modules` folders. This obviously will +eliminate some deduping. If used with `legacy-bundling`, `legacy-bundling` +will be preferred. + +#### `globalconfig` + +* Default: The global --prefix setting plus 'etc/npmrc'. For example, + '/usr/local/etc/npmrc' +* Type: Path -#### heading +The config file to read for global config options. + +#### `heading` -* Default: `"npm"` +* Default: "npm" * Type: String The string that starts all the debugging log output. -#### https-proxy +#### `https-proxy` * Default: null -* Type: url +* Type: null or URL A proxy to use for outgoing https requests. If the `HTTPS_PROXY` or `https_proxy` or `HTTP_PROXY` or `http_proxy` environment variables are set, -proxy settings will be honored by the underlying `request` library. +proxy settings will be honored by the underlying `make-fetch-happen` +library. -#### if-present +#### `if-present` * Default: false * Type: Boolean -If true, npm will not exit with an error code when `run-script` is invoked for -a script that isn't defined in the `scripts` section of `package.json`. This -option can be used when it's desirable to optionally run a script when it's -present and fail if the script fails. This is useful, for example, when running -scripts that may only apply for some builds in an otherwise generic CI setup. +If true, npm will not exit with an error code when `run-script` is invoked +for a script that isn't defined in the `scripts` section of `package.json`. +This option can be used when it's desirable to optionally run a script when +it's present and fail if the script fails. This is useful, for example, when +running scripts that may only apply for some builds in an otherwise generic +CI setup. -#### ignore-prepublish +#### `ignore-scripts` * Default: false * Type: Boolean -If true, npm will not run `prepublish` scripts. +If true, npm does not run scripts specified in package.json files. -#### ignore-scripts +#### `include` -* Default: false -* Type: Boolean +* Default: +* Type: "prod", "dev", "optional", or "peer" (can be set multiple times) -If true, npm does not run scripts specified in package.json files. +Option that allows for defining which types of dependencies to install. -#### include +This is the inverse of `--omit=`. -* Default: `[prod|dev|optional|peer]` -* Type: Array +Dependency types specified in `--include` will not be omitted, regardless of +the order in which omit/include are specified on the command-line. -Option that allows for defining which types of dependencies to install. +#### `include-staged` -#### init-module +* Default: false +* Type: Boolean -* Alias: `init.module` -* Default: ~/.npm-init.js -* Type: path +Allow installing "staged" published packages, as defined by [npm RFC PR +#92](https://github.com/npm/rfcs/pull/92). -A module that will be loaded by the `npm init` command. See the -documentation for the -[init-package-json](https://github.com/npm/init-package-json) module -for more information, or [npm init](/commands/npm-init). +This is experimental, and not implemented by the npm public registry. -#### init-author-name +#### `init-author-email` -* Alias: `init.author.name` * Default: "" * Type: String -The value `npm init` should use by default for the package author's name. +The value `npm init` should use by default for the package author's email. -#### init-author-email +#### `init-author-name` -* Alias: `init.author.email` * Default: "" * Type: String -The value `npm init` should use by default for the package author's email. +The value `npm init` should use by default for the package author's name. -#### init-author-url +#### `init-author-url` -* Alias: `init.author.url` * Default: "" -* Type: String +* Type: "" or URL -The value `npm init` should use by default for the package author's homepage. +The value `npm init` should use by default for the package author's +homepage. -#### init-license +#### `init-license` -* Alias: `init.license` * Default: "ISC" * Type: String The value `npm init` should use by default for the package license. -#### init-version +#### `init-module` + +* Default: "~/.npm-init.js" +* Type: Path + +A module that will be loaded by the `npm init` command. See the +documentation for the +[init-package-json](https://github.com/npm/init-package-json) module for +more information, or [npm init](/commands/npm-init). + +#### `init-version` -* Alias: `init.version` * Default: "1.0.0" -* Type: semver +* Type: SemVer string -The value that `npm init` should use by default for the package -version number, if not already set in package.json. +The value that `npm init` should use by default for the package version +number, if not already set in package.json. -#### json +#### `json` * Default: false * Type: Boolean Whether or not to output JSON data, rather than the normal output. -This feature is currently experimental, and the output data structures for many -commands is either not implemented in JSON yet, or subject to change. Only the -output from `npm ls --json` and `npm search --json` are currently valid. +This feature is currently experimental, and the output data structures for +many commands is either not implemented in JSON yet, or subject to change. +Only the output from `npm ls --json` and `npm search --json` are currently +valid. -#### key +#### `key` -* Default: `null` -* Type: String +* Default: null +* Type: null or String -A client key to pass when accessing the registry. Values should be in PEM +A client key to pass when accessing the registry. Values should be in PEM format with newlines replaced by the string "\n". For example: -```json +```ini key="-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----" ``` It is _not_ the path to a key file (and there is no "keyfile" option). -#### legacy-bundling +#### `legacy-bundling` * Default: false * Type: Boolean Causes npm to install the package such that versions of npm prior to 1.4, -such as the one included with node 0.8, can install the package. This +such as the one included with node 0.8, can install the package. This eliminates all automatic deduping. If used with `global-style` this option will be preferred. -#### legacy-peer-deps +#### `legacy-peer-deps` * Default: false * Type: Boolean @@ -736,9 +733,8 @@ will be preferred. Causes npm to completely ignore `peerDependencies` when building a package tree, as in npm versions 3 through 6. -If a package cannot be installed because of overly strict -`peerDependencies` that collide, it provides a way to move forward -resolving the situation. +If a package cannot be installed because of overly strict `peerDependencies` +that collide, it provides a way to move forward resolving the situation. This differs from `--omit=peer`, in that `--omit=peer` will avoid unpacking `peerDependencies` on disk, but will still design a tree such that @@ -747,7 +743,7 @@ This differs from `--omit=peer`, in that `--omit=peer` will avoid unpacking Use of `legacy-peer-deps` is not recommended, as it will not enforce the `peerDependencies` contract that meta-dependencies may rely on. -#### link +#### `link` * Default: false * Type: Boolean @@ -755,57 +751,57 @@ Use of `legacy-peer-deps` is not recommended, as it will not enforce the If true, then local installs will link if there is a suitable globally installed package. -Note that this means that local installs can cause things to be -installed into the global space at the same time. The link is only done -if one of the two conditions are met: +Note that this means that local installs can cause things to be installed +into the global space at the same time. The link is only done if one of the +two conditions are met: * The package is not already installed globally, or -* the globally installed version is identical to the version that is - being installed locally. +* the globally installed version is identical to the version that is being + installed locally. -#### local-address +#### `local-address` -* Default: undefined +* Default: null * Type: IP Address -The IP address of the local interface to use when making connections -to the npm registry. Must be IPv4 in versions of Node prior to 0.12. +The IP address of the local interface to use when making connections to the +npm registry. Must be IPv4 in versions of Node prior to 0.12. -#### loglevel +#### `loglevel` * Default: "notice" -* Type: String -* Values: "silent", "error", "warn", "notice", "http", "timing", "info", - "verbose", "silly" +* Type: "silent", "error", "warn", "notice", "http", "timing", "info", + "verbose", or "silly" -What level of logs to report. On failure, *all* logs are written to +What level of logs to report. On failure, *all* logs are written to `npm-debug.log` in the current working directory. -Any logs of a higher level than the setting are shown. The default is "notice". +Any logs of a higher level than the setting are shown. The default is +"notice". -#### logs-max +#### `logs-max` * Default: 10 * Type: Number The maximum number of log files to store. -#### long +#### `long` * Default: false * Type: Boolean Show extended information in `npm ls` and `npm search`. -#### maxsockets +#### `maxsockets` -* Default: 50 +* Default: Infinity * Type: Number The maximum number of connections to use per origin (protocol/host/port -combination). Passed to the `http` `Agent` used to make the request. +combination). -#### message +#### `message` * Default: "%s" * Type: String @@ -814,73 +810,83 @@ Commit message which is used by `npm version` when creating version commit. Any "%s" in the message will be replaced with the version number. -#### node-options +#### `node-options` * Default: null -* Type: String +* Type: null or String Options to pass through to Node.js via the `NODE_OPTIONS` environment -variable. This does not impact how npm itself is executed but it does -impact how lifecycle scripts are called. +variable. This does not impact how npm itself is executed but it does impact +how lifecycle scripts are called. -#### node-version +#### `node-version` -* Default: process.version -* Type: semver or false +* Default: Node.js `process.version` value +* Type: SemVer string -The node version to use when checking a package's `engines` map. +The node version to use when checking a package's `engines` setting. -#### noproxy +#### `noproxy` -* Default: null -* Type: String or Array +* Default: The value of the NO_PROXY environment variable +* Type: String (can be set multiple times) -A comma-separated string or an array of domain extensions that a proxy should not be used for. +Domain extensions that should bypass any proxies. -#### offline +Also accepts a comma-delimited string. -* Default: false -* Type: Boolean +#### `npm-version` -Force offline mode: no network requests will be done during install. To allow -the CLI to fill in missing cache data, see `--prefer-offline`. +* Default: Output of `npm --version` +* Type: SemVer string -#### only +The npm version to use when checking a package's `engines` setting. -* Default: null -* Type: String +#### `offline` -When "dev" or "development" and running local `npm install` without any -arguments, only devDependencies (and their dependencies) are installed. +* Default: false +* Type: Boolean -When "dev" or "development" and running local `npm ls`, `npm outdated`, or -`npm update`, is an alias for `--dev`. +Force offline mode: no network requests will be done during install. To +allow the CLI to fill in missing cache data, see `--prefer-offline`. -When "prod" or "production" and running local `npm install` without any -arguments, only non-devDependencies (and their dependencies) are -installed. +#### `omit` -When "prod" or "production" and running local `npm ls`, `npm outdated`, or -`npm update`, is an alias for `--production`. +* Default: 'dev' if the NODE_ENV environment variable is set to 'production', + otherwise empty. +* Type: "dev", "optional", or "peer" (can be set multiple times) -#### optional +Dependency types to omit from the installation tree on disk. -* Default: true -* Type: Boolean +Note that these dependencies _are_ still resolved and added to the +`package-lock.json` or `npm-shrinkwrap.json` file. They are just not +physically installed on disk. + +If a package type appears in both the `--include` and `--omit` lists, then +it will be included. -Attempt to install packages in the `optionalDependencies` object. Note -that if these packages fail to install, the overall installation -process is not aborted. +If the resulting omit list includes `'dev'`, then the `NODE_ENV` environment +variable will be set to `'production'` for all lifecycle scripts. -#### otp +#### `otp` * Default: null -* Type: Number +* Type: null or String -This is a one-time password from a two-factor authenticator. It's needed +This is a one-time password from a two-factor authenticator. It's needed when publishing or changing package permissions with `npm access`. -#### package-lock +If not set, and a registry response fails with a challenge for a one-time +password, npm will prompt on the command line for one. + +#### `package` + +* Default: +* Type: String (can be set multiple times) + +The package to install for [`npm exec`](/commands/npm-exec) + +#### `package-lock` * Default: true * Type: Boolean @@ -889,75 +895,63 @@ If set to false, then ignore `package-lock.json` files when installing. This will also prevent _writing_ `package-lock.json` if `save` is true. When package package-locks are disabled, automatic pruning of extraneous -modules will also be disabled. To remove extraneous modules with +modules will also be disabled. To remove extraneous modules with package-locks disabled use `npm prune`. -This option is an alias for `--shrinkwrap`. - -#### package-lock-only +#### `package-lock-only` * Default: false * Type: Boolean -If set to true, it will update only the `package-lock.json`, -instead of checking `node_modules` and downloading dependencies. +If set to true, it will update only the `package-lock.json`, instead of +checking `node_modules` and downloading dependencies. -#### parseable +#### `parseable` * Default: false * Type: Boolean -Output parseable results from commands that write to -standard output. For `npm search`, this will be tab-separated table format. +Output parseable results from commands that write to standard output. For +`npm search`, this will be tab-separated table format. -#### prefer-offline +#### `prefer-offline` * Default: false * Type: Boolean If true, staleness checks for cached data will be bypassed, but missing data -will be requested from the server. To force full offline mode, use `--offline`. - -This option is effectively equivalent to `--cache-min=9999999`. +will be requested from the server. To force full offline mode, use +`--offline`. -#### prefer-online +#### `prefer-online` * Default: false * Type: Boolean -If true, staleness checks for cached data will be forced, making the CLI look -for updates immediately even for fresh package data. +If true, staleness checks for cached data will be forced, making the CLI +look for updates immediately even for fresh package data. -#### prefix +#### `prefix` -* Default: see [folders](/configuring-npm/folders) -* Type: path +* Default: In global mode, the folder where the node executable is installed. + In local mode, the nearest parent folder containing either a package.json + file or a node_modules folder. +* Type: Path -The location to install global items. If set on the command line, then -it forces non-global commands to run in the specified folder. +The location to install global items. If set on the command line, then it +forces non-global commands to run in the specified folder. -#### preid +#### `preid` * Default: "" * Type: String -The "prerelease identifier" to use as a prefix for the "prerelease" part of a -semver. Like the `rc` in `1.2.0-rc.8`. +The "prerelease identifier" to use as a prefix for the "prerelease" part of +a semver. Like the `rc` in `1.2.0-rc.8`. -#### production +#### `progress` -* Default: false -* Type: Boolean - -Set to true to run in "production" mode. - -1. devDependencies are not installed at the topmost level when running - local `npm install` without any arguments. -2. Set the NODE_ENV="production" for lifecycle scripts. - -#### progress - -* Default: true, unless TRAVIS or CI env vars set. +* Default: `true` unless running in a known CI system * Type: Boolean When set to `true`, npm will display a progress bar during time intensive @@ -965,56 +959,48 @@ operations, if `process.stderr` is a TTY. Set to `false` to suppress the progress bar. -#### proxy +#### `proxy` * Default: null -* Type: url +* Type: null, false, or URL A proxy to use for outgoing http requests. If the `HTTP_PROXY` or -`http_proxy` environment variables are set, proxy settings will be -honored by the underlying `request` library. +`http_proxy` environment variables are set, proxy settings will be honored +by the underlying `request` library. -#### read-only +#### `read-only` * Default: false * Type: Boolean -This is used to mark a token as unable to publish when configuring limited access tokens with the `npm token create` command. +This is used to mark a token as unable to publish when configuring limited +access tokens with the `npm token create` command. -#### rebuild-bundle +#### `rebuild-bundle` * Default: true * Type: Boolean Rebuild bundled dependencies after installation. -#### registry +#### `registry` -* Default: https://registry.npmjs.org/ -* Type: url +* Default: "https://registry.npmjs.org/" +* Type: URL -The base URL of the npm package registry. +The base URL of the npm registry. -#### rollback - -* Default: true -* Type: Boolean - -Remove failed installs. - -#### save +#### `save` * Default: true * Type: Boolean Save installed packages to a package.json file as dependencies. -When used with the `npm rm` command, it removes it from the `dependencies` -object. - -Only works if there is already a package.json file present. +When used with the `npm rm` command, removes the dependency from +package.json. -#### save-bundle +#### `save-bundle` * Default: false * Type: Boolean @@ -1023,120 +1009,94 @@ If a package would be saved at install time by the use of `--save`, `--save-dev`, or `--save-optional`, then also put it in the `bundleDependencies` list. -When used with the `npm rm` command, it removes it from the -bundledDependencies list. +Ignore if `--save-peer` is set, since peerDependencies cannot be bundled. -#### save-prod +#### `save-dev` * Default: false * Type: Boolean -Makes sure that a package will be saved into `dependencies` specifically. This -is useful if a package already exists in `devDependencies` or -`optionalDependencies`, but you want to move it to be a production dep. This is -also the default behavior if `--save` is true, and neither `--save-dev` or -`--save-optional` are true. +Save installed packages to a package.json file as `devDependencies`. -#### save-dev +#### `save-exact` * Default: false * Type: Boolean -Save installed packages to a package.json file as `devDependencies`. - -When used with the `npm rm` command, it removes it from the -`devDependencies` object. - -Only works if there is already a package.json file present. +Dependencies saved to package.json will be configured with an exact version +rather than using npm's default semver range operator. -#### save-exact +#### `save-optional` * Default: false * Type: Boolean -Dependencies saved to package.json using `--save`, `--save-dev` or -`--save-optional` will be configured with an exact version rather than -using npm's default semver range operator. +Save installed packages to a package.json file as `optionalDependencies`. -#### save-optional +#### `save-peer` * Default: false * Type: Boolean -Save installed packages to a package.json file as -optionalDependencies. +Save installed packages. to a package.json file as `peerDependencies` -When used with the `npm rm` command, it removes it from the -`devDependencies` object. +#### `save-prefix` -Only works if there is already a package.json file present. - -#### save-prefix - -* Default: '^' +* Default: "^" * Type: String Configure how versions of packages installed to a package.json file via `--save` or `--save-dev` get prefixed. -For example if a package has version `1.2.3`, by default its version is -set to `^1.2.3` which allows minor upgrades for that package, but after -`npm config set save-prefix='~'` it would be set to `~1.2.3` which only allows +For example if a package has version `1.2.3`, by default its version is set +to `^1.2.3` which allows minor upgrades for that package, but after `npm +config set save-prefix='~'` it would be set to `~1.2.3` which only allows patch upgrades. -#### scope - -* Default: the scope of the current project, if any, or "" -* Type: String +#### `save-prod` -Associate an operation with a scope for a scoped registry. Useful when logging -in to a private registry for the first time: -`npm login --scope=@organization --registry=registry.organization.com`, which -will cause `@organization` to be mapped to the registry for future installation -of packages specified according to the pattern `@organization/package`. - -#### script-shell +* Default: false +* Type: Boolean -* Default: `null` -* Type: path +Save installed packages into `dependencies` specifically. This is useful if +a package already exists in `devDependencies` or `optionalDependencies`, but +you want to move it to be a non-optional production dependency. -The shell to use for scripts run with the `npm run` command. +This is the default behavior if `--save` is true, and neither `--save-dev` +or `--save-optional` are true. -#### scripts-prepend-node-path +#### `scope` -* Default: "warn-only" -* Type: Boolean, `"auto"` or `"warn-only"` +* Default: the scope of the current project, if any, or "" +* Type: String -If set to `true`, add the directory in which the current `node` executable -resides to the `PATH` environment variable when running scripts, -even if that means that `npm` will invoke a different `node` executable than -the one which it is running. +Associate an operation with a scope for a scoped registry. -If set to `false`, never modify `PATH` with that. +Useful when logging in to a private registry for the first time: -If set to `"warn-only"`, never modify `PATH` but print a warning if `npm` thinks -that you may want to run it with `true`, e.g. because the `node` executable -in the `PATH` is not the one `npm` was invoked with. +```bash +npm login --scope=@mycorp --registry=https://registry.mycorp.com +``` -If set to `auto`, only add that directory to the `PATH` environment variable -if the `node` executable with which `npm` was invoked and the one that is found -first on the `PATH` are different. +This will cause `@mycorp` to be mapped to the registry for future +installation of packages specified according to the pattern +`@mycorp/package`. -#### searchexclude +#### `script-shell` -* Default: "" -* Type: String +* Default: '/bin/sh' on POSIX systems, 'cmd.exe' on Windows +* Type: null or String -Space-separated options that limit the results from search. +The shell to use for scripts run with the `npm run` command. -#### searchopts +#### `searchexclude` * Default: "" * Type: String -Space-separated options that are always passed to search. +Space-separated options that limit the results from search. -#### searchlimit +#### `searchlimit` * Default: 20 * Type: Number @@ -1144,33 +1104,30 @@ Space-separated options that are always passed to search. Number of items to limit search results to. Will not apply at all to legacy searches. -#### searchstaleness +#### `searchopts` + +* Default: "" +* Type: String + +Space-separated options that are always passed to search. + +#### `searchstaleness` -* Default: 900 (15 minutes) +* Default: 900 * Type: Number The age of the cache, in seconds, before another registry request is made if using legacy search endpoint. -#### shell +#### `shell` -* Default: SHELL environment variable, or "bash" on Posix, or "cmd" on +* Default: SHELL environment variable, or "bash" on Posix, or "cmd.exe" on Windows -* Type: path +* Type: String The shell to run for the `npm explore` command. -#### shrinkwrap - -* Default: true -* Type: Boolean - -If set to false, then ignore `npm-shrinkwrap.json` files when installing. This -will also prevent _writing_ `npm-shrinkwrap.json` if `save` is true. - -This option is an alias for `--package-lock`. - -#### sign-git-commit +#### `sign-git-commit` * Default: false * Type: Boolean @@ -1178,36 +1135,21 @@ This option is an alias for `--package-lock`. If set to true, then the `npm version` command will commit the new package version using `-S` to add a signature. -Note that git requires you to have set up GPG keys in your git configs -for this to work properly. +Note that git requires you to have set up GPG keys in your git configs for +this to work properly. -#### sign-git-tag +#### `sign-git-tag` * Default: false * Type: Boolean -If set to true, then the `npm version` command will tag the version -using `-s` to add a signature. +If set to true, then the `npm version` command will tag the version using +`-s` to add a signature. -Note that git requires you to have set up GPG keys in your git configs -for this to work properly. - -#### sso-poll-frequency - -* Default: 500 -* Type: Number - -When used with SSO-enabled `auth-type`s, configures how regularly the registry -should be polled while the user is completing authentication. - -#### sso-type - -* Default: 'oauth' -* Type: 'oauth', 'saml', or null - -If `--auth-type=sso`, the type of SSO type to use. +Note that git requires you to have set up GPG keys in your git configs for +this to work properly. -#### strict-peer-deps +#### `strict-peer-deps` * Default: false * Type: Boolean @@ -1217,145 +1159,345 @@ conflicting `peerDependencies` will be treated as an install failure, even if npm could reasonably guess the appropriate resolution based on non-peer dependency relationships. -By default, conflicting `peerDependencies` in the dependency graph will be -resolved using the nearest non-peer dependency specification, even if doing -so will result in some packages receiving a peer dependency outside the -range set in their package's `peerDependencies` object. When such and -override is performed, a warning is printed, explaining the conflict and -the packages involved. If `--strict-peer-deps` is set, then the warning is -treated as a failure. +By default, conflicting `peerDependencies` deep in the dependency graph will +be resolved using the nearest non-peer dependency specification, even if +doing so will result in some packages receiving a peer dependency outside +the range set in their package's `peerDependencies` object. -#### strict-ssl +When such and override is performed, a warning is printed, explaining the +conflict and the packages involved. If `--strict-peer-deps` is set, then +this warning is treated as a failure. + +#### `strict-ssl` * Default: true * Type: Boolean -Whether or not to do SSL key validation when making requests to the -registry via https. +Whether or not to do SSL key validation when making requests to the registry +via https. See also the `ca` config. -#### tag +#### `tag` -* Default: latest +* Default: "latest" * Type: String -If you ask npm to install a package and don't tell it a specific version, then -it will install the specified tag. +If you ask npm to install a package and don't tell it a specific version, +then it will install the specified tag. -Also the tag that is added to the package@version specified by the `npm -tag` command, if no explicit tag is given. +Also the tag that is added to the package@version specified by the `npm tag` +command, if no explicit tag is given. -#### tag-version-prefix +#### `tag-version-prefix` -* Default: `"v"` +* Default: "v" * Type: String If set, alters the prefix used when tagging a new version when performing a -version increment using `npm-version`. To remove the prefix altogether, set it -to the empty string: `""`. +version increment using `npm-version`. To remove the prefix altogether, set +it to the empty string: `""`. -Because other tools may rely on the convention that npm version tags look like -`v1.0.0`, _only use this property if it is absolutely necessary_. In +Because other tools may rely on the convention that npm version tags look +like `v1.0.0`, _only use this property if it is absolutely necessary_. In particular, use care when overriding this setting for public packages. -#### timing +#### `timing` -* Default: `false` +* Default: false * Type: Boolean If true, writes an `npm-debug` log to `_logs` and timing information to -`_timing.json`, both in your cache. `_timing.json` is a newline delimited -list of JSON objects. You can quickly view it with this -[json](https://www.npmjs.com/package/json) command line: -`json -g < ~/.npm/_timing.json`. +`_timing.json`, both in your cache, even if the command completes +successfully. `_timing.json` is a newline delimited list of JSON objects. + +You can quickly view it with this [json](https://npm.im/json) command line: +`npm exec -- json -g < ~/.npm/_timing.json`. + +#### `umask` + +* Default: 0 +* Type: Octal numeric string in range 0000..0777 (0..511) -#### tmp +The "umask" value to use when setting the file creation mode on files and +folders. -* Default: TMPDIR environment variable, or "/tmp" -* Type: path +Folders and executables are given a mode which is `0o777` masked against +this value. Other files are given a mode which is `0o666` masked against +this value. -Where to store temporary files and folders. All temp files are deleted -on success, but left behind on failure for forensic purposes. +Note that the underlying system will _also_ apply its own umask value to +files and folders that are created, and npm does not circumvent this, but +rather adds the `--umask` config to it. -#### unicode +Thus, the effective default umask value on most POSIX systems is 0o22, +meaning that folders and executables are created with a mode of 0o755 and +other files are created with a mode of 0o644. -* Default: false on windows, true on mac/unix systems with a unicode locale +#### `unicode` + +* Default: false on windows, true on mac/unix systems with a unicode locale, + as defined by the LC_ALL, LC_CTYPE, or LANG environment variables. * Type: Boolean -When set to true, npm uses unicode characters in the tree output. When -false, it uses ascii characters to draw trees. +When set to true, npm uses unicode characters in the tree output. When +false, it uses ascii characters instead of unicode glyphs. -#### update-notifier +#### `update-notifier` * Default: true * Type: Boolean -Set to false to suppress the update notification when using an older -version of npm than the latest. +Set to false to suppress the update notification when using an older version +of npm than the latest. -#### usage +#### `usage` * Default: false * Type: Boolean -Set to show short usage output (like the -H output) -instead of complete help when doing [`npm help`](/commands/npm-help). - -#### userconfig - -* Default: ~/.npmrc -* Type: path +Show short usage output about the command specified. -The location of user-level configuration settings. +#### `user-agent` -#### umask +* Default: "npm/{npm-version} node/{node-version} {platform} {arch} {ci}" +* Type: String -* Default: 022 -* Type: Octal numeric string in range 0000..0777 (0..511) +Sets the User-Agent request header. The following fields are replaced with +their actual counterparts: -The "umask" value to use when setting the file creation mode on files -and folders. +* `{npm-version}` - The npm version in use +* `{node-version}` - The Node.js version in use +* `{platform}` - The value of `process.platform` +* `{arch}` - The value of `process.arch` +* `{ci}` - The value of the `ci-name` config, if set, prefixed with `ci/`, or + an empty string if `ci-name` is empty. -Folders and executables are given a mode which is `0777` masked against -this value. Other files are given a mode which is `0666` masked against -this value. Thus, the defaults are `0755` and `0644` respectively. +#### `userconfig` -#### user-agent +* Default: "~/.npmrc" +* Type: Path -* Default: node/{process.version} {process.platform} {process.arch} -* Type: String +The location of user-level configuration settings. -Sets a User-Agent to the request header +This may be overridden by the `npm_config_userconfig` environment variable +or the `--userconfig` command line option, but may _not_ be overridden by +settings in the `globalconfig` file. -#### version +#### `version` * Default: false -* Type: boolean +* Type: Boolean If true, output the npm version and exit successfully. Only relevant when specified explicitly on the command line. -#### versions +#### `versions` * Default: false -* Type: boolean +* Type: Boolean -If true, output the npm version as well as node's `process.versions` map, and -exit successfully. +If true, output the npm version as well as node's `process.versions` map and +the version in the current working directory's `package.json` file if one +exists, and exit successfully. Only relevant when specified explicitly on the command line. -#### viewer +#### `viewer` * Default: "man" on Posix, "browser" on Windows -* Type: path +* Type: String The program to use to view help content. Set to `"browser"` to view html help content in the default web browser. +#### `which` + +* Default: null +* Type: null or Number + +If there are multiple funding sources, which 1-indexed source URL to open. + +#### `workspace` + +* Default: +* Type: String (can be set multiple times) + +Enable running a command in the context of the configured workspaces of the +current project while filtering by running only the workspaces defined by +this configuration option. + +Valid values for the `workspace` config are either: - Workspace names - Path +to a workspace directory - Path to a parent workspace directory (will result +to selecting all of the nested workspaces) + +#### `workspaces` + +* Default: false +* Type: Boolean + +Enable running a command in the context of **all** the configured +workspaces. + +#### `yes` + +* Default: null +* Type: null or Boolean + +Automatically answer "yes" to any prompts that npm might print on the +command line. + +#### `also` + +* Default: null +* Type: null, "dev", or "development" +* DEPRECATED: Please use --include=dev instead. + +When set to `dev` or `development`, this is an alias for `--include=dev`. + +#### `auth-type` + +* Default: "legacy" +* Type: "legacy", "sso", "saml", or "oauth" +* DEPRECATED: This method of SSO/SAML/OAuth is deprecated and will be removed + in a future version of npm in favor of web-based login. + +What authentication strategy to use with `adduser`/`login`. + +#### `cache-max` + +* Default: Infinity +* Type: Number +* DEPRECATED: This option has been deprecated in favor of `--prefer-online` + +`--cache-max=0` is an alias for `--prefer-online` + +#### `cache-min` + +* Default: 0 +* Type: Number +* DEPRECATED: This option has been deprecated in favor of `--prefer-offline`. + +`--cache-min=9999 (or bigger)` is an alias for `--prefer-offline`. + +#### `init.author.email` + +* Default: "" +* Type: String +* DEPRECATED: Use `--init-author-email` instead. + +Alias for `--init-author-email` + +#### `init.author.name` + +* Default: "" +* Type: String +* DEPRECATED: Use `--init-author-name` instead. + +Alias for `--init-author-name` + +#### `init.author.url` + +* Default: "" +* Type: "" or URL +* DEPRECATED: Use `--init-author-url` instead. + +Alias for `--init-author-url` + +#### `init.license` + +* Default: "ISC" +* Type: String +* DEPRECATED: Use `--init-license` instead. + +Alias for `--init-license` + +#### `init.module` + +* Default: "~/.npm-init.js" +* Type: Path +* DEPRECATED: Use `--init-module` instead. + +Alias for `--init-module` + +#### `init.version` + +* Default: "1.0.0" +* Type: SemVer string +* DEPRECATED: Use `--init-version` instead. + +Alias for `--init-version` + +#### `only` + +* Default: null +* Type: null, "prod", or "production" +* DEPRECATED: Use `--omit=dev` to omit dev dependencies from the install. + +When set to `prod` or `production`, this is an alias for `--omit=dev`. + +#### `optional` + +* Default: null +* Type: null or Boolean +* DEPRECATED: Use `--omit=optional` to exclude optional dependencies, or + `--include=optional` to include them. + +Default value does install optional deps unless otherwise omitted. + +Alias for --include=optional or --omit=optional + +#### `production` + +* Default: false +* Type: Boolean +* DEPRECATED: Use `--omit=dev` instead. + +Alias for `--omit=dev` + +#### `shrinkwrap` + +* Default: true +* Type: Boolean +* DEPRECATED: Use the --package-lock setting instead. + +Alias for --package-lock + +#### `sso-poll-frequency` + +* Default: 500 +* Type: Number +* DEPRECATED: The --auth-type method of SSO/SAML/OAuth will be removed in a + future version of npm in favor of web-based login. + +When used with SSO-enabled `auth-type`s, configures how regularly the +registry should be polled while the user is completing authentication. + +#### `sso-type` + +* Default: "oauth" +* Type: null, "oauth", or "saml" +* DEPRECATED: The --auth-type method of SSO/SAML/OAuth will be removed in a + future version of npm in favor of web-based login. + +If `--auth-type=sso`, the type of SSO type to use. + +#### `tmp` + +* Default: The value returned by the Node.js `os.tmpdir()` method + +* Type: Path +* DEPRECATED: This setting is no longer used. npm stores temporary files in a + special location in the cache, and they are managed by + [`cacache`](http://npm.im/cacache). + +Historically, the location where temporary files were stored. No longer +relevant. + + + ### See also * [npm config](/commands/npm-config) diff --git a/docs/content/using-npm/workspaces.md b/docs/content/using-npm/workspaces.md index 2024627c75867..28fccd2200c32 100644 --- a/docs/content/using-npm/workspaces.md +++ b/docs/content/using-npm/workspaces.md @@ -88,8 +88,54 @@ This demonstrates how the nature of `node_modules` resolution allows for in such a way that is also easy to [publish](/commands/npm-publish) these nested workspaces to be consumed elsewhere. +### Running commands in the context of workspaces + +You man use the `workspace` configuration option to run commands in the context +of a configured workspace. + +Following is a quick example on how to use the `npm run` command in the context +of nested workspaces. For a project containing multiple workspaces, e.g: + +``` +. ++-- package.json +`-- packages + +-- a + | `-- package.json + `-- b + `-- package.json +``` + +By running a command using the `workspace` option, it's possible to run the +given command in the context of that specific workspace. e.g: + +``` +npm run test --workspace=a +``` + +This will run the `test` script defined within the +`./packages/a/package.json` file. + +Please note that you can also specify this argument multiple times in the +command-line in order to target multiple workspaces, e.g: + +``` +npm run test --workspace=a --workspace=b +``` + +It's also possible to use the `workspaces` (plural) configuration option to +enable the same behavior but running that command in the context of **all** +configured workspaces. e.g: + +``` +npm run test --workspaces +``` + +Will run the `test` script in both `./packages/a` and `./packages/b`. + ### See also * [npm install](/commands/npm-install) * [npm publish](/commands/npm-publish) +* [npm run-script](/commands/npm-run-script) diff --git a/docs/nav.yml b/docs/nav.yml index afceaba570d6d..44e4b2f879370 100644 --- a/docs/nav.yml +++ b/docs/nav.yml @@ -66,6 +66,9 @@ - title: npm explore url: /commands/npm-explore description: Browse an installed package + - title: npm find-dupes + url: /commands/npm-find-dupes + description: Find duplication in the package tree - title: npm fund url: /commands/npm-fund description: Retrieve funding information diff --git a/lib/access.js b/lib/access.js index 0df36beeac15f..3df611e5640c7 100644 --- a/lib/access.js +++ b/lib/access.js @@ -20,6 +20,10 @@ const subcommands = [ ] class Access extends BaseCommand { + static get description () { + return 'Set access level on published packages' + } + static get name () { return 'access' } @@ -75,7 +79,7 @@ class Access extends BaseCommand { if (!subcommands.includes(cmd) || !this[cmd]) throw this.usageError(`${cmd} is not a recognized subcommand.`) - return this[cmd](args, { ...this.npm.flatOptions }) + return this[cmd](args, this.npm.flatOptions) } public ([pkg], opts) { diff --git a/lib/adduser.js b/lib/adduser.js index da318a1f3feb8..f35b9829fe946 100644 --- a/lib/adduser.js +++ b/lib/adduser.js @@ -9,12 +9,20 @@ const authTypes = { } class AddUser extends BaseCommand { + static get description () { + return 'Add a registry user account' + } + static get name () { return 'adduser' } - static get usage () { - return ['[--registry=url] [--scope=@orgname] [--always-auth]'] + static get params () { + return [ + 'registry', + 'scope', + 'always-auth', + ] } exec (args, cb) { diff --git a/lib/audit.js b/lib/audit.js index 6e64987b612ae..f990e1fa5efaa 100644 --- a/lib/audit.js +++ b/lib/audit.js @@ -5,19 +5,32 @@ const auditError = require('./utils/audit-error.js') const BaseCommand = require('./base-command.js') class Audit extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Run a security audit' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'audit' } /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get usage () { + static get params () { return [ - '[--json] [--production]', - 'fix [--force|--package-lock-only|--dry-run|--production|--only=(dev|prod)]', + 'dry-run', + 'force', + 'json', + 'package-lock-only', + 'production', ] } + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get usage () { + return ['[fix]'] + } + async completion (opts) { const argv = opts.conf.argv.remain @@ -37,11 +50,14 @@ class Audit extends BaseCommand { } async audit (args) { - const arb = new Arborist({ + const reporter = this.npm.config.get('json') ? 'json' : 'detail' + const opts = { ...this.npm.flatOptions, audit: true, path: this.npm.prefix, - }) + reporter, + } + const arb = new Arborist(opts) const fix = args[0] === 'fix' await arb.audit({ fix }) if (fix) @@ -49,11 +65,7 @@ class Audit extends BaseCommand { else { // will throw if there's an error, because this is an audit command auditError(this.npm, arb.auditReport) - const reporter = this.npm.flatOptions.json ? 'json' : 'detail' - const result = auditReport(arb.auditReport, { - ...this.npm.flatOptions, - reporter, - }) + const result = auditReport(arb.auditReport, opts) process.exitCode = process.exitCode || result.exitCode this.npm.output(result.report) } diff --git a/lib/base-command.js b/lib/base-command.js index 8e48caa2ef4c7..7a9e4b8ee377e 100644 --- a/lib/base-command.js +++ b/lib/base-command.js @@ -1,11 +1,20 @@ // Base class for npm.commands[cmd] const usageUtil = require('./utils/usage.js') +const ConfigDefinitions = require('./utils/config/definitions.js') class BaseCommand { constructor (npm) { this.npm = npm } + get name () { + return this.constructor.name + } + + get description () { + return this.constructor.description + } + get usage () { let usage = `npm ${this.constructor.name}\n\n` if (this.constructor.description) @@ -17,6 +26,9 @@ class BaseCommand { else usage = `${usage}${this.constructor.usage.map(u => `npm ${this.constructor.name} ${u}`).join('\n')}` + if (this.constructor.params) + usage = `${usage}\n\nOptions:\n[${this.constructor.params.map(p => ConfigDefinitions[p].usage).join('] [')}]` + // Mostly this just appends aliases, this could be more clear usage = usageUtil(this.constructor.name, usage) usage = `${usage}\n\nRun "npm help ${this.constructor.name}" for more info` @@ -34,5 +46,12 @@ class BaseCommand { code: 'EUSAGE', }) } + + execWorkspaces (args, filters, cb) { + throw Object.assign( + new Error('This command does not support workspaces.'), + { code: 'ENOWORKSPACES' } + ) + } } module.exports = BaseCommand diff --git a/lib/bin.js b/lib/bin.js index 1450fb539bffa..20e13f160f276 100644 --- a/lib/bin.js +++ b/lib/bin.js @@ -2,12 +2,16 @@ const envPath = require('./utils/path.js') const BaseCommand = require('./base-command.js') class Bin extends BaseCommand { + static get description () { + return 'Display npm bin folder' + } + static get name () { return 'bin' } - static get usage () { - return ['[-g]'] + static get params () { + return ['global'] } exec (args, cb) { @@ -17,7 +21,7 @@ class Bin extends BaseCommand { async bin (args) { const b = this.npm.bin this.npm.output(b) - if (this.npm.flatOptions.global && !envPath.includes(b)) + if (this.npm.config.get('global') && !envPath.includes(b)) console.error('(not in PATH env variable)') } } diff --git a/lib/birthday.js b/lib/birthday.js index 5ea855512f9f6..92b1dd1c2e5fe 100644 --- a/lib/birthday.js +++ b/lib/birthday.js @@ -1,16 +1,9 @@ -class Birthday { - constructor (npm) { - this.npm = npm - Object.defineProperty(this.npm, 'flatOptions', { - value: { - ...npm.flatOptions, - package: ['@npmcli/npm-birthday'], - yes: true, - }, - }) - } +const BaseCommand = require('./base-command.js') +class Birthday extends BaseCommand { exec (args, cb) { + this.npm.config.set('package', ['@npmcli/npm-birthday']) + this.npm.config.set('yes', true) return this.npm.commands.exec(['npm-birthday'], cb) } } diff --git a/lib/bugs.js b/lib/bugs.js index 1814dd7bc461e..a0cef4c5ec4fa 100644 --- a/lib/bugs.js +++ b/lib/bugs.js @@ -5,6 +5,10 @@ const hostedFromMani = require('./utils/hosted-git-info-from-manifest.js') const BaseCommand = require('./base-command.js') class Bugs extends BaseCommand { + static get description () { + return 'Report bugs for a package in a web browser' + } + static get name () { return 'bugs' } diff --git a/lib/cache.js b/lib/cache.js index 80a5c68ebc0e9..43902f43bbee1 100644 --- a/lib/cache.js +++ b/lib/cache.js @@ -7,6 +7,10 @@ const rimraf = promisify(require('rimraf')) const BaseCommand = require('./base-command.js') class Cache extends BaseCommand { + static get description () { + return 'Manipulates packages cache' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'cache' @@ -63,7 +67,7 @@ class Cache extends BaseCommand { throw new Error('npm cache clear does not accept arguments') const cachePath = path.join(this.npm.cache, '_cacache') - if (!this.npm.flatOptions.force) { + if (!this.npm.config.get('force')) { throw new Error(`As of npm@5, the npm cache self-heals from corruption issues by treating integrity mismatches as cache misses. As a result, data extracted from the cache is guaranteed to be valid. If you @@ -100,7 +104,6 @@ with --force.`) throw Object.assign(new Error(usage), { code: 'EUSAGE' }) log.silly('cache add', 'spec', spec) - const opts = { ...this.npm.flatOptions } // we ask pacote for the thing, and then just throw the data // away so that it tee-pipes it into the cache like it does @@ -108,7 +111,7 @@ with --force.`) await pacote.tarball.stream(spec, stream => { stream.resume() return stream.promise() - }, opts) + }, this.npm.flatOptions) } async verify () { diff --git a/lib/ci.js b/lib/ci.js index 3ea19937616e6..b73b3a8591114 100644 --- a/lib/ci.js +++ b/lib/ci.js @@ -20,6 +20,11 @@ const removeNodeModules = async where => { const BaseCommand = require('./base-command.js') class CI extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Install a project with a clean slate' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'ci' @@ -30,14 +35,13 @@ class CI extends BaseCommand { } async ci () { - if (this.npm.flatOptions.global) { + if (this.npm.config.get('global')) { const err = new Error('`npm ci` does not work for global packages') err.code = 'ECIGLOBAL' throw err } const where = this.npm.prefix - const { scriptShell, ignoreScripts } = this.npm.flatOptions const arb = new Arborist({ ...this.npm.flatOptions, path: where }) await Promise.all([ @@ -54,6 +58,7 @@ class CI extends BaseCommand { // npm ci should never modify the lockfile or package.json await arb.reify({ ...this.npm.flatOptions, save: false }) + const ignoreScripts = this.npm.config.get('ignore-scripts') // run the same set of scripts that `npm install` runs. if (!ignoreScripts) { const scripts = [ @@ -65,6 +70,7 @@ class CI extends BaseCommand { 'prepare', 'postprepare', ] + const scriptShell = this.npm.config.get('script-shell') || undefined for (const event of scripts) { await runScript({ path: where, diff --git a/lib/cli.js b/lib/cli.js index 910b674eaa790..46859f150e3b9 100644 --- a/lib/cli.js +++ b/lib/cli.js @@ -40,11 +40,14 @@ module.exports = (process) => { npm.load(async er => { if (er) return errorHandler(er) + + // npm --version=cli if (npm.config.get('version', 'cli')) { - console.log(npm.version) + npm.output(npm.version) return errorHandler.exit(0) } + // npm --versions=cli if (npm.config.get('versions', 'cli')) { npm.argv = ['version'] npm.config.set('usage', false, 'cli') @@ -57,9 +60,20 @@ module.exports = (process) => { if (impl) impl(npm.argv, errorHandler) else { - npm.config.set('usage', false) - npm.argv.unshift(cmd) - npm.commands.help(npm.argv, errorHandler) + try { + // I don't know why this is needed but we get a cb() not called if we + // omit it + npm.log.level = 'silent' + if (cmd) { + const didYouMean = require('./utils/did-you-mean.js') + const suggestions = await didYouMean(npm, npm.localPrefix, cmd) + npm.output(`Unknown command: "${cmd}"${suggestions}\n\nTo see a list of supported npm commands, run:\n npm help`) + } else + npm.output(npm.usage) + process.exitCode = 1 + } catch (err) { + errorHandler(err) + } } }) } diff --git a/lib/completion.js b/lib/completion.js index 3ee68cdacaf95..fa3b5f2dd36cc 100644 --- a/lib/completion.js +++ b/lib/completion.js @@ -29,13 +29,13 @@ // as an array. // -const { types, shorthands } = require('./utils/config.js') +const { definitions, shorthands } = require('./utils/config/index.js') const deref = require('./utils/deref-command.js') const { aliases, cmdList, plumbing } = require('./utils/cmd-list.js') const aliasNames = Object.keys(aliases) const fullList = cmdList.concat(aliasNames).filter(c => !plumbing.includes(c)) const nopt = require('nopt') -const configNames = Object.keys(types) +const configNames = Object.keys(definitions) const shorthandNames = Object.keys(shorthands) const allConfs = configNames.concat(shorthandNames) const isWindowsShell = require('./utils/is-windows-shell.js') @@ -46,13 +46,13 @@ const BaseCommand = require('./base-command.js') class Completion extends BaseCommand { /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get name () { - return 'completion' + static get description () { + return 'Tab Completion for npm' } /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get description () { - return 'npm command completion script. save to ~/.bashrc or ~/.zshrc' + static get name () { + return 'completion' } // completion for the completion command @@ -147,6 +147,10 @@ class Completion extends BaseCommand { // take a little shortcut and use npm's arg parsing logic. // don't have to worry about the last arg being implicitly // boolean'ed, since the last block will catch that. + const types = Object.entries(definitions).reduce((types, [key, def]) => { + types[key] = def.type + return types + }, {}) const parsed = opts.conf = nopt(types, shorthands, partialWords.slice(0, -1), 0) // check if there's a command already. @@ -256,7 +260,7 @@ const isFlag = word => { const split = word.match(/^(-*)((?:no-)+)?(.*)$/) const no = split[2] const conf = split[3] - const type = types[conf] + const {type} = definitions[conf] return no || type === Boolean || (Array.isArray(type) && type.includes(Boolean)) || diff --git a/lib/config.js b/lib/config.js index c29253e430a33..d5ef6ec50a5e6 100644 --- a/lib/config.js +++ b/lib/config.js @@ -1,4 +1,5 @@ -const { defaults, types } = require('./utils/config.js') +// don't expand so that we only assemble the set of defaults when needed +const configDefs = require('./utils/config/index.js') const mkdirp = require('mkdirp-infer-owner') const { dirname } = require('path') @@ -29,6 +30,10 @@ const publicVar = k => !/^(\/\/[^:]+:)?_/.test(k) const BaseCommand = require('./base-command.js') class Config extends BaseCommand { + static get description () { + return 'Manage the npm configuration files' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'config' @@ -70,7 +75,7 @@ class Config extends BaseCommand { case 'get': case 'delete': case 'rm': - return Object.keys(types) + return Object.keys(configDefs.definitions) case 'edit': case 'list': case 'ls': @@ -100,7 +105,7 @@ class Config extends BaseCommand { break case 'list': case 'ls': - await (this.npm.flatOptions.json ? this.listJson() : this.list()) + await (this.npm.config.get('json') ? this.listJson() : this.list()) break case 'edit': await this.edit() @@ -117,7 +122,7 @@ class Config extends BaseCommand { if (!args.length) throw this.usageError() - const where = this.npm.flatOptions.global ? 'global' : 'user' + const where = this.npm.config.get('global') ? 'global' : 'user' for (const [key, val] of Object.entries(keyValues(args))) { this.npm.log.info('config', 'set %j %j', key, val) this.npm.config.set(key, val || '', where) @@ -147,14 +152,15 @@ class Config extends BaseCommand { if (!keys.length) throw this.usageError() - const where = this.npm.flatOptions.global ? 'global' : 'user' + const where = this.npm.config.get('global') ? 'global' : 'user' for (const key of keys) this.npm.config.delete(key, where) await this.npm.config.save(where) } async edit () { - const { editor: e, global } = this.npm.flatOptions + const global = this.npm.config.get('global') + const e = this.npm.config.get('editor') const where = global ? 'global' : 'user' const file = this.npm.config.data.get(where).source @@ -165,7 +171,8 @@ class Config extends BaseCommand { const data = ( await readFile(file, 'utf8').catch(() => '') ).replace(/\r\n/g, '\n') - const defData = Object.entries(defaults).reduce((str, [key, val]) => { + const entries = Object.entries(configDefs.defaults) + const defData = entries.reduce((str, [key, val]) => { const obj = { [key]: val } const i = ini.stringify(obj) .replace(/\r\n/g, '\n') // normalizes output from ini.stringify @@ -210,7 +217,7 @@ ${defData} async list () { const msg = [] - const { long } = this.npm.flatOptions + const long = this.npm.config.get('long') for (const [where, { data, source }] of this.npm.config.data.entries()) { if (where === 'default' && !long) continue diff --git a/lib/dedupe.js b/lib/dedupe.js index 50a56211fc847..b80a777fcc2f7 100644 --- a/lib/dedupe.js +++ b/lib/dedupe.js @@ -5,6 +5,11 @@ const reifyFinish = require('./utils/reify-finish.js') const BaseCommand = require('./base-command.js') class Dedupe extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Reduce duplication in the package tree' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'dedupe' @@ -23,12 +28,13 @@ class Dedupe extends BaseCommand { const dryRun = this.npm.config.get('dry-run') const where = this.npm.prefix - const arb = new Arborist({ + const opts = { ...this.npm.flatOptions, path: where, dryRun, - }) - await arb.dedupe(this.npm.flatOptions) + } + const arb = new Arborist(opts) + await arb.dedupe(opts) await reifyFinish(this.npm, arb) } } diff --git a/lib/deprecate.js b/lib/deprecate.js index a0c67f805d2f9..c640bcfe09538 100644 --- a/lib/deprecate.js +++ b/lib/deprecate.js @@ -7,6 +7,10 @@ const libaccess = require('libnpmaccess') const BaseCommand = require('./base-command.js') class Deprecate extends BaseCommand { + static get description () { + return 'Deprecate a version of a package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'deprecate' diff --git a/lib/diff.js b/lib/diff.js index 0e322ec643849..c5e4b403efdfa 100644 --- a/lib/diff.js +++ b/lib/diff.js @@ -12,6 +12,10 @@ const readLocalPkg = require('./utils/read-local-package.js') const BaseCommand = require('./base-command.js') class Diff extends BaseCommand { + static get description () { + return 'The registry diff command' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'diff' @@ -30,7 +34,7 @@ class Diff extends BaseCommand { get where () { const globalTop = resolve(this.npm.globalDir, '..') - const { global } = this.npm.flatOptions + const global = this.npm.config.get('global') return global ? globalTop : this.npm.prefix } @@ -39,7 +43,7 @@ class Diff extends BaseCommand { } async diff (args) { - const specs = this.npm.flatOptions.diff.filter(d => d) + const specs = this.npm.config.get('diff').filter(d => d) if (specs.length > 2) { throw new TypeError( 'Can\'t use more than two --diff arguments.\n\n' + @@ -91,7 +95,7 @@ class Diff extends BaseCommand { } return [ - `${pkgName}@${this.npm.flatOptions.defaultTag}`, + `${pkgName}@${this.npm.config.get('tag')}`, `file:${this.npm.prefix}`, ] } diff --git a/lib/dist-tag.js b/lib/dist-tag.js index cdc95ac6f0cd7..13ec37fd8cb1d 100644 --- a/lib/dist-tag.js +++ b/lib/dist-tag.js @@ -8,6 +8,10 @@ const readLocalPkgName = require('./utils/read-local-package.js') const BaseCommand = require('./base-command.js') class DistTag extends BaseCommand { + static get description () { + return 'Modify package distribution tags' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'dist-tag' @@ -61,7 +65,7 @@ class DistTag extends BaseCommand { async add (spec, tag, opts) { spec = npa(spec || '') const version = spec.rawSpec - const defaultTag = tag || opts.defaultTag + const defaultTag = tag || this.npm.config.get('tag') log.verbose('dist-tag add', defaultTag, 'to', spec.name + '@' + version) diff --git a/lib/docs.js b/lib/docs.js index 2dad7a26db4e7..089d77eb046d9 100644 --- a/lib/docs.js +++ b/lib/docs.js @@ -1,17 +1,23 @@ const log = require('npmlog') const pacote = require('pacote') const openUrl = require('./utils/open-url.js') -const usageUtil = require('./utils/usage.js') const hostedFromMani = require('./utils/hosted-git-info-from-manifest.js') -class Docs { - constructor (npm) { - this.npm = npm +const BaseCommand = require('./base-command.js') +class Docs extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Open documentation for a package in a web browser' + } + + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get name () { + return 'docs' } /* istanbul ignore next - see test/lib/load-all-commands.js */ - get usage () { - return usageUtil('docs', 'npm docs [ [ ...]]') + static get usage () { + return ['[ [ ...]]'] } exec (args, cb) { diff --git a/lib/doctor.js b/lib/doctor.js index fbe44714140aa..99beb25279cbc 100644 --- a/lib/doctor.js +++ b/lib/doctor.js @@ -11,7 +11,7 @@ const { promisify } = require('util') const ansiTrim = require('./utils/ansi-trim.js') const isWindows = require('./utils/is-windows.js') const ping = require('./utils/ping.js') -const { defaults: { registry: defaultRegistry } } = require('./utils/config.js') +const { registry: { default: defaultRegistry } } = require('./utils/config/definitions.js') const lstat = promisify(fs.lstat) const readdir = promisify(fs.readdir) const access = promisify(fs.access) @@ -32,6 +32,11 @@ const maskLabel = mask => { const BaseCommand = require('./base-command.js') class Doctor extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Check your npm environment' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'doctor' diff --git a/lib/edit.js b/lib/edit.js index 1dbe8e4c103ad..79d41462eb47f 100644 --- a/lib/edit.js +++ b/lib/edit.js @@ -9,6 +9,10 @@ const completion = require('./utils/completion/installed-shallow.js') const BaseCommand = require('./base-command.js') class Edit extends BaseCommand { + static get description () { + return 'Edit an installed package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'edit' diff --git a/lib/exec.js b/lib/exec.js index b2443b17accd2..0a61de7c1200c 100644 --- a/lib/exec.js +++ b/lib/exec.js @@ -1,5 +1,6 @@ const { promisify } = require('util') const read = promisify(require('read')) +const chalk = require('chalk') const mkdirp = require('mkdirp-infer-owner') const readPackageJson = require('read-package-json-fast') const Arborist = require('@npmcli/arborist') @@ -12,6 +13,7 @@ const npa = require('npm-package-arg') const fileExists = require('./utils/file-exists.js') const PATH = require('./utils/path.js') const BaseCommand = require('./base-command.js') +const getWorkspaces = require('./workspaces/get-workspaces.js') // it's like this: // @@ -24,7 +26,7 @@ const BaseCommand = require('./base-command.js') // // npm x -p pkg@version -- foo --registry=/dev/null // -// const pkg = npm.flatOptions.package || getPackageFrom(args[0]) +// const pkg = npm.config.get('package') || getPackageFrom(args[0]) // const cmd = getCommand(pkg, args[0]) // --> npm x -c 'cmd ...args.slice(1)' // @@ -38,15 +40,22 @@ const BaseCommand = require('./base-command.js') // runScript({ pkg, event: 'npx', ... }) // process.env.npm_lifecycle_event = 'npx' +const nocolor = { + reset: s => s, + bold: s => s, + dim: s => s, + green: s => s, +} + class Exec extends BaseCommand { /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get name () { - return 'exec' + static get description () { + return 'Run a command from a local or remote npm package' } /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get description () { - return 'Run a command from a local or remote npm package.' + static get name () { + return 'exec' } /* istanbul ignore next - see test/lib/load-all-commands.js */ @@ -60,17 +69,27 @@ class Exec extends BaseCommand { } exec (args, cb) { - this._exec(args).then(() => cb()).catch(cb) + const path = this.npm.localPrefix + const runPath = process.cwd() + this._exec(args, { path, runPath }).then(() => cb()).catch(cb) + } + + execWorkspaces (args, filters, cb) { + this._execWorkspaces(args, filters).then(() => cb()).catch(cb) } // When commands go async and we can dump the boilerplate exec methods this // can be named correctly - async _exec (args) { - const { package: packages, call, shell } = this.npm.flatOptions + async _exec (_args, { locationMsg, path, runPath }) { + const call = this.npm.config.get('call') + const shell = this.npm.config.get('shell') + // dereferenced because we manipulate it later + const packages = [...this.npm.config.get('package')] - if (call && args.length) + if (call && _args.length) throw this.usage + const args = [..._args] const pathArr = [...PATH] // nothing to maybe install, skip the arborist dance @@ -78,8 +97,11 @@ class Exec extends BaseCommand { return await this.run({ args, call, + locationMsg, shell, + path, pathArr, + runPath, }) } @@ -102,7 +124,10 @@ class Exec extends BaseCommand { return await this.run({ args, call, + locationMsg, + path, pathArr, + runPath, shell, }) } @@ -117,11 +142,11 @@ class Exec extends BaseCommand { // node_modules/${name}/package.json, and only pacote fetch if // that fails. const manis = await Promise.all(packages.map(async p => { - const spec = npa(p, this.npm.localPrefix) + const spec = npa(p, path) if (spec.type === 'tag' && spec.rawSpec === '') { // fall through to the pacote.manifest() approach try { - const pj = resolve(this.npm.localPrefix, 'node_modules', spec.name) + const pj = resolve(path, 'node_modules', spec.name) return await readPackageJson(pj) } catch (er) {} } @@ -140,7 +165,7 @@ class Exec extends BaseCommand { // figure out whether we need to install stuff, or if local is fine const localArb = new Arborist({ ...this.npm.flatOptions, - path: this.npm.localPrefix, + path, }) const tree = await localArb.loadActual() @@ -165,10 +190,10 @@ class Exec extends BaseCommand { // no need to install if already present if (add.length) { - if (!this.npm.flatOptions.yes) { + if (!this.npm.config.get('yes')) { // set -n to always say no - if (this.npm.flatOptions.yes === false) - throw 'canceled' + if (this.npm.config.get('yes') === false) + throw new Error('canceled') if (!process.stdin.isTTY || ciDetect()) { this.npm.log.warn('exec', `The following package${ @@ -184,7 +209,7 @@ class Exec extends BaseCommand { }Ok to proceed? ` const confirm = await read({ prompt, default: 'y' }) if (confirm.trim().toLowerCase().charAt(0) !== 'y') - throw 'canceled' + throw new Error('canceled') } } await arb.reify({ ...this.npm.flatOptions, add }) @@ -192,16 +217,24 @@ class Exec extends BaseCommand { pathArr.unshift(resolve(installDir, 'node_modules/.bin')) } - return await this.run({ args, call, pathArr, shell }) + return await this.run({ + args, + call, + locationMsg, + path, + pathArr, + runPath, + shell, + }) } - async run ({ args, call, pathArr, shell }) { + async run ({ args, call, locationMsg, path, pathArr, runPath, shell }) { // turn list of args into command string const script = call || args.shift() || shell // do the fakey runScript dance // still should work if no package.json in cwd - const realPkg = await readPackageJson(`${this.npm.localPrefix}/package.json`) + const realPkg = await readPackageJson(`${path}/package.json`) .catch(() => ({})) const pkg = { ...realPkg, @@ -217,7 +250,19 @@ class Exec extends BaseCommand { if (process.stdin.isTTY) { if (ciDetect()) return this.npm.log.warn('exec', 'Interactive mode disabled in CI environment') - this.npm.output(`\nEntering npm script environment\nType 'exit' or ^D when finished\n`) + + const color = this.npm.config.get('color') + const colorize = color ? chalk : nocolor + + locationMsg = locationMsg || ` at location:\n${colorize.dim(runPath)}` + + this.npm.output(`${ + colorize.reset('\nEntering npm script environment') + }${ + colorize.reset(locationMsg) + }${ + colorize.bold('\nType \'exit\' or ^D when finished\n') + }`) } } return await runScript({ @@ -225,7 +270,7 @@ class Exec extends BaseCommand { pkg, banner: false, // we always run in cwd, not --prefix - path: process.cwd(), + path: runPath, stdioString: true, event: 'npx', args, @@ -285,5 +330,28 @@ class Exec extends BaseCommand { .digest('hex') .slice(0, 16) } + + async workspaces (filters) { + return getWorkspaces(filters, { path: this.npm.localPrefix }) + } + + async _execWorkspaces (args, filters) { + const workspaces = await this.workspaces(filters) + const getLocationMsg = async path => { + const color = this.npm.config.get('color') + const colorize = color ? chalk : nocolor + const { _id } = await readPackageJson(`${path}/package.json`) + return ` in workspace ${colorize.green(_id)} at location:\n${colorize.dim(path)}` + } + + for (const workspacePath of workspaces.values()) { + const locationMsg = await getLocationMsg(workspacePath) + await this._exec(args, { + locationMsg, + path: workspacePath, + runPath: workspacePath, + }) + } + } } module.exports = Exec diff --git a/lib/explain.js b/lib/explain.js index 6af7611867786..4c2908df68918 100644 --- a/lib/explain.js +++ b/lib/explain.js @@ -8,6 +8,10 @@ const validName = require('validate-npm-package-name') const BaseCommand = require('./base-command.js') class Explain extends BaseCommand { + static get description () { + return 'Explain installed packages' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'explain' diff --git a/lib/explore.js b/lib/explore.js index 34f6d10793c7e..5f9820c2162b6 100644 --- a/lib/explore.js +++ b/lib/explore.js @@ -8,6 +8,10 @@ const completion = require('./utils/completion/installed-shallow.js') const BaseCommand = require('./base-command.js') class Explore extends BaseCommand { + static get description () { + return 'Browse an installed package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'explore' diff --git a/lib/find-dupes.js b/lib/find-dupes.js index ecb945f47bb41..8037876f5bbb6 100644 --- a/lib/find-dupes.js +++ b/lib/find-dupes.js @@ -2,6 +2,11 @@ const BaseCommand = require('./base-command.js') class FindDupes extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Find duplication in the package tree' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'find-dupes' diff --git a/lib/fund.js b/lib/fund.js index a723c62d2c3c5..25d3462f63869 100644 --- a/lib/fund.js +++ b/lib/fund.js @@ -22,14 +22,29 @@ const getPrintableName = ({ name, version }) => { const BaseCommand = require('./base-command.js') class Fund extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Retrieve funding information' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'fund' } + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get params () { + return [ + 'json', + 'browser', + 'unicode', + 'which', + ] + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get usage () { - return ['[--json] [--browser] [--unicode] [[<@scope>/] [--which=]'] + return ['[[<@scope>/]]'] } /* istanbul ignore next - see test/lib/load-all-commands.js */ @@ -42,14 +57,13 @@ class Fund extends BaseCommand { } async fund (args) { - const opts = this.npm.flatOptions const spec = args[0] - const numberArg = opts.which + const numberArg = this.npm.config.get('which') const fundingSourceNumber = numberArg && parseInt(numberArg, 10) const badFundingSourceNumber = - numberArg !== undefined && + numberArg !== null && (String(fundingSourceNumber) !== numberArg || fundingSourceNumber < 1) if (badFundingSourceNumber) { @@ -58,14 +72,14 @@ class Fund extends BaseCommand { throw err } - if (opts.global) { + if (this.npm.config.get('global')) { const err = new Error('`npm fund` does not support global packages') err.code = 'EFUNDGLOBAL' throw err } const where = this.npm.prefix - const arb = new Arborist({ ...opts, path: where }) + const arb = new Arborist({ ...this.npm.flatOptions, path: where }) const tree = await arb.loadActual() if (spec) { @@ -78,23 +92,19 @@ class Fund extends BaseCommand { return } - const print = opts.json - ? this.printJSON - : this.printHuman - - this.npm.output( - print( - getFundingInfo(tree), - opts - ) - ) + if (this.npm.config.get('json')) + this.npm.output(this.printJSON(getFundingInfo(tree))) + else + this.npm.output(this.printHuman(getFundingInfo(tree))) } printJSON (fundingInfo) { return JSON.stringify(fundingInfo, null, 2) } - printHuman (fundingInfo, { color, unicode }) { + printHuman (fundingInfo) { + const color = !!this.npm.color + const unicode = this.npm.config.get('unicode') const seenUrls = new Map() const tree = obj => diff --git a/lib/get.js b/lib/get.js index a5d58accc8307..8cfb259a81323 100644 --- a/lib/get.js +++ b/lib/get.js @@ -1,6 +1,11 @@ const BaseCommand = require('./base-command.js') class Get extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Get a value from the npm configuration' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'get' diff --git a/lib/help-search.js b/lib/help-search.js index 4e727c3e72954..c1ceae4414c2f 100644 --- a/lib/help-search.js +++ b/lib/help-search.js @@ -1,15 +1,16 @@ const fs = require('fs') const path = require('path') const color = require('ansicolors') -const npmUsage = require('./utils/npm-usage.js') const { promisify } = require('util') const glob = promisify(require('glob')) const readFile = promisify(fs.readFile) -const didYouMean = require('./utils/did-you-mean.js') -const { cmdList } = require('./utils/cmd-list.js') const BaseCommand = require('./base-command.js') class HelpSearch extends BaseCommand { + static get description () { + return 'Search npm help documentation' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'help-search' @@ -26,28 +27,17 @@ class HelpSearch extends BaseCommand { async helpSearch (args) { if (!args.length) - throw this.usage + return this.npm.output(this.usage) const docPath = path.resolve(__dirname, '..', 'docs/content') - const files = await glob(`${docPath}/*/*.md`) const data = await this.readFiles(files) const results = await this.searchFiles(args, data, files) - // if only one result, then just show that help section. - if (results.length === 1) { - return this.npm.commands.help([path.basename(results[0].file, '.md')], er => { - if (er) - throw er - }) - } - const formatted = this.formatResults(args, results) if (!formatted.trim()) - npmUsage(this.npm, false) - else { + this.npm.output(`No matches in help for: ${args.join(' ')}\n`) + else this.npm.output(formatted) - this.npm.output(didYouMean(args[0], cmdList)) - } } async readFiles (files) { @@ -166,7 +156,7 @@ class HelpSearch extends BaseCommand { out.push(' '.repeat((Math.max(1, cols - out.join(' ').length - r.length - 1)))) out.push(r) - if (!this.npm.flatOptions.long) + if (!this.npm.config.get('long')) return out.join('') out.unshift('\n\n') @@ -198,7 +188,7 @@ class HelpSearch extends BaseCommand { return out.join('') }).join('\n') - const finalOut = results.length && !this.npm.flatOptions.long + const finalOut = results.length && !this.npm.config.get('long') ? 'Top hits for ' + (args.map(JSON.stringify).join(' ')) + '\n' + '—'.repeat(cols - 1) + '\n' + out + '\n' + diff --git a/lib/help.js b/lib/help.js index 93abf878ba26f..b9ff1c95760c6 100644 --- a/lib/help.js +++ b/lib/help.js @@ -1,13 +1,22 @@ -const npmUsage = require('./utils/npm-usage.js') const { spawn } = require('child_process') const path = require('path') -const log = require('npmlog') const openUrl = require('./utils/open-url.js') -const glob = require('glob') +const { promisify } = require('util') +const glob = promisify(require('glob')) const BaseCommand = require('./base-command.js') +// Strips out the number from foo.7 or foo.7. or foo.7.tgz +// We don't currently compress our man pages but if we ever did this would +// seemlessly continue supporting it +const manNumberRegex = /\.(\d+)(\..*)?$/ + class Help extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Get help on npm' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'help' @@ -22,13 +31,7 @@ class Help extends BaseCommand { if (opts.conf.argv.remain.length > 2) return [] const g = path.resolve(__dirname, '../man/man[0-9]/*.[0-9]') - const files = await new Promise((resolve, reject) => { - glob(g, function (er, files) { - if (er) - return reject(er) - resolve(files) - }) - }) + const files = await glob(g) return Object.keys(files.reduce(function (acc, file) { file = path.basename(file).replace(/\.[0-9]+$/, '') @@ -43,81 +46,45 @@ class Help extends BaseCommand { } async help (args) { - const argv = this.npm.config.parsedArgv.cooked + // By default we search all of our man subdirectories, but if the user has + // asked for a specific one we limit the search to just there + let manSearch = 'man*' + if (/^\d+$/.test(args[0])) + manSearch = `man${args.shift()}` - let argnum = 0 - if (args.length === 2 && ~~args[0]) - argnum = ~~args.shift() + if (!args.length) + return this.npm.output(this.npm.usage) // npm help foo bar baz: search topics - if (args.length > 1 && args[0]) + if (args.length > 1) return this.helpSearch(args) - const affordances = { - 'find-dupes': 'dedupe', - } - let section = affordances[args[0]] || this.npm.deref(args[0]) || args[0] - - // npm help : show basic usage - if (!section) { - npmUsage(this.npm, argv[0] === 'help') - return - } - - // npm -h: show command usage - if (this.npm.config.get('usage') && - this.npm.commands[section] && - this.npm.commands[section].usage) { - this.npm.config.set('loglevel', 'silent') - log.level = 'silent' - this.npm.output(this.npm.commands[section].usage) - return - } + let section = this.npm.deref(args[0]) || args[0] - let pref = [1, 5, 7] - if (argnum) - pref = [argnum].concat(pref.filter(n => n !== argnum)) + // support `npm help package.json` + section = section.replace('.json', '-json') - // npm help
: Try to find the path const manroot = path.resolve(__dirname, '..', 'man') + // find either section.n or npm-section.n + const f = `${manroot}/${manSearch}/?(npm-)${section}.[0-9]*` + let mans = await glob(f) + mans = mans.sort((a, b) => { + // Because of the glob we know the manNumberRegex will pass + const aManNumber = a.match(manNumberRegex)[1] + const bManNumber = b.match(manNumberRegex)[1] - // legacy - if (section === 'global') - section = 'folders' - else if (section.match(/.*json/)) - section = section.replace('.json', '-json') - - // find either /section.n or /npm-section.n - // The glob is used in the glob. The regexp is used much - // further down. Globs and regexps are different - const compextglob = '.+(gz|bz2|lzma|[FYzZ]|xz)' - const compextre = '\\.(gz|bz2|lzma|[FYzZ]|xz)$' - const f = '+(npm-' + section + '|' + section + ').[0-9]?(' + compextglob + ')' - return new Promise((resolve, reject) => { - glob(manroot + '/*/' + f, async (er, mans) => { - if (er) - return reject(er) - - if (!mans.length) { - this.helpSearch(args).then(resolve).catch(reject) - return - } - - mans = mans.map((man) => { - const ext = path.extname(man) - if (man.match(new RegExp(compextre))) - man = path.basename(man, ext) - - return man - }) - - this.viewMan(this.pickMan(mans, pref), (err) => { - if (err) - return reject(err) - return resolve() - }) - }) + // man number sort first so that 1 aka commands are preferred + if (aManNumber !== bManNumber) + return aManNumber - bManNumber + + return a.localeCompare(b) }) + const man = mans[0] + + if (man) + await this.viewMan(man) + else + return this.helpSearch(args) } helpSearch (args) { @@ -133,32 +100,11 @@ class Help extends BaseCommand { }) } - pickMan (mans, pref_) { - const nre = /([0-9]+)$/ - const pref = {} - pref_.forEach((sect, i) => pref[sect] = i) - mans = mans.sort((a, b) => { - const an = a.match(nre)[1] - const bn = b.match(nre)[1] - return an === bn ? (a > b ? -1 : 1) - : pref[an] < pref[bn] ? -1 - : 1 - }) - return mans[0] - } - - viewMan (man, cb) { - const nre = /([0-9]+)$/ - const num = man.match(nre)[1] - const section = path.basename(man, '.' + num) - - // at this point, we know that the specified man page exists - const manpath = path.join(__dirname, '..', 'man') + async viewMan (man) { const env = {} Object.keys(process.env).forEach(function (i) { env[i] = process.env[i] }) - env.MANPATH = manpath const viewer = this.npm.config.get('viewer') const opts = { @@ -175,48 +121,39 @@ class Help extends BaseCommand { break case 'browser': - bin = false - try { - const url = this.htmlMan(man) - openUrl(this.npm, url, 'help available at the following URL').then( - () => cb() - ).catch(cb) - } catch (err) { - cb(err) - } - break + await openUrl(this.npm, this.htmlMan(man), 'help available at the following URL') + return default: - args.push(num, section) + args.push(man) break } - if (bin) { - const proc = spawn(bin, args, opts) + const proc = spawn(bin, args, opts) + return new Promise((resolve, reject) => { proc.on('exit', (code) => { if (code) - return cb(new Error(`help process exited with code: ${code}`)) + return reject(new Error(`help process exited with code: ${code}`)) - return cb() + return resolve() }) - } + }) } + // Returns the path to the html version of the man page htmlMan (man) { - let sect = +man.match(/([0-9]+)$/)[1] - const f = path.basename(man).replace(/[.]([0-9]+)$/, '') + let sect = man.match(manNumberRegex)[1] + const f = path.basename(man).replace(manNumberRegex, '') switch (sect) { - case 1: + case '1': sect = 'commands' break - case 5: + case '5': sect = 'configuring-npm' break - case 7: + case '7': sect = 'using-npm' break - default: - throw new Error('invalid man section: ' + sect) } return 'file://' + path.resolve(__dirname, '..', 'docs', 'output', sect, f + '.html') } diff --git a/lib/hook.js b/lib/hook.js index 6cda3504f43d7..64b1201cbd0de 100644 --- a/lib/hook.js +++ b/lib/hook.js @@ -5,6 +5,10 @@ const Table = require('cli-table3') const BaseCommand = require('./base-command.js') class Hook extends BaseCommand { + static get description () { + return 'Manage registry hooks' + } + static get name () { return 'hook' } diff --git a/lib/init.js b/lib/init.js index 42b02dfdc6a77..81c6733885a68 100644 --- a/lib/init.js +++ b/lib/init.js @@ -4,6 +4,11 @@ const npa = require('npm-package-arg') const BaseCommand = require('./base-command.js') class Init extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Create a package.json file' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'init' @@ -59,7 +64,7 @@ class Init extends BaseCommand { this.npm.log.pause() this.npm.log.disableProgress() const initFile = this.npm.config.get('init-module') - if (!this.npm.flatOptions.yes && !this.npm.flatOptions.force) { + if (!this.npm.config.get('yes') && !this.npm.config.get('force')) { this.npm.output([ 'This utility will walk you through creating a package.json file.', 'It only covers the most common items, and tries to guess sensible defaults.', diff --git a/lib/install-ci-test.js b/lib/install-ci-test.js index c52b5c9e8073f..871f24b2f32d6 100644 --- a/lib/install-ci-test.js +++ b/lib/install-ci-test.js @@ -4,6 +4,10 @@ const CI = require('./ci.js') class InstallCITest extends CI { + static get description () { + return 'Install a project with a clean slate and run tests' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'install-ci-test' diff --git a/lib/install-test.js b/lib/install-test.js index 76c6f367dd3c8..d5664119df5ce 100644 --- a/lib/install-test.js +++ b/lib/install-test.js @@ -4,6 +4,10 @@ const Install = require('./install.js') class InstallTest extends Install { + static get description () { + return 'Install package(s) and run tests' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'install-test' diff --git a/lib/install.js b/lib/install.js index 8df63a219ef74..54ea6d8251051 100644 --- a/lib/install.js +++ b/lib/install.js @@ -11,11 +11,24 @@ const runScript = require('@npmcli/run-script') const BaseCommand = require('./base-command.js') class Install extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Install a package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'install' } + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get params () { + return [ + 'save', + 'save-exact', + ] + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get usage () { return [ @@ -28,7 +41,7 @@ class Install extends BaseCommand { '', '', '', - '/ [--save-prod|--save-dev|--save-optional|--save-peer] [--save-exact] [--no-save]', + '/', ] } @@ -98,7 +111,8 @@ class Install extends BaseCommand { async install (args) { // the /path/to/node_modules/.. const globalTop = resolve(this.npm.globalDir, '..') - const { ignoreScripts, global: isGlobalInstall } = this.npm.flatOptions + const ignoreScripts = this.npm.config.get('ignore-scripts') + const isGlobalInstall = this.npm.config.get('global') const where = isGlobalInstall ? globalTop : this.npm.prefix // don't try to install the prefix into itself @@ -122,7 +136,7 @@ class Install extends BaseCommand { add: args, }) if (!args.length && !isGlobalInstall && !ignoreScripts) { - const { scriptShell } = this.npm.flatOptions + const scriptShell = this.npm.config.get('script-shell') || undefined const scripts = [ 'preinstall', 'install', diff --git a/lib/link.js b/lib/link.js index 66f83d9f5b0a7..fe9cfd3a6b254 100644 --- a/lib/link.js +++ b/lib/link.js @@ -12,6 +12,11 @@ const reifyFinish = require('./utils/reify-finish.js') const BaseCommand = require('./base-command.js') class Link extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Symlink a package folder' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'link' @@ -96,7 +101,13 @@ class Link extends BaseCommand { // npm link should not save=true by default unless you're // using any of --save-dev or other types const save = - Boolean(this.npm.config.find('save') !== 'default' || this.npm.flatOptions.saveType) + Boolean( + this.npm.config.find('save') !== 'default' || + this.npm.config.get('save-optional') || + this.npm.config.get('save-peer') || + this.npm.config.get('save-dev') || + this.npm.config.get('save-prod') + ) // create a new arborist instance for the local prefix and // reify all the pending names as symlinks there diff --git a/lib/logout.js b/lib/logout.js index b3f64f671d326..adc19a923af9a 100644 --- a/lib/logout.js +++ b/lib/logout.js @@ -4,14 +4,22 @@ const npmFetch = require('npm-registry-fetch') const BaseCommand = require('./base-command.js') class Logout extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Log out of the registry' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'logout' } /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get usage () { - return ['[--registry=] [--scope=<@scope>]'] + static get params () { + return [ + 'registry', + 'scope', + ] } exec (args, cb) { @@ -19,9 +27,10 @@ class Logout extends BaseCommand { } async logout (args) { - const { registry, scope } = this.npm.flatOptions + const registry = this.npm.config.get('registry') + const scope = this.npm.config.get('scope') const regRef = scope ? `${scope}:registry` : 'registry' - const reg = this.npm.flatOptions[regRef] || registry + const reg = this.npm.config.get(regRef) || registry const auth = getAuth(reg, this.npm.flatOptions) diff --git a/lib/ls.js b/lib/ls.js index 9ff2761c2f928..65b3ddfe7611b 100644 --- a/lib/ls.js +++ b/lib/ls.js @@ -23,6 +23,11 @@ const _type = Symbol('type') const BaseCommand = require('./base-command.js') class LS extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'List installed packages' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'ls' @@ -43,24 +48,22 @@ class LS extends BaseCommand { } async ls (args) { - const { - all, - color, - depth, - json, - long, - global, - parseable, - prefix, - unicode, - } = this.npm.flatOptions - const path = global ? resolve(this.npm.globalDir, '..') : prefix + const all = this.npm.config.get('all') + const color = !!this.npm.color + const depth = this.npm.config.get('depth') const dev = this.npm.config.get('dev') const development = this.npm.config.get('development') + const global = this.npm.config.get('global') + const json = this.npm.config.get('json') const link = this.npm.config.get('link') + const long = this.npm.config.get('long') const only = this.npm.config.get('only') + const parseable = this.npm.config.get('parseable') const prod = this.npm.config.get('prod') const production = this.npm.config.get('production') + const unicode = this.npm.config.get('unicode') + + const path = global ? resolve(this.npm.globalDir, '..') : this.npm.prefix const arb = new Arborist({ global, diff --git a/lib/npm.js b/lib/npm.js index 0534e630606e4..42541a90ffb79 100644 --- a/lib/npm.js +++ b/lib/npm.js @@ -36,24 +36,19 @@ const proxyCmds = new Proxy({}, { }, }) -const { types, defaults, shorthands } = require('./utils/config.js') +const { definitions, flatten, shorthands } = require('./utils/config/index.js') const { shellouts } = require('./utils/cmd-list.js') +const usage = require('./utils/npm-usage.js') let warnedNonDashArg = false const _runCmd = Symbol('_runCmd') const _load = Symbol('_load') -const _flatOptions = Symbol('_flatOptions') const _tmpFolder = Symbol('_tmpFolder') const _title = Symbol('_title') const npm = module.exports = new class extends EventEmitter { constructor () { super() require('./utils/perf.js') - this.modes = { - exec: 0o755, - file: 0o644, - umask: 0o22, - } this.started = Date.now() this.command = null this.commands = proxyCmds @@ -62,8 +57,8 @@ const npm = module.exports = new class extends EventEmitter { this.version = require('../package.json').version this.config = new Config({ npmPath: dirname(__dirname), - types, - defaults, + definitions, + flatten, shorthands, }) this[_title] = process.title @@ -105,9 +100,18 @@ const npm = module.exports = new class extends EventEmitter { }) } + const workspacesEnabled = this.config.get('workspaces') + const workspacesFilters = this.config.get('workspace') + const filterByWorkspaces = workspacesEnabled || workspacesFilters.length > 0 + if (this.config.get('usage')) { - console.log(impl.usage) + this.output(impl.usage) cb() + } else if (filterByWorkspaces) { + impl.execWorkspaces(args, this.config.get('workspace'), er => { + process.emit('timeEnd', `command:${cmd}`) + cb(er) + }) } else { impl.exec(args, er => { process.emit('timeEnd', `command:${cmd}`) @@ -140,9 +144,6 @@ const npm = module.exports = new class extends EventEmitter { if (!er && this.config.get('force')) this.log.warn('using --force', 'Recommended protections disabled.') - if (!er && !this[_flatOptions]) - this[_flatOptions] = require('./utils/flat-options.js')(this) - process.emit('timeEnd', 'npm:load') this.emit('load', er) }) @@ -162,14 +163,19 @@ const npm = module.exports = new class extends EventEmitter { } async [_load] () { + process.emit('time', 'npm:load:whichnode') const node = await which(process.argv[0]).catch(er => null) + process.emit('timeEnd', 'npm:load:whichnode') if (node && node.toUpperCase() !== process.execPath.toUpperCase()) { log.verbose('node symlink', node) process.execPath = node this.config.execPath = node } + process.emit('time', 'npm:load:configload') await this.config.load() + process.emit('timeEnd', 'npm:load:configload') + this.argv = this.config.parsedArgv.remain // note: this MUST be shorter than the actual argv length, because it // uses the same memory, so node will truncate it if it's too long. @@ -177,33 +183,40 @@ const npm = module.exports = new class extends EventEmitter { // don't show that. (Regrettable historical choice to put it there.) // Any other secrets are configs only, so showing only the positional // args keeps those from being leaked. + process.emit('time', 'npm:load:setTitle') const tokrev = deref(this.argv[0]) === 'token' && this.argv[1] === 'revoke' this.title = tokrev ? 'npm token revoke' + (this.argv[2] ? ' ***' : '') : ['npm', ...this.argv].join(' ') + process.emit('timeEnd', 'npm:load:setTitle') + process.emit('time', 'npm:load:setupLog') this.color = setupLog(this.config) + process.emit('timeEnd', 'npm:load:setupLog') process.env.COLOR = this.color ? '1' : '0' + process.emit('time', 'npm:load:cleanupLog') cleanUpLogFiles(this.cache, this.config.get('logs-max'), log.warn) + process.emit('timeEnd', 'npm:load:cleanupLog') log.resume() - const umask = this.config.get('umask') - this.modes = { - exec: 0o777 & (~umask), - file: 0o666 & (~umask), - umask, - } + process.emit('time', 'npm:load:configScope') const configScope = this.config.get('scope') if (configScope && !/^@/.test(configScope)) this.config.set('scope', `@${configScope}`, this.config.find('scope')) + process.emit('timeEnd', 'npm:load:configScope') + process.emit('time', 'npm:load:projectScope') this.projectScope = this.config.get('scope') || getProjectScope(this.prefix) + process.emit('timeEnd', 'npm:load:projectScope') } get flatOptions () { - return this[_flatOptions] + const { flat } = this.config + if (this.command) + flat.npmCommand = this.command + return flat } get lockfileVersion () { @@ -274,6 +287,10 @@ const npm = module.exports = new class extends EventEmitter { this[k] = r } + get usage () { + return usage(this) + } + // XXX add logging to see if we actually use this get tmp () { if (!this[_tmpFolder]) { diff --git a/lib/org.js b/lib/org.js index b9f84b060f8a8..ddd2b03daee18 100644 --- a/lib/org.js +++ b/lib/org.js @@ -4,6 +4,10 @@ const Table = require('cli-table3') const BaseCommand = require('./base-command.js') class Org extends BaseCommand { + static get description () { + return 'Manage orgs' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'org' diff --git a/lib/outdated.js b/lib/outdated.js index 7225577ea42d4..9b656d2aeede4 100644 --- a/lib/outdated.js +++ b/lib/outdated.js @@ -13,6 +13,11 @@ const ansiTrim = require('./utils/ansi-trim.js') const BaseCommand = require('./base-command.js') class Outdated extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Check for outdated packages' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'outdated' @@ -28,15 +33,13 @@ class Outdated extends BaseCommand { } async outdated (args) { - this.opts = this.npm.flatOptions - const global = path.resolve(this.npm.globalDir, '..') - const where = this.opts.global + const where = this.npm.config.get('global') ? global : this.npm.prefix const arb = new Arborist({ - ...this.opts, + ...this.npm.flatOptions, path: where, }) @@ -51,7 +54,7 @@ class Outdated extends BaseCommand { this.getEdges(nodes, 'edgesIn') } } else { - if (this.opts.all) { + if (this.npm.config.get('all')) { // all deps in tree const nodes = this.tree.inventory.values() this.getEdges(nodes, 'edgesOut') @@ -68,13 +71,13 @@ class Outdated extends BaseCommand { const outdated = this.list.sort((a, b) => a.name.localeCompare(b.name)) // return if no outdated packages - if (outdated.length === 0 && !this.opts.json) + if (outdated.length === 0 && !this.npm.config.get('json')) return // display results - if (this.opts.json) + if (this.npm.config.get('json')) this.npm.output(this.makeJSON(outdated)) - else if (this.opts.parseable) + else if (this.npm.config.get('parseable')) this.npm.output(this.makeParseable(outdated)) else { const outList = outdated.map(x => this.makePretty(x)) @@ -86,11 +89,11 @@ class Outdated extends BaseCommand { 'Depended by', ] - if (this.opts.long) + if (this.npm.config.get('long')) outHead.push('Package Type', 'Homepage') const outTable = [outHead].concat(outList) - if (this.opts.color) + if (this.npm.color) outTable[0] = outTable[0].map(heading => styles.underline(heading)) const tableOpts = { @@ -117,7 +120,7 @@ class Outdated extends BaseCommand { } getEdgesOut (node) { - if (this.opts.global) { + if (this.npm.config.get('global')) { for (const child of node.children.values()) this.edges.add(child) } else { @@ -129,7 +132,7 @@ class Outdated extends BaseCommand { async getPackument (spec) { const packument = await pacote.packument(spec, { ...this.npm.flatOptions, - fullMetadata: this.npm.flatOptions.long, + fullMetadata: this.npm.config.get('long'), preferOnline: true, }) return packument @@ -146,7 +149,7 @@ class Outdated extends BaseCommand { : edge.dev ? 'devDependencies' : 'dependencies' - for (const omitType of this.opts.omit || []) { + for (const omitType of this.npm.config.get('omit') || []) { if (node[omitType]) return } @@ -213,12 +216,12 @@ class Outdated extends BaseCommand { const columns = [name, current, wanted, latest, location, dependent] - if (this.opts.long) { + if (this.npm.config.get('long')) { columns[6] = type columns[7] = homepage } - if (this.opts.color) { + if (this.npm.color) { columns[0] = color[current === wanted ? 'yellow' : 'red'](columns[0]) // current columns[2] = color.green(columns[2]) // wanted columns[3] = color.magenta(columns[3]) // latest @@ -248,7 +251,7 @@ class Outdated extends BaseCommand { name + '@' + latest, dependent, ] - if (this.opts.long) + if (this.npm.config.get('long')) out.push(type, homepage) return out.join(':') @@ -275,7 +278,7 @@ class Outdated extends BaseCommand { dependent, location: path, } - if (this.opts.long) { + if (this.npm.config.get('long')) { out[name].type = type out[name].homepage = homepage } diff --git a/lib/owner.js b/lib/owner.js index b62f125ac3bb6..e537d82d01d8d 100644 --- a/lib/owner.js +++ b/lib/owner.js @@ -8,6 +8,10 @@ const readLocalPkg = require('./utils/read-local-package.js') const BaseCommand = require('./base-command.js') class Owner extends BaseCommand { + static get description () { + return 'Manage package owners' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'owner' diff --git a/lib/pack.js b/lib/pack.js index 326fcc0cd1441..92a2fbd7ac33c 100644 --- a/lib/pack.js +++ b/lib/pack.js @@ -11,14 +11,24 @@ const writeFile = util.promisify(require('fs').writeFile) const BaseCommand = require('./base-command.js') class Pack extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Create a tarball from a package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'pack' } + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get params () { + return ['dry-run'] + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get usage () { - return ['[[<@scope>/]...] [--dry-run]'] + return ['[[<@scope>/]...]'] } exec (args, cb) { @@ -29,12 +39,12 @@ class Pack extends BaseCommand { if (args.length === 0) args = ['.'] - const { unicode } = this.npm.flatOptions + const unicode = this.npm.config.get('unicode') // clone the opts because pacote mutates it with resolved/integrity const tarballs = await Promise.all(args.map(async (arg) => { const spec = npa(arg) - const { dryRun } = this.npm.flatOptions + const dryRun = this.npm.config.get('dry-run') const manifest = await pacote.manifest(spec, this.npm.flatOptions) const filename = `${manifest.name}-${manifest.version}.tgz` .replace(/^@/, '').replace(/\//, '-') diff --git a/lib/ping.js b/lib/ping.js index e60b1f1debd80..30379377482ec 100644 --- a/lib/ping.js +++ b/lib/ping.js @@ -4,13 +4,18 @@ const BaseCommand = require('./base-command.js') class Ping extends BaseCommand { /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get name () { - return 'ping' + static get description () { + return 'Ping npm registry' } /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get description () { - return 'ping registry' + static get params () { + return ['registry'] + } + + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get name () { + return 'ping' } exec (args, cb) { @@ -18,14 +23,14 @@ class Ping extends BaseCommand { } async ping (args) { - log.notice('PING', this.npm.flatOptions.registry) + log.notice('PING', this.npm.config.get('registry')) const start = Date.now() const details = await pingUtil(this.npm.flatOptions) const time = Date.now() - start log.notice('PONG', `${time / 1000}ms`) - if (this.npm.flatOptions.json) { + if (this.npm.config.get('json')) { this.npm.output(JSON.stringify({ - registry: this.npm.flatOptions.registry, + registry: this.npm.config.get('registry'), time, details, }, null, 2)) diff --git a/lib/prefix.js b/lib/prefix.js index 5ade87f6429f6..1298a3c5ba54b 100644 --- a/lib/prefix.js +++ b/lib/prefix.js @@ -1,6 +1,11 @@ const BaseCommand = require('./base-command.js') class Prefix extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Display prefix' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'prefix' diff --git a/lib/profile.js b/lib/profile.js index 1c0df49888540..9789146fdee16 100644 --- a/lib/profile.js +++ b/lib/profile.js @@ -38,6 +38,10 @@ const writableProfileKeys = [ const BaseCommand = require('./base-command.js') class Profile extends BaseCommand { + static get description () { + return 'Change settings on your registry profile' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'profile' @@ -108,14 +112,14 @@ class Profile extends BaseCommand { async get (args) { const tfa = 'two-factor auth' - const conf = { ...this.npm.flatOptions } - - const info = await pulseTillDone.withPromise(npmProfile.get(conf)) + const info = await pulseTillDone.withPromise( + npmProfile.get(this.npm.flatOptions) + ) if (!info.cidr_whitelist) delete info.cidr_whitelist - if (conf.json) { + if (this.npm.config.get('json')) { this.npm.output(JSON.stringify(info, null, 2)) return } @@ -147,7 +151,7 @@ class Profile extends BaseCommand { .join('\t') this.npm.output(values) } else { - if (conf.parseable) { + if (this.npm.config.get('parseable')) { for (const key of Object.keys(info)) { if (key === 'tfa') this.npm.output(`${key}\t${cleaned[tfa]}`) @@ -165,7 +169,7 @@ class Profile extends BaseCommand { } async set (args) { - const conf = { ...this.npm.flatOptions } + const conf = this.npm.flatOptions const prop = (args[0] || '').toLowerCase().trim() let value = args.length > 1 ? args.slice(1).join(' ') : null @@ -214,9 +218,9 @@ class Profile extends BaseCommand { const result = await otplease(conf, conf => npmProfile.set(newUser, conf)) - if (conf.json) + if (this.npm.config.get('json')) this.npm.output(JSON.stringify({ [prop]: result[prop] }, null, 2)) - else if (conf.parseable) + else if (this.npm.config.get('parseable')) this.npm.output(prop + '\t' + result[prop]) else if (result[prop] != null) this.npm.output('Set', prop, 'to', result[prop]) @@ -239,11 +243,10 @@ class Profile extends BaseCommand { ) } - const conf = { ...this.npm.flatOptions } - if (conf.json || conf.parseable) { + if (this.npm.config.get('json') || this.npm.config.get('parseable')) { throw new Error( 'Enabling two-factor authentication is an interactive operation and ' + - (conf.json ? 'JSON' : 'parseable') + ' output mode is not available' + (this.npm.config.get('json') ? 'JSON' : 'parseable') + ' output mode is not available' ) } @@ -255,7 +258,7 @@ class Profile extends BaseCommand { // if they're using legacy auth currently then we have to // update them to a bearer token before continuing. - const creds = this.npm.config.getCredentialsByURI(conf.registry) + const creds = this.npm.config.getCredentialsByURI(this.npm.config.get('registry')) const auth = {} if (creds.token) @@ -267,32 +270,29 @@ class Profile extends BaseCommand { auth.basic = { username: basic[0], password: basic[1] } } - if (conf.otp) - auth.otp = conf.otp - if (!auth.basic && !auth.token) { throw new Error( 'You need to be logged in to registry ' + - `${conf.registry} in order to enable 2fa` + `${this.npm.config.get('registry')} in order to enable 2fa` ) } if (auth.basic) { log.info('profile', 'Updating authentication to bearer token') const result = await npmProfile.createToken( - auth.basic.password, false, [], conf + auth.basic.password, false, [], this.npm.flatOptions ) if (!result.token) { throw new Error( - `Your registry ${conf.registry} does not seem to ` + + `Your registry ${this.npm.config.get('registry')} does not seem to ` + 'support bearer tokens. Bearer tokens are required for ' + 'two-factor authentication' ) } this.npm.config.setCredentialsByURI( - conf.registry, + this.npm.config.get('registry'), { token: result.token } ) await this.npm.config.save('user') @@ -303,21 +303,21 @@ class Profile extends BaseCommand { info.tfa.password = password log.info('profile', 'Determine if tfa is pending') - const userInfo = await pulseTillDone.withPromise(npmProfile.get(conf)) + const userInfo = await pulseTillDone.withPromise( + npmProfile.get(this.npm.flatOptions) + ) + const conf = { ...this.npm.flatOptions } if (userInfo && userInfo.tfa && userInfo.tfa.pending) { log.info('profile', 'Resetting two-factor authentication') await pulseTillDone.withPromise( npmProfile.set({ tfa: { password, mode: 'disable' } }, conf) ) } else if (userInfo && userInfo.tfa) { - if (conf.otp) - conf.otp = conf.otp - else { - const otp = await readUserInfo.otp( + if (!conf.otp) { + conf.otp = await readUserInfo.otp( 'Enter one-time password from your authenticator app: ' ) - conf.otp = otp } } @@ -390,9 +390,9 @@ class Profile extends BaseCommand { tfa: { password: password, mode: 'disable' }, }, conf)) - if (conf.json) + if (this.npm.config.get('json')) this.npm.output(JSON.stringify({ tfa: false }, null, 2)) - else if (conf.parseable) + else if (this.npm.config.get('parseable')) this.npm.output('tfa\tfalse') else this.npm.output('Two factor authentication disabled.') diff --git a/lib/prune.js b/lib/prune.js index c2cddb1a22b33..1da86a3e82187 100644 --- a/lib/prune.js +++ b/lib/prune.js @@ -4,14 +4,24 @@ const reifyFinish = require('./utils/reify-finish.js') const BaseCommand = require('./base-command.js') class Prune extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Remove extraneous packages' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'prune' } + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get params () { + return ['production'] + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get usage () { - return ['[[<@scope>/]...] [--production]'] + return ['[[<@scope>/]...]'] } exec (args, cb) { diff --git a/lib/publish.js b/lib/publish.js index f8e0eafe11886..b121cb3d36773 100644 --- a/lib/publish.js +++ b/lib/publish.js @@ -8,7 +8,7 @@ const pacote = require('pacote') const npa = require('npm-package-arg') const npmFetch = require('npm-registry-fetch') -const { flatten } = require('./utils/flat-options.js') +const flatten = require('./utils/config/flatten.js') const otplease = require('./utils/otplease.js') const { getContents, logTar } = require('./utils/tar.js') @@ -19,15 +19,24 @@ const readJson = util.promisify(require('read-package-json')) const BaseCommand = require('./base-command.js') class Publish extends BaseCommand { + static get description () { + return 'Publish a package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'publish' } + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get params () { + return ['tag', 'access', 'dry-run'] + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get usage () { return [ - '[] [--tag ] [--access ] [--dry-run]', + '[]', ] } @@ -43,12 +52,16 @@ class Publish extends BaseCommand { log.verbose('publish', args) - const opts = { ...this.npm.flatOptions } - const { unicode, dryRun, json, defaultTag } = opts + const unicode = this.npm.config.get('unicode') + const dryRun = this.npm.config.get('dry-run') + const json = this.npm.config.get('json') + const defaultTag = this.npm.config.get('tag') if (semver.validRange(defaultTag)) throw new Error('Tag name must not be a valid SemVer range: ' + defaultTag.trim()) + const opts = { ...this.npm.flatOptions } + // you can publish name@version, ./foo.tgz, etc. // even though the default is the 'file:.' cwd. const spec = npa(args[0]) @@ -137,7 +150,8 @@ class Publish extends BaseCommand { publishConfigToOpts (publishConfig) { // create a new object that inherits from the config stack // then squash the css-case into camelCase opts, like we do - return flatten({...this.npm.config.list[0], ...publishConfig}) + // this is Object.assign()'ed onto the base npm.flatOptions + return flatten(publishConfig, {}) } } module.exports = Publish diff --git a/lib/rebuild.js b/lib/rebuild.js index 74f5ae5f6eba5..5910ab3d172dc 100644 --- a/lib/rebuild.js +++ b/lib/rebuild.js @@ -6,6 +6,11 @@ const completion = require('./utils/completion/installed-deep.js') const BaseCommand = require('./base-command.js') class Rebuild extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Rebuild a package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'rebuild' @@ -27,7 +32,7 @@ class Rebuild extends BaseCommand { async rebuild (args) { const globalTop = resolve(this.npm.globalDir, '..') - const where = this.npm.flatOptions.global ? globalTop : this.npm.prefix + const where = this.npm.config.get('global') ? globalTop : this.npm.prefix const arb = new Arborist({ ...this.npm.flatOptions, path: where, diff --git a/lib/repo.js b/lib/repo.js index aa07e07a819f7..5ab136abd73d8 100644 --- a/lib/repo.js +++ b/lib/repo.js @@ -7,6 +7,11 @@ const openUrl = require('./utils/open-url.js') const BaseCommand = require('./base-command.js') class Repo extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Open package repository page in the browser' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'repo' diff --git a/lib/restart.js b/lib/restart.js index 1f3eb5af94f82..840eb20673b1f 100644 --- a/lib/restart.js +++ b/lib/restart.js @@ -2,6 +2,11 @@ const LifecycleCmd = require('./utils/lifecycle-cmd.js') // This ends up calling run-script(['restart', ...args]) class Restart extends LifecycleCmd { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Restart a package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'restart' diff --git a/lib/root.js b/lib/root.js index 1fe82c6fad773..635a68e256318 100644 --- a/lib/root.js +++ b/lib/root.js @@ -1,13 +1,18 @@ const BaseCommand = require('./base-command.js') class Root extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Display npm root' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'root' } /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get usage () { - return ['[-g]'] + static get params () { + return ['global'] } exec (args, cb) { diff --git a/lib/run-script.js b/lib/run-script.js index 3ea85b79ffd18..054f0ae4a551f 100644 --- a/lib/run-script.js +++ b/lib/run-script.js @@ -1,10 +1,12 @@ +const { resolve } = require('path') +const chalk = require('chalk') const runScript = require('@npmcli/run-script') const { isServerPackage } = runScript -const readJson = require('read-package-json-fast') -const { resolve } = require('path') +const rpj = require('read-package-json-fast') const log = require('npmlog') const didYouMean = require('./utils/did-you-mean.js') const isWindowsShell = require('./utils/is-windows-shell.js') +const getWorkspaces = require('./workspaces/get-workspaces.js') const cmdList = [ 'publish', @@ -17,8 +19,21 @@ const cmdList = [ 'version', ].reduce((l, p) => l.concat(['pre' + p, p, 'post' + p]), []) +const nocolor = { + reset: s => s, + bold: s => s, + dim: s => s, + blue: s => s, + green: s => s, +} + const BaseCommand = require('./base-command.js') class RunScript extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Run arbitrary package scripts' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'run-script' @@ -34,7 +49,7 @@ class RunScript extends BaseCommand { if (argv.length === 2) { // find the script name const json = resolve(this.npm.localPrefix, 'package.json') - const { scripts = {} } = await readJson(json).catch(er => ({})) + const { scripts = {} } = await rpj(json).catch(er => ({})) return Object.keys(scripts) } } @@ -46,12 +61,19 @@ class RunScript extends BaseCommand { this.list(args).then(() => cb()).catch(cb) } - async run (args) { - const path = this.npm.localPrefix - const event = args.shift() - const { scriptShell } = this.npm.flatOptions + execWorkspaces (args, filters, cb) { + if (args.length) + this.runWorkspaces(args, filters).then(() => cb()).catch(cb) + else + this.listWorkspaces(args, filters).then(() => cb()).catch(cb) + } + + async run ([event, ...args], { path = this.npm.localPrefix, pkg } = {}) { + // this || undefined is because runScript will be unhappy with the default + // null value + const scriptShell = this.npm.config.get('script-shell') || undefined - const pkg = await readJson(`${path}/package.json`) + pkg = pkg || (await rpj(`${path}/package.json`)) const { scripts = {} } = pkg if (event === 'restart' && !scripts.restart) @@ -68,14 +90,13 @@ class RunScript extends BaseCommand { if (this.npm.config.get('if-present')) return - const suggestions = didYouMean(event, Object.keys(scripts)) - throw new Error(`missing script: ${event}${ - suggestions ? `\n${suggestions}` : ''}`) + const suggestions = await didYouMean(this.npm, path, event) + throw new Error(`Missing script: "${event}"${suggestions}\n\nTo see a list of scripts, run:\n npm run`) } // positional args only added to the main event, not pre/post const events = [[event, args]] - if (!this.npm.flatOptions.ignoreScripts) { + if (!this.npm.config.get('ignore-scripts')) { if (scripts[`pre${event}`]) events.unshift([`pre${event}`, []]) @@ -102,9 +123,11 @@ class RunScript extends BaseCommand { } } - async list () { - const path = this.npm.localPrefix - const { scripts, name } = await readJson(`${path}/package.json`) + async list (args, path) { + path = path || this.npm.localPrefix + const { scripts, name, _id } = await rpj(`${path}/package.json`) + const pkgid = _id || name + const color = !!this.npm.color if (!scripts) return [] @@ -113,12 +136,12 @@ class RunScript extends BaseCommand { if (log.level === 'silent') return allScripts - if (this.npm.flatOptions.json) { + if (this.npm.config.get('json')) { this.npm.output(JSON.stringify(scripts, null, 2)) return allScripts } - if (this.npm.flatOptions.parseable) { + if (this.npm.config.get('parseable')) { for (const [script, cmd] of Object.entries(scripts)) this.npm.output(`${script}:${cmd}`) @@ -133,22 +156,96 @@ class RunScript extends BaseCommand { const list = cmdList.includes(script) ? cmds : runScripts list.push(script) } + const colorize = color ? chalk : nocolor - if (cmds.length) - this.npm.output(`Lifecycle scripts included in ${name}:`) + if (cmds.length) { + this.npm.output(`${ + colorize.reset(colorize.bold('Lifecycle scripts'))} included in ${ + colorize.green(pkgid)}:`) + } for (const script of cmds) - this.npm.output(prefix + script + indent + scripts[script]) + this.npm.output(prefix + script + indent + colorize.dim(scripts[script])) - if (!cmds.length && runScripts.length) - this.npm.output(`Scripts available in ${name} via \`npm run-script\`:`) - else if (runScripts.length) - this.npm.output('\navailable via `npm run-script`:') + if (!cmds.length && runScripts.length) { + this.npm.output(`${ + colorize.bold('Scripts') + } available in ${colorize.green(pkgid)} via \`${ + colorize.blue('npm run-script')}\`:`) + } else if (runScripts.length) + this.npm.output(`\navailable via \`${colorize.blue('npm run-script')}\`:`) for (const script of runScripts) - this.npm.output(prefix + script + indent + scripts[script]) + this.npm.output(prefix + script + indent + colorize.dim(scripts[script])) + this.npm.output('') return allScripts } + + async workspaces (filters) { + return getWorkspaces(filters, { path: this.npm.localPrefix }) + } + + async runWorkspaces (args, filters) { + const res = [] + const workspaces = await this.workspaces(filters) + + for (const workspacePath of workspaces.values()) { + const pkg = await rpj(`${workspacePath}/package.json`) + const runResult = await this.run(args, { + path: workspacePath, + pkg, + }).catch(err => { + log.error(`Lifecycle script \`${args[0]}\` failed with error:`) + log.error(err) + log.error(` in workspace: ${pkg._id || pkg.name}`) + log.error(` at location: ${workspacePath}`) + + const scriptMissing = err.message.startsWith('Missing script') + + // avoids exiting with error code in case there's scripts missing + // in some workspaces since other scripts might have succeeded + if (!scriptMissing) + process.exitCode = 1 + + return scriptMissing + }) + res.push(runResult) + } + + // in case **all** tests are missing, then it should exit with error code + if (res.every(Boolean)) + throw new Error(`Missing script: ${args[0]}`) + } + + async listWorkspaces (args, filters) { + const workspaces = await this.workspaces(filters) + + if (log.level === 'silent') + return + + if (this.npm.config.get('json')) { + const res = {} + for (const workspacePath of workspaces.values()) { + const { scripts, name } = await rpj(`${workspacePath}/package.json`) + res[name] = { ...scripts } + } + this.npm.output(JSON.stringify(res, null, 2)) + return + } + + if (this.npm.config.get('parseable')) { + for (const workspacePath of workspaces.values()) { + const { scripts, name } = await rpj(`${workspacePath}/package.json`) + for (const [script, cmd] of Object.entries(scripts || {})) + this.npm.output(`${name}:${script}:${cmd}`) + } + return + } + + for (const workspacePath of workspaces.values()) + await this.list(args, workspacePath) + } } + module.exports = RunScript diff --git a/lib/search.js b/lib/search.js index c24000156f67a..bdd374ab6edf7 100644 --- a/lib/search.js +++ b/lib/search.js @@ -26,14 +26,29 @@ function prepareExcludes (searchexclude) { const BaseCommand = require('./base-command.js') class Search extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Search for pacakges' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'search' } + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get params () { + return [ + 'long', + 'json', + 'parseable', + 'description', + ] + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get usage () { - return ['[-l|--long] [--json] [--parseable] [--no-description] [search terms ...]'] + return ['[search terms ...]'] } exec (args, cb) { @@ -84,7 +99,7 @@ class Search extends BaseCommand { }) await p.promise() - if (!anyOutput && !opts.json && !opts.parseable) + if (!anyOutput && !this.npm.config.get('json') && !this.npm.config.get('parseable')) this.npm.output('No matches found for ' + (args.map(JSON.stringify).join(' '))) log.silly('search', 'search completed') diff --git a/lib/set-script.js b/lib/set-script.js index 6241981323c4a..df101a0acb709 100644 --- a/lib/set-script.js +++ b/lib/set-script.js @@ -5,6 +5,11 @@ const rpj = require('read-package-json-fast') const BaseCommand = require('./base-command.js') class SetScript extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Set tasks in the scripts section of package.json' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'set-script' diff --git a/lib/set.js b/lib/set.js index 787a8012c0b6a..74a002cd638be 100644 --- a/lib/set.js +++ b/lib/set.js @@ -1,6 +1,10 @@ const BaseCommand = require('./base-command.js') class Set extends BaseCommand { + static get description () { + return 'Set a value in the npm configuration' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'set' diff --git a/lib/shrinkwrap.js b/lib/shrinkwrap.js index b52cf41957b2d..5d4a1ada982a4 100644 --- a/lib/shrinkwrap.js +++ b/lib/shrinkwrap.js @@ -7,6 +7,11 @@ const log = require('npmlog') const BaseCommand = require('./base-command.js') class Shrinkwrap extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Lock down dependency versions for publication' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'shrinkwrap' @@ -24,7 +29,7 @@ class Shrinkwrap extends BaseCommand { // // loadVirtual, fall back to loadActual // rename shrinkwrap file type, and tree.meta.save() - if (this.npm.flatOptions.global) { + if (this.npm.config.get('global')) { const er = new Error('`npm shrinkwrap` does not work for global packages') er.code = 'ESHRINKWRAPGLOBAL' throw er diff --git a/lib/star.js b/lib/star.js index 27a3041906a40..4c5cf4900c519 100644 --- a/lib/star.js +++ b/lib/star.js @@ -6,6 +6,10 @@ const getIdentity = require('./utils/get-identity') const BaseCommand = require('./base-command.js') class Star extends BaseCommand { + static get description () { + return 'Mark your favorite packages' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'star' @@ -26,7 +30,7 @@ class Star extends BaseCommand { // if we're unstarring, then show an empty star image // otherwise, show the full star image - const { unicode } = this.npm.flatOptions + const unicode = this.npm.config.get('unicode') const unstar = this.npm.config.get('star.unstar') const full = unicode ? '\u2605 ' : '(*)' const empty = unicode ? '\u2606 ' : '( )' diff --git a/lib/stars.js b/lib/stars.js index 758a3130d423c..db93d7b19610a 100644 --- a/lib/stars.js +++ b/lib/stars.js @@ -5,6 +5,11 @@ const getIdentity = require('./utils/get-identity.js') const BaseCommand = require('./base-command.js') class Stars extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'View packages marked as favorites' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'stars' diff --git a/lib/start.js b/lib/start.js index 8987bc2931eb5..099b6e61b31fc 100644 --- a/lib/start.js +++ b/lib/start.js @@ -2,6 +2,11 @@ const LifecycleCmd = require('./utils/lifecycle-cmd.js') // This ends up calling run-script(['start', ...args]) class Start extends LifecycleCmd { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Start a package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'start' diff --git a/lib/stop.js b/lib/stop.js index a3857ab1360be..766d9c01815cd 100644 --- a/lib/stop.js +++ b/lib/stop.js @@ -2,6 +2,11 @@ const LifecycleCmd = require('./utils/lifecycle-cmd.js') // This ends up calling run-script(['stop', ...args]) class Stop extends LifecycleCmd { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Stop a package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'stop' diff --git a/lib/team.js b/lib/team.js index f84660af4d19a..5298bb3b2563e 100644 --- a/lib/team.js +++ b/lib/team.js @@ -5,6 +5,10 @@ const otplease = require('./utils/otplease.js') const BaseCommand = require('./base-command.js') class Team extends BaseCommand { + static get description () { + return 'Manage organization teams and team memberships' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'team' diff --git a/lib/test.js b/lib/test.js index 991d1c873cbfb..2be2b54af719e 100644 --- a/lib/test.js +++ b/lib/test.js @@ -2,6 +2,11 @@ const LifecycleCmd = require('./utils/lifecycle-cmd.js') // This ends up calling run-script(['test', ...args]) class Test extends LifecycleCmd { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Test a package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'test' diff --git a/lib/token.js b/lib/token.js index 3d7952ccfc292..a80988531eebf 100644 --- a/lib/token.js +++ b/lib/token.js @@ -10,6 +10,10 @@ const readUserInfo = require('./utils/read-user-info.js') const BaseCommand = require('./base-command.js') class Token extends BaseCommand { + static get description () { + return 'Manage your authentication tokens' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'token' diff --git a/lib/uninstall.js b/lib/uninstall.js index ee0f338e9fc0a..11e65533a8e98 100644 --- a/lib/uninstall.js +++ b/lib/uninstall.js @@ -7,14 +7,23 @@ const completion = require('./utils/completion/installed-shallow.js') const BaseCommand = require('./base-command.js') class Uninstall extends BaseCommand { + static get description () { + return 'Remove a package' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'uninstall' } + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get params () { + return ['save'] + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get usage () { - return ['[<@scope>/][@]... [-S|--save|--no-save]'] + return ['[<@scope>/]...'] } /* istanbul ignore next - see test/lib/load-all-commands.js */ @@ -28,7 +37,8 @@ class Uninstall extends BaseCommand { async uninstall (args) { // the /path/to/node_modules/.. - const { global, prefix } = this.npm.flatOptions + const global = this.npm.config.get('global') + const prefix = this.npm.config.get('prefix') const path = global ? resolve(this.npm.globalDir, '..') : prefix if (!args.length) { diff --git a/lib/unpublish.js b/lib/unpublish.js index 68a9a0ae64ee5..d49bb7ba4e359 100644 --- a/lib/unpublish.js +++ b/lib/unpublish.js @@ -12,6 +12,10 @@ const getIdentity = require('./utils/get-identity.js') const BaseCommand = require('./base-command.js') class Unpublish extends BaseCommand { + static get description () { + return 'Remove a package from the registry' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'unpublish' @@ -63,8 +67,9 @@ class Unpublish extends BaseCommand { throw new Error(this.usage) const spec = args.length && npa(args[0]) - const opts = this.npm.flatOptions - const { force, silent, loglevel } = opts + const force = this.npm.config.get('force') + const silent = this.npm.config.get('silent') + const loglevel = this.npm.config.get('loglevel') let pkgName let pkgVersion @@ -79,6 +84,7 @@ class Unpublish extends BaseCommand { ) } + const opts = this.npm.flatOptions if (!spec || path.resolve(spec.name) === this.npm.localPrefix) { // if there's a package.json in the current folder, then // read the package name and version out of that. diff --git a/lib/unstar.js b/lib/unstar.js index 5786cfce60f73..bc32ba617b46a 100644 --- a/lib/unstar.js +++ b/lib/unstar.js @@ -1,6 +1,11 @@ const Star = require('./star.js') class Unstar extends Star { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Remove an item from your favorite packages' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'unstar' diff --git a/lib/update.js b/lib/update.js index 87540b96e07e5..6a87dd9ecddcf 100644 --- a/lib/update.js +++ b/lib/update.js @@ -8,14 +8,24 @@ const completion = require('./utils/completion/installed-deep.js') const BaseCommand = require('./base-command.js') class Update extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'Update packages' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'update' } + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get params () { + return ['global'] + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get usage () { - return ['[-g] [...]'] + return ['[...]'] } /* istanbul ignore next - see test/lib/load-all-commands.js */ @@ -30,11 +40,11 @@ class Update extends BaseCommand { async update (args) { const update = args.length === 0 ? true : args const global = path.resolve(this.npm.globalDir, '..') - const where = this.npm.flatOptions.global + const where = this.npm.config.get('global') ? global : this.npm.prefix - if (this.npm.flatOptions.depth) { + if (this.npm.config.get('depth')) { log.warn('update', 'The --depth option no longer has any effect. See RFC0019.\n' + 'https://github.com/npm/rfcs/blob/latest/implemented/0019-remove-update-depth-option.md') } diff --git a/lib/utils/config.js b/lib/utils/config.js deleted file mode 100644 index 3ca9766132f02..0000000000000 --- a/lib/utils/config.js +++ /dev/null @@ -1,394 +0,0 @@ -// defaults, types, and shorthands - -const { - typeDefs: { - semver: { type: semver }, - Umask: { type: Umask }, - url: { type: url }, - path: { type: path }, - }, -} = require('@npmcli/config') - -const { version: npmVersion } = require('../../package.json') - -const ciDetect = require('@npmcli/ci-detect') -const ciName = ciDetect() - -const isWindows = require('./is-windows.js') - -const editor = process.env.EDITOR || - process.env.VISUAL || - (isWindows ? 'notepad.exe' : 'vi') - -const shell = isWindows ? process.env.ComSpec || 'cmd' - : process.env.SHELL || 'sh' - -const { tmpdir, networkInterfaces } = require('os') -const getLocalAddresses = () => { - try { - return Object.values(networkInterfaces()).map( - int => int.map(({ address }) => address) - ).reduce((set, addrs) => set.concat(addrs), [undefined]) - } catch (e) { - return [undefined] - } -} - -const unicode = /UTF-?8$/i.test( - process.env.LC_ALL || process.env.LC_CTYPE || process.env.LANG -) - -// use LOCALAPPDATA on Windows, if set -// https://github.com/npm/cli/pull/899 -const cacheRoot = (isWindows && process.env.LOCALAPPDATA) || '~' -const cacheExtra = isWindows ? 'npm-cache' : '.npm' -const cache = `${cacheRoot}/${cacheExtra}` - -const defaults = { - access: null, - all: false, - 'allow-same-version': false, - also: null, - 'always-auth': false, - audit: true, - 'audit-level': null, - _auth: null, - 'auth-type': 'legacy', - before: null, - 'bin-links': true, - browser: null, - ca: null, - cache, - 'cache-lock-retries': 10, - 'cache-lock-stale': 60000, - 'cache-lock-wait': 10000, - 'cache-max': Infinity, - 'cache-min': 10, - cafile: null, - call: '', - cert: null, - 'ci-name': ciName || null, - cidr: null, - color: process.env.NO_COLOR == null, - 'commit-hooks': true, - depth: null, - description: true, - dev: false, - diff: [], - 'diff-unified': null, - 'diff-ignore-all-space': false, - 'diff-name-only': false, - 'diff-no-prefix': false, - 'diff-src-prefix': '', - 'diff-dst-prefix': '', - 'diff-text': false, - 'dry-run': false, - editor, - 'engine-strict': false, - 'fetch-retries': 2, - 'fetch-retry-factor': 10, - 'fetch-retry-maxtimeout': 60000, - 'fetch-retry-mintimeout': 10000, - 'fetch-timeout': 5 * 60 * 1000, - force: false, - 'foreground-script': false, - 'format-package-lock': true, - fund: true, - git: 'git', - 'git-tag-version': true, - global: false, - 'global-style': false, - // `globalconfig` has its default defined outside of this module - heading: 'npm', - 'https-proxy': null, - 'if-present': false, - 'ignore-prepublish': false, - 'ignore-scripts': false, - include: [], - 'include-staged': false, - 'init-author-email': '', - 'init-author-name': '', - 'init-author-url': '', - 'init-license': 'ISC', - 'init-module': '~/.npm-init.js', - 'init-version': '1.0.0', - 'init.author.email': '', - 'init.author.name': '', - 'init.author.url': '', - 'init.license': 'ISC', - 'init.module': '~/.npm-init.js', - 'init.version': '1.0.0', - json: false, - key: null, - 'legacy-bundling': false, - 'legacy-peer-deps': false, - link: false, - 'local-address': undefined, - loglevel: 'notice', - 'logs-max': 10, - long: false, - maxsockets: 50, - message: '%s', - 'node-options': null, - 'node-version': process.version, - noproxy: null, - 'npm-version': npmVersion, - offline: false, - omit: [], - only: null, - optional: true, - otp: null, - package: [], - 'package-lock': true, - 'package-lock-only': false, - parseable: false, - 'prefer-offline': false, - 'prefer-online': false, - // `prefix` has its default defined outside of this module - preid: '', - production: process.env.NODE_ENV === 'production', - progress: !ciName, - proxy: null, - 'read-only': false, - 'rebuild-bundle': true, - registry: 'https://registry.npmjs.org/', - rollback: true, - save: true, - 'save-bundle': false, - 'save-dev': false, - 'save-exact': false, - 'save-optional': false, - 'save-prefix': '^', - 'save-prod': false, - scope: '', - 'script-shell': null, - 'scripts-prepend-node-path': 'warn-only', - searchexclude: null, - searchlimit: 20, - searchopts: '', - searchstaleness: 15 * 60, - shell, - shrinkwrap: true, - 'sign-git-commit': false, - 'sign-git-tag': false, - 'sso-poll-frequency': 500, - 'sso-type': 'oauth', - 'strict-peer-deps': false, - 'strict-ssl': true, - tag: 'latest', - 'tag-version-prefix': 'v', - timing: false, - tmp: tmpdir(), - umask: 0, - unicode, - 'update-notifier': true, - usage: false, - 'user-agent': 'npm/{npm-version} ' + - 'node/{node-version} ' + - '{platform} ' + - '{arch} ' + - '{ci}', - userconfig: '~/.npmrc', - version: false, - versions: false, - viewer: isWindows ? 'browser' : 'man', -} - -const types = { - access: [null, 'restricted', 'public'], - all: Boolean, - 'allow-same-version': Boolean, - also: [null, 'dev', 'development'], - _auth: [null, String], - 'always-auth': Boolean, - audit: Boolean, - 'audit-level': ['low', 'moderate', 'high', 'critical', 'none', null], - 'auth-type': ['legacy', 'sso', 'saml', 'oauth'], - before: [null, Date], - 'bin-links': Boolean, - browser: [null, Boolean, String], - ca: [null, String, Array], - cache: path, - 'cache-lock-retries': Number, - 'cache-lock-stale': Number, - 'cache-lock-wait': Number, - 'cache-max': Number, - 'cache-min': Number, - cafile: path, - call: String, - cert: [null, String], - 'ci-name': [null, String], - cidr: [null, String, Array], - color: ['always', Boolean], - 'commit-hooks': Boolean, - depth: [null, Number], - description: Boolean, - dev: Boolean, - diff: [String, Array], - 'diff-unified': [null, Number], - 'diff-ignore-all-space': Boolean, - 'diff-name-only': Boolean, - 'diff-no-prefix': Boolean, - 'diff-src-prefix': String, - 'diff-dst-prefix': String, - 'diff-text': Boolean, - 'dry-run': Boolean, - editor: String, - 'engine-strict': Boolean, - 'fetch-retries': Number, - 'fetch-retry-factor': Number, - 'fetch-retry-maxtimeout': Number, - 'fetch-retry-mintimeout': Number, - 'fetch-timeout': Number, - force: Boolean, - 'foreground-script': Boolean, - 'format-package-lock': Boolean, - fund: Boolean, - git: String, - 'git-tag-version': Boolean, - global: Boolean, - 'global-style': Boolean, - globalconfig: path, - heading: String, - 'https-proxy': [null, url], - 'if-present': Boolean, - 'ignore-prepublish': Boolean, - 'ignore-scripts': Boolean, - include: [Array, 'prod', 'dev', 'optional', 'peer'], - 'include-staged': Boolean, - 'init-author-email': String, - 'init-author-name': String, - 'init-author-url': ['', url], - 'init-license': String, - 'init-module': path, - 'init-version': semver, - 'init.author.email': String, - 'init.author.name': String, - 'init.author.url': ['', url], - 'init.license': String, - 'init.module': path, - 'init.version': semver, - json: Boolean, - key: [null, String], - 'legacy-bundling': Boolean, - 'legacy-peer-deps': Boolean, - link: Boolean, - 'local-address': getLocalAddresses(), - loglevel: [ - 'silent', - 'error', - 'warn', - 'notice', - 'http', - 'timing', - 'info', - 'verbose', - 'silly', - ], - 'logs-max': Number, - long: Boolean, - maxsockets: Number, - message: String, - 'node-options': [null, String], - 'node-version': [null, semver], - noproxy: [null, String, Array], - 'npm-version': semver, - offline: Boolean, - omit: [Array, 'dev', 'optional', 'peer'], - only: [null, 'dev', 'development', 'prod', 'production'], - optional: Boolean, - otp: [null, String], - package: [String, Array], - 'package-lock': Boolean, - 'package-lock-only': Boolean, - parseable: Boolean, - 'prefer-offline': Boolean, - 'prefer-online': Boolean, - prefix: path, - preid: String, - production: Boolean, - progress: Boolean, - proxy: [null, false, url], // allow proxy to be disabled explicitly - 'read-only': Boolean, - 'rebuild-bundle': Boolean, - registry: [null, url], - rollback: Boolean, - save: Boolean, - 'save-bundle': Boolean, - 'save-dev': Boolean, - 'save-exact': Boolean, - 'save-optional': Boolean, - 'save-prefix': String, - 'save-prod': Boolean, - scope: String, - 'script-shell': [null, String], - 'scripts-prepend-node-path': [Boolean, 'auto', 'warn-only'], - searchexclude: [null, String], - searchlimit: Number, - searchopts: String, - searchstaleness: Number, - shell: String, - shrinkwrap: Boolean, - 'sign-git-commit': Boolean, - 'sign-git-tag': Boolean, - 'sso-poll-frequency': Number, - 'sso-type': [null, 'oauth', 'saml'], - 'strict-peer-deps': Boolean, - 'strict-ssl': Boolean, - tag: String, - 'tag-version-prefix': String, - timing: Boolean, - tmp: path, - umask: Umask, - unicode: Boolean, - 'update-notifier': Boolean, - usage: Boolean, - 'user-agent': String, - userconfig: path, - version: Boolean, - versions: Boolean, - viewer: String, -} - -const shorthands = { - '?': ['--usage'], - a: ['--all'], - B: ['--save-bundle'], - C: ['--prefix'], - c: ['--call'], - D: ['--save-dev'], - d: ['--loglevel', 'info'], - dd: ['--loglevel', 'verbose'], - ddd: ['--loglevel', 'silly'], - desc: ['--description'], - E: ['--save-exact'], - 'enjoy-by': ['--before'], - f: ['--force'], - g: ['--global'], - H: ['--usage'], - h: ['--usage'], - help: ['--usage'], - l: ['--long'], - local: ['--no-global'], - m: ['--message'], - n: ['--no-yes'], - 'no-desc': ['--no-description'], - 'no-reg': ['--no-registry'], - noreg: ['--no-registry'], - O: ['--save-optional'], - P: ['--save-prod'], - p: ['--parseable'], - porcelain: ['--parseable'], - q: ['--loglevel', 'warn'], - quiet: ['--loglevel', 'warn'], - readonly: ['--read-only'], - reg: ['--registry'], - S: ['--save'], - s: ['--loglevel', 'silent'], - silent: ['--loglevel', 'silent'], - v: ['--version'], - verbose: ['--loglevel', 'verbose'], - y: ['--yes'], -} - -module.exports = { defaults, types, shorthands } diff --git a/lib/utils/config/definition.js b/lib/utils/config/definition.js new file mode 100644 index 0000000000000..cb4eb78210c6e --- /dev/null +++ b/lib/utils/config/definition.js @@ -0,0 +1,185 @@ +// class that describes a config key we know about +// this keeps us from defining a config key and not +// providing a default, description, etc. +// +// TODO: some kind of categorization system, so we can +// say "these are for registry access", "these are for +// version resolution" etc. + +const required = [ + 'type', + 'description', + 'default', + 'key', +] + +const allowed = [ + 'default', + 'defaultDescription', + 'deprecated', + 'description', + 'flatten', + 'hint', + 'key', + 'short', + 'type', + 'typeDescription', + 'usage', +] + +const { + typeDefs: { + semver: { type: semver }, + Umask: { type: Umask }, + url: { type: url }, + path: { type: path }, + }, +} = require('@npmcli/config') + +class Definition { + constructor (key, def) { + this.key = key + Object.assign(this, def) + this.validate() + if (!this.defaultDescription) + this.defaultDescription = describeValue(this.default) + if (!this.typeDescription) + this.typeDescription = describeType(this.type) + if (!this.hint) + this.hint = `<${this.key}>` + if (!this.usage) + this.usage = describeUsage(this) + } + + validate () { + for (const req of required) { + if (!Object.prototype.hasOwnProperty.call(this, req)) + throw new Error(`config lacks ${req}: ${this.key}`) + } + if (!this.key) + throw new Error(`config lacks key: ${this.key}`) + for (const field of Object.keys(this)) { + if (!allowed.includes(field)) + throw new Error(`config defines unknown field ${field}: ${this.key}`) + } + } + + // a textual description of this config, suitable for help output + describe () { + const description = unindent(this.description) + const deprecated = !this.deprecated ? '' + : `* DEPRECATED: ${unindent(this.deprecated)}\n` + return wrapAll(`#### \`${this.key}\` + +* Default: ${unindent(this.defaultDescription)} +* Type: ${unindent(this.typeDescription)} +${deprecated} +${description} +`) + } +} + +// Usage for a single param, abstracted because we have arrays of types in +// config definition +const paramUsage = (type, def) => { + let key = `--${def.key}` + if (def.short && typeof def.short === 'string') + key = `-${def.short}|${key}` + if (type === Boolean) + return `${key}` + else + return `${key} ${def.hint}` +} + +const describeUsage = (def) => { + if (Array.isArray(def.type)) { + if (!def.type.some(d => d !== null && typeof d !== 'string')) + return `--${def.key} <${def.type.filter(d => d).join('|')}>` + else + return def.type.filter(d => d).map((t) => paramUsage(t, def)).join('|') + } + return paramUsage(def.type, def) +} + +const describeType = type => { + if (Array.isArray(type)) { + const descriptions = type + .filter(t => t !== Array) + .map(t => describeType(t)) + + // [a] => "a" + // [a, b] => "a or b" + // [a, b, c] => "a, b, or c" + // [a, Array] => "a (can be set multiple times)" + // [a, Array, b] => "a or b (can be set multiple times)" + const last = descriptions.length > 1 ? [descriptions.pop()] : [] + const oxford = descriptions.length > 1 ? ', or ' : ' or ' + const words = [descriptions.join(', ')].concat(last).join(oxford) + const multiple = type.includes(Array) ? ' (can be set multiple times)' + : '' + return `${words}${multiple}` + } + + // Note: these are not quite the same as the description printed + // when validation fails. In that case, we want to give the user + // a bit more information to help them figure out what's wrong. + switch (type) { + case String: + return 'String' + case Number: + return 'Number' + case Umask: + return 'Octal numeric string in range 0000..0777 (0..511)' + case Boolean: + return 'Boolean' + case Date: + return 'Date' + case path: + return 'Path' + case semver: + return 'SemVer string' + case url: + return 'URL' + default: + return describeValue(type) + } +} + +// if it's a string, quote it. otherwise, just cast to string. +const describeValue = val => + typeof val === 'string' ? JSON.stringify(val) : String(val) + +const unindent = s => { + // get the first \n followed by a bunch of spaces, and pluck off + // that many spaces from the start of every line. + const match = s.match(/\n +/) + return !match ? s.trim() : s.split(match[0]).join('\n').trim() +} + +const wrap = (s) => { + const cols = Math.min(Math.max(20, process.stdout.columns) || 80, 80) - 5 + return unindent(s).split(/[ \n]+/).reduce((left, right) => { + const last = left.split('\n').pop() + const join = last.length && last.length + right.length > cols ? '\n' : ' ' + return left + join + right + }) +} + +const wrapAll = s => { + let inCodeBlock = false + return s.split('\n\n').map(block => { + if (inCodeBlock || block.startsWith('```')) { + inCodeBlock = !block.endsWith('```') + return block + } + + if (block.charAt(0) === '*') { + return '* ' + block.substr(1).trim().split('\n* ').map(li => { + return wrap(li).replace(/\n/g, '\n ') + }).join('\n* ') + } else + return wrap(block) + }).join('\n\n') +} + +module.exports = Definition diff --git a/lib/utils/config/definitions.js b/lib/utils/config/definitions.js new file mode 100644 index 0000000000000..a6ecbcd0c40a5 --- /dev/null +++ b/lib/utils/config/definitions.js @@ -0,0 +1,2054 @@ +const definitions = {} +module.exports = definitions + +const Definition = require('./definition.js') + +const { version: npmVersion } = require('../../../package.json') +const ciDetect = require('@npmcli/ci-detect') +const ciName = ciDetect() +const querystring = require('querystring') +const isWindows = require('../is-windows.js') +const { join } = require('path') + +// used by cafile flattening to flatOptions.ca +const fs = require('fs') +const maybeReadFile = file => { + try { + return fs.readFileSync(file, 'utf8') + } catch (er) { + if (er.code !== 'ENOENT') + throw er + return null + } +} + +const editor = process.env.EDITOR || + process.env.VISUAL || + (isWindows ? 'notepad.exe' : 'vi') + +const shell = isWindows ? process.env.ComSpec || 'cmd' + : process.env.SHELL || 'sh' + +const { tmpdir, networkInterfaces } = require('os') +const getLocalAddresses = () => { + try { + return Object.values(networkInterfaces()).map( + int => int.map(({ address }) => address) + ).reduce((set, addrs) => set.concat(addrs), [null]) + } catch (e) { + return [null] + } +} + +const unicode = /UTF-?8$/i.test( + process.env.LC_ALL || + process.env.LC_CTYPE || + process.env.LANG +) + +// use LOCALAPPDATA on Windows, if set +// https://github.com/npm/cli/pull/899 +const cacheRoot = (isWindows && process.env.LOCALAPPDATA) || '~' +const cacheExtra = isWindows ? 'npm-cache' : '.npm' +const cache = `${cacheRoot}/${cacheExtra}` + +const Config = require('@npmcli/config') + +// TODO: refactor these type definitions so that they are less +// weird to pull out of the config module. +// TODO: use better type definition/validation API, nopt's is so weird. +const { + typeDefs: { + semver: { type: semver }, + Umask: { type: Umask }, + url: { type: url }, + path: { type: path }, + }, +} = Config + +const define = (key, def) => { + /* istanbul ignore if - this should never happen, prevents mistakes below */ + if (definitions[key]) + throw new Error(`defining key more than once: ${key}`) + definitions[key] = new Definition(key, def) +} + +// basic flattening function, just copy it over camelCase +const flatten = (key, obj, flatOptions) => { + const camel = key.replace(/-([a-z])/g, (_0, _1) => _1.toUpperCase()) + flatOptions[camel] = obj[key] +} + +// TODO: +// Instead of having each definition provide a flatten method, +// provide the (?list of?) flat option field(s?) that it impacts. +// When that config is set, we mark the relevant flatOption fields +// dirty. Then, a getter for that field defines how we actually +// set it. +// +// So, `save-dev`, `save-optional`, `save-prod`, et al would indicate +// that they affect the `saveType` flat option. Then the config.flat +// object has a `get saveType () { ... }` that looks at the "real" +// config settings from files etc and returns the appropriate value. +// +// Getters will also (maybe?) give us a hook to audit flat option +// usage, so we can document and group these more appropriately. +// +// This will be a problem with cases where we currently do: +// const opts = { ...npm.flatOptions, foo: 'bar' }, but we can maybe +// instead do `npm.config.set('foo', 'bar')` prior to passing the +// config object down where it needs to go. +// +// This way, when we go hunting for "where does saveType come from anyway!?" +// while fixing some Arborist bug, we won't have to hunt through too +// many places. + +// Define all config keys we know about + +define('_auth', { + default: null, + type: [null, String], + description: ` + A basic-auth string to use when authenticating against the npm registry. + + Warning: This should generally not be set via a command-line option. It + is safer to use a registry-provided authentication bearer token stored in + the ~/.npmrc file by running \`npm login\`. + `, +}) + +define('access', { + default: null, + defaultDescription: ` + 'restricted' for scoped packages, 'public' for unscoped packages + `, + type: [null, 'restricted', 'public'], + description: ` + When publishing scoped packages, the access level defaults to + \`restricted\`. If you want your scoped package to be publicly viewable + (and installable) set \`--access=public\`. The only valid values for + \`access\` are \`public\` and \`restricted\`. Unscoped packages _always_ + have an access level of \`public\`. + `, + flatten, +}) + +define('all', { + default: false, + type: Boolean, + short: 'a', + description: ` + When running \`npm outdated\` and \`npm ls\`, setting \`--all\` will show + all outdated or installed packages, rather than only those directly + depended upon by the current project. + `, + flatten, +}) + +define('allow-same-version', { + default: false, + type: Boolean, + description: ` + Prevents throwing an error when \`npm version\` is used to set the new + version to the same value as the current version. + `, + flatten, +}) + +define('also', { + default: null, + type: [null, 'dev', 'development'], + description: ` + When set to \`dev\` or \`development\`, this is an alias for + \`--include=dev\`. + `, + deprecated: 'Please use --include=dev instead.', + flatten (key, obj, flatOptions) { + if (!/^dev(elopment)?$/.test(obj.also)) + return + + // add to include, and call the omit flattener + obj.include = obj.include || [] + obj.include.push('dev') + definitions.omit.flatten('omit', obj, flatOptions) + }, +}) + +define('always-auth', { + default: false, + type: Boolean, + description: ` + Force npm to always require authentication when accessing the registry, + even for \`GET\` requests. + `, + flatten, +}) + +define('audit', { + default: true, + type: Boolean, + description: ` + When "true" submit audit reports alongside \`npm install\` runs to the + default registry and all registries configured for scopes. See the + documentation for [\`npm audit\`](/commands/npm-audit) for details on + what is submitted. + `, + flatten, +}) + +define('audit-level', { + default: null, + type: ['low', 'moderate', 'high', 'critical', 'none', null], + description: ` + The minimum level of vulnerability for \`npm audit\` to exit with + a non-zero exit code. + `, + flatten, +}) + +define('auth-type', { + default: 'legacy', + type: ['legacy', 'sso', 'saml', 'oauth'], + deprecated: ` + This method of SSO/SAML/OAuth is deprecated and will be removed in + a future version of npm in favor of web-based login. + `, + description: ` + What authentication strategy to use with \`adduser\`/\`login\`. + `, + flatten, +}) + +define('before', { + default: null, + type: [null, Date], + description: ` + If passed to \`npm install\`, will rebuild the npm tree such that only + versions that were available **on or before** the \`--before\` time get + installed. If there's no versions available for the current set of + direct dependencies, the command will error. + + If the requested version is a \`dist-tag\` and the given tag does not + pass the \`--before\` filter, the most recent version less than or equal + to that tag will be used. For example, \`foo@latest\` might install + \`foo@1.2\` even though \`latest\` is \`2.0\`. + `, + flatten, +}) + +define('bin-links', { + default: true, + type: Boolean, + description: ` + Tells npm to create symlinks (or \`.cmd\` shims on Windows) for package + executables. + + Set to false to have it not do this. This can be used to work around the + fact that some file systems don't support symlinks, even on ostensibly + Unix systems. + `, + flatten, +}) + +define('browser', { + default: null, + defaultDescription: ` + OS X: \`"open"\`, Windows: \`"start"\`, Others: \`"xdg-open"\` + `, + type: [null, Boolean, String], + description: ` + The browser that is called by npm commands to open websites. + + Set to \`false\` to suppress browser behavior and instead print urls to + terminal. + + Set to \`true\` to use default system URL opener. + `, + flatten, +}) + +define('ca', { + default: null, + type: [null, String, Array], + description: ` + The Certificate Authority signing certificate that is trusted for SSL + connections to the registry. Values should be in PEM format (Windows + calls it "Base-64 encoded X.509 (.CER)") with newlines replaced by the + string "\\n". For example: + + \`\`\`ini + ca="-----BEGIN CERTIFICATE-----\\nXXXX\\nXXXX\\n-----END CERTIFICATE-----" + \`\`\` + + Set to \`null\` to only allow "known" registrars, or to a specific CA + cert to trust only that specific signing authority. + + Multiple CAs can be trusted by specifying an array of certificates: + + \`\`\`ini + ca[]="..." + ca[]="..." + \`\`\` + + See also the \`strict-ssl\` config. + `, + flatten, +}) + +define('cache', { + default: cache, + defaultDescription: ` + Windows: \`%LocalAppData%\\npm-cache\`, Posix: \`~/.npm\` + `, + type: path, + description: ` + The location of npm's cache directory. See [\`npm + cache\`](/commands/npm-cache) + `, + flatten (key, obj, flatOptions) { + flatOptions.cache = join(obj.cache, '_cacache') + }, +}) + +define('cache-max', { + default: Infinity, + type: Number, + description: ` + \`--cache-max=0\` is an alias for \`--prefer-online\` + `, + deprecated: ` + This option has been deprecated in favor of \`--prefer-online\` + `, + flatten (key, obj, flatOptions) { + if (obj[key] <= 0) + flatOptions.preferOnline = true + }, +}) + +define('cache-min', { + default: 0, + type: Number, + description: ` + \`--cache-min=9999 (or bigger)\` is an alias for \`--prefer-offline\`. + `, + deprecated: ` + This option has been deprecated in favor of \`--prefer-offline\`. + `, + flatten (key, obj, flatOptions) { + if (obj[key] >= 9999) + flatOptions.preferOffline = true + }, +}) + +define('cafile', { + default: null, + type: path, + description: ` + A path to a file containing one or multiple Certificate Authority signing + certificates. Similar to the \`ca\` setting, but allows for multiple + CA's, as well as for the CA information to be stored in a file on disk. + `, + flatten (key, obj, flatOptions) { + // always set to null in defaults + if (!obj.cafile) + return + + const raw = maybeReadFile(obj.cafile) + if (!raw) + return + + const delim = '-----END CERTIFICATE-----' + flatOptions.ca = raw.replace(/\r\n/g, '\n').split(delim) + .filter(section => section.trim()) + .map(section => section.trimLeft() + delim) + }, +}) + +define('call', { + default: '', + type: String, + short: 'c', + description: ` + Optional companion option for \`npm exec\`, \`npx\` that allows for + specifying a custom command to be run along with the installed packages. + + \`\`\`bash + npm exec --package yo --package generator-node --call "yo node" + \`\`\` + `, + flatten, +}) + +define('cert', { + default: null, + type: [null, String], + description: ` + A client certificate to pass when accessing the registry. Values should + be in PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with + newlines replaced by the string "\\n". For example: + + \`\`\`ini + cert="-----BEGIN CERTIFICATE-----\\nXXXX\\nXXXX\\n-----END CERTIFICATE-----" + \`\`\` + + It is _not_ the path to a certificate file (and there is no "certfile" + option). + `, + flatten, +}) + +define('ci-name', { + default: ciName || null, + defaultDescription: ` + The name of the current CI system, or \`null\` when not on a known CI + platform. + `, + type: [null, String], + description: ` + The name of a continuous integration system. If not set explicitly, npm + will detect the current CI environment using the + [\`@npmcli/ci-detect\`](http://npm.im/@npmcli/ci-detect) module. + `, + flatten, +}) + +define('cidr', { + default: null, + type: [null, String, Array], + description: ` + This is a list of CIDR address to be used when configuring limited access + tokens with the \`npm token create\` command. + `, + flatten, +}) + +define('color', { + default: !process.env.NO_COLOR || process.env.NO_COLOR === '0', + defaultDescription: ` + true unless the NO_COLOR environ is set to something other than '0' + `, + type: ['always', Boolean], + description: ` + If false, never shows colors. If \`"always"\` then always shows colors. + If true, then only prints color codes for tty file descriptors. + `, + flatten (key, obj, flatOptions) { + flatOptions.color = !obj.color ? false + : obj.color === 'always' ? true + : process.stdout.isTTY + }, +}) + +define('commit-hooks', { + default: true, + type: Boolean, + description: ` + Run git commit hooks when using the \`npm version\` command. + `, + flatten, +}) + +define('depth', { + default: null, + defaultDescription: ` + \`Infinity\` if \`--all\` is set, otherwise \`1\` + `, + type: [null, Number], + description: ` + The depth to go when recursing packages for \`npm ls\`. + + If not set, \`npm ls\` will show only the immediate dependencies of the + root project. If \`--all\` is set, then npm will show all dependencies + by default. + `, + flatten, +}) + +define('description', { + default: true, + type: Boolean, + usage: '--no-description', + description: ` + Show the description in \`npm search\` + `, + flatten (key, obj, flatOptions) { + flatOptions.search = flatOptions.search || { limit: 20 } + flatOptions.search[key] = obj[key] + }, +}) + +define('diff', { + default: [], + type: [String, Array], + description: ` + Define arguments to compare in \`npm diff\`. + `, + flatten, +}) + +define('diff-ignore-all-space', { + default: false, + type: Boolean, + description: ` + Ignore whitespace when comparing lines in \`npm diff\`. + `, + flatten, +}) + +define('diff-name-only', { + default: false, + type: Boolean, + description: ` + Prints only filenames when using \`npm diff\`. + `, + flatten, +}) + +define('diff-no-prefix', { + default: false, + type: Boolean, + description: ` + Do not show any source or destination prefix in \`npm diff\` output. + + Note: this causes \`npm diff\` to ignore the \`--diff-src-prefix\` and + \`--diff-dst-prefix\` configs. + `, + flatten, +}) + +define('diff-dst-prefix', { + default: 'b/', + type: String, + description: ` + Destination prefix to be used in \`npm diff\` output. + `, + flatten, +}) + +define('diff-src-prefix', { + default: 'a/', + type: String, + description: ` + Source prefix to be used in \`npm diff\` output. + `, + flatten, +}) + +define('diff-text', { + default: false, + type: Boolean, + description: ` + Treat all files as text in \`npm diff\`. + `, + flatten, +}) + +define('diff-unified', { + default: 3, + type: Number, + description: ` + The number of lines of context to print in \`npm diff\`. + `, + flatten, +}) + +define('dry-run', { + default: false, + type: Boolean, + description: ` + Indicates that you don't want npm to make any changes and that it should + only report what it would have done. This can be passed into any of the + commands that modify your local installation, eg, \`install\`, + \`update\`, \`dedupe\`, \`uninstall\`, as well as \`pack\` and + \`publish\`. + + Note: This is NOT honored by other network related commands, eg + \`dist-tags\`, \`owner\`, etc. + `, + flatten, +}) + +define('editor', { + default: editor, + defaultDescription: ` + The EDITOR or VISUAL environment variables, or 'notepad.exe' on Windows, + or 'vim' on Unix systems + `, + type: String, + description: ` + The command to run for \`npm edit\` and \`npm config edit\`. + `, + flatten, +}) + +define('engine-strict', { + default: false, + type: Boolean, + description: ` + If set to true, then npm will stubbornly refuse to install (or even + consider installing) any package that claims to not be compatible with + the current Node.js version. + + This can be overridden by setting the \`--force\` flag. + `, + flatten, +}) + +define('fetch-retries', { + default: 2, + type: Number, + description: ` + The "retries" config for the \`retry\` module to use when fetching + packages from the registry. + + npm will retry idempotent read requests to the registry in the case + of network failures or 5xx HTTP errors. + `, + flatten (key, obj, flatOptions) { + flatOptions.retry = flatOptions.retry || {} + flatOptions.retry.retries = obj[key] + }, +}) + +define('fetch-retry-factor', { + default: 10, + type: Number, + description: ` + The "factor" config for the \`retry\` module to use when fetching + packages. + `, + flatten (key, obj, flatOptions) { + flatOptions.retry = flatOptions.retry || {} + flatOptions.retry.factor = obj[key] + }, +}) + +define('fetch-retry-maxtimeout', { + default: 60000, + defaultDescription: '60000 (1 minute)', + type: Number, + description: ` + The "maxTimeout" config for the \`retry\` module to use when fetching + packages. + `, + flatten (key, obj, flatOptions) { + flatOptions.retry = flatOptions.retry || {} + flatOptions.retry.maxTimeout = obj[key] + }, +}) + +define('fetch-retry-mintimeout', { + default: 10000, + defaultDescription: '10000 (10 seconds)', + type: Number, + description: ` + The "minTimeout" config for the \`retry\` module to use when fetching + packages. + `, + flatten (key, obj, flatOptions) { + flatOptions.retry = flatOptions.retry || {} + flatOptions.retry.minTimeout = obj[key] + }, +}) + +define('fetch-timeout', { + default: 5 * 60 * 1000, + defaultDescription: `${5 * 60 * 1000} (5 minutes)`, + type: Number, + description: ` + The maximum amount of time to wait for HTTP requests to complete. + `, + flatten (key, obj, flatOptions) { + flatOptions.timeout = obj[key] + }, +}) + +define('force', { + default: false, + type: Boolean, + short: 'f', + description: ` + Removes various protections against unfortunate side effects, common + mistakes, unnecessary performance degradation, and malicious input. + + * Allow clobbering non-npm files in global installs. + * Allow the \`npm version\` command to work on an unclean git repository. + * Allow deleting the cache folder with \`npm cache clean\`. + * Allow installing packages that have an \`engines\` declaration + requiring a different version of npm. + * Allow installing packages that have an \`engines\` declaration + requiring a different version of \`node\`, even if \`--engine-strict\` + is enabled. + * Allow \`npm audit fix\` to install modules outside your stated + dependency range (including SemVer-major changes). + * Allow unpublishing all versions of a published package. + * Allow conflicting peerDependencies to be installed in the root project. + + If you don't have a clear idea of what you want to do, it is strongly + recommended that you do not use this option! + `, + flatten, +}) + +define('foreground-scripts', { + default: false, + type: Boolean, + description: ` + Run all build scripts (ie, \`preinstall\`, \`install\`, and + \`postinstall\`) scripts for installed packages in the foreground + process, sharing standard input, output, and error with the main npm + process. + + Note that this will generally make installs run slower, and be much + noisier, but can be useful for debugging. + `, + flatten, +}) + +define('format-package-lock', { + default: true, + type: Boolean, + description: ` + Format \`package-lock.json\` or \`npm-shrinkwrap.json\` as a human + readable file. + `, + flatten, +}) + +define('fund', { + default: true, + type: Boolean, + description: ` + When "true" displays the message at the end of each \`npm install\` + acknowledging the number of dependencies looking for funding. + See [\`npm fund\`](/commands/npm-fund) for details. + `, + flatten, +}) + +define('git', { + default: 'git', + type: String, + description: ` + The command to use for git commands. If git is installed on the + computer, but is not in the \`PATH\`, then set this to the full path to + the git binary. + `, + flatten, +}) + +define('git-tag-version', { + default: true, + type: Boolean, + description: ` + Tag the commit when using the \`npm version\` command. + `, + flatten, +}) + +define('global', { + default: false, + type: Boolean, + short: 'g', + description: ` + Operates in "global" mode, so that packages are installed into the + \`prefix\` folder instead of the current working directory. See + [folders](/configuring-npm/folders) for more on the differences in + behavior. + + * packages are installed into the \`{prefix}/lib/node_modules\` folder, + instead of the current working directory. + * bin files are linked to \`{prefix}/bin\` + * man pages are linked to \`{prefix}/share/man\` + `, + flatten, +}) + +define('global-style', { + default: false, + type: Boolean, + description: ` + Causes npm to install the package into your local \`node_modules\` folder + with the same layout it uses with the global \`node_modules\` folder. + Only your direct dependencies will show in \`node_modules\` and + everything they depend on will be flattened in their \`node_modules\` + folders. This obviously will eliminate some deduping. If used with + \`legacy-bundling\`, \`legacy-bundling\` will be preferred. + `, + flatten, +}) + +// the globalconfig has its default defined outside of this module +define('globalconfig', { + type: path, + default: '', + defaultDescription: ` + The global --prefix setting plus 'etc/npmrc'. For example, + '/usr/local/etc/npmrc' + `, + description: ` + The config file to read for global config options. + `, + flatten, +}) + +define('heading', { + default: 'npm', + type: String, + description: ` + The string that starts all the debugging log output. + `, + flatten, +}) + +define('https-proxy', { + default: null, + type: [null, url], + description: ` + A proxy to use for outgoing https requests. If the \`HTTPS_PROXY\` or + \`https_proxy\` or \`HTTP_PROXY\` or \`http_proxy\` environment variables + are set, proxy settings will be honored by the underlying + \`make-fetch-happen\` library. + `, + flatten, +}) + +define('if-present', { + default: false, + type: Boolean, + description: ` + If true, npm will not exit with an error code when \`run-script\` is + invoked for a script that isn't defined in the \`scripts\` section of + \`package.json\`. This option can be used when it's desirable to + optionally run a script when it's present and fail if the script fails. + This is useful, for example, when running scripts that may only apply for + some builds in an otherwise generic CI setup. + `, + flatten, +}) + +define('ignore-scripts', { + default: false, + type: Boolean, + description: ` + If true, npm does not run scripts specified in package.json files. + `, + flatten, +}) + +define('include', { + default: [], + type: [Array, 'prod', 'dev', 'optional', 'peer'], + description: ` + Option that allows for defining which types of dependencies to install. + + This is the inverse of \`--omit=\`. + + Dependency types specified in \`--include\` will not be omitted, + regardless of the order in which omit/include are specified on the + command-line. + `, + flatten (key, obj, flatOptions) { + // just call the omit flattener, it reads from obj.include + definitions.omit.flatten('omit', obj, flatOptions) + }, +}) + +define('include-staged', { + default: false, + type: Boolean, + description: ` + Allow installing "staged" published packages, as defined by [npm RFC PR + #92](https://github.com/npm/rfcs/pull/92). + + This is experimental, and not implemented by the npm public registry. + `, + flatten, +}) + +define('init-author-email', { + default: '', + type: String, + description: ` + The value \`npm init\` should use by default for the package author's + email. + `, +}) + +define('init-author-name', { + default: '', + type: String, + description: ` + The value \`npm init\` should use by default for the package author's name. + `, +}) + +define('init-author-url', { + default: '', + type: ['', url], + description: ` + The value \`npm init\` should use by default for the package author's homepage. + `, +}) + +define('init-license', { + default: 'ISC', + type: String, + description: ` + The value \`npm init\` should use by default for the package license. + `, +}) + +define('init-module', { + default: '~/.npm-init.js', + type: path, + description: ` + A module that will be loaded by the \`npm init\` command. See the + documentation for the + [init-package-json](https://github.com/npm/init-package-json) module for + more information, or [npm init](/commands/npm-init). + `, +}) + +define('init-version', { + default: '1.0.0', + type: semver, + description: ` + The value that \`npm init\` should use by default for the package + version number, if not already set in package.json. + `, +}) + +// these "aliases" are historically supported in .npmrc files, unfortunately +// They should be removed in a future npm version. +define('init.author.email', { + default: '', + type: String, + deprecated: ` + Use \`--init-author-email\` instead.`, + description: ` + Alias for \`--init-author-email\` + `, +}) + +define('init.author.name', { + default: '', + type: String, + deprecated: ` + Use \`--init-author-name\` instead. + `, + description: ` + Alias for \`--init-author-name\` + `, +}) + +define('init.author.url', { + default: '', + type: ['', url], + deprecated: ` + Use \`--init-author-url\` instead. + `, + description: ` + Alias for \`--init-author-url\` + `, +}) + +define('init.license', { + default: 'ISC', + type: String, + deprecated: ` + Use \`--init-license\` instead. + `, + description: ` + Alias for \`--init-license\` + `, +}) + +define('init.module', { + default: '~/.npm-init.js', + type: path, + deprecated: ` + Use \`--init-module\` instead. + `, + description: ` + Alias for \`--init-module\` + `, +}) + +define('init.version', { + default: '1.0.0', + type: semver, + deprecated: ` + Use \`--init-version\` instead. + `, + description: ` + Alias for \`--init-version\` + `, +}) + +define('json', { + default: false, + type: Boolean, + description: ` + Whether or not to output JSON data, rather than the normal output. + + This feature is currently experimental, and the output data structures + for many commands is either not implemented in JSON yet, or subject to + change. Only the output from \`npm ls --json\` and \`npm search --json\` + are currently valid. + `, + flatten, +}) + +define('key', { + default: null, + type: [null, String], + description: ` + A client key to pass when accessing the registry. Values should be in + PEM format with newlines replaced by the string "\\n". For example: + + \`\`\`ini + key="-----BEGIN PRIVATE KEY-----\\nXXXX\\nXXXX\\n-----END PRIVATE KEY-----" + \`\`\` + + It is _not_ the path to a key file (and there is no "keyfile" option). + `, + flatten, +}) + +define('legacy-bundling', { + default: false, + type: Boolean, + description: ` + Causes npm to install the package such that versions of npm prior to 1.4, + such as the one included with node 0.8, can install the package. This + eliminates all automatic deduping. If used with \`global-style\` this + option will be preferred. + `, + flatten, +}) + +define('legacy-peer-deps', { + default: false, + type: Boolean, + description: ` + Causes npm to completely ignore \`peerDependencies\` when building a + package tree, as in npm versions 3 through 6. + + If a package cannot be installed because of overly strict + \`peerDependencies\` that collide, it provides a way to move forward + resolving the situation. + + This differs from \`--omit=peer\`, in that \`--omit=peer\` will avoid + unpacking \`peerDependencies\` on disk, but will still design a tree such + that \`peerDependencies\` _could_ be unpacked in a correct place. + + Use of \`legacy-peer-deps\` is not recommended, as it will not enforce + the \`peerDependencies\` contract that meta-dependencies may rely on. + `, + flatten, +}) + +define('link', { + default: false, + type: Boolean, + description: ` + If true, then local installs will link if there is a suitable globally + installed package. + + Note that this means that local installs can cause things to be installed + into the global space at the same time. The link is only done if one of + the two conditions are met: + + * The package is not already installed globally, or + * the globally installed version is identical to the version that is + being installed locally. + `, +}) + +define('local-address', { + default: null, + type: getLocalAddresses(), + typeDescription: 'IP Address', + description: ` + The IP address of the local interface to use when making connections to + the npm registry. Must be IPv4 in versions of Node prior to 0.12. + `, + flatten, +}) + +define('loglevel', { + default: 'notice', + type: [ + 'silent', + 'error', + 'warn', + 'notice', + 'http', + 'timing', + 'info', + 'verbose', + 'silly', + ], + description: ` + What level of logs to report. On failure, *all* logs are written to + \`npm-debug.log\` in the current working directory. + + Any logs of a higher level than the setting are shown. The default is + "notice". + `, +}) + +define('logs-max', { + default: 10, + type: Number, + description: ` + The maximum number of log files to store. + `, +}) + +define('long', { + default: false, + type: Boolean, + short: 'l', + description: ` + Show extended information in \`npm ls\` and \`npm search\`. + `, +}) + +define('maxsockets', { + default: Infinity, + type: Number, + description: ` + The maximum number of connections to use per origin (protocol/host/port + combination). + `, + flatten (key, obj, flatOptions) { + flatOptions.maxSockets = obj[key] + }, +}) + +define('message', { + default: '%s', + type: String, + short: 'm', + description: ` + Commit message which is used by \`npm version\` when creating version commit. + + Any "%s" in the message will be replaced with the version number. + `, + flatten, +}) + +define('node-options', { + default: null, + type: [null, String], + description: ` + Options to pass through to Node.js via the \`NODE_OPTIONS\` environment + variable. This does not impact how npm itself is executed but it does + impact how lifecycle scripts are called. + `, +}) + +define('node-version', { + default: process.version, + defaultDescription: 'Node.js `process.version` value', + type: semver, + description: ` + The node version to use when checking a package's \`engines\` setting. + `, + flatten, +}) + +define('noproxy', { + default: '', + defaultDescription: ` + The value of the NO_PROXY environment variable + `, + type: [String, Array], + description: ` + Domain extensions that should bypass any proxies. + + Also accepts a comma-delimited string. + `, + flatten (key, obj, flatOptions) { + flatOptions.noProxy = obj[key].join(',') + }, +}) + +define('npm-version', { + default: npmVersion, + defaultDescription: 'Output of `npm --version`', + type: semver, + description: ` + The npm version to use when checking a package's \`engines\` setting. + `, + flatten, +}) + +define('offline', { + default: false, + type: Boolean, + description: ` + Force offline mode: no network requests will be done during install. To allow + the CLI to fill in missing cache data, see \`--prefer-offline\`. + `, + flatten, +}) + +define('omit', { + default: process.env.NODE_ENV === 'production' ? ['dev'] : [], + defaultDescription: ` + 'dev' if the NODE_ENV environment variable is set to 'production', + otherwise empty. + `, + type: [Array, 'dev', 'optional', 'peer'], + description: ` + Dependency types to omit from the installation tree on disk. + + Note that these dependencies _are_ still resolved and added to the + \`package-lock.json\` or \`npm-shrinkwrap.json\` file. They are just + not physically installed on disk. + + If a package type appears in both the \`--include\` and \`--omit\` + lists, then it will be included. + + If the resulting omit list includes \`'dev'\`, then the \`NODE_ENV\` + environment variable will be set to \`'production'\` for all lifecycle + scripts. + `, + flatten (key, obj, flatOptions) { + const include = obj.include || [] + const omit = flatOptions.omit || [] + flatOptions.omit = omit.concat(obj[key]) + .filter(type => type && !include.includes(type)) + }, +}) + +define('only', { + default: null, + type: [null, 'prod', 'production'], + deprecated: ` + Use \`--omit=dev\` to omit dev dependencies from the install. + `, + description: ` + When set to \`prod\` or \`production\`, this is an alias for + \`--omit=dev\`. + `, + flatten (key, obj, flatOptions) { + const value = obj[key] + if (!/^prod(uction)?$/.test(value)) + return + + obj.omit = obj.omit || [] + obj.omit.push('dev') + definitions.omit.flatten('omit', obj, flatOptions) + }, +}) + +define('optional', { + default: null, + type: [null, Boolean], + deprecated: ` + Use \`--omit=optional\` to exclude optional dependencies, or + \`--include=optional\` to include them. + + Default value does install optional deps unless otherwise omitted. + `, + description: ` + Alias for --include=optional or --omit=optional + `, + flatten (key, obj, flatOptions) { + const value = obj[key] + if (value === null) + return + else if (value === true) { + obj.include = obj.include || [] + obj.include.push('optional') + } else { + obj.omit = obj.omit || [] + obj.omit.push('optional') + } + definitions.omit.flatten('omit', obj, flatOptions) + }, +}) + +define('otp', { + default: null, + type: [null, String], + description: ` + This is a one-time password from a two-factor authenticator. It's needed + when publishing or changing package permissions with \`npm access\`. + + If not set, and a registry response fails with a challenge for a one-time + password, npm will prompt on the command line for one. + `, + flatten, +}) + +define('package', { + default: [], + hint: '[@]', + type: [String, Array], + description: ` + The package to install for [\`npm exec\`](/commands/npm-exec) + `, + flatten, +}) + +define('package-lock', { + default: true, + type: Boolean, + description: ` + If set to false, then ignore \`package-lock.json\` files when installing. + This will also prevent _writing_ \`package-lock.json\` if \`save\` is + true. + + When package package-locks are disabled, automatic pruning of extraneous + modules will also be disabled. To remove extraneous modules with + package-locks disabled use \`npm prune\`. + `, + flatten, +}) + +define('package-lock-only', { + default: false, + type: Boolean, + description: ` + If set to true, it will update only the \`package-lock.json\`, instead of + checking \`node_modules\` and downloading dependencies. + `, + flatten, +}) + +define('parseable', { + default: false, + type: Boolean, + short: 'p', + description: ` + Output parseable results from commands that write to standard output. For + \`npm search\`, this will be tab-separated table format. + `, + flatten, +}) + +define('prefer-offline', { + default: false, + type: Boolean, + description: ` + If true, staleness checks for cached data will be bypassed, but missing + data will be requested from the server. To force full offline mode, use + \`--offline\`. + `, + flatten, +}) + +define('prefer-online', { + default: false, + type: Boolean, + description: ` + If true, staleness checks for cached data will be forced, making the CLI + look for updates immediately even for fresh package data. + `, + flatten, +}) + +// `prefix` has its default defined outside of this module +define('prefix', { + type: path, + short: 'C', + default: '', + defaultDescription: ` + In global mode, the folder where the node executable is installed. In + local mode, the nearest parent folder containing either a package.json + file or a node_modules folder. + `, + description: ` + The location to install global items. If set on the command line, then + it forces non-global commands to run in the specified folder. + `, +}) + +define('preid', { + default: '', + type: String, + description: ` + The "prerelease identifier" to use as a prefix for the "prerelease" part + of a semver. Like the \`rc\` in \`1.2.0-rc.8\`. + `, + flatten, +}) + +define('production', { + default: false, + type: Boolean, + deprecated: 'Use `--omit=dev` instead.', + description: 'Alias for `--omit=dev`', + flatten (key, obj, flatOptions) { + const value = obj[key] + if (!value) + return + + obj.omit = obj.omit || [] + obj.omit.push('dev') + definitions.omit.flatten('omit', obj, flatOptions) + }, +}) + +define('progress', { + default: !ciName, + defaultDescription: ` + \`true\` unless running in a known CI system + `, + type: Boolean, + description: ` + When set to \`true\`, npm will display a progress bar during time + intensive operations, if \`process.stderr\` is a TTY. + + Set to \`false\` to suppress the progress bar. + `, +}) + +define('proxy', { + default: null, + type: [null, false, url], // allow proxy to be disabled explicitly + description: ` + A proxy to use for outgoing http requests. If the \`HTTP_PROXY\` or + \`http_proxy\` environment variables are set, proxy settings will be + honored by the underlying \`request\` library. + `, + flatten, +}) + +define('read-only', { + default: false, + type: Boolean, + description: ` + This is used to mark a token as unable to publish when configuring + limited access tokens with the \`npm token create\` command. + `, + flatten, +}) + +define('rebuild-bundle', { + default: true, + type: Boolean, + description: ` + Rebuild bundled dependencies after installation. + `, + flatten, +}) + +define('registry', { + default: 'https://registry.npmjs.org/', + type: url, + description: ` + The base URL of the npm registry. + `, + flatten, +}) + +define('save', { + default: true, + usage: '-S|--save|--no-save|--save-prod|--save-dev|--save-optional|--save-peer', + type: Boolean, + short: 'S', + description: ` + Save installed packages to a package.json file as dependencies. + + When used with the \`npm rm\` command, removes the dependency from + package.json. + `, + flatten, +}) + +define('save-bundle', { + default: false, + type: Boolean, + short: 'B', + description: ` + If a package would be saved at install time by the use of \`--save\`, + \`--save-dev\`, or \`--save-optional\`, then also put it in the + \`bundleDependencies\` list. + + Ignore if \`--save-peer\` is set, since peerDependencies cannot be bundled. + `, + flatten (key, obj, flatOptions) { + // XXX update arborist to just ignore it if resulting saveType is peer + // otherwise this won't have the expected effect: + // + // npm config set save-peer true + // npm i foo --save-bundle --save-prod <-- should bundle + flatOptions.saveBundle = obj['save-bundle'] && !obj['save-peer'] + }, +}) + +// XXX: We should really deprecate all these `--save-blah` switches +// in favor of a single `--save-type` option. The unfortunate shortcut +// we took for `--save-peer --save-optional` being `--save-type=peerOptional` +// makes this tricky, and likely a breaking change. + +define('save-dev', { + default: false, + type: Boolean, + short: 'D', + description: ` + Save installed packages to a package.json file as \`devDependencies\`. + `, + flatten (key, obj, flatOptions) { + if (!obj[key]) { + if (flatOptions.saveType === 'dev') + delete flatOptions.saveType + return + } + + flatOptions.saveType = 'dev' + }, +}) + +define('save-exact', { + default: false, + type: Boolean, + short: 'E', + description: ` + Dependencies saved to package.json will be configured with an exact + version rather than using npm's default semver range operator. + `, + flatten, +}) + +define('save-optional', { + default: false, + type: Boolean, + short: 'O', + description: ` + Save installed packages to a package.json file as + \`optionalDependencies\`. + `, + flatten (key, obj, flatOptions) { + if (!obj[key]) { + if (flatOptions.saveType === 'optional') + delete flatOptions.saveType + else if (flatOptions.saveType === 'peerOptional') + flatOptions.saveType = 'peer' + return + } + + if (flatOptions.saveType === 'peerOptional') + return + + if (flatOptions.saveType === 'peer') + flatOptions.saveType = 'peerOptional' + else + flatOptions.saveType = 'optional' + }, +}) + +define('save-peer', { + default: false, + type: Boolean, + description: ` + Save installed packages. to a package.json file as \`peerDependencies\` + `, + flatten (key, obj, flatOptions) { + if (!obj[key]) { + if (flatOptions.saveType === 'peer') + delete flatOptions.saveType + else if (flatOptions.saveType === 'peerOptional') + flatOptions.saveType = 'optional' + return + } + + if (flatOptions.saveType === 'peerOptional') + return + + if (flatOptions.saveType === 'optional') + flatOptions.saveType = 'peerOptional' + else + flatOptions.saveType = 'peer' + }, +}) + +define('save-prefix', { + default: '^', + type: String, + description: ` + Configure how versions of packages installed to a package.json file via + \`--save\` or \`--save-dev\` get prefixed. + + For example if a package has version \`1.2.3\`, by default its version is + set to \`^1.2.3\` which allows minor upgrades for that package, but after + \`npm config set save-prefix='~'\` it would be set to \`~1.2.3\` which + only allows patch upgrades. + `, + flatten, +}) + +define('save-prod', { + default: false, + type: Boolean, + short: 'P', + description: ` + Save installed packages into \`dependencies\` specifically. This is + useful if a package already exists in \`devDependencies\` or + \`optionalDependencies\`, but you want to move it to be a non-optional + production dependency. + + This is the default behavior if \`--save\` is true, and neither + \`--save-dev\` or \`--save-optional\` are true. + `, + flatten (key, obj, flatOptions) { + if (!obj[key]) { + if (flatOptions.saveType === 'prod') + delete flatOptions.saveType + return + } + + flatOptions.saveType = 'prod' + }, +}) + +define('scope', { + default: '', + defaultDescription: ` + the scope of the current project, if any, or "" + `, + type: String, + hint: '<@scope>', + description: ` + Associate an operation with a scope for a scoped registry. + + Useful when logging in to a private registry for the first time: + + \`\`\`bash + npm login --scope=@mycorp --registry=https://registry.mycorp.com + \`\`\` + + This will cause \`@mycorp\` to be mapped to the registry for future + installation of packages specified according to the pattern + \`@mycorp/package\`. + `, + flatten (key, obj, flatOptions) { + const value = obj[key] + flatOptions.projectScope = value && !/^@/.test(value) ? `@${value}` : value + }, +}) + +define('script-shell', { + default: null, + defaultDescription: ` + '/bin/sh' on POSIX systems, 'cmd.exe' on Windows + `, + type: [null, String], + description: ` + The shell to use for scripts run with the \`npm run\` command. + `, + flatten (key, obj, flatOptions) { + flatOptions.scriptShell = obj[key] || undefined + }, +}) + +define('searchexclude', { + default: '', + type: String, + description: ` + Space-separated options that limit the results from search. + `, + flatten (key, obj, flatOptions) { + flatOptions.search = flatOptions.search || { limit: 20 } + flatOptions.search.exclude = obj[key] + }, +}) + +define('searchlimit', { + default: 20, + type: Number, + description: ` + Number of items to limit search results to. Will not apply at all to + legacy searches. + `, + flatten (key, obj, flatOptions) { + flatOptions.search = flatOptions.search || {} + flatOptions.search.limit = obj[key] + }, +}) + +define('searchopts', { + default: '', + type: String, + description: ` + Space-separated options that are always passed to search. + `, + flatten (key, obj, flatOptions) { + flatOptions.search = flatOptions.search || { limit: 20 } + flatOptions.search.opts = querystring.parse(obj[key]) + }, +}) + +define('searchstaleness', { + default: 15 * 60, + type: Number, + description: ` + The age of the cache, in seconds, before another registry request is made + if using legacy search endpoint. + `, + flatten (key, obj, flatOptions) { + flatOptions.search = flatOptions.search || { limit: 20 } + flatOptions.search.staleness = obj[key] + }, +}) + +define('shell', { + default: shell, + defaultDescription: ` + SHELL environment variable, or "bash" on Posix, or "cmd.exe" on Windows + `, + type: String, + description: ` + The shell to run for the \`npm explore\` command. + `, + flatten, +}) + +define('shrinkwrap', { + default: true, + type: Boolean, + deprecated: ` + Use the --package-lock setting instead. + `, + description: ` + Alias for --package-lock + `, + flatten (key, obj, flatOptions) { + obj['package-lock'] = obj.shrinkwrap + definitions['package-lock'].flatten('package-lock', obj, flatOptions) + }, +}) + +define('sign-git-commit', { + default: false, + type: Boolean, + description: ` + If set to true, then the \`npm version\` command will commit the new + package version using \`-S\` to add a signature. + + Note that git requires you to have set up GPG keys in your git configs + for this to work properly. + `, + flatten, +}) + +define('sign-git-tag', { + default: false, + type: Boolean, + description: ` + If set to true, then the \`npm version\` command will tag the version + using \`-s\` to add a signature. + + Note that git requires you to have set up GPG keys in your git configs + for this to work properly. + `, + flatten, +}) + +define('sso-poll-frequency', { + default: 500, + type: Number, + deprecated: ` + The --auth-type method of SSO/SAML/OAuth will be removed in a future + version of npm in favor of web-based login. + `, + description: ` + When used with SSO-enabled \`auth-type\`s, configures how regularly the + registry should be polled while the user is completing authentication. + `, + flatten, +}) + +define('sso-type', { + default: 'oauth', + type: [null, 'oauth', 'saml'], + deprecated: ` + The --auth-type method of SSO/SAML/OAuth will be removed in a future + version of npm in favor of web-based login. + `, + description: ` + If \`--auth-type=sso\`, the type of SSO type to use. + `, + flatten, +}) + +define('strict-peer-deps', { + default: false, + type: Boolean, + description: ` + If set to \`true\`, and \`--legacy-peer-deps\` is not set, then _any_ + conflicting \`peerDependencies\` will be treated as an install failure, + even if npm could reasonably guess the appropriate resolution based on + non-peer dependency relationships. + + By default, conflicting \`peerDependencies\` deep in the dependency graph + will be resolved using the nearest non-peer dependency specification, + even if doing so will result in some packages receiving a peer dependency + outside the range set in their package's \`peerDependencies\` object. + + When such and override is performed, a warning is printed, explaining the + conflict and the packages involved. If \`--strict-peer-deps\` is set, + then this warning is treated as a failure. + `, + flatten, +}) + +define('strict-ssl', { + default: true, + type: Boolean, + description: ` + Whether or not to do SSL key validation when making requests to the + registry via https. + + See also the \`ca\` config. + `, + flatten (key, obj, flatOptions) { + flatOptions.strictSSL = obj[key] + }, +}) + +define('tag', { + default: 'latest', + type: String, + description: ` + If you ask npm to install a package and don't tell it a specific version, + then it will install the specified tag. + + Also the tag that is added to the package@version specified by the \`npm + tag\` command, if no explicit tag is given. + `, + flatten (key, obj, flatOptions) { + flatOptions.defaultTag = obj[key] + }, +}) + +define('tag-version-prefix', { + default: 'v', + type: String, + description: ` + If set, alters the prefix used when tagging a new version when performing + a version increment using \`npm-version\`. To remove the prefix + altogether, set it to the empty string: \`""\`. + + Because other tools may rely on the convention that npm version tags look + like \`v1.0.0\`, _only use this property if it is absolutely necessary_. + In particular, use care when overriding this setting for public packages. + `, + flatten, +}) + +define('timing', { + default: false, + type: Boolean, + description: ` + If true, writes an \`npm-debug\` log to \`_logs\` and timing information + to \`_timing.json\`, both in your cache, even if the command completes + successfully. \`_timing.json\` is a newline delimited list of JSON + objects. + + You can quickly view it with this [json](https://npm.im/json) command + line: \`npm exec -- json -g < ~/.npm/_timing.json\`. + `, +}) + +define('tmp', { + default: tmpdir(), + defaultDescription: ` + The value returned by the Node.js \`os.tmpdir()\` method + + `, + type: path, + deprecated: ` + This setting is no longer used. npm stores temporary files in a special + location in the cache, and they are managed by + [\`cacache\`](http://npm.im/cacache). + `, + description: ` + Historically, the location where temporary files were stored. No longer + relevant. + `, +}) + +define('umask', { + default: 0, + type: Umask, + description: ` + The "umask" value to use when setting the file creation mode on files and + folders. + + Folders and executables are given a mode which is \`0o777\` masked + against this value. Other files are given a mode which is \`0o666\` + masked against this value. + + Note that the underlying system will _also_ apply its own umask value to + files and folders that are created, and npm does not circumvent this, but + rather adds the \`--umask\` config to it. + + Thus, the effective default umask value on most POSIX systems is 0o22, + meaning that folders and executables are created with a mode of 0o755 and + other files are created with a mode of 0o644. + `, + flatten, +}) + +define('unicode', { + default: unicode, + defaultDescription: ` + false on windows, true on mac/unix systems with a unicode locale, as + defined by the LC_ALL, LC_CTYPE, or LANG environment variables. + `, + type: Boolean, + description: ` + When set to true, npm uses unicode characters in the tree output. When + false, it uses ascii characters instead of unicode glyphs. + `, +}) + +define('update-notifier', { + default: true, + type: Boolean, + description: ` + Set to false to suppress the update notification when using an older + version of npm than the latest. + `, +}) + +define('usage', { + default: false, + type: Boolean, + short: ['?', 'H', 'h'], + description: ` + Show short usage output about the command specified. + `, +}) + +define('user-agent', { + default: 'npm/{npm-version} ' + + 'node/{node-version} ' + + '{platform} ' + + '{arch} ' + + '{ci}', + type: String, + description: ` + Sets the User-Agent request header. The following fields are replaced + with their actual counterparts: + + * \`{npm-version}\` - The npm version in use + * \`{node-version}\` - The Node.js version in use + * \`{platform}\` - The value of \`process.platform\` + * \`{arch}\` - The value of \`process.arch\` + * \`{ci}\` - The value of the \`ci-name\` config, if set, prefixed with + \`ci/\`, or an empty string if \`ci-name\` is empty. + `, + flatten (key, obj, flatOptions) { + const value = obj[key] + const ciName = obj['ci-name'] + flatOptions.userAgent = + value.replace(/\{node-version\}/gi, obj['node-version']) + .replace(/\{npm-version\}/gi, obj['npm-version']) + .replace(/\{platform\}/gi, process.platform) + .replace(/\{arch\}/gi, process.arch) + .replace(/\{ci\}/gi, ciName ? `ci/${ciName}` : '') + .trim() + }, +}) + +define('userconfig', { + default: '~/.npmrc', + type: path, + description: ` + The location of user-level configuration settings. + + This may be overridden by the \`npm_config_userconfig\` environment + variable or the \`--userconfig\` command line option, but may _not_ + be overridden by settings in the \`globalconfig\` file. + `, +}) + +define('version', { + default: false, + type: Boolean, + short: 'v', + description: ` + If true, output the npm version and exit successfully. + + Only relevant when specified explicitly on the command line. + `, +}) + +define('versions', { + default: false, + type: Boolean, + description: ` + If true, output the npm version as well as node's \`process.versions\` + map and the version in the current working directory's \`package.json\` + file if one exists, and exit successfully. + + Only relevant when specified explicitly on the command line. + `, +}) + +define('viewer', { + default: isWindows ? 'browser' : 'man', + defaultDescription: ` + "man" on Posix, "browser" on Windows + `, + type: String, + description: ` + The program to use to view help content. + + Set to \`"browser"\` to view html help content in the default web browser. + `, +}) + +define('which', { + default: null, + hint: '', + type: [null, Number], + description: ` + If there are multiple funding sources, which 1-indexed source URL to open. + `, +}) + +define('workspace', { + default: [], + type: [String, Array], + short: 'w', + description: ` + Enable running a command in the context of the configured workspaces of the + current project while filtering by running only the workspaces defined by + this configuration option. + + Valid values for the \`workspace\` config are either: + - Workspace names + - Path to a workspace directory + - Path to a parent workspace directory (will result to selecting all of the + nested workspaces) + `, +}) + +define('workspaces', { + default: false, + type: Boolean, + short: 'ws', + description: ` + Enable running a command in the context of **all** the configured + workspaces. + `, +}) + +define('yes', { + default: null, + type: [null, Boolean], + short: 'y', + description: ` + Automatically answer "yes" to any prompts that npm might print on + the command line. + `, +}) diff --git a/lib/utils/config/describe-all.js b/lib/utils/config/describe-all.js new file mode 100644 index 0000000000000..ab3f3a63ea751 --- /dev/null +++ b/lib/utils/config/describe-all.js @@ -0,0 +1,16 @@ +const definitions = require('./definitions.js') +const describeAll = () => { + // sort not-deprecated ones to the top + /* istanbul ignore next - typically already sorted in the definitions file, + * but this is here so that our help doc will stay consistent if we decide + * to move them around. */ + const sort = ([keya, {deprecated: depa}], [keyb, {deprecated: depb}]) => { + return depa && !depb ? 1 + : !depa && depb ? -1 + : keya.localeCompare(keyb) + } + return Object.entries(definitions).sort(sort) + .map(([key, def]) => def.describe()) + .join('\n\n') +} +module.exports = describeAll diff --git a/lib/utils/config/flatten.js b/lib/utils/config/flatten.js new file mode 100644 index 0000000000000..f6d6124bddf7a --- /dev/null +++ b/lib/utils/config/flatten.js @@ -0,0 +1,32 @@ +// use the defined flattening function, and copy over any scoped +// registries and registry-specific "nerfdart" configs verbatim +// +// TODO: make these getters so that we only have to make dirty +// the thing that changed, and then flatten the fields that +// could have changed when a config.set is called. +// +// TODO: move nerfdart auth stuff into a nested object that +// is only passed along to paths that end up calling npm-registry-fetch. +const definitions = require('./definitions.js') +const flatten = (obj, flat = {}) => { + for (const [key, val] of Object.entries(obj)) { + const def = definitions[key] + if (def && def.flatten) + def.flatten(key, obj, flat) + else if (/@.*:registry$/i.test(key) || /^\/\//.test(key)) + flat[key] = val + } + + // XXX make this the bin/npm-cli.js file explicitly instead + // otherwise using npm programmatically is a bit of a pain. + flat.npmBin = require.main ? require.main.filename + : /* istanbul ignore next - not configurable property */ undefined + flat.nodeBin = process.env.NODE || process.execPath + + // XXX should this be sha512? is it even relevant? + flat.hashAlgorithm = 'sha1' + + return flat +} + +module.exports = flatten diff --git a/lib/utils/config/index.js b/lib/utils/config/index.js new file mode 100644 index 0000000000000..a24f5865242bf --- /dev/null +++ b/lib/utils/config/index.js @@ -0,0 +1,52 @@ +const flatten = require('./flatten.js') +const definitions = require('./definitions.js') +const describeAll = require('./describe-all.js') + +// aliases where they get expanded into a completely different thing +// these are NOT supported in the environment or npmrc files, only +// expanded on the CLI. +// TODO: when we switch off of nopt, use an arg parser that supports +// more reasonable aliasing and short opts right in the definitions set. +const shorthands = { + 'enjoy-by': ['--before'], + d: ['--loglevel', 'info'], + dd: ['--loglevel', 'verbose'], + ddd: ['--loglevel', 'silly'], + quiet: ['--loglevel', 'warn'], + q: ['--loglevel', 'warn'], + s: ['--loglevel', 'silent'], + silent: ['--loglevel', 'silent'], + verbose: ['--loglevel', 'verbose'], + desc: ['--description'], + help: ['--usage'], + local: ['--no-global'], + n: ['--no-yes'], + no: ['--no-yes'], + porcelain: ['--parseable'], + readonly: ['--read-only'], + reg: ['--registry'], +} + +for (const [key, {short}] of Object.entries(definitions)) { + if (!short) + continue + // can be either an array or string + for (const s of [].concat(short)) + shorthands[s] = [`--${key}`] +} + +module.exports = { + get defaults () { + // NB: 'default' is a reserved word + return Object.entries(definitions).map(([key, { default: def }]) => { + return [key, def] + }).reduce((defaults, [key, def]) => { + defaults[key] = def + return defaults + }, {}) + }, + definitions, + flatten, + shorthands, + describeAll, +} diff --git a/lib/utils/did-you-mean.js b/lib/utils/did-you-mean.js index c2bdf159dd118..98133196e3c56 100644 --- a/lib/utils/did-you-mean.js +++ b/lib/utils/did-you-mean.js @@ -1,12 +1,33 @@ const leven = require('leven') +const readJson = require('read-package-json-fast') +const { cmdList } = require('./cmd-list.js') -const didYouMean = (scmd, commands) => { - const best = commands +const didYouMean = async (npm, path, scmd) => { + const bestCmd = cmdList + .filter(cmd => leven(scmd, cmd) < scmd.length * 0.4 && scmd !== cmd) + .map(str => ` npm ${str} # ${npm.commands[str].description}`) + + const pkg = await readJson(`${path}/package.json`) + const { scripts } = pkg + // We would already be suggesting this in `npm x` so omit them here + const runScripts = ['stop', 'start', 'test', 'restart'] + const bestRun = Object.keys(scripts || {}) + .filter(cmd => leven(scmd, cmd) < scmd.length * 0.4 && + !runScripts.includes(cmd)) + .map(str => ` npm run ${str} # run the "${str}" package script`) + + const { bin } = pkg + const bestBin = Object.keys(bin || {}) .filter(cmd => leven(scmd, cmd) < scmd.length * 0.4) - .map(str => ` ${str}`) - return best.length === 0 ? '' - : best.length === 1 ? `\nDid you mean this?\n${best[0]}` - : `\nDid you mean one of these?\n${best.slice(0, 3).join('\n')}` -} + .map(str => ` npm exec ${str} # run the "${str}" command from either this or a remote npm package`) + const best = [...bestCmd, ...bestRun, ...bestBin] + + if (best.length === 0) + return '' + + const suggestion = best.length === 1 ? `\n\nDid you mean this?\n${best[0]}` + : `\n\nDid you mean one of these?\n${best.slice(0, 3).join('\n')}` + return suggestion +} module.exports = didYouMean diff --git a/lib/utils/flat-options.js b/lib/utils/flat-options.js deleted file mode 100644 index c082e4137ab21..0000000000000 --- a/lib/utils/flat-options.js +++ /dev/null @@ -1,254 +0,0 @@ -// return a flattened config object with canonical names suitable for -// passing to dependencies like arborist, pacote, npm-registry-fetch, etc. - -const log = require('npmlog') -const crypto = require('crypto') -const querystring = require('querystring') -const npmSession = crypto.randomBytes(8).toString('hex') -log.verbose('npm-session', npmSession) -const { join } = require('path') - -const buildOmitList = obj => { - const include = obj.include || [] - const omit = new Set((obj.omit || []) - .filter(type => !include.includes(type))) - const only = obj.only - - if (/^prod(uction)?$/.test(only) || obj.production) - omit.add('dev') - - if (/dev/.test(obj.also)) - omit.delete('dev') - - if (obj.dev) - omit.delete('dev') - - if (obj.optional === false) - omit.add('optional') - - obj.omit = [...omit] - - // it would perhaps make more sense to put this in @npmcli/config, but - // since we can set dev to be omitted in multiple various legacy ways, - // it's better to set it here once it's all resolved. - if (obj.omit.includes('dev')) - process.env.NODE_ENV = 'production' - - return [...omit] -} - -// turn an object with npm-config style keys into an options object -// with camelCase values. This doesn't account for the stuff that is -// not pulled from the config keys, that's all handled only for the -// main function which acts on the npm object itself. Used by the -// flatOptions generator, and by the publishConfig handling logic. -const flatten = obj => ({ - includeStaged: obj['include-staged'], - preferDedupe: obj['prefer-dedupe'], - ignoreScripts: obj['ignore-scripts'], - nodeVersion: obj['node-version'], - cache: join(obj.cache, '_cacache'), - global: obj.global, - - registry: obj.registry, - scope: obj.scope, - access: obj.access, - alwaysAuth: obj['always-auth'], - audit: obj.audit, - auditLevel: obj['audit-level'], - _auth: obj._auth, - authType: obj['auth-type'], - ssoType: obj['sso-type'], - ssoPollFrequency: obj['sso-poll-frequency'], - before: obj.before, - browser: obj.browser, - ca: obj.ca, - cafile: obj.cafile, - cert: obj.cert, - key: obj.key, - - // token creation options - cidr: obj.cidr, - readOnly: obj['read-only'], - - // npm version options - preid: obj.preid, - tagVersionPrefix: obj['tag-version-prefix'], - allowSameVersion: obj['allow-same-version'], - - // npm version git options - message: obj.message, - commitHooks: obj['commit-hooks'], - gitTagVersion: obj['git-tag-version'], - signGitCommit: obj['sign-git-commit'], - signGitTag: obj['sign-git-tag'], - - // only used for npm ls in v7, not update - depth: obj.depth, - all: obj.all, - - // Output configs - unicode: obj.unicode, - json: obj.json, - long: obj.long, - parseable: obj.parseable, - - // options for npm search - search: { - description: obj.description, - exclude: obj.searchexclude, - limit: obj.searchlimit || 20, - opts: querystring.parse(obj.searchopts), - staleness: obj.searchstaleness, - }, - - diff: obj.diff, - diffUnified: obj['diff-unified'], - diffIgnoreAllSpace: obj['diff-ignore-all-space'], - diffNameOnly: obj['diff-name-only'], - diffNoPrefix: obj['diff-no-prefix'], - diffSrcPrefix: obj['diff-src-prefix'], - diffDstPrefix: obj['diff-dst-prefix'], - diffText: obj['diff-text'], - - dryRun: obj['dry-run'], - engineStrict: obj['engine-strict'], - - retry: { - retries: obj['fetch-retries'], - factor: obj['fetch-retry-factor'], - maxTimeout: obj['fetch-retry-maxtimeout'], - minTimeout: obj['fetch-retry-mintimeout'], - }, - - timeout: obj['fetch-timeout'], - - force: obj.force, - - formatPackageLock: obj['format-package-lock'], - fund: obj.fund, - - // binary locators - git: obj.git, - viewer: obj.viewer, - editor: obj.editor, - - // configs that affect how we build trees - binLinks: obj['bin-links'], - rebuildBundle: obj['rebuild-bundle'], - // --no-shrinkwrap is the same as --no-package-lock - packageLock: !(obj['package-lock'] === false || - obj.shrinkwrap === false), - packageLockOnly: obj['package-lock-only'], - globalStyle: obj['global-style'], - legacyBundling: obj['legacy-bundling'], - foregroundScripts: !!obj['foreground-scripts'], - scriptShell: obj['script-shell'] || undefined, - shell: obj.shell, - omit: buildOmitList(obj), - legacyPeerDeps: obj['legacy-peer-deps'], - strictPeerDeps: obj['strict-peer-deps'], - - // npx stuff - call: obj.call, - package: obj.package, - - // used to build up the appropriate {add:{...}} options to Arborist.reify - save: obj.save, - saveBundle: obj['save-bundle'] && !obj['save-peer'], - saveType: obj['save-optional'] && obj['save-peer'] - ? 'peerOptional' - : obj['save-optional'] ? 'optional' - : obj['save-dev'] ? 'dev' - : obj['save-peer'] ? 'peer' - : obj['save-prod'] ? 'prod' - : null, - savePrefix: obj['save-exact'] ? '' - : obj['save-prefix'], - - // configs for npm-registry-fetch - otp: obj.otp, - offline: obj.offline, - preferOffline: getPreferOffline(obj), - preferOnline: getPreferOnline(obj), - strictSSL: obj['strict-ssl'], - defaultTag: obj.tag, - userAgent: obj['user-agent'], - - // yes, it's fine, just do it, jeez, stop asking - yes: obj.yes, - - ...getScopesAndAuths(obj), - - // npm fund exclusive option to select an item from a funding list - which: obj.which, - - // socks proxy can be configured in https-proxy or proxy field - // note that the various (HTTPS_|HTTP_|]PROXY environs will be - // respected if this is not set. - proxy: obj['https-proxy'] || obj.proxy, - noProxy: obj.noproxy, -}) - -const flatOptions = npm => npm.flatOptions || Object.freeze({ - // flatten the config object - ...flatten(npm.config.list[0]), - - // Note that many of these do not come from configs or cli flags - // per se, though they may be implied or defined by them. - log, - npmSession, - dmode: npm.modes.exec, - fmode: npm.modes.file, - umask: npm.modes.umask, - hashAlgorithm: 'sha1', // XXX should this be sha512? - color: !!npm.color, - projectScope: npm.projectScope, - npmVersion: npm.version, - - // npm.command is not set until AFTER flatOptions are defined - // so we need to make this a getter. - get npmCommand () { - return npm.command - }, - - tmp: npm.tmp, - prefix: npm.prefix, - globalPrefix: npm.globalPrefix, - localPrefix: npm.localPrefix, - npmBin: require.main && require.main.filename, - nodeBin: process.env.NODE || process.execPath, - get tag () { - return npm.config.get('tag') - }, -}) - -const getPreferOnline = obj => { - const po = obj['prefer-online'] - if (po !== undefined) - return po - - return obj['cache-max'] <= 0 -} - -const getPreferOffline = obj => { - const po = obj['prefer-offline'] - if (po !== undefined) - return po - - return obj['cache-min'] >= 9999 -} - -// pull out all the @scope: and //host:key config fields -// these are used by npm-registry-fetch for authing against registries -const getScopesAndAuths = obj => { - const scopesAndAuths = {} - // pull out all the @scope:... configs into a flat object. - for (const key in obj) { - if (/@.*:registry$/i.test(key) || /^\/\//.test(key)) - scopesAndAuths[key] = obj[key] - } - return scopesAndAuths -} - -module.exports = Object.assign(flatOptions, { flatten }) diff --git a/lib/utils/lifecycle-cmd.js b/lib/utils/lifecycle-cmd.js index 1917bef367855..2c5b89dfcdd04 100644 --- a/lib/utils/lifecycle-cmd.js +++ b/lib/utils/lifecycle-cmd.js @@ -10,5 +10,9 @@ class LifecycleCmd extends BaseCommand { exec (args, cb) { this.npm.commands['run-script']([this.constructor.name, ...args], cb) } + + execWorkspaces (args, filters, cb) { + this.npm.commands['run-script']([this.constructor.name, ...args], cb) + } } module.exports = LifecycleCmd diff --git a/lib/utils/npm-usage.js b/lib/utils/npm-usage.js index b77bca7bec1a8..bc397cb4d95e6 100644 --- a/lib/utils/npm-usage.js +++ b/lib/utils/npm-usage.js @@ -1,14 +1,12 @@ -const didYouMean = require('./did-you-mean.js') const { dirname } = require('path') const { cmdList } = require('./cmd-list') -module.exports = (npm, valid = true) => { - npm.config.set('loglevel', 'silent') +module.exports = (npm) => { const usesBrowser = npm.config.get('viewer') === 'browser' ? ' (in a browser)' : '' - npm.log.level = 'silent' - npm.output(` -Usage: npm + return `npm + +Usage: npm install install all the dependencies in your project npm install add the dependency to your project @@ -20,7 +18,7 @@ npm help search for help on ${usesBrowser} npm help npm more involved overview${usesBrowser} All commands: -${npm.config.get('long') ? usages(npm) : ('\n ' + wrap(cmdList))} +${allCommands(npm)} Specify configs in the ini-formatted file: ${npm.config.get('userconfig')} @@ -29,14 +27,13 @@ or on the command line via: npm --key=value More configuration info: npm help config Configuration fields: npm help 7 config -npm@${npm.version} ${dirname(dirname(__dirname))} -`) - - if (npm.argv.length >= 1) - npm.output(didYouMean(npm.argv[0], cmdList)) +npm@${npm.version} ${dirname(dirname(__dirname))}` +} - if (!valid) - process.exitCode = 1 +const allCommands = (npm) => { + if (npm.config.get('long')) + return usages(npm) + return ('\n ' + wrap(cmdList)) } const wrap = (arr) => { diff --git a/lib/utils/ping.js b/lib/utils/ping.js index f5f7fcc6a6258..00956d0c1630c 100644 --- a/lib/utils/ping.js +++ b/lib/utils/ping.js @@ -1,7 +1,7 @@ // ping the npm registry // used by the ping and doctor commands const fetch = require('npm-registry-fetch') -module.exports = async (opts) => { - const res = await fetch('/-/ping?write=true', opts) +module.exports = async (flatOptions) => { + const res = await fetch('/-/ping?write=true', flatOptions) return res.json().catch(() => ({})) } diff --git a/lib/utils/read-local-package.js b/lib/utils/read-local-package.js index c31bca994704c..21506ca180a0f 100644 --- a/lib/utils/read-local-package.js +++ b/lib/utils/read-local-package.js @@ -1,11 +1,12 @@ const { resolve } = require('path') const readJson = require('read-package-json-fast') async function readLocalPackageName (npm) { - if (npm.flatOptions.global) + if (npm.config.get('global')) return - const filepath = resolve(npm.flatOptions.prefix, 'package.json') - return (await readJson(filepath)).name + const filepath = resolve(npm.prefix, 'package.json') + const json = await readJson(filepath) + return json.name } module.exports = readLocalPackageName diff --git a/lib/version.js b/lib/version.js index 2eda9d11b737c..18b7d7d6c5d84 100644 --- a/lib/version.js +++ b/lib/version.js @@ -2,6 +2,10 @@ const libversion = require('libnpmversion') const BaseCommand = require('./base-command.js') class Version extends BaseCommand { + static get description () { + return 'Bump a package version' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'version' @@ -45,7 +49,7 @@ class Version extends BaseCommand { } async change (args) { - const prefix = this.npm.flatOptions.tagVersionPrefix + const prefix = this.npm.config.get('tag-version-prefix') const version = await libversion(args[0], { ...this.npm.flatOptions, path: this.npm.prefix, @@ -71,7 +75,7 @@ class Version extends BaseCommand { for (const [key, version] of Object.entries(process.versions)) results[key] = version - if (this.npm.flatOptions.json) + if (this.npm.config.get('json')) this.npm.output(JSON.stringify(results, null, 2)) else this.npm.output(results) diff --git a/lib/view.js b/lib/view.js index 0a6688fc2b13d..e0df1e231f9d8 100644 --- a/lib/view.js +++ b/lib/view.js @@ -19,6 +19,11 @@ const readJson = async file => jsonParse(await readFile(file, 'utf8')) const BaseCommand = require('./base-command.js') class View extends BaseCommand { + /* istanbul ignore next - see test/lib/load-all-commands.js */ + static get description () { + return 'View registry info' + } + /* istanbul ignore next - see test/lib/load-all-commands.js */ static get name () { return 'view' @@ -41,9 +46,9 @@ class View extends BaseCommand { fullMetadata: true, preferOnline: true, } - const { defaultTag } = config const spec = npa(opts.conf.argv.remain[2]) const pckmnt = await packument(spec, config) + const defaultTag = this.npm.config.get('tag') const dv = pckmnt.versions[pckmnt['dist-tags'][defaultTag]] pckmnt.versions = Object.keys(pckmnt.versions).sort(semver.compareLoose) @@ -99,7 +104,7 @@ class View extends BaseCommand { const name = nv.name const local = (name === '.' || !name) - if (opts.global && local) + if (this.npm.config.get('global') && local) throw new Error('Cannot use view command in global mode.') if (local) { @@ -114,7 +119,7 @@ class View extends BaseCommand { } // get the data about this package - let version = nv.rawSpec || this.npm.flatOptions.defaultTag + let version = nv.rawSpec || this.npm.config.get('tag') const pckmnt = await packument(nv, opts) @@ -159,42 +164,43 @@ class View extends BaseCommand { } if ( - !opts.json && + !this.npm.config.get('json') && args.length === 1 && args[0] === '' ) { // general view pckmnt.version = version await Promise.all( - results.map((v) => this.prettyView(pckmnt, v[Object.keys(v)[0]][''], opts)) + results.map((v) => this.prettyView(pckmnt, v[Object.keys(v)[0]][''])) ) return retval } else { // view by field name - await this.printData(retval, pckmnt._id, opts) + await this.printData(retval, pckmnt._id) return retval } } - async printData (data, name, opts) { + async printData (data, name) { const versions = Object.keys(data) let msg = '' let msgJson = [] const includeVersions = versions.length > 1 let includeFields + const json = this.npm.config.get('json') versions.forEach((v) => { const fields = Object.keys(data[v]) includeFields = includeFields || (fields.length > 1) - if (opts.json) + if (json) msgJson.push({}) fields.forEach((f) => { let d = cleanup(data[v][f]) - if (fields.length === 1 && opts.json) + if (fields.length === 1 && json) msgJson[msgJson.length - 1][f] = d if (includeVersions || includeFields || typeof d !== 'string') { - if (opts.json) + if (json) msgJson[msgJson.length - 1][f] = d else { d = inspect(d, { @@ -204,10 +210,10 @@ class View extends BaseCommand { maxArrayLength: null, }) } - } else if (typeof d === 'string' && opts.json) + } else if (typeof d === 'string' && json) d = JSON.stringify(d) - if (!opts.json) { + if (!json) { if (f && includeFields) f += ' = ' msg += (includeVersions ? name + '@' + v + ' ' : '') + @@ -216,7 +222,7 @@ class View extends BaseCommand { }) }) - if (opts.json) { + if (json) { if (msgJson.length && Object.keys(msgJson[0]).length === 1) { const k = Object.keys(msgJson[0])[0] msgJson = msgJson.map(m => m[k]) @@ -236,9 +242,9 @@ class View extends BaseCommand { console.log(msg.trim()) } - async prettyView (packument, manifest, opts) { + async prettyView (packument, manifest) { // More modern, pretty printing of default view - const unicode = opts.unicode + const unicode = this.npm.config.get('unicode') const tags = [] Object.keys(packument['dist-tags']).forEach((t) => { diff --git a/lib/whoami.js b/lib/whoami.js index 2322c5fd80e5d..82c4520d9e883 100644 --- a/lib/whoami.js +++ b/lib/whoami.js @@ -3,18 +3,18 @@ const getIdentity = require('./utils/get-identity.js') const BaseCommand = require('./base-command.js') class Whoami extends BaseCommand { /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get name () { - return 'whoami' + static get description () { + return 'Display npm username' } /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get description () { - return 'prints username according to given registry' + static get name () { + return 'whoami' } /* istanbul ignore next - see test/lib/load-all-commands.js */ - static get usage () { - return ['[--registry ]'] + static get params () { + return ['registry'] } exec (args, cb) { @@ -22,9 +22,10 @@ class Whoami extends BaseCommand { } async whoami (args) { - const opts = this.npm.flatOptions - const username = await getIdentity(this.npm, opts) - this.npm.output(opts.json ? JSON.stringify(username) : username) + const username = await getIdentity(this.npm, this.npm.flatOptions) + this.npm.output( + this.npm.config.get('json') ? JSON.stringify(username) : username + ) } } module.exports = Whoami diff --git a/lib/workspaces/get-workspaces.js b/lib/workspaces/get-workspaces.js new file mode 100644 index 0000000000000..64812d5403576 --- /dev/null +++ b/lib/workspaces/get-workspaces.js @@ -0,0 +1,33 @@ +const { resolve } = require('path') +const mapWorkspaces = require('@npmcli/map-workspaces') +const minimatch = require('minimatch') +const rpj = require('read-package-json-fast') + +const getWorkspaces = async (filters, { path }) => { + const pkg = await rpj(resolve(path, 'package.json')) + const workspaces = await mapWorkspaces({ cwd: path, pkg }) + const res = filters.length ? new Map() : workspaces + + for (const filterArg of filters) { + for (const [workspaceName, workspacePath] of workspaces.entries()) { + if (filterArg === workspaceName + || resolve(path, filterArg) === workspacePath + || minimatch(workspacePath, `${resolve(path, filterArg)}/*`)) + res.set(workspaceName, workspacePath) + } + } + + if (!res.size) { + let msg = '!' + if (filters.length) { + msg = `:\n ${filters.reduce( + (res, filterArg) => `${res} --workspace=${filterArg}`, '')}` + } + + throw new Error(`No workspaces found${msg}`) + } + + return res +} + +module.exports = getWorkspaces diff --git a/node_modules/@npmcli/arborist/lib/add-rm-pkg-deps.js b/node_modules/@npmcli/arborist/lib/add-rm-pkg-deps.js index 9e4825c526451..9a96fd1b3797c 100644 --- a/node_modules/@npmcli/arborist/lib/add-rm-pkg-deps.js +++ b/node_modules/@npmcli/arborist/lib/add-rm-pkg-deps.js @@ -71,7 +71,7 @@ const addSingle = ({pkg, spec, saveBundle, saveType}) => { pkg.devDependencies[name] = pkg.peerDependencies[name] } - if (saveBundle) { + if (saveBundle && saveType !== 'peer' && saveType !== 'peerOptional') { // keep it sorted, keep it unique const bd = new Set(pkg.bundleDependencies || []) bd.add(spec.name) diff --git a/node_modules/@npmcli/arborist/lib/arborist/reify.js b/node_modules/@npmcli/arborist/lib/arborist/reify.js index 803fb9782f07c..0008045528d68 100644 --- a/node_modules/@npmcli/arborist/lib/arborist/reify.js +++ b/node_modules/@npmcli/arborist/lib/arborist/reify.js @@ -890,7 +890,7 @@ module.exports = cls => class Reifier extends cls { const root = this.idealTree const pkg = root.package for (const { name } of this[_resolvedAdd]) { - const req = npa(root.edgesOut.get(name).spec, root.realpath) + const req = npa.resolve(name, root.edgesOut.get(name).spec, root.realpath) const {rawSpec, subSpec} = req const spec = subSpec ? subSpec.rawSpec : rawSpec diff --git a/node_modules/@npmcli/arborist/package.json b/node_modules/@npmcli/arborist/package.json index bff10db4b0dd8..e745be2c77f7c 100644 --- a/node_modules/@npmcli/arborist/package.json +++ b/node_modules/@npmcli/arborist/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/arborist", - "version": "2.2.8", + "version": "2.2.9", "description": "Manage node_modules trees", "dependencies": { "@npmcli/installed-package-contents": "^1.0.7", @@ -26,7 +26,7 @@ "promise-call-limit": "^1.0.1", "read-package-json-fast": "^2.0.2", "readdir-scoped-modules": "^1.1.0", - "semver": "^7.3.4", + "semver": "^7.3.5", "tar": "^6.1.0", "treeverse": "^1.0.4", "walk-up-path": "^1.0.0" diff --git a/node_modules/@npmcli/config/lib/get-user-agent.js b/node_modules/@npmcli/config/lib/get-user-agent.js deleted file mode 100644 index c3d3c7a1bf3de..0000000000000 --- a/node_modules/@npmcli/config/lib/get-user-agent.js +++ /dev/null @@ -1,13 +0,0 @@ -// Accepts a config object, returns a user-agent string -const getUserAgent = (config) => { - const ciName = config.get('ci-name') - return (config.get('user-agent') || '') - .replace(/\{node-version\}/gi, config.get('node-version')) - .replace(/\{npm-version\}/gi, config.get('npm-version')) - .replace(/\{platform\}/gi, process.platform) - .replace(/\{arch\}/gi, process.arch) - .replace(/\{ci\}/gi, ciName ? `ci/${ciName}` : '') - .trim() -} - -module.exports = getUserAgent diff --git a/node_modules/@npmcli/config/lib/index.js b/node_modules/@npmcli/config/lib/index.js index e7fac96c1c8c8..21a37ded48e7c 100644 --- a/node_modules/@npmcli/config/lib/index.js +++ b/node_modules/@npmcli/config/lib/index.js @@ -47,7 +47,6 @@ const envReplace = require('./env-replace.js') const parseField = require('./parse-field.js') const typeDescription = require('./type-description.js') const setEnvs = require('./set-envs.js') -const getUserAgent = require('./get-user-agent.js') // types that can be saved back to const confFileTypes = new Set([ @@ -69,6 +68,9 @@ const _get = Symbol('get') const _find = Symbol('find') const _loadObject = Symbol('loadObject') const _loadFile = Symbol('loadFile') +const _checkDeprecated = Symbol('checkDeprecated') +const _flatten = Symbol('flatten') +const _flatOptions = Symbol('flatOptions') class Config { static get typeDefs () { @@ -76,9 +78,9 @@ class Config { } constructor ({ - types, + definitions, shorthands, - defaults, + flatten, npmPath, // options just to override in tests, mostly @@ -89,10 +91,27 @@ class Config { execPath = process.execPath, cwd = process.cwd(), }) { - this.npmPath = npmPath + + // turn the definitions into nopt's weirdo syntax + this.definitions = definitions + const types = {} + const defaults = {} + this.deprecated = {} + for (const [key, def] of Object.entries(definitions)) { + defaults[key] = def.default + types[key] = def.type + if (def.deprecated) + this.deprecated[key] = def.deprecated.trim().replace(/\n +/, '\n') + } + + // populated the first time we flatten the object + this[_flatOptions] = null + this[_flatten] = flatten this.types = types this.shorthands = shorthands this.defaults = defaults + + this.npmPath = npmPath this.log = log this.argv = argv this.env = env @@ -183,10 +202,31 @@ class Config { if (!email) throw new Error('Cannot set _auth without first setting email') } - this.data.get(where).data[key] = val + this[_checkDeprecated](key) + const { data } = this.data.get(where) + data[key] = val // this is now dirty, the next call to this.valid will have to check it this.data.get(where)[_valid] = null + + // the flat options are invalidated, regenerate next time they're needed + this[_flatOptions] = null + } + + get flat () { + if (this[_flatOptions]) + return this[_flatOptions] + + // create the object for flat options passed to deps + process.emit('time', 'config:load:flatten') + this[_flatOptions] = {} + // walk from least priority to highest + for (const { data } of this.data.values()) { + this[_flatten](data, this[_flatOptions]) + } + process.emit('timeEnd', 'config:load:flatten') + + return this[_flatOptions] } delete (key, where = 'cli') { @@ -233,11 +273,6 @@ class Config { await this.loadGlobalConfig() process.emit('timeEnd', 'config:load:global') - // now the extras - process.emit('time', 'config:load:cafile') - await this.loadCAFile() - process.emit('timeEnd', 'config:load:cafile') - // warn if anything is not valid process.emit('time', 'config:load:validate') this.validate() @@ -250,10 +285,6 @@ class Config { // set proper globalPrefix now that everything is loaded this.globalPrefix = this.get('prefix') - process.emit('time', 'config:load:setUserAgent') - this.setUserAgent() - process.emit('timeEnd', 'config:load:setUserAgent') - process.emit('time', 'config:load:setEnvs') this.setEnvs() process.emit('timeEnd', 'config:load:setEnvs') @@ -376,13 +407,13 @@ class Config { this.data.get(where)[_valid] = false if (Array.isArray(type)) { - if (type.indexOf(typeDefs.url.type) !== -1) + if (type.includes(typeDefs.url.type)) type = typeDefs.url.type else { /* istanbul ignore if - no actual configs matching this, but * path types SHOULD be handled this way, like URLs, for the * same reason */ - if (type.indexOf(typeDefs.path.type) !== -1) + if (type.includes(typeDefs.path.type)) type = typeDefs.path.type } } @@ -428,11 +459,21 @@ class Config { for (const [key, value] of Object.entries(obj)) { const k = envReplace(key, this.env) const v = this.parseField(value, k) + if (where !== 'default') + this[_checkDeprecated](k, where, obj, [key, value]) conf.data[k] = v } } } + [_checkDeprecated] (key, where, obj, kv) { + // XXX a future npm version will make this a warning. + // An even more future npm version will make this an error. + if (this.deprecated[key]) { + this.log.verbose('config', key, this.deprecated[key]) + } + } + // Parse a field, coercing it to the best type available. parseField (f, key, listElement = false) { return parseField(f, key, this, listElement) @@ -675,48 +716,6 @@ class Config { return creds } - async loadCAFile () { - const where = this[_find]('cafile') - - /* istanbul ignore if - it'll always be set in the defaults */ - if (!where) - return - - const cafile = this[_get]('cafile', where) - const ca = this[_get]('ca', where) - - // if you have a ca, or cafile is set to null, then nothing to do here. - if (ca || !cafile) - return - - const raw = await readFile(cafile, 'utf8').catch(er => { - if (er.code !== 'ENOENT') - throw er - }) - if (!raw) - return - - const delim = '-----END CERTIFICATE-----' - const output = raw.replace(/\r\n/g, '\n').split(delim) - .filter(section => section.trim()) - .map(section => section.trimLeft() + delim) - - // make it non-enumerable so we don't save it back by accident - const { data } = this.data.get(where) - Object.defineProperty(data, 'ca', { - value: output, - enumerable: false, - configurable: true, - writable: true, - }) - } - - // the user-agent configuration is a template that gets populated - // with some variables, that takes place here - setUserAgent () { - this.set('user-agent', getUserAgent(this)) - } - // set up the environment object we have with npm_config_* environs // for all configs that are different from their default values, and // set EDITOR and HOME. diff --git a/node_modules/@npmcli/config/lib/set-envs.js b/node_modules/@npmcli/config/lib/set-envs.js index 36d37145466e0..ffaf5ab383c75 100644 --- a/node_modules/@npmcli/config/lib/set-envs.js +++ b/node_modules/@npmcli/config/lib/set-envs.js @@ -50,11 +50,13 @@ const setEnvs = (config) => { platform, env, defaults, + definitions, list: [cliConf, envConf], } = config env.INIT_CWD = process.cwd() + // if the key is deprecated, skip it always. // if the key is the default value, // if the environ is NOT the default value, // set the environ @@ -65,6 +67,10 @@ const setEnvs = (config) => { const cliSet = new Set(Object.keys(cliConf)) const envSet = new Set(Object.keys(envConf)) for (const key in cliConf) { + const { deprecated } = definitions[key] || {} + if (deprecated) + continue + if (sameConfigValue(defaults[key], cliConf[key])) { // config is the default, if the env thought different, then we // have to set it BACK to the default in the environment. diff --git a/node_modules/@npmcli/config/package.json b/node_modules/@npmcli/config/package.json index 644544a49d869..b2b34f6af2712 100644 --- a/node_modules/@npmcli/config/package.json +++ b/node_modules/@npmcli/config/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/config", - "version": "1.2.9", + "version": "2.0.0", "files": [ "lib" ], diff --git a/node_modules/@npmcli/run-script/lib/make-spawn-args.js b/node_modules/@npmcli/run-script/lib/make-spawn-args.js index 4c38b9401ddf0..8ee24c06daf7b 100644 --- a/node_modules/@npmcli/run-script/lib/make-spawn-args.js +++ b/node_modules/@npmcli/run-script/lib/make-spawn-args.js @@ -3,24 +3,6 @@ const isWindows = require('./is-windows.js') const setPATH = require('./set-path.js') const {resolve} = require('path') const npm_config_node_gyp = require.resolve('node-gyp/bin/node-gyp.js') -const { quoteForShell, ShellString, ShellStringText, ShellStringUnquoted } = require('puka') - -const escapeCmd = cmd => { - const result = [] - const parsed = ShellString.sh([cmd]) - for (const child of parsed.children) { - if (child instanceof ShellStringText) { - const children = child.contents.filter(segment => segment !== null).map(segment => quoteForShell(segment, false, isWindows && 'win32')) - result.push(...children) - } else if (child instanceof ShellStringUnquoted) { - result.push(child.value) - } else { - result.push(isWindows ? '&' : ';') - } - } - - return result.join('') -} const makeSpawnArgs = options => { const { @@ -34,7 +16,7 @@ const makeSpawnArgs = options => { } = options const isCmd = /(?:^|\\)cmd(?:\.exe)?$/i.test(scriptShell) - const args = isCmd ? ['/d', '/s', '/c', escapeCmd(cmd)] : ['-c', cmd] + const args = isCmd ? ['/d', '/s', '/c', cmd] : ['-c', cmd] const spawnOpts = { env: setPATH(path, { diff --git a/node_modules/@npmcli/run-script/package.json b/node_modules/@npmcli/run-script/package.json index 9df5b31178747..7e0e5255de410 100644 --- a/node_modules/@npmcli/run-script/package.json +++ b/node_modules/@npmcli/run-script/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/run-script", - "version": "1.8.3", + "version": "1.8.4", "description": "Run a lifecycle script for a package (descendant of npm-lifecycle)", "author": "Isaac Z. Schlueter (https://izs.me)", "license": "ISC", @@ -32,7 +32,6 @@ "@npmcli/promise-spawn": "^1.3.2", "infer-owner": "^1.0.4", "node-gyp": "^7.1.0", - "puka": "^1.0.1", "read-package-json-fast": "^2.0.1" }, "files": [ diff --git a/node_modules/cacache/CHANGELOG.md b/node_modules/cacache/CHANGELOG.md index 14eee0b381c07..d10160846b157 100644 --- a/node_modules/cacache/CHANGELOG.md +++ b/node_modules/cacache/CHANGELOG.md @@ -2,6 +2,8 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +### [15.0.6](https://github.com/npm/cacache/compare/v15.0.5...v15.0.6) (2021-03-22) + ### [15.0.5](https://github.com/npm/cacache/compare/v15.0.4...v15.0.5) (2020-07-11) ### [15.0.4](https://github.com/npm/cacache/compare/v15.0.3...v15.0.4) (2020-06-03) diff --git a/node_modules/cacache/package.json b/node_modules/cacache/package.json index 053c245b52b72..afe569c8bd6cb 100644 --- a/node_modules/cacache/package.json +++ b/node_modules/cacache/package.json @@ -1,6 +1,6 @@ { "name": "cacache", - "version": "15.0.5", + "version": "15.0.6", "cache-version": { "content": "2", "index": "5" @@ -72,7 +72,7 @@ "p-map": "^4.0.0", "promise-inflight": "^1.0.1", "rimraf": "^3.0.2", - "ssri": "^8.0.0", + "ssri": "^8.0.1", "tar": "^6.0.2", "unique-filename": "^1.1.1" }, diff --git a/node_modules/hosted-git-info/README.md b/node_modules/hosted-git-info/README.md index 7b723f6b9e213..8740406029626 100644 --- a/node_modules/hosted-git-info/README.md +++ b/node_modules/hosted-git-info/README.md @@ -22,7 +22,7 @@ var info = hostedGitInfo.fromUrl("git@github.com:npm/hosted-git-info.git", opts) If the URL can't be matched with a git host, `null` will be returned. We can match git, ssh and https urls. Additionally, we can match ssh connect strings (`git@github.com:npm/hosted-git-info`) and shortcuts (eg, -`github:npm/hosted-git-info`). Github specifically, is detected in the case +`github:npm/hosted-git-info`). GitHub specifically, is detected in the case of a third, unprefixed, form: `npm/hosted-git-info`. If it does match, the returned object has properties of: @@ -129,5 +129,5 @@ SSH connect strings will be normalized into `git+ssh` URLs. ## Supported hosts -Currently this supports Github, Bitbucket and Gitlab. Pull requests for +Currently this supports GitHub, Bitbucket and GitLab. Pull requests for additional hosts welcome. diff --git a/node_modules/hosted-git-info/git-host-info.js b/node_modules/hosted-git-info/git-host-info.js index da3348fa7b817..360d7b096be61 100644 --- a/node_modules/hosted-git-info/git-host-info.js +++ b/node_modules/hosted-git-info/git-host-info.js @@ -1,79 +1,154 @@ 'use strict' +const maybeJoin = (...args) => args.every(arg => arg) ? args.join('') : '' +const maybeEncode = (arg) => arg ? encodeURIComponent(arg) : '' -var gitHosts = module.exports = { - github: { - // First two are insecure and generally shouldn't be used any more, but - // they are still supported. - 'protocols': [ 'git', 'http', 'git+ssh', 'git+https', 'ssh', 'https' ], - 'domain': 'github.com', - 'treepath': 'tree', - 'filetemplate': 'https://{auth@}raw.githubusercontent.com/{user}/{project}/{committish}/{path}', - 'bugstemplate': 'https://{domain}/{user}/{project}/issues', - 'gittemplate': 'git://{auth@}{domain}/{user}/{project}.git{#committish}', - 'tarballtemplate': 'https://codeload.{domain}/{user}/{project}/tar.gz/{committish}' - }, - bitbucket: { - 'protocols': [ 'git+ssh', 'git+https', 'ssh', 'https' ], - 'domain': 'bitbucket.org', - 'treepath': 'src', - 'tarballtemplate': 'https://{domain}/{user}/{project}/get/{committish}.tar.gz' - }, - gitlab: { - 'protocols': [ 'git+ssh', 'git+https', 'ssh', 'https' ], - 'domain': 'gitlab.com', - 'treepath': 'tree', - 'bugstemplate': 'https://{domain}/{user}/{project}/issues', - 'httpstemplate': 'git+https://{auth@}{domain}/{user}/{projectPath}.git{#committish}', - 'tarballtemplate': 'https://{domain}/{user}/{project}/repository/archive.tar.gz?ref={committish}', - 'pathmatch': /^\/([^/]+)\/((?!.*(\/-\/|\/repository(\/[^/]+)?\/archive\.tar\.gz)).*?)(?:\.git|\/)?$/ - }, - gist: { - 'protocols': [ 'git', 'git+ssh', 'git+https', 'ssh', 'https' ], - 'domain': 'gist.github.com', - 'pathmatch': /^[/](?:([^/]+)[/])?([a-z0-9]{7,})(?:[.]git)?$/, - 'filetemplate': 'https://gist.githubusercontent.com/{user}/{project}/raw{/committish}/{path}', - 'bugstemplate': 'https://{domain}/{project}', - 'gittemplate': 'git://{domain}/{project}.git{#committish}', - 'sshtemplate': 'git@{domain}:/{project}.git{#committish}', - 'sshurltemplate': 'git+ssh://git@{domain}/{project}.git{#committish}', - 'browsetemplate': 'https://{domain}/{project}{/committish}', - 'browsefiletemplate': 'https://{domain}/{project}{/committish}{#path}', - 'docstemplate': 'https://{domain}/{project}{/committish}', - 'httpstemplate': 'git+https://{domain}/{project}.git{#committish}', - 'shortcuttemplate': '{type}:{project}{#committish}', - 'pathtemplate': '{project}{#committish}', - 'tarballtemplate': 'https://codeload.github.com/gist/{project}/tar.gz/{committish}', - 'hashformat': function (fragment) { - return 'file-' + formatHashFragment(fragment) +const defaults = { + sshtemplate: ({ domain, user, project, committish }) => `git@${domain}:${user}/${project}.git${maybeJoin('#', committish)}`, + sshurltemplate: ({ domain, user, project, committish }) => `git+ssh://git@${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + browsetemplate: ({ domain, user, project, committish, treepath }) => `https://${domain}/${user}/${project}${maybeJoin('/', treepath, '/', maybeEncode(committish))}`, + browsefiletemplate: ({ domain, user, project, committish, treepath, path, fragment, hashformat }) => `https://${domain}/${user}/${project}/${treepath}/${maybeEncode(committish || 'master')}/${path}${maybeJoin('#', hashformat(fragment || ''))}`, + docstemplate: ({ domain, user, project, treepath, committish }) => `https://${domain}/${user}/${project}${maybeJoin('/', treepath, '/', maybeEncode(committish))}#readme`, + httpstemplate: ({ auth, domain, user, project, committish }) => `git+https://${maybeJoin(auth, '@')}${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + filetemplate: ({ domain, user, project, committish, path }) => `https://${domain}/${user}/${project}/raw/${maybeEncode(committish) || 'master'}/${path}`, + shortcuttemplate: ({ type, user, project, committish }) => `${type}:${user}/${project}${maybeJoin('#', committish)}`, + pathtemplate: ({ user, project, committish }) => `${user}/${project}${maybeJoin('#', committish)}`, + bugstemplate: ({ domain, user, project }) => `https://${domain}/${user}/${project}/issues`, + hashformat: formatHashFragment +} + +const gitHosts = {} +gitHosts.github = Object.assign({}, defaults, { + // First two are insecure and generally shouldn't be used any more, but + // they are still supported. + protocols: ['git:', 'http:', 'git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'github.com', + treepath: 'tree', + filetemplate: ({ auth, user, project, committish, path }) => `https://${maybeJoin(auth, '@')}raw.githubusercontent.com/${user}/${project}/${maybeEncode(committish) || 'master'}/${path}`, + gittemplate: ({ auth, domain, user, project, committish }) => `git://${maybeJoin(auth, '@')}${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + tarballtemplate: ({ domain, user, project, committish }) => `https://codeload.${domain}/${user}/${project}/tar.gz/${maybeEncode(committish) || 'master'}`, + extract: (url) => { + let [, user, project, type, committish] = url.pathname.split('/', 5) + if (type && type !== 'tree') { + return + } + + if (!type) { + committish = url.hash.slice(1) + } + + if (project && project.endsWith('.git')) { + project = project.slice(0, -4) + } + + if (!user || !project) { + return } + + return { user, project, committish } } -} +}) -var gitHostDefaults = { - 'sshtemplate': 'git@{domain}:{user}/{project}.git{#committish}', - 'sshurltemplate': 'git+ssh://git@{domain}/{user}/{project}.git{#committish}', - 'browsetemplate': 'https://{domain}/{user}/{project}{/tree/committish}', - 'browsefiletemplate': 'https://{domain}/{user}/{project}/{treepath}/{committish}/{path}{#fragment}', - 'docstemplate': 'https://{domain}/{user}/{project}{/tree/committish}#readme', - 'httpstemplate': 'git+https://{auth@}{domain}/{user}/{project}.git{#committish}', - 'filetemplate': 'https://{domain}/{user}/{project}/raw/{committish}/{path}', - 'shortcuttemplate': '{type}:{user}/{project}{#committish}', - 'pathtemplate': '{user}/{project}{#committish}', - 'pathmatch': /^[/]([^/]+)[/]([^/]+?)(?:[.]git|[/])?$/, - 'hashformat': formatHashFragment -} +gitHosts.bitbucket = Object.assign({}, defaults, { + protocols: ['git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'bitbucket.org', + treepath: 'src', + tarballtemplate: ({ domain, user, project, committish }) => `https://${domain}/${user}/${project}/get/${maybeEncode(committish) || 'master'}.tar.gz`, + extract: (url) => { + let [, user, project, aux] = url.pathname.split('/', 4) + if (['get'].includes(aux)) { + return + } + + if (project && project.endsWith('.git')) { + project = project.slice(0, -4) + } + + if (!user || !project) { + return + } + + return { user, project, committish: url.hash.slice(1) } + } +}) + +gitHosts.gitlab = Object.assign({}, defaults, { + protocols: ['git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'gitlab.com', + treepath: 'tree', + httpstemplate: ({ auth, domain, user, project, committish }) => `git+https://${maybeJoin(auth, '@')}${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + tarballtemplate: ({ domain, user, project, committish }) => `https://${domain}/${user}/${project}/repository/archive.tar.gz?ref=${maybeEncode(committish) || 'master'}`, + extract: (url) => { + const path = url.pathname.slice(1) + if (path.includes('/-/')) { + return + } + + const segments = path.split('/') + let project = segments.pop() + if (project.endsWith('.git')) { + project = project.slice(0, -4) + } + + const user = segments.join('/') + if (!user || !project) { + return + } + + return { user, project, committish: url.hash.slice(1) } + } +}) + +gitHosts.gist = Object.assign({}, defaults, { + protocols: ['git:', 'git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'gist.github.com', + sshtemplate: ({ domain, project, committish }) => `git@${domain}:${project}.git${maybeJoin('#', committish)}`, + sshurltemplate: ({ domain, project, committish }) => `git+ssh://git@${domain}/${project}.git${maybeJoin('#', committish)}`, + browsetemplate: ({ domain, project, committish }) => `https://${domain}/${project}${maybeJoin('/', maybeEncode(committish))}`, + browsefiletemplate: ({ domain, project, committish, path, hashformat }) => `https://${domain}/${project}${maybeJoin('/', maybeEncode(committish))}${maybeJoin('#', hashformat(path))}`, + docstemplate: ({ domain, project, committish }) => `https://${domain}/${project}${maybeJoin('/', maybeEncode(committish))}`, + httpstemplate: ({ domain, project, committish }) => `git+https://${domain}/${project}.git${maybeJoin('#', committish)}`, + filetemplate: ({ user, project, committish, path }) => `https://gist.githubusercontent.com/${user}/${project}/raw${maybeJoin('/', maybeEncode(committish))}/${path}`, + shortcuttemplate: ({ type, project, committish }) => `${type}:${project}${maybeJoin('#', committish)}`, + pathtemplate: ({ project, committish }) => `${project}${maybeJoin('#', committish)}`, + bugstemplate: ({ domain, project }) => `https://${domain}/${project}`, + gittemplate: ({ domain, project, committish }) => `git://${domain}/${project}.git${maybeJoin('#', committish)}`, + tarballtemplate: ({ project, committish }) => `https://codeload.github.com/gist/${project}/tar.gz/${maybeEncode(committish) || 'master'}`, + extract: (url) => { + let [, user, project, aux] = url.pathname.split('/', 4) + if (aux === 'raw') { + return + } + + if (!project) { + if (!user) { + return + } + + project = user + user = null + } + + if (project.endsWith('.git')) { + project = project.slice(0, -4) + } -Object.keys(gitHosts).forEach(function (name) { - Object.keys(gitHostDefaults).forEach(function (key) { - if (gitHosts[name][key]) return - gitHosts[name][key] = gitHostDefaults[key] - }) - gitHosts[name].protocols_re = RegExp('^(' + - gitHosts[name].protocols.map(function (protocol) { - return protocol.replace(/([\\+*{}()[\]$^|])/g, '\\$1') - }).join('|') + '):$') + return { user, project, committish: url.hash.slice(1) } + }, + hashformat: function (fragment) { + return fragment && 'file-' + formatHashFragment(fragment) + } }) +const names = Object.keys(gitHosts) +gitHosts.byShortcut = {} +gitHosts.byDomain = {} +for (const name of names) { + gitHosts.byShortcut[`${name}:`] = name + gitHosts.byDomain[gitHosts[name].domain] = name +} + function formatHashFragment (fragment) { return fragment.toLowerCase().replace(/^\W+|\/|\W+$/g, '').replace(/\W+/g, '-') } + +module.exports = gitHosts diff --git a/node_modules/hosted-git-info/git-host.js b/node_modules/hosted-git-info/git-host.js index f9b1ec7456320..8a975e92e58bb 100644 --- a/node_modules/hosted-git-info/git-host.js +++ b/node_modules/hosted-git-info/git-host.js @@ -1,156 +1,110 @@ 'use strict' -var gitHosts = require('./git-host-info.js') -/* eslint-disable node/no-deprecated-api */ - -// copy-pasta util._extend from node's source, to avoid pulling -// the whole util module into peoples' webpack bundles. -/* istanbul ignore next */ -var extend = Object.assign || function _extend (target, source) { - // Don't do anything if source isn't an object - if (source === null || typeof source !== 'object') return target - - const keys = Object.keys(source) - let i = keys.length - while (i--) { - target[keys[i]] = source[keys[i]] - } - return target -} +const gitHosts = require('./git-host-info.js') + +class GitHost { + constructor (type, user, auth, project, committish, defaultRepresentation, opts = {}) { + Object.assign(this, gitHosts[type]) + this.type = type + this.user = user + this.auth = auth + this.project = project + this.committish = committish + this.default = defaultRepresentation + this.opts = opts + } -module.exports = GitHost -function GitHost (type, user, auth, project, committish, defaultRepresentation, opts) { - var gitHostInfo = this - gitHostInfo.type = type - Object.keys(gitHosts[type]).forEach(function (key) { - gitHostInfo[key] = gitHosts[type][key] - }) - gitHostInfo.user = user - gitHostInfo.auth = auth - gitHostInfo.project = project - gitHostInfo.committish = committish - gitHostInfo.default = defaultRepresentation - gitHostInfo.opts = opts || {} -} + hash () { + return this.committish ? `#${this.committish}` : '' + } -GitHost.prototype.hash = function () { - return this.committish ? '#' + this.committish : '' -} + ssh (opts) { + return this._fill(this.sshtemplate, opts) + } + + _fill (template, opts) { + if (typeof template === 'function') { + const options = { ...this, ...this.opts, ...opts } + + // the path should always be set so we don't end up with 'undefined' in urls + if (!options.path) { + options.path = '' + } + + // template functions will insert the leading slash themselves + if (options.path.startsWith('/')) { + options.path = options.path.slice(1) + } -GitHost.prototype._fill = function (template, opts) { - if (!template) return - var vars = extend({}, opts) - vars.path = vars.path ? vars.path.replace(/^[/]+/g, '') : '' - opts = extend(extend({}, this.opts), opts) - var self = this - Object.keys(this).forEach(function (key) { - if (self[key] != null && vars[key] == null) vars[key] = self[key] - }) - var rawAuth = vars.auth - var rawcommittish = vars.committish - var rawFragment = vars.fragment - var rawPath = vars.path - var rawProject = vars.project - Object.keys(vars).forEach(function (key) { - var value = vars[key] - if ((key === 'path' || key === 'project') && typeof value === 'string') { - vars[key] = value.split('/').map(function (pathComponent) { - return encodeURIComponent(pathComponent) - }).join('/') - } else if (key !== 'domain') { - vars[key] = encodeURIComponent(value) + if (options.noCommittish) { + options.committish = null + } + + const result = template(options) + return options.noGitPlus && result.startsWith('git+') ? result.slice(4) : result } - }) - vars['auth@'] = rawAuth ? rawAuth + '@' : '' - vars['#fragment'] = rawFragment ? '#' + this.hashformat(rawFragment) : '' - vars.fragment = vars.fragment ? vars.fragment : '' - vars['#path'] = rawPath ? '#' + this.hashformat(rawPath) : '' - vars['/path'] = vars.path ? '/' + vars.path : '' - vars.projectPath = rawProject.split('/').map(encodeURIComponent).join('/') - if (opts.noCommittish) { - vars['#committish'] = '' - vars['/tree/committish'] = '' - vars['/committish'] = '' - vars.committish = '' - } else { - vars['#committish'] = rawcommittish ? '#' + rawcommittish : '' - vars['/tree/committish'] = vars.committish - ? '/' + vars.treepath + '/' + vars.committish - : '' - vars['/committish'] = vars.committish ? '/' + vars.committish : '' - vars.committish = vars.committish || 'master' - } - var res = template - Object.keys(vars).forEach(function (key) { - res = res.replace(new RegExp('[{]' + key + '[}]', 'g'), vars[key]) - }) - if (opts.noGitPlus) { - return res.replace(/^git[+]/, '') - } else { - return res + + return null } -} -GitHost.prototype.ssh = function (opts) { - return this._fill(this.sshtemplate, opts) -} + sshurl (opts) { + return this._fill(this.sshurltemplate, opts) + } -GitHost.prototype.sshurl = function (opts) { - return this._fill(this.sshurltemplate, opts) -} + browse (path, fragment, opts) { + // not a string, treat path as opts + if (typeof path !== 'string') { + return this._fill(this.browsetemplate, path) + } -GitHost.prototype.browse = function (P, F, opts) { - if (typeof P === 'string') { - if (typeof F !== 'string') { - opts = F - F = null + if (typeof fragment !== 'string') { + opts = fragment + fragment = null } - return this._fill(this.browsefiletemplate, extend({ - fragment: F, - path: P - }, opts)) - } else { - return this._fill(this.browsetemplate, P) + return this._fill(this.browsefiletemplate, { ...opts, fragment, path }) } -} -GitHost.prototype.docs = function (opts) { - return this._fill(this.docstemplate, opts) -} + docs (opts) { + return this._fill(this.docstemplate, opts) + } -GitHost.prototype.bugs = function (opts) { - return this._fill(this.bugstemplate, opts) -} + bugs (opts) { + return this._fill(this.bugstemplate, opts) + } -GitHost.prototype.https = function (opts) { - return this._fill(this.httpstemplate, opts) -} + https (opts) { + return this._fill(this.httpstemplate, opts) + } -GitHost.prototype.git = function (opts) { - return this._fill(this.gittemplate, opts) -} + git (opts) { + return this._fill(this.gittemplate, opts) + } -GitHost.prototype.shortcut = function (opts) { - return this._fill(this.shortcuttemplate, opts) -} + shortcut (opts) { + return this._fill(this.shortcuttemplate, opts) + } -GitHost.prototype.path = function (opts) { - return this._fill(this.pathtemplate, opts) -} + path (opts) { + return this._fill(this.pathtemplate, opts) + } -GitHost.prototype.tarball = function (opts_) { - var opts = extend({}, opts_, { noCommittish: false }) - return this._fill(this.tarballtemplate, opts) -} + tarball (opts) { + return this._fill(this.tarballtemplate, { ...opts, noCommittish: false }) + } -GitHost.prototype.file = function (P, opts) { - return this._fill(this.filetemplate, extend({ path: P }, opts)) -} + file (path, opts) { + return this._fill(this.filetemplate, { ...opts, path }) + } -GitHost.prototype.getDefaultRepresentation = function () { - return this.default -} + getDefaultRepresentation () { + return this.default + } + + toString (opts) { + if (this.default && typeof this[this.default] === 'function') { + return this[this.default](opts) + } -GitHost.prototype.toString = function (opts) { - if (this.default && typeof this[this.default] === 'function') return this[this.default](opts) - return this.sshurl(opts) + return this.sshurl(opts) + } } +module.exports = GitHost diff --git a/node_modules/hosted-git-info/index.js b/node_modules/hosted-git-info/index.js index 8b3eaba3da7fb..f35c570c46b59 100644 --- a/node_modules/hosted-git-info/index.js +++ b/node_modules/hosted-git-info/index.js @@ -1,11 +1,11 @@ 'use strict' -var url = require('url') -var gitHosts = require('./git-host-info.js') -var GitHost = module.exports = require('./git-host.js') -var LRU = require('lru-cache') -var cache = new LRU({max: 1000}) +const url = require('url') +const gitHosts = require('./git-host-info.js') +const GitHost = module.exports = require('./git-host.js') +const LRU = require('lru-cache') +const cache = new LRU({ max: 1000 }) -var protocolToRepresentationMap = { +const protocolToRepresentationMap = { 'git+ssh:': 'sshurl', 'git+https:': 'https', 'ssh:': 'sshurl', @@ -16,7 +16,7 @@ function protocolToRepresentation (protocol) { return protocolToRepresentationMap[protocol] || protocol.slice(0, -1) } -var authProtocols = { +const authProtocols = { 'git:': true, 'https:': true, 'git+https:': true, @@ -24,9 +24,14 @@ var authProtocols = { 'git+http:': true } +const knownProtocols = Object.keys(gitHosts.byShortcut).concat(['http:', 'https:', 'git:', 'git+ssh:', 'git+https:', 'ssh:']) + module.exports.fromUrl = function (giturl, opts) { - if (typeof giturl !== 'string') return - var key = giturl + JSON.stringify(opts || {}) + if (typeof giturl !== 'string') { + return + } + + const key = giturl + JSON.stringify(opts || {}) if (!cache.has(key)) { cache.set(key, fromUrl(giturl, opts)) @@ -36,111 +41,197 @@ module.exports.fromUrl = function (giturl, opts) { } function fromUrl (giturl, opts) { - if (giturl == null || giturl === '') return - var url = fixupUnqualifiedGist( - isGitHubShorthand(giturl) ? 'github:' + giturl : giturl - ) - var parsed = parseGitUrl(url) - var shortcutMatch = url.match(/^([^:]+):(?:[^@]+@)?(?:([^/]*)\/)?([^#]+)/) - var matches = Object.keys(gitHosts).map(function (gitHostName) { - try { - var gitHostInfo = gitHosts[gitHostName] - var auth = null - if (parsed.auth && authProtocols[parsed.protocol]) { - auth = parsed.auth + if (!giturl) { + return + } + + const url = isGitHubShorthand(giturl) ? 'github:' + giturl : correctProtocol(giturl) + const parsed = parseGitUrl(url) + if (!parsed) { + return parsed + } + + const gitHostShortcut = gitHosts.byShortcut[parsed.protocol] + const gitHostDomain = gitHosts.byDomain[parsed.hostname.startsWith('www.') ? parsed.hostname.slice(4) : parsed.hostname] + const gitHostName = gitHostShortcut || gitHostDomain + if (!gitHostName) { + return + } + + const gitHostInfo = gitHosts[gitHostShortcut || gitHostDomain] + let auth = null + if (authProtocols[parsed.protocol] && (parsed.username || parsed.password)) { + auth = `${parsed.username}${parsed.password ? ':' + parsed.password : ''}` + } + + let committish = null + let user = null + let project = null + let defaultRepresentation = null + + try { + if (gitHostShortcut) { + let pathname = parsed.pathname.startsWith('/') ? parsed.pathname.slice(1) : parsed.pathname + const firstAt = pathname.indexOf('@') + // we ignore auth for shortcuts, so just trim it out + if (firstAt > -1) { + pathname = pathname.slice(firstAt + 1) } - var committish = parsed.hash ? decodeURIComponent(parsed.hash.substr(1)) : null - var user = null - var project = null - var defaultRepresentation = null - if (shortcutMatch && shortcutMatch[1] === gitHostName) { - user = shortcutMatch[2] && decodeURIComponent(shortcutMatch[2]) - project = decodeURIComponent(shortcutMatch[3].replace(/\.git$/, '')) - defaultRepresentation = 'shortcut' - } else { - if (parsed.host && parsed.host !== gitHostInfo.domain && parsed.host.replace(/^www[.]/, '') !== gitHostInfo.domain) return - if (!gitHostInfo.protocols_re.test(parsed.protocol)) return - if (!parsed.path) return - var pathmatch = gitHostInfo.pathmatch - var matched = parsed.path.match(pathmatch) - if (!matched) return - /* istanbul ignore else */ - if (matched[1] !== null && matched[1] !== undefined) { - user = decodeURIComponent(matched[1].replace(/^:/, '')) + + const lastSlash = pathname.lastIndexOf('/') + if (lastSlash > -1) { + user = decodeURIComponent(pathname.slice(0, lastSlash)) + // we want nulls only, never empty strings + if (!user) { + user = null } - project = decodeURIComponent(matched[2]) - defaultRepresentation = protocolToRepresentation(parsed.protocol) + project = decodeURIComponent(pathname.slice(lastSlash + 1)) + } else { + project = decodeURIComponent(pathname) + } + + if (project.endsWith('.git')) { + project = project.slice(0, -4) + } + + if (parsed.hash) { + committish = decodeURIComponent(parsed.hash.slice(1)) + } + + defaultRepresentation = 'shortcut' + } else { + if (!gitHostInfo.protocols.includes(parsed.protocol)) { + return } - return new GitHost(gitHostName, user, auth, project, committish, defaultRepresentation, opts) - } catch (ex) { - /* istanbul ignore else */ - if (ex instanceof URIError) { - } else throw ex + + const segments = gitHostInfo.extract(parsed) + if (!segments) { + return + } + + user = segments.user && decodeURIComponent(segments.user) + project = decodeURIComponent(segments.project) + committish = decodeURIComponent(segments.committish) + defaultRepresentation = protocolToRepresentation(parsed.protocol) } - }).filter(function (gitHostInfo) { return gitHostInfo }) - if (matches.length !== 1) return - return matches[0] -} + } catch (err) { + /* istanbul ignore else */ + if (err instanceof URIError) { + return + } else { + throw err + } + } -function isGitHubShorthand (arg) { - // Note: This does not fully test the git ref format. - // See https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html - // - // The only way to do this properly would be to shell out to - // git-check-ref-format, and as this is a fast sync function, - // we don't want to do that. Just let git fail if it turns - // out that the commit-ish is invalid. - // GH usernames cannot start with . or - - return /^[^:@%/\s.-][^:@%/\s]*[/][^:@\s/%]+(?:#.*)?$/.test(arg) + return new GitHost(gitHostName, user, auth, project, committish, defaultRepresentation, opts) } -function fixupUnqualifiedGist (giturl) { - // necessary for round-tripping gists - var parsed = url.parse(giturl) - if (parsed.protocol === 'gist:' && parsed.host && !parsed.path) { - return parsed.protocol + '/' + parsed.host - } else { - return giturl +// accepts input like git:github.com:user/repo and inserts the // after the first : +const correctProtocol = (arg) => { + const firstColon = arg.indexOf(':') + const proto = arg.slice(0, firstColon + 1) + if (knownProtocols.includes(proto)) { + return arg } -} -function parseGitUrl (giturl) { - var matched = giturl.match(/^([^@]+)@([^:/]+):[/]?((?:[^/]+[/])?[^/]+?)(?:[.]git)?(#.*)?$/) - if (!matched) { - var legacy = url.parse(giturl) - if (legacy.auth) { - // git urls can be in the form of scp-style/ssh-connect strings, like - // git+ssh://user@host.com:some/path, which the legacy url parser - // supports, but WhatWG url.URL class does not. However, the legacy - // parser de-urlencodes the username and password, so something like - // https://user%3An%40me:p%40ss%3Aword@x.com/ becomes - // https://user:n@me:p@ss:word@x.com/ which is all kinds of wrong. - // Pull off just the auth and host, so we dont' get the confusing - // scp-style URL, then pass that to the WhatWG parser to get the - // auth properly escaped. - const authmatch = giturl.match(/[^@]+@[^:/]+/) - /* istanbul ignore else - this should be impossible */ - if (authmatch) { - var whatwg = new url.URL(authmatch[0]) - legacy.auth = whatwg.username || '' - if (whatwg.password) legacy.auth += ':' + whatwg.password - } + const firstAt = arg.indexOf('@') + if (firstAt > -1) { + if (firstAt > firstColon) { + return `git+ssh://${arg}` + } else { + return arg } - return legacy } - return { - protocol: 'git+ssh:', - slashes: true, - auth: matched[1], - host: matched[2], - port: null, - hostname: matched[2], - hash: matched[4], - search: null, - query: null, - pathname: '/' + matched[3], - path: '/' + matched[3], - href: 'git+ssh://' + matched[1] + '@' + matched[2] + - '/' + matched[3] + (matched[4] || '') + + const doubleSlash = arg.indexOf('//') + if (doubleSlash === firstColon + 1) { + return arg + } + + return arg.slice(0, firstColon + 1) + '//' + arg.slice(firstColon + 1) +} + +// look for github shorthand inputs, such as npm/cli +const isGitHubShorthand = (arg) => { + // it cannot contain whitespace before the first # + // it cannot start with a / because that's probably an absolute file path + // but it must include a slash since repos are username/repository + // it cannot start with a . because that's probably a relative file path + // it cannot start with an @ because that's a scoped package if it passes the other tests + // it cannot contain a : before a # because that tells us that there's a protocol + // a second / may not exist before a # + const firstHash = arg.indexOf('#') + const firstSlash = arg.indexOf('/') + const secondSlash = arg.indexOf('/', firstSlash + 1) + const firstColon = arg.indexOf(':') + const firstSpace = /\s/.exec(arg) + const firstAt = arg.indexOf('@') + + const spaceOnlyAfterHash = !firstSpace || (firstHash > -1 && firstSpace.index > firstHash) + const atOnlyAfterHash = firstAt === -1 || (firstHash > -1 && firstAt > firstHash) + const colonOnlyAfterHash = firstColon === -1 || (firstHash > -1 && firstColon > firstHash) + const secondSlashOnlyAfterHash = secondSlash === -1 || (firstHash > -1 && secondSlash > firstHash) + const hasSlash = firstSlash > 0 + // if a # is found, what we really want to know is that the character immediately before # is not a / + const doesNotEndWithSlash = firstHash > -1 ? arg[firstHash - 1] !== '/' : !arg.endsWith('/') + const doesNotStartWithDot = !arg.startsWith('.') + + return spaceOnlyAfterHash && hasSlash && doesNotEndWithSlash && doesNotStartWithDot && atOnlyAfterHash && colonOnlyAfterHash && secondSlashOnlyAfterHash +} + +// attempt to correct an scp style url so that it will parse with `new URL()` +const correctUrl = (giturl) => { + const firstAt = giturl.indexOf('@') + const lastHash = giturl.lastIndexOf('#') + let firstColon = giturl.indexOf(':') + let lastColon = giturl.lastIndexOf(':', lastHash > -1 ? lastHash : Infinity) + + let corrected + if (lastColon > firstAt) { + // the last : comes after the first @ (or there is no @) + // like it would in: + // proto://hostname.com:user/repo + // username@hostname.com:user/repo + // :password@hostname.com:user/repo + // username:password@hostname.com:user/repo + // proto://username@hostname.com:user/repo + // proto://:password@hostname.com:user/repo + // proto://username:password@hostname.com:user/repo + // then we replace the last : with a / to create a valid path + corrected = giturl.slice(0, lastColon) + '/' + giturl.slice(lastColon + 1) + // // and we find our new : positions + firstColon = corrected.indexOf(':') + lastColon = corrected.lastIndexOf(':') + } + + if (firstColon === -1 && giturl.indexOf('//') === -1) { + // we have no : at all + // as it would be in: + // username@hostname.com/user/repo + // then we prepend a protocol + corrected = `git+ssh://${corrected}` + } + + return corrected +} + +// try to parse the url as its given to us, if that throws +// then we try to clean the url and parse that result instead +// THIS FUNCTION SHOULD NEVER THROW +const parseGitUrl = (giturl) => { + let result + try { + result = new url.URL(giturl) + } catch (err) {} + + if (result) { + return result } + + const correctedUrl = correctUrl(giturl) + try { + result = new url.URL(correctedUrl) + } catch (err) {} + + return result } diff --git a/node_modules/hosted-git-info/package.json b/node_modules/hosted-git-info/package.json index 32712269f0427..930e3b693b980 100644 --- a/node_modules/hosted-git-info/package.json +++ b/node_modules/hosted-git-info/package.json @@ -1,7 +1,7 @@ { "name": "hosted-git-info", - "version": "3.0.8", - "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "version": "4.0.1", + "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", "main": "index.js", "repository": { "type": "git", @@ -20,20 +20,21 @@ }, "homepage": "https://github.com/npm/hosted-git-info", "scripts": { - "prerelease": "npm t", - "postrelease": "npm publish && git push --follow-tags", "posttest": "standard", - "release": "standard-version -s", - "test:coverage": "tap --coverage-report=html -J --100 --no-esm test/*.js", - "test": "tap -J --100 --no-esm test/*.js" + "postversion": "npm publish", + "prepublishOnly": "git push origin --follow-tags", + "preversion": "npm test", + "snap": "tap", + "test": "tap", + "test:coverage": "tap --coverage-report=html" }, "dependencies": { "lru-cache": "^6.0.0" }, "devDependencies": { - "standard": "^11.0.1", - "standard-version": "^4.4.0", - "tap": "^12.7.0" + "standard": "^16.0.3", + "standard-version": "^9.1.0", + "tap": "^14.11.0" }, "files": [ "index.js", @@ -42,5 +43,10 @@ ], "engines": { "node": ">=10" + }, + "tap": { + "color": 1, + "coverage": true, + "esm": false } } diff --git a/node_modules/libnpmversion/lib/index.js b/node_modules/libnpmversion/lib/index.js index 525d8264e737a..c3f554834bf81 100644 --- a/node_modules/libnpmversion/lib/index.js +++ b/node_modules/libnpmversion/lib/index.js @@ -1,4 +1,4 @@ -const readJson = require('read-package-json-fast') +const readJson = require('./read-json.js') const version = require('./version.js') const proclog = require('./proc-log.js') diff --git a/node_modules/libnpmversion/lib/read-json.js b/node_modules/libnpmversion/lib/read-json.js new file mode 100644 index 0000000000000..0a1f64f2f70e7 --- /dev/null +++ b/node_modules/libnpmversion/lib/read-json.js @@ -0,0 +1,7 @@ +// can't use read-package-json-fast, because we want to ensure +// that we make as few changes as possible, even for safety issues. +const {promisify} = require('util') +const readFile = promisify(require('fs').readFile) +const parse = require('json-parse-even-better-errors') + +module.exports = async path => parse(await readFile(path)) diff --git a/node_modules/libnpmversion/lib/version.js b/node_modules/libnpmversion/lib/version.js index 31e6023f017a5..0fe1ea6213fc6 100644 --- a/node_modules/libnpmversion/lib/version.js +++ b/node_modules/libnpmversion/lib/version.js @@ -4,7 +4,7 @@ const retrieveTag = require('./retrieve-tag.js') const semver = require('semver') const enforceClean = require('./enforce-clean.js') const writeJson = require('./write-json.js') -const readJson = require('read-package-json-fast') +const readJson = require('./read-json.js') const git = require('@npmcli/git') const commit = require('./commit.js') const tag = require('./tag.js') diff --git a/node_modules/libnpmversion/package.json b/node_modules/libnpmversion/package.json index 3d15bbc2f7f72..0135c21e7232c 100644 --- a/node_modules/libnpmversion/package.json +++ b/node_modules/libnpmversion/package.json @@ -1,6 +1,6 @@ { "name": "libnpmversion", - "version": "1.0.11", + "version": "1.0.12", "main": "lib/index.js", "files": [ "lib/*.js" @@ -30,7 +30,7 @@ "dependencies": { "@npmcli/git": "^2.0.6", "@npmcli/run-script": "^1.8.3", - "read-package-json-fast": "^2.0.1", + "json-parse-even-better-errors": "^2.3.1", "semver": "^7.3.4", "stringify-package": "^1.0.1" } diff --git a/node_modules/normalize-package-data/README.md b/node_modules/normalize-package-data/README.md index d2bd7bc7ff606..84da5e8bcf2dd 100644 --- a/node_modules/normalize-package-data/README.md +++ b/node_modules/normalize-package-data/README.md @@ -1,4 +1,6 @@ -# normalize-package-data [![Build Status](https://travis-ci.org/npm/normalize-package-data.png?branch=master)](https://travis-ci.org/npm/normalize-package-data) +# normalize-package-data + +[![Build Status](https://travis-ci.org/npm/normalize-package-data.svg?branch=master)](https://travis-ci.org/npm/normalize-package-data) normalize-package-data exports a function that normalizes package metadata. This data is typically found in a package.json file, but in principle could come from any source - for example the npm registry. diff --git a/node_modules/normalize-package-data/node_modules/hosted-git-info/CHANGELOG.md b/node_modules/normalize-package-data/node_modules/hosted-git-info/CHANGELOG.md new file mode 100644 index 0000000000000..3ffcacacc575c --- /dev/null +++ b/node_modules/normalize-package-data/node_modules/hosted-git-info/CHANGELOG.md @@ -0,0 +1,185 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [3.0.8](https://github.com/npm/hosted-git-info/compare/v3.0.7...v3.0.8) (2021-01-28) + + +### Bug Fixes + +* simplify the regular expression for shortcut matching ([bede0dc](https://github.com/npm/hosted-git-info/commit/bede0dc)), closes [#76](https://github.com/npm/hosted-git-info/issues/76) + + + + +## [3.0.7](https://github.com/npm/hosted-git-info/compare/v3.0.6...v3.0.7) (2020-10-15) + + +### Bug Fixes + +* correctly filter out urls for tarballs in gitlab ([eb5bd5a](https://github.com/npm/hosted-git-info/commit/eb5bd5a)), closes [#69](https://github.com/npm/hosted-git-info/issues/69) + + + + +## [3.0.6](https://github.com/npm/hosted-git-info/compare/v3.0.5...v3.0.6) (2020-10-12) + + +### Bug Fixes + +* support to github gist legacy hash length ([c067102](https://github.com/npm/hosted-git-info/commit/c067102)), closes [#68](https://github.com/npm/hosted-git-info/issues/68) + + + + +## [3.0.5](https://github.com/npm/hosted-git-info/compare/v3.0.4...v3.0.5) (2020-07-11) + + + + +## [3.0.4](https://github.com/npm/hosted-git-info/compare/v3.0.3...v3.0.4) (2020-02-26) + + +### Bug Fixes + +* Do not pass scp-style URLs to the WhatWG url.URL ([0835306](https://github.com/npm/hosted-git-info/commit/0835306)), closes [#60](https://github.com/npm/hosted-git-info/issues/60) [#63](https://github.com/npm/hosted-git-info/issues/63) + + + + +## [3.0.3](https://github.com/npm/hosted-git-info/compare/v3.0.2...v3.0.3) (2020-02-25) + + + + +## [3.0.2](https://github.com/npm/hosted-git-info/compare/v3.0.1...v3.0.2) (2019-10-08) + + +### Bug Fixes + +* do not encodeURIComponent the domain ([3e5fbec](https://github.com/npm/hosted-git-info/commit/3e5fbec)), closes [#53](https://github.com/npm/hosted-git-info/issues/53) + + + + +## [3.0.1](https://github.com/npm/hosted-git-info/compare/v3.0.0...v3.0.1) (2019-10-07) + + +### Bug Fixes + +* update pathmatch for gitlab ([e3e3054](https://github.com/npm/hosted-git-info/commit/e3e3054)), closes [#52](https://github.com/npm/hosted-git-info/issues/52) +* updated pathmatch for gitlab ([fa87af7](https://github.com/npm/hosted-git-info/commit/fa87af7)) + + + + +# [3.0.0](https://github.com/npm/hosted-git-info/compare/v2.8.3...v3.0.0) (2019-08-12) + + +### Bug Fixes + +* **cache:** Switch to lru-cache to save ourselves from unlimited memory consumption ([37c2891](https://github.com/npm/hosted-git-info/commit/37c2891)), closes [#38](https://github.com/npm/hosted-git-info/issues/38) + + +### BREAKING CHANGES + +* **cache:** Drop support for node 0.x + + + + +## [2.8.3](https://github.com/npm/hosted-git-info/compare/v2.8.2...v2.8.3) (2019-08-12) + + + + +## [2.8.2](https://github.com/npm/hosted-git-info/compare/v2.8.1...v2.8.2) (2019-08-05) + + +### Bug Fixes + +* http protocol use sshurl by default ([3b1d629](https://github.com/npm/hosted-git-info/commit/3b1d629)), closes [#48](https://github.com/npm/hosted-git-info/issues/48) + + + + +## [2.8.1](https://github.com/npm/hosted-git-info/compare/v2.8.0...v2.8.1) (2019-08-05) + + +### Bug Fixes + +* ignore noCommittish on tarball url generation ([5d4a8d7](https://github.com/npm/hosted-git-info/commit/5d4a8d7)) +* use gist tarball url that works for anonymous gists ([1692435](https://github.com/npm/hosted-git-info/commit/1692435)) + + + + +# [2.8.0](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.0) (2019-08-05) + + +### Bug Fixes + +* Allow slashes in gitlab project section ([bbcf7b2](https://github.com/npm/hosted-git-info/commit/bbcf7b2)), closes [#46](https://github.com/npm/hosted-git-info/issues/46) [#43](https://github.com/npm/hosted-git-info/issues/43) +* **git-host:** disallow URI-encoded slash (%2F) in `path` ([3776fa5](https://github.com/npm/hosted-git-info/commit/3776fa5)), closes [#44](https://github.com/npm/hosted-git-info/issues/44) +* **gitlab:** Do not URL encode slashes in project name for GitLab https URL ([cbf04f9](https://github.com/npm/hosted-git-info/commit/cbf04f9)), closes [#47](https://github.com/npm/hosted-git-info/issues/47) +* do not allow invalid gist urls ([d5cf830](https://github.com/npm/hosted-git-info/commit/d5cf830)) +* **cache:** Switch to lru-cache to save ourselves from unlimited memory consumption ([e518222](https://github.com/npm/hosted-git-info/commit/e518222)), closes [#38](https://github.com/npm/hosted-git-info/issues/38) + + +### Features + +* give these objects a name ([60abaea](https://github.com/npm/hosted-git-info/commit/60abaea)) + + + + +## [2.7.1](https://github.com/npm/hosted-git-info/compare/v2.7.0...v2.7.1) (2018-07-07) + + +### Bug Fixes + +* **index:** Guard against non-string types ([5bc580d](https://github.com/npm/hosted-git-info/commit/5bc580d)) +* **parse:** Crash on strings that parse to having no host ([c931482](https://github.com/npm/hosted-git-info/commit/c931482)), closes [#35](https://github.com/npm/hosted-git-info/issues/35) + + + + +# [2.7.0](https://github.com/npm/hosted-git-info/compare/v2.6.1...v2.7.0) (2018-07-06) + + +### Bug Fixes + +* **github tarball:** update github tarballtemplate ([6efd582](https://github.com/npm/hosted-git-info/commit/6efd582)), closes [#34](https://github.com/npm/hosted-git-info/issues/34) +* **gitlab docs:** switched to lowercase anchors for readmes ([701bcd1](https://github.com/npm/hosted-git-info/commit/701bcd1)) + + +### Features + +* **all:** Support www. prefixes on hostnames ([3349575](https://github.com/npm/hosted-git-info/commit/3349575)), closes [#32](https://github.com/npm/hosted-git-info/issues/32) + + + + +## [2.6.1](https://github.com/npm/hosted-git-info/compare/v2.6.0...v2.6.1) (2018-06-25) + +### Bug Fixes + +* **Revert:** "compat: remove Object.assign fallback ([#25](https://github.com/npm/hosted-git-info/issues/25))" ([cce5a62](https://github.com/npm/hosted-git-info/commit/cce5a62)) +* **Revert:** "git-host: fix forgotten extend()" ([a815ec9](https://github.com/npm/hosted-git-info/commit/a815ec9)) + + + + +# [2.6.0](https://github.com/npm/hosted-git-info/compare/v2.5.0...v2.6.0) (2018-03-07) + + +### Bug Fixes + +* **compat:** remove Object.assign fallback ([#25](https://github.com/npm/hosted-git-info/issues/25)) ([627ab55](https://github.com/npm/hosted-git-info/commit/627ab55)) +* **git-host:** fix forgotten extend() ([eba1f7b](https://github.com/npm/hosted-git-info/commit/eba1f7b)) + + +### Features + +* **browse:** fragment support for browse() ([#28](https://github.com/npm/hosted-git-info/issues/28)) ([cd5e5bb](https://github.com/npm/hosted-git-info/commit/cd5e5bb)) diff --git a/node_modules/normalize-package-data/node_modules/hosted-git-info/LICENSE b/node_modules/normalize-package-data/node_modules/hosted-git-info/LICENSE new file mode 100644 index 0000000000000..45055763dc838 --- /dev/null +++ b/node_modules/normalize-package-data/node_modules/hosted-git-info/LICENSE @@ -0,0 +1,13 @@ +Copyright (c) 2015, Rebecca Turner + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH +REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, +INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR +OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/normalize-package-data/node_modules/hosted-git-info/README.md b/node_modules/normalize-package-data/node_modules/hosted-git-info/README.md new file mode 100644 index 0000000000000..8740406029626 --- /dev/null +++ b/node_modules/normalize-package-data/node_modules/hosted-git-info/README.md @@ -0,0 +1,133 @@ +# hosted-git-info + +This will let you identify and transform various git hosts URLs between +protocols. It also can tell you what the URL is for the raw path for +particular file for direct access without git. + +## Example + +```javascript +var hostedGitInfo = require("hosted-git-info") +var info = hostedGitInfo.fromUrl("git@github.com:npm/hosted-git-info.git", opts) +/* info looks like: +{ + type: "github", + domain: "github.com", + user: "npm", + project: "hosted-git-info" +} +*/ +``` + +If the URL can't be matched with a git host, `null` will be returned. We +can match git, ssh and https urls. Additionally, we can match ssh connect +strings (`git@github.com:npm/hosted-git-info`) and shortcuts (eg, +`github:npm/hosted-git-info`). GitHub specifically, is detected in the case +of a third, unprefixed, form: `npm/hosted-git-info`. + +If it does match, the returned object has properties of: + +* info.type -- The short name of the service +* info.domain -- The domain for git protocol use +* info.user -- The name of the user/org on the git host +* info.project -- The name of the project on the git host + +## Version Contract + +The major version will be bumped any time… + +* The constructor stops accepting URLs that it previously accepted. +* A method is removed. +* A method can no longer accept the number and type of arguments it previously accepted. +* A method can return a different type than it currently returns. + +Implications: + +* I do not consider the specific format of the urls returned from, say + `.https()` to be a part of the contract. The contract is that it will + return a string that can be used to fetch the repo via HTTPS. But what + that string looks like, specifically, can change. +* Dropping support for a hosted git provider would constitute a breaking + change. + +## Usage + +### var info = hostedGitInfo.fromUrl(gitSpecifier[, options]) + +* *gitSpecifer* is a URL of a git repository or a SCP-style specifier of one. +* *options* is an optional object. It can have the following properties: + * *noCommittish* — If true then committishes won't be included in generated URLs. + * *noGitPlus* — If true then `git+` won't be prefixed on URLs. + +## Methods + +All of the methods take the same options as the `fromUrl` factory. Options +provided to a method override those provided to the constructor. + +* info.file(path, opts) + +Given the path of a file relative to the repository, returns a URL for +directly fetching it from the githost. If no committish was set then +`master` will be used as the default. + +For example `hostedGitInfo.fromUrl("git@github.com:npm/hosted-git-info.git#v1.0.0").file("package.json")` +would return `https://raw.githubusercontent.com/npm/hosted-git-info/v1.0.0/package.json` + +* info.shortcut(opts) + +eg, `github:npm/hosted-git-info` + +* info.browse(path, fragment, opts) + +eg, `https://github.com/npm/hosted-git-info/tree/v1.2.0`, +`https://github.com/npm/hosted-git-info/tree/v1.2.0/package.json`, +`https://github.com/npm/hosted-git-info/tree/v1.2.0/REAMDE.md#supported-hosts` + +* info.bugs(opts) + +eg, `https://github.com/npm/hosted-git-info/issues` + +* info.docs(opts) + +eg, `https://github.com/npm/hosted-git-info/tree/v1.2.0#readme` + +* info.https(opts) + +eg, `git+https://github.com/npm/hosted-git-info.git` + +* info.sshurl(opts) + +eg, `git+ssh://git@github.com/npm/hosted-git-info.git` + +* info.ssh(opts) + +eg, `git@github.com:npm/hosted-git-info.git` + +* info.path(opts) + +eg, `npm/hosted-git-info` + +* info.tarball(opts) + +eg, `https://github.com/npm/hosted-git-info/archive/v1.2.0.tar.gz` + +* info.getDefaultRepresentation() + +Returns the default output type. The default output type is based on the +string you passed in to be parsed + +* info.toString(opts) + +Uses the getDefaultRepresentation to call one of the other methods to get a URL for +this resource. As such `hostedGitInfo.fromUrl(url).toString()` will give +you a normalized version of the URL that still uses the same protocol. + +Shortcuts will still be returned as shortcuts, but the special case github +form of `org/project` will be normalized to `github:org/project`. + +SSH connect strings will be normalized into `git+ssh` URLs. + +## Supported hosts + +Currently this supports GitHub, Bitbucket and GitLab. Pull requests for +additional hosts welcome. diff --git a/node_modules/normalize-package-data/node_modules/hosted-git-info/git-host-info.js b/node_modules/normalize-package-data/node_modules/hosted-git-info/git-host-info.js new file mode 100644 index 0000000000000..360d7b096be61 --- /dev/null +++ b/node_modules/normalize-package-data/node_modules/hosted-git-info/git-host-info.js @@ -0,0 +1,154 @@ +'use strict' +const maybeJoin = (...args) => args.every(arg => arg) ? args.join('') : '' +const maybeEncode = (arg) => arg ? encodeURIComponent(arg) : '' + +const defaults = { + sshtemplate: ({ domain, user, project, committish }) => `git@${domain}:${user}/${project}.git${maybeJoin('#', committish)}`, + sshurltemplate: ({ domain, user, project, committish }) => `git+ssh://git@${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + browsetemplate: ({ domain, user, project, committish, treepath }) => `https://${domain}/${user}/${project}${maybeJoin('/', treepath, '/', maybeEncode(committish))}`, + browsefiletemplate: ({ domain, user, project, committish, treepath, path, fragment, hashformat }) => `https://${domain}/${user}/${project}/${treepath}/${maybeEncode(committish || 'master')}/${path}${maybeJoin('#', hashformat(fragment || ''))}`, + docstemplate: ({ domain, user, project, treepath, committish }) => `https://${domain}/${user}/${project}${maybeJoin('/', treepath, '/', maybeEncode(committish))}#readme`, + httpstemplate: ({ auth, domain, user, project, committish }) => `git+https://${maybeJoin(auth, '@')}${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + filetemplate: ({ domain, user, project, committish, path }) => `https://${domain}/${user}/${project}/raw/${maybeEncode(committish) || 'master'}/${path}`, + shortcuttemplate: ({ type, user, project, committish }) => `${type}:${user}/${project}${maybeJoin('#', committish)}`, + pathtemplate: ({ user, project, committish }) => `${user}/${project}${maybeJoin('#', committish)}`, + bugstemplate: ({ domain, user, project }) => `https://${domain}/${user}/${project}/issues`, + hashformat: formatHashFragment +} + +const gitHosts = {} +gitHosts.github = Object.assign({}, defaults, { + // First two are insecure and generally shouldn't be used any more, but + // they are still supported. + protocols: ['git:', 'http:', 'git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'github.com', + treepath: 'tree', + filetemplate: ({ auth, user, project, committish, path }) => `https://${maybeJoin(auth, '@')}raw.githubusercontent.com/${user}/${project}/${maybeEncode(committish) || 'master'}/${path}`, + gittemplate: ({ auth, domain, user, project, committish }) => `git://${maybeJoin(auth, '@')}${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + tarballtemplate: ({ domain, user, project, committish }) => `https://codeload.${domain}/${user}/${project}/tar.gz/${maybeEncode(committish) || 'master'}`, + extract: (url) => { + let [, user, project, type, committish] = url.pathname.split('/', 5) + if (type && type !== 'tree') { + return + } + + if (!type) { + committish = url.hash.slice(1) + } + + if (project && project.endsWith('.git')) { + project = project.slice(0, -4) + } + + if (!user || !project) { + return + } + + return { user, project, committish } + } +}) + +gitHosts.bitbucket = Object.assign({}, defaults, { + protocols: ['git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'bitbucket.org', + treepath: 'src', + tarballtemplate: ({ domain, user, project, committish }) => `https://${domain}/${user}/${project}/get/${maybeEncode(committish) || 'master'}.tar.gz`, + extract: (url) => { + let [, user, project, aux] = url.pathname.split('/', 4) + if (['get'].includes(aux)) { + return + } + + if (project && project.endsWith('.git')) { + project = project.slice(0, -4) + } + + if (!user || !project) { + return + } + + return { user, project, committish: url.hash.slice(1) } + } +}) + +gitHosts.gitlab = Object.assign({}, defaults, { + protocols: ['git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'gitlab.com', + treepath: 'tree', + httpstemplate: ({ auth, domain, user, project, committish }) => `git+https://${maybeJoin(auth, '@')}${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + tarballtemplate: ({ domain, user, project, committish }) => `https://${domain}/${user}/${project}/repository/archive.tar.gz?ref=${maybeEncode(committish) || 'master'}`, + extract: (url) => { + const path = url.pathname.slice(1) + if (path.includes('/-/')) { + return + } + + const segments = path.split('/') + let project = segments.pop() + if (project.endsWith('.git')) { + project = project.slice(0, -4) + } + + const user = segments.join('/') + if (!user || !project) { + return + } + + return { user, project, committish: url.hash.slice(1) } + } +}) + +gitHosts.gist = Object.assign({}, defaults, { + protocols: ['git:', 'git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'gist.github.com', + sshtemplate: ({ domain, project, committish }) => `git@${domain}:${project}.git${maybeJoin('#', committish)}`, + sshurltemplate: ({ domain, project, committish }) => `git+ssh://git@${domain}/${project}.git${maybeJoin('#', committish)}`, + browsetemplate: ({ domain, project, committish }) => `https://${domain}/${project}${maybeJoin('/', maybeEncode(committish))}`, + browsefiletemplate: ({ domain, project, committish, path, hashformat }) => `https://${domain}/${project}${maybeJoin('/', maybeEncode(committish))}${maybeJoin('#', hashformat(path))}`, + docstemplate: ({ domain, project, committish }) => `https://${domain}/${project}${maybeJoin('/', maybeEncode(committish))}`, + httpstemplate: ({ domain, project, committish }) => `git+https://${domain}/${project}.git${maybeJoin('#', committish)}`, + filetemplate: ({ user, project, committish, path }) => `https://gist.githubusercontent.com/${user}/${project}/raw${maybeJoin('/', maybeEncode(committish))}/${path}`, + shortcuttemplate: ({ type, project, committish }) => `${type}:${project}${maybeJoin('#', committish)}`, + pathtemplate: ({ project, committish }) => `${project}${maybeJoin('#', committish)}`, + bugstemplate: ({ domain, project }) => `https://${domain}/${project}`, + gittemplate: ({ domain, project, committish }) => `git://${domain}/${project}.git${maybeJoin('#', committish)}`, + tarballtemplate: ({ project, committish }) => `https://codeload.github.com/gist/${project}/tar.gz/${maybeEncode(committish) || 'master'}`, + extract: (url) => { + let [, user, project, aux] = url.pathname.split('/', 4) + if (aux === 'raw') { + return + } + + if (!project) { + if (!user) { + return + } + + project = user + user = null + } + + if (project.endsWith('.git')) { + project = project.slice(0, -4) + } + + return { user, project, committish: url.hash.slice(1) } + }, + hashformat: function (fragment) { + return fragment && 'file-' + formatHashFragment(fragment) + } +}) + +const names = Object.keys(gitHosts) +gitHosts.byShortcut = {} +gitHosts.byDomain = {} +for (const name of names) { + gitHosts.byShortcut[`${name}:`] = name + gitHosts.byDomain[gitHosts[name].domain] = name +} + +function formatHashFragment (fragment) { + return fragment.toLowerCase().replace(/^\W+|\/|\W+$/g, '').replace(/\W+/g, '-') +} + +module.exports = gitHosts diff --git a/node_modules/normalize-package-data/node_modules/hosted-git-info/git-host.js b/node_modules/normalize-package-data/node_modules/hosted-git-info/git-host.js new file mode 100644 index 0000000000000..8a975e92e58bb --- /dev/null +++ b/node_modules/normalize-package-data/node_modules/hosted-git-info/git-host.js @@ -0,0 +1,110 @@ +'use strict' +const gitHosts = require('./git-host-info.js') + +class GitHost { + constructor (type, user, auth, project, committish, defaultRepresentation, opts = {}) { + Object.assign(this, gitHosts[type]) + this.type = type + this.user = user + this.auth = auth + this.project = project + this.committish = committish + this.default = defaultRepresentation + this.opts = opts + } + + hash () { + return this.committish ? `#${this.committish}` : '' + } + + ssh (opts) { + return this._fill(this.sshtemplate, opts) + } + + _fill (template, opts) { + if (typeof template === 'function') { + const options = { ...this, ...this.opts, ...opts } + + // the path should always be set so we don't end up with 'undefined' in urls + if (!options.path) { + options.path = '' + } + + // template functions will insert the leading slash themselves + if (options.path.startsWith('/')) { + options.path = options.path.slice(1) + } + + if (options.noCommittish) { + options.committish = null + } + + const result = template(options) + return options.noGitPlus && result.startsWith('git+') ? result.slice(4) : result + } + + return null + } + + sshurl (opts) { + return this._fill(this.sshurltemplate, opts) + } + + browse (path, fragment, opts) { + // not a string, treat path as opts + if (typeof path !== 'string') { + return this._fill(this.browsetemplate, path) + } + + if (typeof fragment !== 'string') { + opts = fragment + fragment = null + } + return this._fill(this.browsefiletemplate, { ...opts, fragment, path }) + } + + docs (opts) { + return this._fill(this.docstemplate, opts) + } + + bugs (opts) { + return this._fill(this.bugstemplate, opts) + } + + https (opts) { + return this._fill(this.httpstemplate, opts) + } + + git (opts) { + return this._fill(this.gittemplate, opts) + } + + shortcut (opts) { + return this._fill(this.shortcuttemplate, opts) + } + + path (opts) { + return this._fill(this.pathtemplate, opts) + } + + tarball (opts) { + return this._fill(this.tarballtemplate, { ...opts, noCommittish: false }) + } + + file (path, opts) { + return this._fill(this.filetemplate, { ...opts, path }) + } + + getDefaultRepresentation () { + return this.default + } + + toString (opts) { + if (this.default && typeof this[this.default] === 'function') { + return this[this.default](opts) + } + + return this.sshurl(opts) + } +} +module.exports = GitHost diff --git a/node_modules/normalize-package-data/node_modules/hosted-git-info/index.js b/node_modules/normalize-package-data/node_modules/hosted-git-info/index.js new file mode 100644 index 0000000000000..f35c570c46b59 --- /dev/null +++ b/node_modules/normalize-package-data/node_modules/hosted-git-info/index.js @@ -0,0 +1,237 @@ +'use strict' +const url = require('url') +const gitHosts = require('./git-host-info.js') +const GitHost = module.exports = require('./git-host.js') +const LRU = require('lru-cache') +const cache = new LRU({ max: 1000 }) + +const protocolToRepresentationMap = { + 'git+ssh:': 'sshurl', + 'git+https:': 'https', + 'ssh:': 'sshurl', + 'git:': 'git' +} + +function protocolToRepresentation (protocol) { + return protocolToRepresentationMap[protocol] || protocol.slice(0, -1) +} + +const authProtocols = { + 'git:': true, + 'https:': true, + 'git+https:': true, + 'http:': true, + 'git+http:': true +} + +const knownProtocols = Object.keys(gitHosts.byShortcut).concat(['http:', 'https:', 'git:', 'git+ssh:', 'git+https:', 'ssh:']) + +module.exports.fromUrl = function (giturl, opts) { + if (typeof giturl !== 'string') { + return + } + + const key = giturl + JSON.stringify(opts || {}) + + if (!cache.has(key)) { + cache.set(key, fromUrl(giturl, opts)) + } + + return cache.get(key) +} + +function fromUrl (giturl, opts) { + if (!giturl) { + return + } + + const url = isGitHubShorthand(giturl) ? 'github:' + giturl : correctProtocol(giturl) + const parsed = parseGitUrl(url) + if (!parsed) { + return parsed + } + + const gitHostShortcut = gitHosts.byShortcut[parsed.protocol] + const gitHostDomain = gitHosts.byDomain[parsed.hostname.startsWith('www.') ? parsed.hostname.slice(4) : parsed.hostname] + const gitHostName = gitHostShortcut || gitHostDomain + if (!gitHostName) { + return + } + + const gitHostInfo = gitHosts[gitHostShortcut || gitHostDomain] + let auth = null + if (authProtocols[parsed.protocol] && (parsed.username || parsed.password)) { + auth = `${parsed.username}${parsed.password ? ':' + parsed.password : ''}` + } + + let committish = null + let user = null + let project = null + let defaultRepresentation = null + + try { + if (gitHostShortcut) { + let pathname = parsed.pathname.startsWith('/') ? parsed.pathname.slice(1) : parsed.pathname + const firstAt = pathname.indexOf('@') + // we ignore auth for shortcuts, so just trim it out + if (firstAt > -1) { + pathname = pathname.slice(firstAt + 1) + } + + const lastSlash = pathname.lastIndexOf('/') + if (lastSlash > -1) { + user = decodeURIComponent(pathname.slice(0, lastSlash)) + // we want nulls only, never empty strings + if (!user) { + user = null + } + project = decodeURIComponent(pathname.slice(lastSlash + 1)) + } else { + project = decodeURIComponent(pathname) + } + + if (project.endsWith('.git')) { + project = project.slice(0, -4) + } + + if (parsed.hash) { + committish = decodeURIComponent(parsed.hash.slice(1)) + } + + defaultRepresentation = 'shortcut' + } else { + if (!gitHostInfo.protocols.includes(parsed.protocol)) { + return + } + + const segments = gitHostInfo.extract(parsed) + if (!segments) { + return + } + + user = segments.user && decodeURIComponent(segments.user) + project = decodeURIComponent(segments.project) + committish = decodeURIComponent(segments.committish) + defaultRepresentation = protocolToRepresentation(parsed.protocol) + } + } catch (err) { + /* istanbul ignore else */ + if (err instanceof URIError) { + return + } else { + throw err + } + } + + return new GitHost(gitHostName, user, auth, project, committish, defaultRepresentation, opts) +} + +// accepts input like git:github.com:user/repo and inserts the // after the first : +const correctProtocol = (arg) => { + const firstColon = arg.indexOf(':') + const proto = arg.slice(0, firstColon + 1) + if (knownProtocols.includes(proto)) { + return arg + } + + const firstAt = arg.indexOf('@') + if (firstAt > -1) { + if (firstAt > firstColon) { + return `git+ssh://${arg}` + } else { + return arg + } + } + + const doubleSlash = arg.indexOf('//') + if (doubleSlash === firstColon + 1) { + return arg + } + + return arg.slice(0, firstColon + 1) + '//' + arg.slice(firstColon + 1) +} + +// look for github shorthand inputs, such as npm/cli +const isGitHubShorthand = (arg) => { + // it cannot contain whitespace before the first # + // it cannot start with a / because that's probably an absolute file path + // but it must include a slash since repos are username/repository + // it cannot start with a . because that's probably a relative file path + // it cannot start with an @ because that's a scoped package if it passes the other tests + // it cannot contain a : before a # because that tells us that there's a protocol + // a second / may not exist before a # + const firstHash = arg.indexOf('#') + const firstSlash = arg.indexOf('/') + const secondSlash = arg.indexOf('/', firstSlash + 1) + const firstColon = arg.indexOf(':') + const firstSpace = /\s/.exec(arg) + const firstAt = arg.indexOf('@') + + const spaceOnlyAfterHash = !firstSpace || (firstHash > -1 && firstSpace.index > firstHash) + const atOnlyAfterHash = firstAt === -1 || (firstHash > -1 && firstAt > firstHash) + const colonOnlyAfterHash = firstColon === -1 || (firstHash > -1 && firstColon > firstHash) + const secondSlashOnlyAfterHash = secondSlash === -1 || (firstHash > -1 && secondSlash > firstHash) + const hasSlash = firstSlash > 0 + // if a # is found, what we really want to know is that the character immediately before # is not a / + const doesNotEndWithSlash = firstHash > -1 ? arg[firstHash - 1] !== '/' : !arg.endsWith('/') + const doesNotStartWithDot = !arg.startsWith('.') + + return spaceOnlyAfterHash && hasSlash && doesNotEndWithSlash && doesNotStartWithDot && atOnlyAfterHash && colonOnlyAfterHash && secondSlashOnlyAfterHash +} + +// attempt to correct an scp style url so that it will parse with `new URL()` +const correctUrl = (giturl) => { + const firstAt = giturl.indexOf('@') + const lastHash = giturl.lastIndexOf('#') + let firstColon = giturl.indexOf(':') + let lastColon = giturl.lastIndexOf(':', lastHash > -1 ? lastHash : Infinity) + + let corrected + if (lastColon > firstAt) { + // the last : comes after the first @ (or there is no @) + // like it would in: + // proto://hostname.com:user/repo + // username@hostname.com:user/repo + // :password@hostname.com:user/repo + // username:password@hostname.com:user/repo + // proto://username@hostname.com:user/repo + // proto://:password@hostname.com:user/repo + // proto://username:password@hostname.com:user/repo + // then we replace the last : with a / to create a valid path + corrected = giturl.slice(0, lastColon) + '/' + giturl.slice(lastColon + 1) + // // and we find our new : positions + firstColon = corrected.indexOf(':') + lastColon = corrected.lastIndexOf(':') + } + + if (firstColon === -1 && giturl.indexOf('//') === -1) { + // we have no : at all + // as it would be in: + // username@hostname.com/user/repo + // then we prepend a protocol + corrected = `git+ssh://${corrected}` + } + + return corrected +} + +// try to parse the url as its given to us, if that throws +// then we try to clean the url and parse that result instead +// THIS FUNCTION SHOULD NEVER THROW +const parseGitUrl = (giturl) => { + let result + try { + result = new url.URL(giturl) + } catch (err) {} + + if (result) { + return result + } + + const correctedUrl = correctUrl(giturl) + try { + result = new url.URL(correctedUrl) + } catch (err) {} + + return result +} diff --git a/node_modules/normalize-package-data/node_modules/hosted-git-info/package.json b/node_modules/normalize-package-data/node_modules/hosted-git-info/package.json new file mode 100644 index 0000000000000..930e3b693b980 --- /dev/null +++ b/node_modules/normalize-package-data/node_modules/hosted-git-info/package.json @@ -0,0 +1,52 @@ +{ + "name": "hosted-git-info", + "version": "4.0.1", + "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", + "main": "index.js", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/hosted-git-info.git" + }, + "keywords": [ + "git", + "github", + "bitbucket", + "gitlab" + ], + "author": "Rebecca Turner (http://re-becca.org)", + "license": "ISC", + "bugs": { + "url": "https://github.com/npm/hosted-git-info/issues" + }, + "homepage": "https://github.com/npm/hosted-git-info", + "scripts": { + "posttest": "standard", + "postversion": "npm publish", + "prepublishOnly": "git push origin --follow-tags", + "preversion": "npm test", + "snap": "tap", + "test": "tap", + "test:coverage": "tap --coverage-report=html" + }, + "dependencies": { + "lru-cache": "^6.0.0" + }, + "devDependencies": { + "standard": "^16.0.3", + "standard-version": "^9.1.0", + "tap": "^14.11.0" + }, + "files": [ + "index.js", + "git-host.js", + "git-host-info.js" + ], + "engines": { + "node": ">=10" + }, + "tap": { + "color": 1, + "coverage": true, + "esm": false + } +} diff --git a/node_modules/normalize-package-data/package.json b/node_modules/normalize-package-data/package.json index 8df2f8fcac21e..09b184c19d563 100644 --- a/node_modules/normalize-package-data/package.json +++ b/node_modules/normalize-package-data/package.json @@ -1,6 +1,6 @@ { "name": "normalize-package-data", - "version": "3.0.0", + "version": "3.0.2", "author": "Meryn Stol ", "description": "Normalizes data that can be found in package.json files.", "license": "BSD-2-Clause", @@ -10,16 +10,19 @@ }, "main": "lib/normalize.js", "scripts": { + "postversion": "npm publish", + "prepublishOnly": "git push origin --follow-tags", + "preversion": "npm test", "test": "tap test/*.js" }, "dependencies": { - "hosted-git-info": "^3.0.6", - "resolve": "^1.17.0", - "semver": "^7.3.2", + "hosted-git-info": "^4.0.1", + "resolve": "^1.20.0", + "semver": "^7.3.4", "validate-npm-package-license": "^3.0.1" }, "devDependencies": { - "tap": "^14.10.8" + "tap": "^14.11.0" }, "files": [ "lib/*.js", diff --git a/node_modules/npm-package-arg/node_modules/hosted-git-info/CHANGELOG.md b/node_modules/npm-package-arg/node_modules/hosted-git-info/CHANGELOG.md new file mode 100644 index 0000000000000..3ffcacacc575c --- /dev/null +++ b/node_modules/npm-package-arg/node_modules/hosted-git-info/CHANGELOG.md @@ -0,0 +1,185 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + + +## [3.0.8](https://github.com/npm/hosted-git-info/compare/v3.0.7...v3.0.8) (2021-01-28) + + +### Bug Fixes + +* simplify the regular expression for shortcut matching ([bede0dc](https://github.com/npm/hosted-git-info/commit/bede0dc)), closes [#76](https://github.com/npm/hosted-git-info/issues/76) + + + + +## [3.0.7](https://github.com/npm/hosted-git-info/compare/v3.0.6...v3.0.7) (2020-10-15) + + +### Bug Fixes + +* correctly filter out urls for tarballs in gitlab ([eb5bd5a](https://github.com/npm/hosted-git-info/commit/eb5bd5a)), closes [#69](https://github.com/npm/hosted-git-info/issues/69) + + + + +## [3.0.6](https://github.com/npm/hosted-git-info/compare/v3.0.5...v3.0.6) (2020-10-12) + + +### Bug Fixes + +* support to github gist legacy hash length ([c067102](https://github.com/npm/hosted-git-info/commit/c067102)), closes [#68](https://github.com/npm/hosted-git-info/issues/68) + + + + +## [3.0.5](https://github.com/npm/hosted-git-info/compare/v3.0.4...v3.0.5) (2020-07-11) + + + + +## [3.0.4](https://github.com/npm/hosted-git-info/compare/v3.0.3...v3.0.4) (2020-02-26) + + +### Bug Fixes + +* Do not pass scp-style URLs to the WhatWG url.URL ([0835306](https://github.com/npm/hosted-git-info/commit/0835306)), closes [#60](https://github.com/npm/hosted-git-info/issues/60) [#63](https://github.com/npm/hosted-git-info/issues/63) + + + + +## [3.0.3](https://github.com/npm/hosted-git-info/compare/v3.0.2...v3.0.3) (2020-02-25) + + + + +## [3.0.2](https://github.com/npm/hosted-git-info/compare/v3.0.1...v3.0.2) (2019-10-08) + + +### Bug Fixes + +* do not encodeURIComponent the domain ([3e5fbec](https://github.com/npm/hosted-git-info/commit/3e5fbec)), closes [#53](https://github.com/npm/hosted-git-info/issues/53) + + + + +## [3.0.1](https://github.com/npm/hosted-git-info/compare/v3.0.0...v3.0.1) (2019-10-07) + + +### Bug Fixes + +* update pathmatch for gitlab ([e3e3054](https://github.com/npm/hosted-git-info/commit/e3e3054)), closes [#52](https://github.com/npm/hosted-git-info/issues/52) +* updated pathmatch for gitlab ([fa87af7](https://github.com/npm/hosted-git-info/commit/fa87af7)) + + + + +# [3.0.0](https://github.com/npm/hosted-git-info/compare/v2.8.3...v3.0.0) (2019-08-12) + + +### Bug Fixes + +* **cache:** Switch to lru-cache to save ourselves from unlimited memory consumption ([37c2891](https://github.com/npm/hosted-git-info/commit/37c2891)), closes [#38](https://github.com/npm/hosted-git-info/issues/38) + + +### BREAKING CHANGES + +* **cache:** Drop support for node 0.x + + + + +## [2.8.3](https://github.com/npm/hosted-git-info/compare/v2.8.2...v2.8.3) (2019-08-12) + + + + +## [2.8.2](https://github.com/npm/hosted-git-info/compare/v2.8.1...v2.8.2) (2019-08-05) + + +### Bug Fixes + +* http protocol use sshurl by default ([3b1d629](https://github.com/npm/hosted-git-info/commit/3b1d629)), closes [#48](https://github.com/npm/hosted-git-info/issues/48) + + + + +## [2.8.1](https://github.com/npm/hosted-git-info/compare/v2.8.0...v2.8.1) (2019-08-05) + + +### Bug Fixes + +* ignore noCommittish on tarball url generation ([5d4a8d7](https://github.com/npm/hosted-git-info/commit/5d4a8d7)) +* use gist tarball url that works for anonymous gists ([1692435](https://github.com/npm/hosted-git-info/commit/1692435)) + + + + +# [2.8.0](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.0) (2019-08-05) + + +### Bug Fixes + +* Allow slashes in gitlab project section ([bbcf7b2](https://github.com/npm/hosted-git-info/commit/bbcf7b2)), closes [#46](https://github.com/npm/hosted-git-info/issues/46) [#43](https://github.com/npm/hosted-git-info/issues/43) +* **git-host:** disallow URI-encoded slash (%2F) in `path` ([3776fa5](https://github.com/npm/hosted-git-info/commit/3776fa5)), closes [#44](https://github.com/npm/hosted-git-info/issues/44) +* **gitlab:** Do not URL encode slashes in project name for GitLab https URL ([cbf04f9](https://github.com/npm/hosted-git-info/commit/cbf04f9)), closes [#47](https://github.com/npm/hosted-git-info/issues/47) +* do not allow invalid gist urls ([d5cf830](https://github.com/npm/hosted-git-info/commit/d5cf830)) +* **cache:** Switch to lru-cache to save ourselves from unlimited memory consumption ([e518222](https://github.com/npm/hosted-git-info/commit/e518222)), closes [#38](https://github.com/npm/hosted-git-info/issues/38) + + +### Features + +* give these objects a name ([60abaea](https://github.com/npm/hosted-git-info/commit/60abaea)) + + + + +## [2.7.1](https://github.com/npm/hosted-git-info/compare/v2.7.0...v2.7.1) (2018-07-07) + + +### Bug Fixes + +* **index:** Guard against non-string types ([5bc580d](https://github.com/npm/hosted-git-info/commit/5bc580d)) +* **parse:** Crash on strings that parse to having no host ([c931482](https://github.com/npm/hosted-git-info/commit/c931482)), closes [#35](https://github.com/npm/hosted-git-info/issues/35) + + + + +# [2.7.0](https://github.com/npm/hosted-git-info/compare/v2.6.1...v2.7.0) (2018-07-06) + + +### Bug Fixes + +* **github tarball:** update github tarballtemplate ([6efd582](https://github.com/npm/hosted-git-info/commit/6efd582)), closes [#34](https://github.com/npm/hosted-git-info/issues/34) +* **gitlab docs:** switched to lowercase anchors for readmes ([701bcd1](https://github.com/npm/hosted-git-info/commit/701bcd1)) + + +### Features + +* **all:** Support www. prefixes on hostnames ([3349575](https://github.com/npm/hosted-git-info/commit/3349575)), closes [#32](https://github.com/npm/hosted-git-info/issues/32) + + + + +## [2.6.1](https://github.com/npm/hosted-git-info/compare/v2.6.0...v2.6.1) (2018-06-25) + +### Bug Fixes + +* **Revert:** "compat: remove Object.assign fallback ([#25](https://github.com/npm/hosted-git-info/issues/25))" ([cce5a62](https://github.com/npm/hosted-git-info/commit/cce5a62)) +* **Revert:** "git-host: fix forgotten extend()" ([a815ec9](https://github.com/npm/hosted-git-info/commit/a815ec9)) + + + + +# [2.6.0](https://github.com/npm/hosted-git-info/compare/v2.5.0...v2.6.0) (2018-03-07) + + +### Bug Fixes + +* **compat:** remove Object.assign fallback ([#25](https://github.com/npm/hosted-git-info/issues/25)) ([627ab55](https://github.com/npm/hosted-git-info/commit/627ab55)) +* **git-host:** fix forgotten extend() ([eba1f7b](https://github.com/npm/hosted-git-info/commit/eba1f7b)) + + +### Features + +* **browse:** fragment support for browse() ([#28](https://github.com/npm/hosted-git-info/issues/28)) ([cd5e5bb](https://github.com/npm/hosted-git-info/commit/cd5e5bb)) diff --git a/node_modules/npm-package-arg/node_modules/hosted-git-info/LICENSE b/node_modules/npm-package-arg/node_modules/hosted-git-info/LICENSE new file mode 100644 index 0000000000000..45055763dc838 --- /dev/null +++ b/node_modules/npm-package-arg/node_modules/hosted-git-info/LICENSE @@ -0,0 +1,13 @@ +Copyright (c) 2015, Rebecca Turner + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH +REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, +INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR +OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/npm-package-arg/node_modules/hosted-git-info/README.md b/node_modules/npm-package-arg/node_modules/hosted-git-info/README.md new file mode 100644 index 0000000000000..8740406029626 --- /dev/null +++ b/node_modules/npm-package-arg/node_modules/hosted-git-info/README.md @@ -0,0 +1,133 @@ +# hosted-git-info + +This will let you identify and transform various git hosts URLs between +protocols. It also can tell you what the URL is for the raw path for +particular file for direct access without git. + +## Example + +```javascript +var hostedGitInfo = require("hosted-git-info") +var info = hostedGitInfo.fromUrl("git@github.com:npm/hosted-git-info.git", opts) +/* info looks like: +{ + type: "github", + domain: "github.com", + user: "npm", + project: "hosted-git-info" +} +*/ +``` + +If the URL can't be matched with a git host, `null` will be returned. We +can match git, ssh and https urls. Additionally, we can match ssh connect +strings (`git@github.com:npm/hosted-git-info`) and shortcuts (eg, +`github:npm/hosted-git-info`). GitHub specifically, is detected in the case +of a third, unprefixed, form: `npm/hosted-git-info`. + +If it does match, the returned object has properties of: + +* info.type -- The short name of the service +* info.domain -- The domain for git protocol use +* info.user -- The name of the user/org on the git host +* info.project -- The name of the project on the git host + +## Version Contract + +The major version will be bumped any time… + +* The constructor stops accepting URLs that it previously accepted. +* A method is removed. +* A method can no longer accept the number and type of arguments it previously accepted. +* A method can return a different type than it currently returns. + +Implications: + +* I do not consider the specific format of the urls returned from, say + `.https()` to be a part of the contract. The contract is that it will + return a string that can be used to fetch the repo via HTTPS. But what + that string looks like, specifically, can change. +* Dropping support for a hosted git provider would constitute a breaking + change. + +## Usage + +### var info = hostedGitInfo.fromUrl(gitSpecifier[, options]) + +* *gitSpecifer* is a URL of a git repository or a SCP-style specifier of one. +* *options* is an optional object. It can have the following properties: + * *noCommittish* — If true then committishes won't be included in generated URLs. + * *noGitPlus* — If true then `git+` won't be prefixed on URLs. + +## Methods + +All of the methods take the same options as the `fromUrl` factory. Options +provided to a method override those provided to the constructor. + +* info.file(path, opts) + +Given the path of a file relative to the repository, returns a URL for +directly fetching it from the githost. If no committish was set then +`master` will be used as the default. + +For example `hostedGitInfo.fromUrl("git@github.com:npm/hosted-git-info.git#v1.0.0").file("package.json")` +would return `https://raw.githubusercontent.com/npm/hosted-git-info/v1.0.0/package.json` + +* info.shortcut(opts) + +eg, `github:npm/hosted-git-info` + +* info.browse(path, fragment, opts) + +eg, `https://github.com/npm/hosted-git-info/tree/v1.2.0`, +`https://github.com/npm/hosted-git-info/tree/v1.2.0/package.json`, +`https://github.com/npm/hosted-git-info/tree/v1.2.0/REAMDE.md#supported-hosts` + +* info.bugs(opts) + +eg, `https://github.com/npm/hosted-git-info/issues` + +* info.docs(opts) + +eg, `https://github.com/npm/hosted-git-info/tree/v1.2.0#readme` + +* info.https(opts) + +eg, `git+https://github.com/npm/hosted-git-info.git` + +* info.sshurl(opts) + +eg, `git+ssh://git@github.com/npm/hosted-git-info.git` + +* info.ssh(opts) + +eg, `git@github.com:npm/hosted-git-info.git` + +* info.path(opts) + +eg, `npm/hosted-git-info` + +* info.tarball(opts) + +eg, `https://github.com/npm/hosted-git-info/archive/v1.2.0.tar.gz` + +* info.getDefaultRepresentation() + +Returns the default output type. The default output type is based on the +string you passed in to be parsed + +* info.toString(opts) + +Uses the getDefaultRepresentation to call one of the other methods to get a URL for +this resource. As such `hostedGitInfo.fromUrl(url).toString()` will give +you a normalized version of the URL that still uses the same protocol. + +Shortcuts will still be returned as shortcuts, but the special case github +form of `org/project` will be normalized to `github:org/project`. + +SSH connect strings will be normalized into `git+ssh` URLs. + +## Supported hosts + +Currently this supports GitHub, Bitbucket and GitLab. Pull requests for +additional hosts welcome. diff --git a/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host-info.js b/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host-info.js new file mode 100644 index 0000000000000..360d7b096be61 --- /dev/null +++ b/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host-info.js @@ -0,0 +1,154 @@ +'use strict' +const maybeJoin = (...args) => args.every(arg => arg) ? args.join('') : '' +const maybeEncode = (arg) => arg ? encodeURIComponent(arg) : '' + +const defaults = { + sshtemplate: ({ domain, user, project, committish }) => `git@${domain}:${user}/${project}.git${maybeJoin('#', committish)}`, + sshurltemplate: ({ domain, user, project, committish }) => `git+ssh://git@${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + browsetemplate: ({ domain, user, project, committish, treepath }) => `https://${domain}/${user}/${project}${maybeJoin('/', treepath, '/', maybeEncode(committish))}`, + browsefiletemplate: ({ domain, user, project, committish, treepath, path, fragment, hashformat }) => `https://${domain}/${user}/${project}/${treepath}/${maybeEncode(committish || 'master')}/${path}${maybeJoin('#', hashformat(fragment || ''))}`, + docstemplate: ({ domain, user, project, treepath, committish }) => `https://${domain}/${user}/${project}${maybeJoin('/', treepath, '/', maybeEncode(committish))}#readme`, + httpstemplate: ({ auth, domain, user, project, committish }) => `git+https://${maybeJoin(auth, '@')}${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + filetemplate: ({ domain, user, project, committish, path }) => `https://${domain}/${user}/${project}/raw/${maybeEncode(committish) || 'master'}/${path}`, + shortcuttemplate: ({ type, user, project, committish }) => `${type}:${user}/${project}${maybeJoin('#', committish)}`, + pathtemplate: ({ user, project, committish }) => `${user}/${project}${maybeJoin('#', committish)}`, + bugstemplate: ({ domain, user, project }) => `https://${domain}/${user}/${project}/issues`, + hashformat: formatHashFragment +} + +const gitHosts = {} +gitHosts.github = Object.assign({}, defaults, { + // First two are insecure and generally shouldn't be used any more, but + // they are still supported. + protocols: ['git:', 'http:', 'git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'github.com', + treepath: 'tree', + filetemplate: ({ auth, user, project, committish, path }) => `https://${maybeJoin(auth, '@')}raw.githubusercontent.com/${user}/${project}/${maybeEncode(committish) || 'master'}/${path}`, + gittemplate: ({ auth, domain, user, project, committish }) => `git://${maybeJoin(auth, '@')}${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + tarballtemplate: ({ domain, user, project, committish }) => `https://codeload.${domain}/${user}/${project}/tar.gz/${maybeEncode(committish) || 'master'}`, + extract: (url) => { + let [, user, project, type, committish] = url.pathname.split('/', 5) + if (type && type !== 'tree') { + return + } + + if (!type) { + committish = url.hash.slice(1) + } + + if (project && project.endsWith('.git')) { + project = project.slice(0, -4) + } + + if (!user || !project) { + return + } + + return { user, project, committish } + } +}) + +gitHosts.bitbucket = Object.assign({}, defaults, { + protocols: ['git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'bitbucket.org', + treepath: 'src', + tarballtemplate: ({ domain, user, project, committish }) => `https://${domain}/${user}/${project}/get/${maybeEncode(committish) || 'master'}.tar.gz`, + extract: (url) => { + let [, user, project, aux] = url.pathname.split('/', 4) + if (['get'].includes(aux)) { + return + } + + if (project && project.endsWith('.git')) { + project = project.slice(0, -4) + } + + if (!user || !project) { + return + } + + return { user, project, committish: url.hash.slice(1) } + } +}) + +gitHosts.gitlab = Object.assign({}, defaults, { + protocols: ['git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'gitlab.com', + treepath: 'tree', + httpstemplate: ({ auth, domain, user, project, committish }) => `git+https://${maybeJoin(auth, '@')}${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, + tarballtemplate: ({ domain, user, project, committish }) => `https://${domain}/${user}/${project}/repository/archive.tar.gz?ref=${maybeEncode(committish) || 'master'}`, + extract: (url) => { + const path = url.pathname.slice(1) + if (path.includes('/-/')) { + return + } + + const segments = path.split('/') + let project = segments.pop() + if (project.endsWith('.git')) { + project = project.slice(0, -4) + } + + const user = segments.join('/') + if (!user || !project) { + return + } + + return { user, project, committish: url.hash.slice(1) } + } +}) + +gitHosts.gist = Object.assign({}, defaults, { + protocols: ['git:', 'git+ssh:', 'git+https:', 'ssh:', 'https:'], + domain: 'gist.github.com', + sshtemplate: ({ domain, project, committish }) => `git@${domain}:${project}.git${maybeJoin('#', committish)}`, + sshurltemplate: ({ domain, project, committish }) => `git+ssh://git@${domain}/${project}.git${maybeJoin('#', committish)}`, + browsetemplate: ({ domain, project, committish }) => `https://${domain}/${project}${maybeJoin('/', maybeEncode(committish))}`, + browsefiletemplate: ({ domain, project, committish, path, hashformat }) => `https://${domain}/${project}${maybeJoin('/', maybeEncode(committish))}${maybeJoin('#', hashformat(path))}`, + docstemplate: ({ domain, project, committish }) => `https://${domain}/${project}${maybeJoin('/', maybeEncode(committish))}`, + httpstemplate: ({ domain, project, committish }) => `git+https://${domain}/${project}.git${maybeJoin('#', committish)}`, + filetemplate: ({ user, project, committish, path }) => `https://gist.githubusercontent.com/${user}/${project}/raw${maybeJoin('/', maybeEncode(committish))}/${path}`, + shortcuttemplate: ({ type, project, committish }) => `${type}:${project}${maybeJoin('#', committish)}`, + pathtemplate: ({ project, committish }) => `${project}${maybeJoin('#', committish)}`, + bugstemplate: ({ domain, project }) => `https://${domain}/${project}`, + gittemplate: ({ domain, project, committish }) => `git://${domain}/${project}.git${maybeJoin('#', committish)}`, + tarballtemplate: ({ project, committish }) => `https://codeload.github.com/gist/${project}/tar.gz/${maybeEncode(committish) || 'master'}`, + extract: (url) => { + let [, user, project, aux] = url.pathname.split('/', 4) + if (aux === 'raw') { + return + } + + if (!project) { + if (!user) { + return + } + + project = user + user = null + } + + if (project.endsWith('.git')) { + project = project.slice(0, -4) + } + + return { user, project, committish: url.hash.slice(1) } + }, + hashformat: function (fragment) { + return fragment && 'file-' + formatHashFragment(fragment) + } +}) + +const names = Object.keys(gitHosts) +gitHosts.byShortcut = {} +gitHosts.byDomain = {} +for (const name of names) { + gitHosts.byShortcut[`${name}:`] = name + gitHosts.byDomain[gitHosts[name].domain] = name +} + +function formatHashFragment (fragment) { + return fragment.toLowerCase().replace(/^\W+|\/|\W+$/g, '').replace(/\W+/g, '-') +} + +module.exports = gitHosts diff --git a/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host.js b/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host.js new file mode 100644 index 0000000000000..8a975e92e58bb --- /dev/null +++ b/node_modules/npm-package-arg/node_modules/hosted-git-info/git-host.js @@ -0,0 +1,110 @@ +'use strict' +const gitHosts = require('./git-host-info.js') + +class GitHost { + constructor (type, user, auth, project, committish, defaultRepresentation, opts = {}) { + Object.assign(this, gitHosts[type]) + this.type = type + this.user = user + this.auth = auth + this.project = project + this.committish = committish + this.default = defaultRepresentation + this.opts = opts + } + + hash () { + return this.committish ? `#${this.committish}` : '' + } + + ssh (opts) { + return this._fill(this.sshtemplate, opts) + } + + _fill (template, opts) { + if (typeof template === 'function') { + const options = { ...this, ...this.opts, ...opts } + + // the path should always be set so we don't end up with 'undefined' in urls + if (!options.path) { + options.path = '' + } + + // template functions will insert the leading slash themselves + if (options.path.startsWith('/')) { + options.path = options.path.slice(1) + } + + if (options.noCommittish) { + options.committish = null + } + + const result = template(options) + return options.noGitPlus && result.startsWith('git+') ? result.slice(4) : result + } + + return null + } + + sshurl (opts) { + return this._fill(this.sshurltemplate, opts) + } + + browse (path, fragment, opts) { + // not a string, treat path as opts + if (typeof path !== 'string') { + return this._fill(this.browsetemplate, path) + } + + if (typeof fragment !== 'string') { + opts = fragment + fragment = null + } + return this._fill(this.browsefiletemplate, { ...opts, fragment, path }) + } + + docs (opts) { + return this._fill(this.docstemplate, opts) + } + + bugs (opts) { + return this._fill(this.bugstemplate, opts) + } + + https (opts) { + return this._fill(this.httpstemplate, opts) + } + + git (opts) { + return this._fill(this.gittemplate, opts) + } + + shortcut (opts) { + return this._fill(this.shortcuttemplate, opts) + } + + path (opts) { + return this._fill(this.pathtemplate, opts) + } + + tarball (opts) { + return this._fill(this.tarballtemplate, { ...opts, noCommittish: false }) + } + + file (path, opts) { + return this._fill(this.filetemplate, { ...opts, path }) + } + + getDefaultRepresentation () { + return this.default + } + + toString (opts) { + if (this.default && typeof this[this.default] === 'function') { + return this[this.default](opts) + } + + return this.sshurl(opts) + } +} +module.exports = GitHost diff --git a/node_modules/npm-package-arg/node_modules/hosted-git-info/index.js b/node_modules/npm-package-arg/node_modules/hosted-git-info/index.js new file mode 100644 index 0000000000000..f35c570c46b59 --- /dev/null +++ b/node_modules/npm-package-arg/node_modules/hosted-git-info/index.js @@ -0,0 +1,237 @@ +'use strict' +const url = require('url') +const gitHosts = require('./git-host-info.js') +const GitHost = module.exports = require('./git-host.js') +const LRU = require('lru-cache') +const cache = new LRU({ max: 1000 }) + +const protocolToRepresentationMap = { + 'git+ssh:': 'sshurl', + 'git+https:': 'https', + 'ssh:': 'sshurl', + 'git:': 'git' +} + +function protocolToRepresentation (protocol) { + return protocolToRepresentationMap[protocol] || protocol.slice(0, -1) +} + +const authProtocols = { + 'git:': true, + 'https:': true, + 'git+https:': true, + 'http:': true, + 'git+http:': true +} + +const knownProtocols = Object.keys(gitHosts.byShortcut).concat(['http:', 'https:', 'git:', 'git+ssh:', 'git+https:', 'ssh:']) + +module.exports.fromUrl = function (giturl, opts) { + if (typeof giturl !== 'string') { + return + } + + const key = giturl + JSON.stringify(opts || {}) + + if (!cache.has(key)) { + cache.set(key, fromUrl(giturl, opts)) + } + + return cache.get(key) +} + +function fromUrl (giturl, opts) { + if (!giturl) { + return + } + + const url = isGitHubShorthand(giturl) ? 'github:' + giturl : correctProtocol(giturl) + const parsed = parseGitUrl(url) + if (!parsed) { + return parsed + } + + const gitHostShortcut = gitHosts.byShortcut[parsed.protocol] + const gitHostDomain = gitHosts.byDomain[parsed.hostname.startsWith('www.') ? parsed.hostname.slice(4) : parsed.hostname] + const gitHostName = gitHostShortcut || gitHostDomain + if (!gitHostName) { + return + } + + const gitHostInfo = gitHosts[gitHostShortcut || gitHostDomain] + let auth = null + if (authProtocols[parsed.protocol] && (parsed.username || parsed.password)) { + auth = `${parsed.username}${parsed.password ? ':' + parsed.password : ''}` + } + + let committish = null + let user = null + let project = null + let defaultRepresentation = null + + try { + if (gitHostShortcut) { + let pathname = parsed.pathname.startsWith('/') ? parsed.pathname.slice(1) : parsed.pathname + const firstAt = pathname.indexOf('@') + // we ignore auth for shortcuts, so just trim it out + if (firstAt > -1) { + pathname = pathname.slice(firstAt + 1) + } + + const lastSlash = pathname.lastIndexOf('/') + if (lastSlash > -1) { + user = decodeURIComponent(pathname.slice(0, lastSlash)) + // we want nulls only, never empty strings + if (!user) { + user = null + } + project = decodeURIComponent(pathname.slice(lastSlash + 1)) + } else { + project = decodeURIComponent(pathname) + } + + if (project.endsWith('.git')) { + project = project.slice(0, -4) + } + + if (parsed.hash) { + committish = decodeURIComponent(parsed.hash.slice(1)) + } + + defaultRepresentation = 'shortcut' + } else { + if (!gitHostInfo.protocols.includes(parsed.protocol)) { + return + } + + const segments = gitHostInfo.extract(parsed) + if (!segments) { + return + } + + user = segments.user && decodeURIComponent(segments.user) + project = decodeURIComponent(segments.project) + committish = decodeURIComponent(segments.committish) + defaultRepresentation = protocolToRepresentation(parsed.protocol) + } + } catch (err) { + /* istanbul ignore else */ + if (err instanceof URIError) { + return + } else { + throw err + } + } + + return new GitHost(gitHostName, user, auth, project, committish, defaultRepresentation, opts) +} + +// accepts input like git:github.com:user/repo and inserts the // after the first : +const correctProtocol = (arg) => { + const firstColon = arg.indexOf(':') + const proto = arg.slice(0, firstColon + 1) + if (knownProtocols.includes(proto)) { + return arg + } + + const firstAt = arg.indexOf('@') + if (firstAt > -1) { + if (firstAt > firstColon) { + return `git+ssh://${arg}` + } else { + return arg + } + } + + const doubleSlash = arg.indexOf('//') + if (doubleSlash === firstColon + 1) { + return arg + } + + return arg.slice(0, firstColon + 1) + '//' + arg.slice(firstColon + 1) +} + +// look for github shorthand inputs, such as npm/cli +const isGitHubShorthand = (arg) => { + // it cannot contain whitespace before the first # + // it cannot start with a / because that's probably an absolute file path + // but it must include a slash since repos are username/repository + // it cannot start with a . because that's probably a relative file path + // it cannot start with an @ because that's a scoped package if it passes the other tests + // it cannot contain a : before a # because that tells us that there's a protocol + // a second / may not exist before a # + const firstHash = arg.indexOf('#') + const firstSlash = arg.indexOf('/') + const secondSlash = arg.indexOf('/', firstSlash + 1) + const firstColon = arg.indexOf(':') + const firstSpace = /\s/.exec(arg) + const firstAt = arg.indexOf('@') + + const spaceOnlyAfterHash = !firstSpace || (firstHash > -1 && firstSpace.index > firstHash) + const atOnlyAfterHash = firstAt === -1 || (firstHash > -1 && firstAt > firstHash) + const colonOnlyAfterHash = firstColon === -1 || (firstHash > -1 && firstColon > firstHash) + const secondSlashOnlyAfterHash = secondSlash === -1 || (firstHash > -1 && secondSlash > firstHash) + const hasSlash = firstSlash > 0 + // if a # is found, what we really want to know is that the character immediately before # is not a / + const doesNotEndWithSlash = firstHash > -1 ? arg[firstHash - 1] !== '/' : !arg.endsWith('/') + const doesNotStartWithDot = !arg.startsWith('.') + + return spaceOnlyAfterHash && hasSlash && doesNotEndWithSlash && doesNotStartWithDot && atOnlyAfterHash && colonOnlyAfterHash && secondSlashOnlyAfterHash +} + +// attempt to correct an scp style url so that it will parse with `new URL()` +const correctUrl = (giturl) => { + const firstAt = giturl.indexOf('@') + const lastHash = giturl.lastIndexOf('#') + let firstColon = giturl.indexOf(':') + let lastColon = giturl.lastIndexOf(':', lastHash > -1 ? lastHash : Infinity) + + let corrected + if (lastColon > firstAt) { + // the last : comes after the first @ (or there is no @) + // like it would in: + // proto://hostname.com:user/repo + // username@hostname.com:user/repo + // :password@hostname.com:user/repo + // username:password@hostname.com:user/repo + // proto://username@hostname.com:user/repo + // proto://:password@hostname.com:user/repo + // proto://username:password@hostname.com:user/repo + // then we replace the last : with a / to create a valid path + corrected = giturl.slice(0, lastColon) + '/' + giturl.slice(lastColon + 1) + // // and we find our new : positions + firstColon = corrected.indexOf(':') + lastColon = corrected.lastIndexOf(':') + } + + if (firstColon === -1 && giturl.indexOf('//') === -1) { + // we have no : at all + // as it would be in: + // username@hostname.com/user/repo + // then we prepend a protocol + corrected = `git+ssh://${corrected}` + } + + return corrected +} + +// try to parse the url as its given to us, if that throws +// then we try to clean the url and parse that result instead +// THIS FUNCTION SHOULD NEVER THROW +const parseGitUrl = (giturl) => { + let result + try { + result = new url.URL(giturl) + } catch (err) {} + + if (result) { + return result + } + + const correctedUrl = correctUrl(giturl) + try { + result = new url.URL(correctedUrl) + } catch (err) {} + + return result +} diff --git a/node_modules/npm-package-arg/node_modules/hosted-git-info/package.json b/node_modules/npm-package-arg/node_modules/hosted-git-info/package.json new file mode 100644 index 0000000000000..930e3b693b980 --- /dev/null +++ b/node_modules/npm-package-arg/node_modules/hosted-git-info/package.json @@ -0,0 +1,52 @@ +{ + "name": "hosted-git-info", + "version": "4.0.1", + "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", + "main": "index.js", + "repository": { + "type": "git", + "url": "git+https://github.com/npm/hosted-git-info.git" + }, + "keywords": [ + "git", + "github", + "bitbucket", + "gitlab" + ], + "author": "Rebecca Turner (http://re-becca.org)", + "license": "ISC", + "bugs": { + "url": "https://github.com/npm/hosted-git-info/issues" + }, + "homepage": "https://github.com/npm/hosted-git-info", + "scripts": { + "posttest": "standard", + "postversion": "npm publish", + "prepublishOnly": "git push origin --follow-tags", + "preversion": "npm test", + "snap": "tap", + "test": "tap", + "test:coverage": "tap --coverage-report=html" + }, + "dependencies": { + "lru-cache": "^6.0.0" + }, + "devDependencies": { + "standard": "^16.0.3", + "standard-version": "^9.1.0", + "tap": "^14.11.0" + }, + "files": [ + "index.js", + "git-host.js", + "git-host-info.js" + ], + "engines": { + "node": ">=10" + }, + "tap": { + "color": 1, + "coverage": true, + "esm": false + } +} diff --git a/node_modules/npm-package-arg/package.json b/node_modules/npm-package-arg/package.json index c460be828efcb..ed3b364442c2c 100644 --- a/node_modules/npm-package-arg/package.json +++ b/node_modules/npm-package-arg/package.json @@ -1,6 +1,6 @@ { "name": "npm-package-arg", - "version": "8.1.1", + "version": "8.1.2", "description": "Parse the things that can be arguments to `npm install`", "main": "npa.js", "directories": { @@ -10,12 +10,12 @@ "npa.js" ], "dependencies": { - "hosted-git-info": "^3.0.6", - "semver": "^7.0.0", + "hosted-git-info": "^4.0.1", + "semver": "^7.3.4", "validate-npm-package-name": "^3.0.0" }, "devDependencies": { - "tap": "^14.10.2" + "tap": "^14.11.0" }, "scripts": { "preversion": "npm test", diff --git a/node_modules/npm-pick-manifest/CHANGELOG.md b/node_modules/npm-pick-manifest/CHANGELOG.md index a4ee13e92ab45..c7170c5651d16 100644 --- a/node_modules/npm-pick-manifest/CHANGELOG.md +++ b/node_modules/npm-pick-manifest/CHANGELOG.md @@ -1,6 +1,10 @@ # Changelog -All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +All notable changes to this project will be documented in this file. + +## [6.1.1](https://github.com/npm/npm-pick-manifest/compare/v6.0.0...v6.1.0) (2020-04-07) + +* normalize package bins in returned manifest ## [6.1.0](https://github.com/npm/npm-pick-manifest/compare/v6.0.0...v6.1.0) (2020-04-07) diff --git a/node_modules/npm-pick-manifest/index.js b/node_modules/npm-pick-manifest/index.js index 2b3ea6ffa4930..695450524dc13 100644 --- a/node_modules/npm-pick-manifest/index.js +++ b/node_modules/npm-pick-manifest/index.js @@ -3,6 +3,7 @@ const npa = require('npm-package-arg') const semver = require('semver') const { checkEngine } = require('npm-install-checks') +const normalizeBin = require('npm-normalize-package-bin') const engineOk = (manifest, npmVersion, nodeVersion) => { try { @@ -183,7 +184,8 @@ const pickManifest = (packument, wanted, opts) => { } module.exports = (packument, wanted, opts = {}) => { - const picked = pickManifest(packument, wanted, opts) + const mani = pickManifest(packument, wanted, opts) + const picked = mani && normalizeBin(mani) const policyRestrictions = packument.policyRestrictions const restricted = (policyRestrictions && policyRestrictions.versions) || {} diff --git a/node_modules/npm-pick-manifest/package.json b/node_modules/npm-pick-manifest/package.json index 805f5ac23a846..4b4866cbf8832 100644 --- a/node_modules/npm-pick-manifest/package.json +++ b/node_modules/npm-pick-manifest/package.json @@ -1,6 +1,6 @@ { "name": "npm-pick-manifest", - "version": "6.1.0", + "version": "6.1.1", "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", "main": "index.js", "files": [ @@ -9,12 +9,11 @@ "scripts": { "coverage": "tap", "lint": "standard", - "postrelease": "npm publish", + "test": "tap", "posttest": "npm run lint", - "prepublishOnly": "git push --follow-tags", - "prerelease": "npm t", - "release": "standard-version -s", - "test": "tap" + "preversion": "npm test", + "postversion": "npm publish", + "prepublishOnly": "git push origin --follow-tags" }, "repository": "https://github.com/npm/npm-pick-manifest", "keywords": [ @@ -30,13 +29,13 @@ "license": "ISC", "dependencies": { "npm-install-checks": "^4.0.0", - "npm-package-arg": "^8.0.0", - "semver": "^7.0.0" + "npm-normalize-package-bin": "^1.0.1", + "npm-package-arg": "^8.1.2", + "semver": "^7.3.4" }, "devDependencies": { "standard": "^14.3.1", - "standard-version": "^7.0.1", - "tap": "^14.10.2" + "tap": "^14.11.0" }, "tap": { "check-coverage": true diff --git a/node_modules/pacote/lib/util/tar-create-options.js b/node_modules/pacote/lib/util/tar-create-options.js index e8abbe175b262..31ab34c9d949f 100644 --- a/node_modules/pacote/lib/util/tar-create-options.js +++ b/node_modules/pacote/lib/util/tar-create-options.js @@ -4,7 +4,13 @@ const tarCreateOptions = manifest => ({ cwd: manifest._resolved, prefix: 'package/', portable: true, - gzip: true, + gzip: { + // forcing the level to 9 seems to avoid some + // platform specific optimizations that cause + // integrity mismatch errors due to differing + // end results after compression + level: 9 + }, // ensure that package bins are always executable // Note that npm-packlist is already filtering out diff --git a/node_modules/pacote/package.json b/node_modules/pacote/package.json index dca67f3e8876a..dd6bf9400c6ea 100644 --- a/node_modules/pacote/package.json +++ b/node_modules/pacote/package.json @@ -1,6 +1,6 @@ { "name": "pacote", - "version": "11.3.0", + "version": "11.3.1", "description": "JavaScript package downloader", "author": "Isaac Z. Schlueter (https://izs.me)", "bin": { diff --git a/node_modules/puka/CHANGELOG.md b/node_modules/puka/CHANGELOG.md deleted file mode 100644 index 781b81295a4a7..0000000000000 --- a/node_modules/puka/CHANGELOG.md +++ /dev/null @@ -1,31 +0,0 @@ -# Changelog -All notable changes to this project will be documented in this file. - -The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) -and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - -## [1.0.1](https://gitlab.com/rhendric/puka/-/compare/v1.0.0...v1.0.1) - 2020-05-16 - -### Fixed - -- Add more carets to win32 command arguments ([45965ca](https://gitlab.com/rhendric/puka/-/commit/45965ca60fcc518082e0b085d8e81f3f3279ffb4)) - - As previously documented and implemented, Puka assumed that all programs - are batch files for the purpose of multi-escaping commands that appear - in pipelines. However, regardless of whether a command is in a pipeline, - one extra layer of escaping is needed if the command invokes a batch - file, which Puka was not producing. This only applies to the arguments - to the command, not to the batch file path, nor to paths used in - redirects. (The property-based spawn test which was supposed to catch - such oversights missed this one because it was invoking the Node.js - executable directly, not, as recommended in the documentation, a batch - file.) - - Going forward, the caveats described in the documentation continue to - apply: if you are running programs on Windows with Puka, make sure they - are batch files, or you may find arguments are being escaped with too - many carets. As the documentation says, if this causes problems for you, - please open an issue so we can work out the details of what a good - workaround looks like. - -## [1.0.0](https://gitlab.com/rhendric/puka/-/tags/v1.0.0) - 2017-09-29 diff --git a/node_modules/puka/LICENSE.txt b/node_modules/puka/LICENSE.txt deleted file mode 100644 index 0141196a59337..0000000000000 --- a/node_modules/puka/LICENSE.txt +++ /dev/null @@ -1,18 +0,0 @@ -Copyright 2017 Ryan Hendrickson - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/puka/README.md b/node_modules/puka/README.md deleted file mode 100644 index 2670f742b3677..0000000000000 --- a/node_modules/puka/README.md +++ /dev/null @@ -1,411 +0,0 @@ -# Puka - -[![GitLab CI pipeline status](https://gitlab.com/rhendric/puka/badges/master/pipeline.svg)](https://gitlab.com/rhendric/puka/commits/master) [![AppVeyor build status](https://img.shields.io/appveyor/ci/rhendric/puka.svg?label=windows%20tests)](https://ci.appveyor.com/project/rhendric/puka) [![Codecov status](https://img.shields.io/codecov/c/gl/rhendric/puka.svg)](https://codecov.io/gl/rhendric/puka) - -Puka is a cross-platform library for safely passing strings through shells. - -#### Contents - -- [Introduction](#introduction) - - [Why would I use Puka?](#why-would-i-use-puka) - - [How do I use Puka?](#how-do-i-use-puka) - - [What's the catch?](#whats-the-catch) -- [API Documentation](#api-documentation) - - [Basic API](#basic-api) - - [sh](#sh) - - [unquoted](#unquoted) - - [Advanced API](#advanced-api) - - [quoteForShell](#quoteforshell) - - [quoteForCmd](#quoteforcmd) - - [quoteForSh](#quoteforsh) - - [ShellString](#shellstring) - - [Secret API](#secret-api) -- [The sh DSL](#the-sh-dsl) - - [Syntax](#syntax) - - [Semantics](#semantics) - - [Types of placeholders](#types-of-placeholders) - -## Introduction - -### Why would I use Puka? - -When launching a child process from Node, you have a choice between launching -directly from the operating system (as with [child_process.spawn](https://nodejs.org/api/child_process.html#child_process_child_process_spawn_command_args_options), -if you don't use the `{ shell: true }` option), and running the command through -a shell (as with [child_process.exec](https://nodejs.org/api/child_process.html#child_process_child_process_exec_command_options_callback)). -Using a shell gives you more power, such as the ability to chain multiple -commands together or use redirection, but you have to construct your command as -a single string instead of using an array of arguments. And doing that can be -buggy (if not dangerous) if you don't take care to quote any arguments -correctly for the shell you're targeting, _and_ the quoting has to be done -differently on Windows and non-Windows shells. - -Puka solves that problem by giving you a simple and platform-agnostic way to -build shell commands with arguments that pass through your shell unaltered and -with no unsafe side effects, **whether you are running on Windows or a -Unix-based OS**. - -### How do I use Puka? - -Puka gives you an `sh` function intended for tagging -[template literals](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Template_literals), -which quotes (if necessary) any values interpolated into the template. A simple -example: - -```javascript -const { sh } = require('puka'); -const { execSync } = require('child_process'); - -const arg = 'file with spaces.txt'; -execSync(sh`some-command ${arg}`); -``` - -But Puka supports more than this! See [the `sh` DSL documentation](#the-sh-dsl) -for a detailed description of all the features currently supported. - -### What's the catch? - -Here are the ones I know about: - -Puka does _not_ ensure that the actual commands you're running are -cross-platform. If you're running npm programs, you generally won't have a -problem with that, but if you want to run ``sh`cat file` `` on Windows, you'll -need to depend on something like -[cash-cat](https://www.npmjs.com/package/cash-cat). - -I searched for days for a way to quote or escape line breaks in arguments to -`cmd.exe`, but couldn't find one (regular `^`-prepending and quotation marks -don't seem to cut it). If you know of a way that works, please [open an -issue](https://gitlab.com/rhendric/puka/issues/new) to tell me about it! Until -then, any line break characters (`\r` or `\n`) in values being interpolated by -`sh` will cause an error to be thrown on Windows only. - -Also on Windows, you may notice quoting mistakes if you run commands that -involve invoking a native executable (not a batch file ending in `.cmd` or -`.bat`). Unfortunately, batch files require some extra escaping on Windows, and -Puka assumes all programs are batch files because npm creates batch file shims -for programs it installs (and, if you care about cross-platform, you'll be -using npm programs in your commands). If this causes problems for you, please -[open an issue](https://gitlab.com/rhendric/puka/issues/new); if your situation -is specific enough, there may be workarounds or improvements to Puka to be -found. - -## API Documentation - -### Basic API - - - - -#### sh - -A string template tag for safely constructing cross-platform shell commands. - -An `sh` template is not actually treated as a literal string to be -interpolated; instead, it is a tiny DSL designed to make working with shell -strings safe, simple, and straightforward. To get started quickly, see the -examples below. [More detailed documentation][1] is available -further down. - -##### Examples - -```javascript -const title = '"this" & "that"'; -sh`script --title=${title}`; // => "script '--title=\"this\" & \"that\"'" -// Note: these examples show results for non-Windows platforms. -// On Windows, the above would instead be -// 'script ^^^"--title=\\^^^"this\\^^^" ^^^& \\^^^"that\\^^^"^^^"'. - -const names = ['file1', 'file 2']; -sh`rimraf ${names}.txt`; // => "rimraf file1.txt 'file 2.txt'" - -const cmd1 = ['cat', 'file 1.txt', 'file 2.txt']; -const cmd2 = ['use-input', '-abc']; -sh`${cmd1}|${cmd2}`; // => "cat 'file 1.txt' 'file 2.txt'|use-input -abc" -``` - -Returns **[String][2]** a string formatted for the platform Node is currently -running on. - -#### unquoted - -This function permits raw strings to be interpolated into a `sh` template. - -**IMPORTANT**: If you're using Puka due to security concerns, make sure you -don't pass any untrusted content to `unquoted`. This may be obvious, but -stray punctuation in an `unquoted` section can compromise the safety of the -entire shell command. - -##### Parameters - -- `value` any value (it will be treated as a string) - -##### Examples - -```javascript -const both = true; -sh`foo ${unquoted(both ? '&&' : '||')} bar`; // => 'foo && bar' -``` - -### Advanced API - -If these functions make life easier for you, go ahead and use them; they -are just as well supported as the above. But if you aren't certain you -need them, you probably don't. - - -#### quoteForShell - -Quotes a string for injecting into a shell command. - -This function is exposed for some hypothetical case when the `sh` DSL simply -won't do; `sh` is expected to be the more convenient option almost always. -Compare: - -```javascript -console.log('cmd' + args.map(a => ' ' + quoteForShell(a)).join('')); -console.log(sh`cmd ${args}`); // same as above - -console.log('cmd' + args.map(a => ' ' + quoteForShell(a, true)).join('')); -console.log(sh`cmd "${args}"`); // same as above -``` - -Additionally, on Windows, `sh` checks the entire command string for pipes, -which subtly change how arguments need to be quoted. If your commands may -involve pipes, you are strongly encouraged to use `sh` and not try to roll -your own with `quoteForShell`. - -##### Parameters - -- `text` **[String][2]** to be quoted -- `forceQuote` **[Boolean][3]?** whether to always add quotes even if the string - is already safe. Defaults to `false`. -- `platform` **[String][2]?** a value that `process.platform` might take: - `'win32'`, `'linux'`, etc.; determines how the string is to be formatted. - When omitted, effectively the same as `process.platform`. - -Returns **[String][2]** a string that is safe for the current (or specified) -platform. - -#### quoteForCmd - -A Windows-specific version of [quoteForShell][4]. - -##### Parameters - -- `text` **[String][2]** to be quoted -- `forceQuote` **[Boolean][3]?** whether to always add quotes even if the string - is already safe. Defaults to `false`. - -#### quoteForSh - -A Unix-specific version of [quoteForShell][4]. - -##### Parameters - -- `text` **[String][2]** to be quoted -- `forceQuote` **[Boolean][3]?** whether to always add quotes even if the string - is already safe. Defaults to `false`. - -#### ShellString - -A ShellString represents a shell command after it has been interpolated, but -before it has been formatted for a particular platform. ShellStrings are -useful if you want to prepare a command for a different platform than the -current one, for instance. - -To create a ShellString, use `ShellString.sh` the same way you would use -top-level `sh`. - -##### toString - -A method to format a ShellString into a regular String formatted for a -particular platform. - -###### Parameters - -- `platform` **[String][2]?** a value that `process.platform` might take: - `'win32'`, `'linux'`, etc.; determines how the string is to be formatted. - When omitted, effectively the same as `process.platform`. - -Returns **[String][2]** - -##### sh - -`ShellString.sh` is a template tag just like `sh`; the only difference is -that this function returns a ShellString which has not yet been formatted -into a String. - -Returns **[ShellString][5]** - -### Secret API - -Some internals of string formatting have been exposed for the ambitious and -brave souls who want to try to extend Puka to handle more shells or custom -interpolated values. This ‘secret’ API is partially documented in the code -but not here, and the semantic versioning guarantees on this API are bumped -down by one level: in other words, minor version releases of Puka can change -the secret API in backward-incompatible ways, and patch releases can add or -deprecate functionality. - -If it's not even documented in the code, use at your own risk—no semver -guarantees apply. - - -[1]: #the-sh-dsl - -[2]: https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String - -[3]: https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Boolean - -[4]: #quoteforshell - -[5]: #shellstring - -## The sh DSL - -### Syntax - -An `sh` template comprises words, separated by whitespace. Words can contain: - -- text, which is composed of any characters that are not whitespace, single or - double quotes, or any of the special characters - ``# $ & ( ) ; < > \ ` |``; -- quotations, which are matching single or double quotes surrounding any - characters other than the delimiting quote; and -- placeholders, using the standard JavaScript template syntax (`${}`). - (Placeholders may also appear inside quotations.) - -The special characters ``# $ & ( ) ; < > \ ` |``, if unquoted, form their own -words. - -Redirect operators (`<`, `>`, `>>`, `2>`, etc.) receive their own special -handling, as do semicolons. Other than these two exceptions, no attempt is made -to understand any more sophisticated features of shell syntax. - -Standard JavaScript escape sequences, such as `\t`, are honored in the template -literal, and are treated equivalently to the characters they represent. There -is no further mechanism for escaping within the `sh` DSL itself; in particular, -if you want to put quotes inside quotes, you have to use interpolation, like -this: - -```javascript -sh`echo "${'single = \', double = "'}"` // => "echo 'single = '\\'', double = \"'" -``` - -### Semantics - -Words that do not contain placeholders are emitted mostly verbatim to the -output string. Quotations are formatted in the expected style for the target -platform (single quotes for Unix, double quotes for Windows) regardless of the -quotes used in the template literal—as with JavaScript, single and double quotes -are interchangeable, except for the requirement to pair like with like. Unquoted -semicolons are translated to ampersands on Windows; all other special characters -(as enumerated above), when unquoted, are passed as-is to the output for the -shell to interpret. - -Puka may still quote words not containing the above special characters, if they -contain characters that need quoting on the target platform. For example, on -Windows, the character `%` is used for variable interpolation in `cmd.exe`, and -Puka quotes it on on that platform even if it appears unquoted in the template -literal. Consequently, there is no need to be paranoid about quoting anything -that doesn't look alphanumeric inside a `sh` template literal, for fear of being -burned on a different operating system; anything that matches the definition of -‘text’ above will never need manual quoting. - -#### Types of placeholders - -##### Strings - -If a word contains a string placeholder, then the value of the placeholder is -interpolated into the word and the entire word, if necessary, is quoted. If -the placeholder occurs within quotes, no further quoting is performed: - -```javascript -sh`script --file="${'herp derp'}.txt"`; // => "script --file='herp derp.txt'" -``` - -This behavior can be exploited to force consistent quoting, if desired; but -both of the examples below are safe on all platforms: - -```javascript -const words = ['oneword', 'two words']; -sh`minimal ${words[0]}`; // => "minimal oneword" -sh`minimal ${words[1]}`; // => "minimal 'two words'" -sh`consistent '${words[0]}'`; // => "consistent 'oneword'" -sh`consistent '${words[1]}'`; // => "consistent 'two words'" -``` - -##### Arrays and iterables - -If a word contains a placeholder for an array (or other iterable object), then -the entire word is repeated once for each value in the array, separated by -spaces. If the array is empty, then the word is not emitted at all, and neither -is any leading whitespace. - -```javascript -const files = ['foo', 'bar']; -sh`script ${files}`; // => "script foo bar" -sh`script --file=${files}`; // => "script --file=foo --file=bar" -sh`script --file=${[]}`; // => "script" -``` - -Note that, since special characters are their own words, the pipe operator here -is not repeated: - -```javascript -const cmd = ['script', 'foo', 'bar']; -sh`${cmd}|another-script`; // => "script foo bar|another-script" -``` - -Multiple arrays in the same word generate a Cartesian product: - -```javascript -const names = ['foo', 'bar'], exts = ['log', 'txt']; -// Same word -sh`... ${names}.${exts}`; // => "... foo.log foo.txt bar.log bar.txt" -sh`... "${names} ${exts}"`; // => "... 'foo log' 'foo txt' 'bar log' 'bar txt'" - -// Not the same word (extra space just for emphasis): -sh`... ${names} ${exts}`; // => "... foo bar log txt" -sh`... ${names};${exts}`; // => "... foo bar;log txt" -``` - -Finally, if a placeholder appears in the object of a redirect operator, the -entire redirect is repeated as necessary: - -```javascript -sh`script > ${['foo', 'bar']}.txt`; // => "script > foo.txt > bar.txt" -sh`script > ${[]}.txt`; // => "script" -``` - -##### unquoted - -The `unquoted` function returns a value that will skip being quoted when used -in a placeholder, alone or in an array. - -```javascript -const cmd = 'script < input.txt'; -const fields = ['foo', 'bar']; -sh`${unquoted(cmd)} | json ${fields}`; // => "script < input.txt | json foo bar" -``` - -##### ShellString - -If `ShellString.sh` is used to construct an unformatted ShellString, that value -can be used in a placeholder to insert the contents of the ShellString into the -outer template literal. This is safer than using `unquoted` as in the previous -example, but `unquoted` can be used when all you have is a string from another -(trusted!) source. - -```javascript -const url = 'http://example.com/data.json?x=1&y=2'; -const curl = ShellString.sh`curl -L ${url}`; -const fields = ['foo', 'bar']; -sh`${curl} | json ${fields}`; // => "curl -L 'http://example.com/data.json?x=1&y=2' | json foo bar" -``` - -##### Anything else - -... is treated like a string—namely, a value `x` is equivalent to `'' + x`, if -not in one of the above categories. diff --git a/node_modules/puka/index.js b/node_modules/puka/index.js deleted file mode 100644 index b69e47d7639db..0000000000000 --- a/node_modules/puka/index.js +++ /dev/null @@ -1,804 +0,0 @@ -'use strict'; - -Object.defineProperty(exports, '__esModule', { value: true }); - -/** - * Key a method on your object with this symbol and you can get special - * formatting for that value! See ShellStringText, ShellStringUnquoted, or - * shellStringSemicolon for examples. - * @ignore - */ -const formatSymbol = Symbol('format'); -/** - * This symbol is for implementing advanced behaviors like the need for extra - * carets in Windows shell strings that use pipes. If present, it's called in - * an earlier phase than formatSymbol, and is passed a mutable context that can - * be read during the format phase to influence formatting. - * @ignore - */ -const preformatSymbol = Symbol('preformat'); - -// When minimum Node version becomes 6, replace calls to sticky with /.../y and -// inline execFrom. -let stickySupported = true; -try { - new RegExp('', 'y'); -} catch (e) { - stickySupported = false; -} -const sticky = stickySupported ? source => new RegExp(source, 'y') : source => new RegExp(`^(?:${source})`); -const execFrom = stickySupported ? (re, haystack, index) => (re.lastIndex = index, re.exec(haystack)) : (re, haystack, index) => re.exec(haystack.substr(index)); - -function quoteForCmd(text, forceQuote) { - let caretDepth = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : 0; - // See the below blog post for an explanation of this function and - // quoteForWin32: - // https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/ - if (!text.length) { - return '""'; - } - if (/[\n\r]/.test(text)) { - throw new Error("Line breaks can't be quoted on Windows"); - } - const caretEscape = /["%]/.test(text); - text = quoteForWin32(text, forceQuote || !caretEscape && /[&()<>^|]/.test(text)); - if (caretEscape) { - // See Win32Context for explanation of what caretDepth is for. - do { - text = text.replace(/[\t "%&()<>^|]/g, '^$&'); - } while (caretDepth--); - } - return text; -} -const quoteForWin32 = (text, forceQuote) => forceQuote || /[\t "]/.test(text) ? `"${text.replace(/\\+(?=$|")/g, '$&$&').replace(/"/g, '\\"')}"` : text; -const cmdMetaChars = /[\t\n\r "%&()<>^|]/; -class Win32Context { - constructor() { - this.currentScope = newScope(null); - this.scopesByObject = new Map(); - this.argDetectState = 0; - this.argSet = new Set(); - } - read(text) { - // When cmd.exe executes a batch file, or pipes to or from one, it spawns a - // second copy of itself to run the inner command. This necessitates - // doubling up on carets so that escaped characters survive both cmd.exe - // invocations. See: - // https://stackoverflow.com/questions/8192318/why-does-delayed-expansion-fail-when-inside-a-piped-block-of-code#8194279 - // https://ss64.com/nt/syntax-redirection.html - // - // Parentheses can create an additional subshell, requiring additional - // escaping... it's a mess. - // - // So here's what we do about it: we read all unquoted text in a shell - // string and put it through this tiny parser that looks for pipes, - // sequence operators (&, &&, ||), redirects, and parentheses. This can't - // be part of the main Puka parsing, because it can be affected by - // `unquoted(...)` values provided at evaluation time. - // - // Then, after associating each thing that needs to be quoted with a scope - // (via `mark()`), and identifying whether or not it's an argument to a - // command, we can determine the depth of caret escaping required in each - // scope and pass it (via `Formatter::quote()`) to `quoteForCmd()`. - // - // See also `ShellStringText`, which holds the logic for the previous - // paragraph. - const length = text.length; - for (let pos = 0, match; pos < length;) { - while (match = execFrom(reUnimportant, text, pos)) { - if (match[2] == null) { - // (not whitespace) - if (match[1] != null) { - // (>&) - this.argDetectState = this.argDetectState === 0 ? ADS_FLAG_INITIAL_REDIRECT : 0; - } else if (this.argDetectState !== ADS_FLAG_ARGS) { - this.argDetectState |= ADS_FLAG_WORD; - } - } else { - // (whitespace) - if ((this.argDetectState & ADS_FLAG_WORD) !== 0) { - this.argDetectState = ADS_FLAG_ARGS & ~this.argDetectState >> 1; - } - } - pos += match[0].length; - } - if (pos >= length) break; - if (match = execFrom(reSeqOp, text, pos)) { - this.seq(); - pos += match[0].length; - } else { - const char = text.charCodeAt(pos); - if (char === CARET) { - pos += 2; - } else if (char === QUOTE) { - // If you were foolish enough to leave a dangling quotation mark in - // an unquoted span... you're likely to have bigger problems than - // incorrect escaping. So we just do the simplest thing of looking for - // the end quote only in this piece of text. - pos += execFrom(reNotQuote, text, pos + 1)[0].length + 2; - } else { - if (char === OPEN_PAREN) { - this.enterScope(); - } else if (char === CLOSE_PAREN) { - this.exitScope(); - } else if (char === PIPE) { - this.pipe(); - } else { - // (char === '<' or '>') - this.argDetectState = this.argDetectState === 0 ? ADS_FLAG_INITIAL_REDIRECT : 0; - } - pos++; - } - } - } - } - enterScope() { - this.currentScope = newScope(this.currentScope); - this.argDetectState = 0; - } - exitScope() { - this.currentScope = this.currentScope.parent || (this.currentScope.parent = newScope(null)); - this.argDetectState = ADS_FLAG_ARGS; - } - seq() { - // | binds tighter than sequence operators, so the latter create new sibling - // scopes for future |s to mutate. - this.currentScope = newScope(this.currentScope.parent); - this.argDetectState = 0; - } - pipe() { - this.currentScope.depthDelta = 1; - this.argDetectState = 0; - } - mark(obj) { - this.scopesByObject.set(obj, this.currentScope); - if (this.argDetectState === ADS_FLAG_ARGS) { - this.argSet.add(obj); - } else { - this.argDetectState |= ADS_FLAG_WORD; - } - } - at(obj) { - const scope = this.scopesByObject.get(obj); - return { - depth: getDepth(scope), - isArgument: this.argSet.has(obj), - isNative: scope.isNative - }; - } -} -// These flags span the Win32Context's argument detection state machine. WORD -// is set when the context is inside a word that is not an argument (meaning it -// is either the first word in the command, or it is the object of a redirect). -// ARGS is set when the context has reached the arguments of a command. -// INITIAL_REDIRECT tracks the edge case when a redirect occurs before the -// first word of the command (if this flag is set, reaching the end of a word -// should take the state machine back to 0 instead of setting ADS_FLAG_ARGS). -const ADS_FLAG_WORD = 0x1; -const ADS_FLAG_ARGS = 0x2; -const ADS_FLAG_INITIAL_REDIRECT = 0x4; -const getDepth = scope => scope === null ? 0 : scope.depth !== -1 ? scope.depth : scope.depth = getDepth(scope.parent) + scope.depthDelta; -const newScope = parent => ({ - parent, - depthDelta: 0, - depth: -1, - isNative: false -}); -const CARET = '^'.charCodeAt(); -const QUOTE = '"'.charCodeAt(); -const OPEN_PAREN = '('.charCodeAt(); -const CLOSE_PAREN = ')'.charCodeAt(); -const PIPE = '|'.charCodeAt(); -const reNotQuote = sticky('[^"]*'); -const reSeqOp = sticky('&&?|\\|\\|'); -const reUnimportant = sticky('(\\d*>&)|[^\\s"$&()<>^|]+|(\\s+)'); - -const quoteForSh = (text, forceQuote) => text.length ? forceQuote || shMetaChars.test(text) ? `'${text.replace(/'/g, "'\\''")}'`.replace(/^(?:'')+(?!$)/, '').replace(/\\'''/g, "\\'") : text : "''"; -const shMetaChars = /[\t\n\r "#$&'()*;<>?\\`|~]/; - -/** - * To get a Formatter, call `Formatter.for`. - * - * To create a new Formatter, pass an object to `Formatter.declare`. - * - * To set the global default Formatter, assign to `Formatter.default`. - * - * @class - * @property {Formatter} default - The Formatter to be used when no platform - * is provided—for example, when creating strings with `sh`. - * @ignore - */ -function Formatter() {} -Object.assign(Formatter, -/** @lends Formatter */ -{ - /** - * Gets a Formatter that has been declared for the provided platform, or - * the base `'sh'` formatter if there is no Formatter specific to this - * platform, or the Formatter for the current platform if no specific platform - * is provided. - */ - for(platform) { - return platform == null ? Formatter.default || (Formatter.default = Formatter.for(process.platform)) : Formatter._registry.get(platform) || Formatter._registry.get('sh'); - }, - /** - * Creates a new Formatter or mutates the properties on an existing - * Formatter. The `platform` key on the provided properties object determines - * when the Formatter is retrieved. - */ - declare(props) { - const platform = props && props.platform || 'sh'; - const existingFormatter = Formatter._registry.get(platform); - const formatter = Object.assign(existingFormatter || new Formatter(), props); - formatter.emptyString === void 0 && (formatter.emptyString = formatter.quote('', true)); - existingFormatter || Formatter._registry.set(formatter.platform, formatter); - }, - _registry: new Map(), - prototype: { - platform: 'sh', - quote: quoteForSh, - metaChars: shMetaChars, - hasExtraMetaChars: false, - statementSeparator: ';', - createContext() { - return defaultContext; - } - } -}); -const defaultContext = { - at() {} -}; -Formatter.declare(); -Formatter.declare({ - platform: 'win32', - quote(text, forceQuote, opts) { - const caretDepth = opts ? (opts.depth || 0) + (opts.isArgument && !opts.isNative ? 1 : 0) : 0; - return quoteForCmd(text, forceQuote, caretDepth); - }, - metaChars: cmdMetaChars, - hasExtraMetaChars: true, - statementSeparator: '&', - createContext(root) { - const context = new this.Context(); - root[preformatSymbol](context); - return context; - }, - Context: Win32Context -}); - -const isObject = any => any === Object(any); -function memoize(f) { - const cache = new WeakMap(); - return arg => { - let result = cache.get(arg); - if (result === void 0) { - result = f(arg); - cache.set(arg, result); - } - return result; - }; -} - -/** - * Represents a contiguous span of text that may or must be quoted. The contents - * may already contain quoted segments, which will always be quoted. If unquoted - * segments also require quoting, the entire span will be quoted together. - * @ignore - */ -class ShellStringText { - constructor(contents, untested) { - this.contents = contents; - this.untested = untested; - } - [formatSymbol](formatter, context) { - const unformattedContents = this.contents; - const length = unformattedContents.length; - const contents = new Array(length); - for (let i = 0; i < length; i++) { - const c = unformattedContents[i]; - contents[i] = isObject(c) && formatSymbol in c ? c[formatSymbol](formatter) : c; - } - for (let unquoted = true, i = 0; i < length; i++) { - const content = contents[i]; - if (content === null) { - unquoted = !unquoted; - } else { - if (unquoted && (formatter.hasExtraMetaChars || this.untested && this.untested.has(i)) && formatter.metaChars.test(content)) { - return formatter.quote(contents.join(''), false, context.at(this)); - } - } - } - const parts = []; - for (let quoted = null, i = 0; i < length; i++) { - const content = contents[i]; - if (content === null) { - quoted = quoted ? (parts.push(formatter.quote(quoted.join(''), true, context.at(this))), null) : []; - } else { - (quoted || parts).push(content); - } - } - const result = parts.join(''); - return result.length ? result : formatter.emptyString; - } - [preformatSymbol](context) { - context.mark(this); - } -} - -/** - * Represents a contiguous span of text that will not be quoted. - * @ignore - */ -class ShellStringUnquoted { - constructor(value) { - this.value = value; - } - [formatSymbol]() { - return this.value; - } - [preformatSymbol](context) { - context.read(this.value); - } -} - -/** - * Represents a semicolon... or an ampersand, on Windows. - * @ignore - */ -const shellStringSemicolon = { - [formatSymbol](formatter) { - return formatter.statementSeparator; - }, - [preformatSymbol](context) { - context.seq(); - } -}; - -const PLACEHOLDER = {}; -const parse = memoize(templateSpans => { - // These are the token types our DSL can recognize. Their values won't escape - // this function. - const TOKEN_TEXT = 0; - const TOKEN_QUOTE = 1; - const TOKEN_SEMI = 2; - const TOKEN_UNQUOTED = 3; - const TOKEN_SPACE = 4; - const TOKEN_REDIRECT = 5; - const result = []; - let placeholderCount = 0; - let prefix = null; - let onlyPrefixOnce = false; - let contents = []; - let quote = 0; - const lastSpan = templateSpans.length - 1; - for (let spanIndex = 0; spanIndex <= lastSpan; spanIndex++) { - const templateSpan = templateSpans[spanIndex]; - const posEnd = templateSpan.length; - let tokenStart = 0; - if (spanIndex) { - placeholderCount++; - contents.push(PLACEHOLDER); - } - // For each span, we first do a recognizing pass in which we use regular - // expressions to identify the positions of tokens in the text, and then - // a second pass that actually splits the text into the minimum number of - // substrings necessary. - const recognized = []; // [type1, index1, type2, index2...] - let firstWordBreak = -1; - let lastWordBreak = -1; - { - let pos = 0, - match; - while (pos < posEnd) { - if (quote) { - if (match = execFrom(quote === CHAR_SQUO ? reQuotation1 : reQuotation2, templateSpan, pos)) { - recognized.push(TOKEN_TEXT, pos); - pos += match[0].length; - } - if (pos < posEnd) { - recognized.push(TOKEN_QUOTE, pos++); - quote = 0; - } - } else { - if (match = execFrom(reRedirectOrSpace, templateSpan, pos)) { - firstWordBreak < 0 && (firstWordBreak = pos); - lastWordBreak = pos; - recognized.push(match[1] ? TOKEN_REDIRECT : TOKEN_SPACE, pos); - pos += match[0].length; - } - if (match = execFrom(reText, templateSpan, pos)) { - const setBreaks = match[1] != null; - setBreaks && firstWordBreak < 0 && (firstWordBreak = pos); - recognized.push(setBreaks ? TOKEN_UNQUOTED : TOKEN_TEXT, pos); - pos += match[0].length; - setBreaks && (lastWordBreak = pos); - } - const char = templateSpan.charCodeAt(pos); - if (char === CHAR_SEMI) { - firstWordBreak < 0 && (firstWordBreak = pos); - recognized.push(TOKEN_SEMI, pos++); - lastWordBreak = pos; - } else if (char === CHAR_SQUO || char === CHAR_DQUO) { - recognized.push(TOKEN_QUOTE, pos++); - quote = char; - } - } - } - } - // Word breaks are only important if they separate words with placeholders, - // so we can ignore the first/last break if this is the first/last span. - spanIndex === 0 && (firstWordBreak = -1); - spanIndex === lastSpan && (lastWordBreak = posEnd); - // Here begins the second pass mentioned above. This loop runs one more - // iteration than there are tokens in recognized, because it handles tokens - // on a one-iteration delay; hence the i <= iEnd instead of i < iEnd. - const iEnd = recognized.length; - for (let i = 0, type = -1; i <= iEnd; i += 2) { - let typeNext = -1, - pos; - if (i === iEnd) { - pos = posEnd; - } else { - typeNext = recognized[i]; - pos = recognized[i + 1]; - // If the next token is space or redirect, but there's another word - // break in this span, then we can handle that token the same way we - // would handle unquoted text because it isn't being attached to a - // placeholder. - typeNext >= TOKEN_SPACE && pos !== lastWordBreak && (typeNext = TOKEN_UNQUOTED); - } - const breakHere = pos === firstWordBreak || pos === lastWordBreak; - if (pos && (breakHere || typeNext !== type)) { - let value = type === TOKEN_QUOTE ? null : type === TOKEN_SEMI ? shellStringSemicolon : templateSpan.substring(tokenStart, pos); - if (type >= TOKEN_SEMI) { - // This branch handles semicolons, unquoted text, spaces, and - // redirects. shellStringSemicolon is already a formatSymbol object; - // the rest need to be wrapped. - type === TOKEN_SEMI || (value = new ShellStringUnquoted(value)); - // We don't need to check placeholderCount here like we do below; - // that's only relevant during the first word break of the span, and - // because this iteration of the loop is processing the token that - // was checked for breaks in the previous iteration, it will have - // already been handled. For the same reason, prefix is guaranteed to - // be null. - if (contents.length) { - result.push(new ShellStringText(contents, null)); - contents = []; - } - // Only spaces and redirects become prefixes, but not if they've been - // rewritten to unquoted above. - if (type >= TOKEN_SPACE) { - prefix = value; - onlyPrefixOnce = type === TOKEN_SPACE; - } else { - result.push(value); - } - } else { - contents.push(value); - } - tokenStart = pos; - } - if (breakHere) { - if (placeholderCount) { - result.push({ - contents, - placeholderCount, - prefix, - onlyPrefixOnce - }); - } else { - // There's no prefix to handle in this branch; a prefix prior to this - // span would mean placeholderCount > 0, and a prefix in this span - // can't be created because spaces and redirects get rewritten to - // unquoted before the last word break. - contents.length && result.push(new ShellStringText(contents, null)); - } - placeholderCount = 0; - prefix = null; - onlyPrefixOnce = false; - contents = []; - } - type = typeNext; - } - } - if (quote) { - throw new SyntaxError(`String is missing a ${String.fromCharCode(quote)} character`); - } - return result; -}); -const CHAR_SEMI = ';'.charCodeAt(); -const CHAR_SQUO = "'".charCodeAt(); -const CHAR_DQUO = '"'.charCodeAt(); -const reQuotation1 = sticky("[^']+"); -const reQuotation2 = sticky('[^"]+'); -const reText = sticky('[^\\s"#$&\'();<>\\\\`|]+|([#$&()\\\\`|]+)'); -const reRedirectOrSpace = sticky('(\\s*\\d*[<>]+\\s*)|\\s+'); - -class BitSet { - constructor() { - this.vector = new Int32Array(1); - } - has(n) { - return (this.vector[n >>> 5] & 1 << n) !== 0; - } - add(n) { - const i = n >>> 5, - requiredLength = i + 1; - let vector = this.vector, - _vector = vector, - length = _vector.length; - if (requiredLength > length) { - while (requiredLength > (length *= 2)); - const oldValues = vector; - vector = new Int32Array(length); - vector.set(oldValues); - this.vector = vector; - } - vector[i] |= 1 << n; - } -} - -function evaluate(template, values) { - values = values.map(toStringishArray); - const children = []; - let valuesStart = 0; - for (let i = 0, iMax = template.length; i < iMax; i++) { - const word = template[i]; - if (formatSymbol in word) { - children.push(word); - continue; - } - const contents = word.contents, - placeholderCount = word.placeholderCount, - prefix = word.prefix, - onlyPrefixOnce = word.onlyPrefixOnce; - const kMax = contents.length; - const valuesEnd = valuesStart + placeholderCount; - const tuples = cartesianProduct(values, valuesStart, valuesEnd); - valuesStart = valuesEnd; - for (let j = 0, jMax = tuples.length; j < jMax; j++) { - const needSpace = j > 0; - const tuple = tuples[j]; - (needSpace || prefix) && children.push(needSpace && (onlyPrefixOnce || !prefix) ? unquotedSpace : prefix); - let interpolatedContents = []; - let untested = null; - let quoting = false; - let tupleIndex = 0; - for (let k = 0; k < kMax; k++) { - const content = contents[k]; - if (content === PLACEHOLDER) { - const value = tuple[tupleIndex++]; - if (quoting) { - interpolatedContents.push(value); - } else { - if (isObject(value) && formatSymbol in value) { - if (interpolatedContents.length) { - children.push(new ShellStringText(interpolatedContents, untested)); - interpolatedContents = []; - untested = null; - } - children.push(value); - } else { - (untested || (untested = new BitSet())).add(interpolatedContents.length); - interpolatedContents.push(value); - } - } - } else { - interpolatedContents.push(content); - content === null && (quoting = !quoting); - } - } - if (interpolatedContents.length) { - children.push(new ShellStringText(interpolatedContents, untested)); - } - } - } - return children; -} -const primToStringish = value => value == null ? '' + value : value; -function toStringishArray(value) { - let array; - switch (true) { - default: - if (isObject(value)) { - if (Array.isArray(value)) { - array = value; - break; - } - if (Symbol.iterator in value) { - array = Array.from(value); - break; - } - } - array = [value]; - } - return array.map(primToStringish); -} -function cartesianProduct(arrs, start, end) { - const size = end - start; - let resultLength = 1; - for (let i = start; i < end; i++) { - resultLength *= arrs[i].length; - } - if (resultLength > 1e6) { - throw new RangeError("Far too many elements to interpolate"); - } - const result = new Array(resultLength); - const indices = new Array(size).fill(0); - for (let i = 0; i < resultLength; i++) { - const value = result[i] = new Array(size); - for (let j = 0; j < size; j++) { - value[j] = arrs[j + start][indices[j]]; - } - for (let j = size - 1; j >= 0; j--) { - if (++indices[j] < arrs[j + start].length) break; - indices[j] = 0; - } - } - return result; -} -const unquotedSpace = new ShellStringUnquoted(' '); - -/** - * A ShellString represents a shell command after it has been interpolated, but - * before it has been formatted for a particular platform. ShellStrings are - * useful if you want to prepare a command for a different platform than the - * current one, for instance. - * - * To create a ShellString, use `ShellString.sh` the same way you would use - * top-level `sh`. - */ -class ShellString { - /** @hideconstructor */ - constructor(children) { - this.children = children; - } - /** - * `ShellString.sh` is a template tag just like `sh`; the only difference is - * that this function returns a ShellString which has not yet been formatted - * into a String. - * @returns {ShellString} - * @function sh - * @static - * @memberof ShellString - */ - static sh(templateSpans) { - for (var _len = arguments.length, values = new Array(_len > 1 ? _len - 1 : 0), _key = 1; _key < _len; _key++) { - values[_key - 1] = arguments[_key]; - } - return new ShellString(evaluate(parse(templateSpans), values)); - } - /** - * A method to format a ShellString into a regular String formatted for a - * particular platform. - * - * @param {String} [platform] a value that `process.platform` might take: - * `'win32'`, `'linux'`, etc.; determines how the string is to be formatted. - * When omitted, effectively the same as `process.platform`. - * @returns {String} - */ - toString(platform) { - return this[formatSymbol](Formatter.for(platform)); - } - [formatSymbol](formatter) { - let context = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : formatter.createContext(this); - return this.children.map(child => child[formatSymbol](formatter, context)).join(''); - } - [preformatSymbol](context) { - const children = this.children; - for (let i = 0, iMax = children.length; i < iMax; i++) { - const child = children[i]; - if (preformatSymbol in child) { - child[preformatSymbol](context); - } - } - } -} - -/** - * A Windows-specific version of {@link quoteForShell}. - * @param {String} text to be quoted - * @param {Boolean} [forceQuote] whether to always add quotes even if the string - * is already safe. Defaults to `false`. - */ - -/** - * A Unix-specific version of {@link quoteForShell}. - * @param {String} text to be quoted - * @param {Boolean} [forceQuote] whether to always add quotes even if the string - * is already safe. Defaults to `false`. - */ - -/** - * Quotes a string for injecting into a shell command. - * - * This function is exposed for some hypothetical case when the `sh` DSL simply - * won't do; `sh` is expected to be the more convenient option almost always. - * Compare: - * - * ```javascript - * console.log('cmd' + args.map(a => ' ' + quoteForShell(a)).join('')); - * console.log(sh`cmd ${args}`); // same as above - * - * console.log('cmd' + args.map(a => ' ' + quoteForShell(a, true)).join('')); - * console.log(sh`cmd "${args}"`); // same as above - * ``` - * - * Additionally, on Windows, `sh` checks the entire command string for pipes, - * which subtly change how arguments need to be quoted. If your commands may - * involve pipes, you are strongly encouraged to use `sh` and not try to roll - * your own with `quoteForShell`. - * - * @param {String} text to be quoted - * @param {Boolean} [forceQuote] whether to always add quotes even if the string - * is already safe. Defaults to `false`. - * @param {String} [platform] a value that `process.platform` might take: - * `'win32'`, `'linux'`, etc.; determines how the string is to be formatted. - * When omitted, effectively the same as `process.platform`. - * - * @returns {String} a string that is safe for the current (or specified) - * platform. - */ -function quoteForShell(text, forceQuote, platform) { - return Formatter.for(platform).quote(text, forceQuote); -} - -/** - * A string template tag for safely constructing cross-platform shell commands. - * - * An `sh` template is not actually treated as a literal string to be - * interpolated; instead, it is a tiny DSL designed to make working with shell - * strings safe, simple, and straightforward. To get started quickly, see the - * examples below. {@link #the-sh-dsl More detailed documentation} is available - * further down. - * - * @name sh - * @example - * const title = '"this" & "that"'; - * sh`script --title=${title}`; // => "script '--title=\"this\" & \"that\"'" - * // Note: these examples show results for non-Windows platforms. - * // On Windows, the above would instead be - * // 'script ^^^"--title=\\^^^"this\\^^^" ^^^& \\^^^"that\\^^^"^^^"'. - * - * const names = ['file1', 'file 2']; - * sh`rimraf ${names}.txt`; // => "rimraf file1.txt 'file 2.txt'" - * - * const cmd1 = ['cat', 'file 1.txt', 'file 2.txt']; - * const cmd2 = ['use-input', '-abc']; - * sh`${cmd1}|${cmd2}`; // => "cat 'file 1.txt' 'file 2.txt'|use-input -abc" - * - * @returns {String} - a string formatted for the platform Node is currently - * running on. - */ -const sh = function () { - return ShellString.sh.apply(ShellString, arguments).toString(); -}; - -/** - * This function permits raw strings to be interpolated into a `sh` template. - * - * **IMPORTANT**: If you're using Puka due to security concerns, make sure you - * don't pass any untrusted content to `unquoted`. This may be obvious, but - * stray punctuation in an `unquoted` section can compromise the safety of the - * entire shell command. - * - * @param value - any value (it will be treated as a string) - * - * @example - * const both = true; - * sh`foo ${unquoted(both ? '&&' : '||')} bar`; // => 'foo && bar' - */ -const unquoted = value => new ShellStringUnquoted(value); - -exports.Formatter = Formatter; -exports.ShellString = ShellString; -exports.ShellStringText = ShellStringText; -exports.ShellStringUnquoted = ShellStringUnquoted; -exports.quoteForCmd = quoteForCmd; -exports.quoteForSh = quoteForSh; -exports.quoteForShell = quoteForShell; -exports.sh = sh; -exports.shellStringSemicolon = shellStringSemicolon; -exports.formatSymbol = formatSymbol; -exports.preformatSymbol = preformatSymbol; -exports.unquoted = unquoted; diff --git a/node_modules/puka/package.json b/node_modules/puka/package.json deleted file mode 100644 index 41798dc2493b8..0000000000000 --- a/node_modules/puka/package.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "name": "puka", - "version": "1.0.1", - "description": "A cross-platform library for safely passing strings through shells", - "keywords": [ - "args", - "arguments", - "cmd", - "command", - "command-line", - "cross-platform", - "escape", - "escaping", - "exec", - "linux", - "mac", - "macos", - "osx", - "quote", - "quoting", - "sh", - "shell", - "spawn", - "unix", - "win", - "win32", - "windows" - ], - "homepage": "https://gitlab.com/rhendric/puka", - "bugs": "https://gitlab.com/rhendric/puka/issues", - "license": "MIT", - "author": "Ryan Hendrickson ", - "repository": "gitlab:rhendric/puka", - "dependencies": {}, - "engines": { - "node": ">=4" - } -} \ No newline at end of file diff --git a/node_modules/semver/package.json b/node_modules/semver/package.json index d4043d38a1352..4e1154195a5f1 100644 --- a/node_modules/semver/package.json +++ b/node_modules/semver/package.json @@ -1,6 +1,6 @@ { "name": "semver", - "version": "7.3.4", + "version": "7.3.5", "description": "The semantic version parser used by npm.", "main": "index.js", "scripts": { diff --git a/node_modules/semver/ranges/subset.js b/node_modules/semver/ranges/subset.js index bb7d15fe2696b..532fd1364ce75 100644 --- a/node_modules/semver/ranges/subset.js +++ b/node_modules/semver/ranges/subset.js @@ -1,20 +1,28 @@ const Range = require('../classes/range.js') -const { ANY } = require('../classes/comparator.js') +const Comparator = require('../classes/comparator.js') +const { ANY } = Comparator const satisfies = require('../functions/satisfies.js') const compare = require('../functions/compare.js') // Complex range `r1 || r2 || ...` is a subset of `R1 || R2 || ...` iff: -// - Every simple range `r1, r2, ...` is a subset of some `R1, R2, ...` +// - Every simple range `r1, r2, ...` is a null set, OR +// - Every simple range `r1, r2, ...` which is not a null set is a subset of +// some `R1, R2, ...` // // Simple range `c1 c2 ...` is a subset of simple range `C1 C2 ...` iff: // - If c is only the ANY comparator // - If C is only the ANY comparator, return true -// - Else return false +// - Else if in prerelease mode, return false +// - else replace c with `[>=0.0.0]` +// - If C is only the ANY comparator +// - if in prerelease mode, return true +// - else replace C with `[>=0.0.0]` // - Let EQ be the set of = comparators in c // - If EQ is more than one, return true (null set) // - Let GT be the highest > or >= comparator in c // - Let LT be the lowest < or <= comparator in c // - If GT and LT, and GT.semver > LT.semver, return true (null set) +// - If any C is a = range, and GT or LT are set, return false // - If EQ // - If GT, and EQ does not satisfy GT, return true (null set) // - If LT, and EQ does not satisfy LT, return true (null set) @@ -23,13 +31,16 @@ const compare = require('../functions/compare.js') // - If GT // - If GT.semver is lower than any > or >= comp in C, return false // - If GT is >=, and GT.semver does not satisfy every C, return false +// - If GT.semver has a prerelease, and not in prerelease mode +// - If no C has a prerelease and the GT.semver tuple, return false // - If LT // - If LT.semver is greater than any < or <= comp in C, return false // - If LT is <=, and LT.semver does not satisfy every C, return false -// - If any C is a = range, and GT or LT are set, return false +// - If GT.semver has a prerelease, and not in prerelease mode +// - If no C has a prerelease and the LT.semver tuple, return false // - Else return true -const subset = (sub, dom, options) => { +const subset = (sub, dom, options = {}) => { if (sub === dom) return true @@ -58,8 +69,21 @@ const simpleSubset = (sub, dom, options) => { if (sub === dom) return true - if (sub.length === 1 && sub[0].semver === ANY) - return dom.length === 1 && dom[0].semver === ANY + if (sub.length === 1 && sub[0].semver === ANY) { + if (dom.length === 1 && dom[0].semver === ANY) + return true + else if (options.includePrerelease) + sub = [ new Comparator('>=0.0.0-0') ] + else + sub = [ new Comparator('>=0.0.0') ] + } + + if (dom.length === 1 && dom[0].semver === ANY) { + if (options.includePrerelease) + return true + else + dom = [ new Comparator('>=0.0.0') ] + } const eqSet = new Set() let gt, lt @@ -102,10 +126,32 @@ const simpleSubset = (sub, dom, options) => { let higher, lower let hasDomLT, hasDomGT + // if the subset has a prerelease, we need a comparator in the superset + // with the same tuple and a prerelease, or it's not a subset + let needDomLTPre = lt && + !options.includePrerelease && + lt.semver.prerelease.length ? lt.semver : false + let needDomGTPre = gt && + !options.includePrerelease && + gt.semver.prerelease.length ? gt.semver : false + // exception: <1.2.3-0 is the same as <1.2.3 + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && + lt.operator === '<' && needDomLTPre.prerelease[0] === 0) { + needDomLTPre = false + } + for (const c of dom) { hasDomGT = hasDomGT || c.operator === '>' || c.operator === '>=' hasDomLT = hasDomLT || c.operator === '<' || c.operator === '<=' if (gt) { + if (needDomGTPre) { + if (c.semver.prerelease && c.semver.prerelease.length && + c.semver.major === needDomGTPre.major && + c.semver.minor === needDomGTPre.minor && + c.semver.patch === needDomGTPre.patch) { + needDomGTPre = false + } + } if (c.operator === '>' || c.operator === '>=') { higher = higherGT(gt, c, options) if (higher === c && higher !== gt) @@ -114,6 +160,14 @@ const simpleSubset = (sub, dom, options) => { return false } if (lt) { + if (needDomLTPre) { + if (c.semver.prerelease && c.semver.prerelease.length && + c.semver.major === needDomLTPre.major && + c.semver.minor === needDomLTPre.minor && + c.semver.patch === needDomLTPre.patch) { + needDomLTPre = false + } + } if (c.operator === '<' || c.operator === '<=') { lower = lowerLT(lt, c, options) if (lower === c && lower !== lt) @@ -134,6 +188,12 @@ const simpleSubset = (sub, dom, options) => { if (lt && hasDomGT && !gt && gtltComp !== 0) return false + // we needed a prerelease range in a specific tuple, but didn't get one + // then this isn't a subset. eg >=1.2.3-pre is not a subset of >=1.0.0, + // because it includes prereleases in the 1.2.3 tuple + if (needDomGTPre || needDomLTPre) + return false + return true } diff --git a/package-lock.json b/package-lock.json index 42c635fbfe4bc..983683b4446f3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "npm", - "version": "7.6.3", + "version": "7.7.0", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "npm", - "version": "7.6.3", + "version": "7.7.0", "bundleDependencies": [ "@npmcli/arborist", "@npmcli/ci-detect", @@ -209,7 +209,6 @@ "promise-retry", "promzard", "psl", - "puka", "punycode", "qs", "read-cmd-shim", @@ -252,16 +251,16 @@ ], "license": "Artistic-2.0", "dependencies": { - "@npmcli/arborist": "^2.2.8", + "@npmcli/arborist": "^2.2.9", "@npmcli/ci-detect": "^1.2.0", - "@npmcli/config": "^1.2.9", - "@npmcli/run-script": "^1.8.3", + "@npmcli/config": "^2.0.0", + "@npmcli/run-script": "^1.8.4", "abbrev": "~1.1.1", "ansicolors": "~0.3.2", "ansistyles": "~0.1.3", "archy": "~1.0.0", "byte-size": "^7.0.1", - "cacache": "^15.0.5", + "cacache": "^15.0.6", "chalk": "^4.1.0", "chownr": "^2.0.0", "cli-columns": "^3.1.2", @@ -269,7 +268,7 @@ "columnify": "~1.5.4", "glob": "^7.1.4", "graceful-fs": "^4.2.6", - "hosted-git-info": "^3.0.8", + "hosted-git-info": "^4.0.1", "ini": "^2.0.0", "init-package-json": "^2.0.2", "is-cidr": "^4.0.2", @@ -284,7 +283,7 @@ "libnpmpublish": "^4.0.0", "libnpmsearch": "^3.1.0", "libnpmteam": "^2.0.2", - "libnpmversion": "^1.0.11", + "libnpmversion": "^1.0.12", "make-fetch-happen": "^8.0.14", "minipass": "^3.1.3", "minipass-pipeline": "^1.2.4", @@ -294,14 +293,14 @@ "node-gyp": "^7.1.2", "nopt": "^5.0.0", "npm-audit-report": "^2.1.4", - "npm-package-arg": "^8.1.1", - "npm-pick-manifest": "^6.1.0", + "npm-package-arg": "^8.1.2", + "npm-pick-manifest": "^6.1.1", "npm-profile": "^5.0.2", "npm-registry-fetch": "^9.0.0", "npm-user-validate": "^1.0.1", "npmlog": "~4.1.2", "opener": "^1.5.2", - "pacote": "^11.3.0", + "pacote": "^11.3.1", "parse-conflict-json": "^1.1.1", "qrcode-terminal": "^0.12.0", "read": "~1.0.7", @@ -309,7 +308,7 @@ "read-package-json-fast": "^2.0.2", "readdir-scoped-modules": "^1.1.0", "rimraf": "^3.0.2", - "semver": "^7.3.4", + "semver": "^7.3.5", "ssri": "^8.0.1", "tar": "^6.1.0", "text-table": "~0.2.0", @@ -326,17 +325,17 @@ "devDependencies": { "@mdx-js/mdx": "^1.6.22", "cmark-gfm": "^0.8.5", - "eslint": "^7.21.0", + "eslint": "^7.22.0", "eslint-plugin-import": "^2.22.1", "eslint-plugin-node": "^11.1.0", "eslint-plugin-promise": "^4.3.1", "eslint-plugin-standard": "^5.0.0", - "jsdom": "^16.4.0", + "jsdom": "^16.5.1", "licensee": "^8.1.0", "marked-man": "^0.7.0", "require-inject": "^1.4.4", "tap": "^14.11.0", - "yaml": "^1.10.0" + "yaml": "^1.10.2" }, "engines": { "node": ">=10" @@ -812,9 +811,9 @@ } }, "node_modules/@npmcli/arborist": { - "version": "2.2.8", - "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.2.8.tgz", - "integrity": "sha512-Wct6W0oXYqc0SU3ad2zr3xIZ0+mOcBRO/hO4JpuYalKIwha+X6es8pj7iexZKLU7ichBSdkEqo+3dqeJg1+qVQ==", + "version": "2.2.9", + "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.2.9.tgz", + "integrity": "sha512-ddC/CCAEHh28XYtgSAOudchdphNXcgErdYxwsEiykc2YbRA9Z+4XjI0BdBdXvv22DvkpO7zotUSxlVTcJmdURw==", "inBundle": true, "dependencies": { "@npmcli/installed-package-contents": "^1.0.7", @@ -840,7 +839,7 @@ "promise-call-limit": "^1.0.1", "read-package-json-fast": "^2.0.2", "readdir-scoped-modules": "^1.1.0", - "semver": "^7.3.4", + "semver": "^7.3.5", "tar": "^6.1.0", "treeverse": "^1.0.4", "walk-up-path": "^1.0.0" @@ -856,9 +855,9 @@ "inBundle": true }, "node_modules/@npmcli/config": { - "version": "1.2.9", - "resolved": "https://registry.npmjs.org/@npmcli/config/-/config-1.2.9.tgz", - "integrity": "sha512-d7mx35ju9HFg0gNHiwMU0HXCJk1esAeRdMktLeD+K2K2awkZyEm1FyX+g8iuZbmWGAaFP/aGiXo7a0lKlmp6Xg==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/config/-/config-2.0.0.tgz", + "integrity": "sha512-3OKVmO63FJRIrcsVI/njCC7QGKSfdCrIUUV+sP5ql8QdaPqXuaFCImqCYFDzGkcrP8PTOS3jbrRsU0Yzm04n3g==", "inBundle": true, "dependencies": { "ini": "^2.0.0", @@ -977,16 +976,15 @@ } }, "node_modules/@npmcli/run-script": { - "version": "1.8.3", - "resolved": "https://registry.npmjs.org/@npmcli/run-script/-/run-script-1.8.3.tgz", - "integrity": "sha512-ELPGWAVU/xyU+A+H3pEPj0QOvYwLTX71RArXcClFzeiyJ/b/McsZ+d0QxpznvfFtZzxGN/gz/1cvlqICR4/suQ==", + "version": "1.8.4", + "resolved": "https://registry.npmjs.org/@npmcli/run-script/-/run-script-1.8.4.tgz", + "integrity": "sha512-Yd9HXTtF1JGDXZw0+SOn+mWLYS0e7bHBHVC/2C8yqs4wUrs/k8rwBSinD7rfk+3WG/MFGRZKxjyoD34Pch2E/A==", "inBundle": true, "dependencies": { "@npmcli/node-gyp": "^1.0.2", "@npmcli/promise-spawn": "^1.3.2", "infer-owner": "^1.0.4", "node-gyp": "^7.1.0", - "puka": "^1.0.1", "read-package-json-fast": "^2.0.1" } }, @@ -1584,9 +1582,9 @@ } }, "node_modules/cacache": { - "version": "15.0.5", - "resolved": "https://registry.npmjs.org/cacache/-/cacache-15.0.5.tgz", - "integrity": "sha512-lloiL22n7sOjEEXdL8NAjTgv9a1u43xICE9/203qonkZUCj5X1UEWIdf2/Y0d6QcCtMzbKQyhrcDbdvlZTs/+A==", + "version": "15.0.6", + "resolved": "https://registry.npmjs.org/cacache/-/cacache-15.0.6.tgz", + "integrity": "sha512-g1WYDMct/jzW+JdWEyjaX2zoBkZ6ZT9VpOyp2I/VMtDsNLffNat3kqPFfi1eDRSK9/SuKGyORDHcQMcPF8sQ/w==", "inBundle": true, "dependencies": { "@npmcli/move-file": "^1.0.1", @@ -1603,7 +1601,7 @@ "p-map": "^4.0.0", "promise-inflight": "^1.0.1", "rimraf": "^3.0.2", - "ssri": "^8.0.0", + "ssri": "^8.0.1", "tar": "^6.0.2", "unique-filename": "^1.1.1" }, @@ -2630,9 +2628,9 @@ } }, "node_modules/eslint": { - "version": "7.21.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-7.21.0.tgz", - "integrity": "sha512-W2aJbXpMNofUp0ztQaF40fveSsJBjlSCSWpy//gzfTvwC+USs/nceBrKmlJOiM8r1bLwP2EuYkCqArn/6QTIgg==", + "version": "7.22.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-7.22.0.tgz", + "integrity": "sha512-3VawOtjSJUQiiqac8MQc+w457iGLfuNGLFn8JmF051tTKbh5/x/0vlcEj8OgDCaw7Ysa2Jn8paGshV7x2abKXg==", "dev": true, "dependencies": { "@babel/code-frame": "7.12.11", @@ -2652,7 +2650,7 @@ "file-entry-cache": "^6.0.1", "functional-red-black-tree": "^1.0.1", "glob-parent": "^5.0.0", - "globals": "^12.1.0", + "globals": "^13.6.0", "ignore": "^4.0.6", "import-fresh": "^3.0.0", "imurmurhash": "^0.1.4", @@ -2660,7 +2658,7 @@ "js-yaml": "^3.13.1", "json-stable-stringify-without-jsonify": "^1.0.1", "levn": "^0.4.1", - "lodash": "^4.17.20", + "lodash": "^4.17.21", "minimatch": "^3.0.4", "natural-compare": "^1.4.0", "optionator": "^0.9.1", @@ -2945,6 +2943,21 @@ "node": ">=8" } }, + "node_modules/eslint/node_modules/globals": { + "version": "13.7.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-13.7.0.tgz", + "integrity": "sha512-Aipsz6ZKRxa/xQkZhNg0qIWXT6x6rD46f6x/PCnBomlttdIyAPak4YD9jTmKpZ72uROSMU87qJtcgpgHaVchiA==", + "dev": true, + "dependencies": { + "type-fest": "^0.20.2" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/eslint/node_modules/strip-ansi": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", @@ -2957,6 +2970,18 @@ "node": ">=8" } }, + "node_modules/eslint/node_modules/type-fest": { + "version": "0.20.2", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", + "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==", + "dev": true, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/esm": { "version": "3.2.25", "resolved": "https://registry.npmjs.org/esm/-/esm-3.2.25.tgz", @@ -3763,9 +3788,9 @@ } }, "node_modules/hosted-git-info": { - "version": "3.0.8", - "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-3.0.8.tgz", - "integrity": "sha512-aXpmwoOhRBrw6X3j0h5RloK4x1OzsxMPyxqIHyNfSe2pypkVTZFpEiRoSipPEPlMrh0HW/XsjkJ5WgnCirpNUw==", + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-4.0.1.tgz", + "integrity": "sha512-eT7NrxAsppPRQEBSwKSosReE+v8OzABwEScQYk5d4uxaEPlzxTIku7LINXtBGalthkLhJnq5lBI89PfK43zAKg==", "inBundle": true, "dependencies": { "lru-cache": "^6.0.0" @@ -4569,9 +4594,9 @@ "inBundle": true }, "node_modules/jsdom": { - "version": "16.5.0", - "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-16.5.0.tgz", - "integrity": "sha512-QxZH0nmDTnTTVI0YDm4RUlaUPl5dcyn62G5TMDNfMmTW+J1u1v9gCR8WR+WZ6UghAa7nKJjDOFaI00eMMWvJFQ==", + "version": "16.5.1", + "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-16.5.1.tgz", + "integrity": "sha512-pF73EOsJgwZekbDHEY5VO/yKXUkab/DuvrQB/ANVizbr6UAHJsDdHXuotZYwkJSGQl1JM+ivXaqY+XBDDL4TiA==", "dev": true, "dependencies": { "abab": "^2.0.5", @@ -4892,14 +4917,14 @@ } }, "node_modules/libnpmversion": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/libnpmversion/-/libnpmversion-1.0.11.tgz", - "integrity": "sha512-HKbfJ0wwx+W9Br4bvbHUMN/YIe7B8qmFtdaLZnXEUozaaTD6gGpIEf1aH1xRlGfNPocT6YBz3O6+RAgSndAgbA==", + "version": "1.0.12", + "resolved": "https://registry.npmjs.org/libnpmversion/-/libnpmversion-1.0.12.tgz", + "integrity": "sha512-Z5L2+JXUHC4xH9VkN/3BiVflnMag2bH1Ijy8ISKFw8fBQv9IXNSQgZbzwtfo4VBg0y+ieaKYbzpfbgjfUr31mw==", "inBundle": true, "dependencies": { "@npmcli/git": "^2.0.6", "@npmcli/run-script": "^1.8.3", - "read-package-json-fast": "^2.0.1", + "json-parse-even-better-errors": "^2.3.1", "semver": "^7.3.4", "stringify-package": "^1.0.1" } @@ -4968,9 +4993,9 @@ } }, "node_modules/lodash": { - "version": "4.17.20", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz", - "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==", + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==", "dev": true }, "node_modules/lodash.flattendeep": { @@ -5481,20 +5506,32 @@ } }, "node_modules/normalize-package-data": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-3.0.0.tgz", - "integrity": "sha512-6lUjEI0d3v6kFrtgA/lOx4zHCWULXsFNIjHolnZCKCTLA6m/G625cdn3O7eNmT0iD3jfo6HZ9cdImGZwf21prw==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-3.0.2.tgz", + "integrity": "sha512-6CdZocmfGaKnIHPVFhJJZ3GuR8SsLKvDANFp47Jmy51aKIr8akjAWTSxtpI+MBgBFdSMRyo4hMpDlT6dTffgZg==", "inBundle": true, "dependencies": { - "hosted-git-info": "^3.0.6", - "resolve": "^1.17.0", - "semver": "^7.3.2", + "hosted-git-info": "^4.0.1", + "resolve": "^1.20.0", + "semver": "^7.3.4", "validate-npm-package-license": "^3.0.1" }, "engines": { "node": ">=10" } }, + "node_modules/normalize-package-data/node_modules/hosted-git-info": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-4.0.1.tgz", + "integrity": "sha512-eT7NrxAsppPRQEBSwKSosReE+v8OzABwEScQYk5d4uxaEPlzxTIku7LINXtBGalthkLhJnq5lBI89PfK43zAKg==", + "inBundle": true, + "dependencies": { + "lru-cache": "^6.0.0" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/normalize-path": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", @@ -5550,19 +5587,31 @@ "inBundle": true }, "node_modules/npm-package-arg": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-8.1.1.tgz", - "integrity": "sha512-CsP95FhWQDwNqiYS+Q0mZ7FAEDytDZAkNxQqea6IaAFJTAY9Lhhqyl0irU/6PMc7BGfUmnsbHcqxJD7XuVM/rg==", + "version": "8.1.2", + "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-8.1.2.tgz", + "integrity": "sha512-6Eem455JsSMJY6Kpd3EyWE+n5hC+g9bSyHr9K9U2zqZb7+02+hObQ2c0+8iDk/mNF+8r1MhY44WypKJAkySIYA==", "inBundle": true, "dependencies": { - "hosted-git-info": "^3.0.6", - "semver": "^7.0.0", + "hosted-git-info": "^4.0.1", + "semver": "^7.3.4", "validate-npm-package-name": "^3.0.0" }, "engines": { "node": ">=10" } }, + "node_modules/npm-package-arg/node_modules/hosted-git-info": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-4.0.1.tgz", + "integrity": "sha512-eT7NrxAsppPRQEBSwKSosReE+v8OzABwEScQYk5d4uxaEPlzxTIku7LINXtBGalthkLhJnq5lBI89PfK43zAKg==", + "inBundle": true, + "dependencies": { + "lru-cache": "^6.0.0" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/npm-packlist": { "version": "2.1.4", "resolved": "https://registry.npmjs.org/npm-packlist/-/npm-packlist-2.1.4.tgz", @@ -5582,14 +5631,15 @@ } }, "node_modules/npm-pick-manifest": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-6.1.0.tgz", - "integrity": "sha512-ygs4k6f54ZxJXrzT0x34NybRlLeZ4+6nECAIbr2i0foTnijtS1TJiyzpqtuUAJOps/hO0tNDr8fRV5g+BtRlTw==", + "version": "6.1.1", + "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-6.1.1.tgz", + "integrity": "sha512-dBsdBtORT84S8V8UTad1WlUyKIY9iMsAmqxHbLdeEeBNMLQDlDWWra3wYUx9EBEIiG/YwAy0XyNHDd2goAsfuA==", "inBundle": true, "dependencies": { "npm-install-checks": "^4.0.0", - "npm-package-arg": "^8.0.0", - "semver": "^7.0.0" + "npm-normalize-package-bin": "^1.0.1", + "npm-package-arg": "^8.1.2", + "semver": "^7.3.4" } }, "node_modules/npm-profile": { @@ -5989,9 +6039,9 @@ } }, "node_modules/pacote": { - "version": "11.3.0", - "resolved": "https://registry.npmjs.org/pacote/-/pacote-11.3.0.tgz", - "integrity": "sha512-cygprcGpEVqvDzpuPMkGVXW/ooc2ibpoosuJ4YHcUXozDs9VJP7Vha+41pYppG2MVNis4t1BB8IygIBh7vVr2Q==", + "version": "11.3.1", + "resolved": "https://registry.npmjs.org/pacote/-/pacote-11.3.1.tgz", + "integrity": "sha512-TymtwoAG12cczsJIrwI/euOQKtjrQHlD0k0oyt9QSmZGpqa+KdlxKdWR/YUjYizkixaVyztxt/Wsfo8bL3A6Fg==", "inBundle": true, "dependencies": { "@npmcli/git": "^2.0.1", @@ -6311,15 +6361,6 @@ "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", "inBundle": true }, - "node_modules/puka": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/puka/-/puka-1.0.1.tgz", - "integrity": "sha512-ssjRZxBd7BT3dte1RR3VoeT2cT/ODH8x+h0rUF1rMqB0srHYf48stSDWfiYakTp5UBZMxroZhB2+ExLDHm7W3g==", - "inBundle": true, - "engines": { - "node": ">=4" - } - }, "node_modules/pump": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", @@ -6944,9 +6985,9 @@ } }, "node_modules/semver": { - "version": "7.3.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.4.tgz", - "integrity": "sha512-tCfb2WLjqFAtXn4KEdxIhalnRtoKFN7nAwj0B3ZXCbQloV2tq5eDbcTmT68JJD3nRJq24/XgxtQKFIpQdtvmVw==", + "version": "7.3.5", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", + "integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", "inBundle": true, "dependencies": { "lru-cache": "^6.0.0" @@ -10335,9 +10376,9 @@ "inBundle": true }, "node_modules/yaml": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.0.tgz", - "integrity": "sha512-yr2icI4glYaNG+KWONODapy2/jDdMSDnrONSjblABjD9B4Z5LgiircSt8m8sRZFNi08kG9Sm0uSHtEmP3zaEGg==", + "version": "1.10.2", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", "dev": true, "engines": { "node": ">= 6" @@ -10961,9 +11002,9 @@ "dev": true }, "@npmcli/arborist": { - "version": "2.2.8", - "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.2.8.tgz", - "integrity": "sha512-Wct6W0oXYqc0SU3ad2zr3xIZ0+mOcBRO/hO4JpuYalKIwha+X6es8pj7iexZKLU7ichBSdkEqo+3dqeJg1+qVQ==", + "version": "2.2.9", + "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-2.2.9.tgz", + "integrity": "sha512-ddC/CCAEHh28XYtgSAOudchdphNXcgErdYxwsEiykc2YbRA9Z+4XjI0BdBdXvv22DvkpO7zotUSxlVTcJmdURw==", "requires": { "@npmcli/installed-package-contents": "^1.0.7", "@npmcli/map-workspaces": "^1.0.2", @@ -10988,7 +11029,7 @@ "promise-call-limit": "^1.0.1", "read-package-json-fast": "^2.0.2", "readdir-scoped-modules": "^1.1.0", - "semver": "^7.3.4", + "semver": "^7.3.5", "tar": "^6.1.0", "treeverse": "^1.0.4", "walk-up-path": "^1.0.0" @@ -11000,9 +11041,9 @@ "integrity": "sha512-oN3y7FAROHhrAt7Rr7PnTSwrHrZVRTS2ZbyxeQwSSYD0ifwM3YNgQqbaRmjcWoPyq77MjchusjJDspbzMmip1Q==" }, "@npmcli/config": { - "version": "1.2.9", - "resolved": "https://registry.npmjs.org/@npmcli/config/-/config-1.2.9.tgz", - "integrity": "sha512-d7mx35ju9HFg0gNHiwMU0HXCJk1esAeRdMktLeD+K2K2awkZyEm1FyX+g8iuZbmWGAaFP/aGiXo7a0lKlmp6Xg==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/config/-/config-2.0.0.tgz", + "integrity": "sha512-3OKVmO63FJRIrcsVI/njCC7QGKSfdCrIUUV+sP5ql8QdaPqXuaFCImqCYFDzGkcrP8PTOS3jbrRsU0Yzm04n3g==", "requires": { "ini": "^2.0.0", "mkdirp-infer-owner": "^2.0.0", @@ -11093,15 +11134,14 @@ } }, "@npmcli/run-script": { - "version": "1.8.3", - "resolved": "https://registry.npmjs.org/@npmcli/run-script/-/run-script-1.8.3.tgz", - "integrity": "sha512-ELPGWAVU/xyU+A+H3pEPj0QOvYwLTX71RArXcClFzeiyJ/b/McsZ+d0QxpznvfFtZzxGN/gz/1cvlqICR4/suQ==", + "version": "1.8.4", + "resolved": "https://registry.npmjs.org/@npmcli/run-script/-/run-script-1.8.4.tgz", + "integrity": "sha512-Yd9HXTtF1JGDXZw0+SOn+mWLYS0e7bHBHVC/2C8yqs4wUrs/k8rwBSinD7rfk+3WG/MFGRZKxjyoD34Pch2E/A==", "requires": { "@npmcli/node-gyp": "^1.0.2", "@npmcli/promise-spawn": "^1.3.2", "infer-owner": "^1.0.4", "node-gyp": "^7.1.0", - "puka": "^1.0.1", "read-package-json-fast": "^2.0.1" } }, @@ -11552,9 +11592,9 @@ "integrity": "sha512-crQdqyCwhokxwV1UyDzLZanhkugAgft7vt0qbbdt60C6Zf3CAiGmtUCylbtYwrU6loOUw3euGrNtW1J651ot1A==" }, "cacache": { - "version": "15.0.5", - "resolved": "https://registry.npmjs.org/cacache/-/cacache-15.0.5.tgz", - "integrity": "sha512-lloiL22n7sOjEEXdL8NAjTgv9a1u43xICE9/203qonkZUCj5X1UEWIdf2/Y0d6QcCtMzbKQyhrcDbdvlZTs/+A==", + "version": "15.0.6", + "resolved": "https://registry.npmjs.org/cacache/-/cacache-15.0.6.tgz", + "integrity": "sha512-g1WYDMct/jzW+JdWEyjaX2zoBkZ6ZT9VpOyp2I/VMtDsNLffNat3kqPFfi1eDRSK9/SuKGyORDHcQMcPF8sQ/w==", "requires": { "@npmcli/move-file": "^1.0.1", "chownr": "^2.0.0", @@ -11570,7 +11610,7 @@ "p-map": "^4.0.0", "promise-inflight": "^1.0.1", "rimraf": "^3.0.2", - "ssri": "^8.0.0", + "ssri": "^8.0.1", "tar": "^6.0.2", "unique-filename": "^1.1.1" } @@ -12330,9 +12370,9 @@ } }, "eslint": { - "version": "7.21.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-7.21.0.tgz", - "integrity": "sha512-W2aJbXpMNofUp0ztQaF40fveSsJBjlSCSWpy//gzfTvwC+USs/nceBrKmlJOiM8r1bLwP2EuYkCqArn/6QTIgg==", + "version": "7.22.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-7.22.0.tgz", + "integrity": "sha512-3VawOtjSJUQiiqac8MQc+w457iGLfuNGLFn8JmF051tTKbh5/x/0vlcEj8OgDCaw7Ysa2Jn8paGshV7x2abKXg==", "dev": true, "requires": { "@babel/code-frame": "7.12.11", @@ -12352,7 +12392,7 @@ "file-entry-cache": "^6.0.1", "functional-red-black-tree": "^1.0.1", "glob-parent": "^5.0.0", - "globals": "^12.1.0", + "globals": "^13.6.0", "ignore": "^4.0.6", "import-fresh": "^3.0.0", "imurmurhash": "^0.1.4", @@ -12360,7 +12400,7 @@ "js-yaml": "^3.13.1", "json-stable-stringify-without-jsonify": "^1.0.1", "levn": "^0.4.1", - "lodash": "^4.17.20", + "lodash": "^4.17.21", "minimatch": "^3.0.4", "natural-compare": "^1.4.0", "optionator": "^0.9.1", @@ -12389,6 +12429,15 @@ "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", "dev": true }, + "globals": { + "version": "13.7.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-13.7.0.tgz", + "integrity": "sha512-Aipsz6ZKRxa/xQkZhNg0qIWXT6x6rD46f6x/PCnBomlttdIyAPak4YD9jTmKpZ72uROSMU87qJtcgpgHaVchiA==", + "dev": true, + "requires": { + "type-fest": "^0.20.2" + } + }, "strip-ansi": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", @@ -12397,6 +12446,12 @@ "requires": { "ansi-regex": "^5.0.0" } + }, + "type-fest": { + "version": "0.20.2", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", + "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==", + "dev": true } } }, @@ -13198,9 +13253,9 @@ } }, "hosted-git-info": { - "version": "3.0.8", - "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-3.0.8.tgz", - "integrity": "sha512-aXpmwoOhRBrw6X3j0h5RloK4x1OzsxMPyxqIHyNfSe2pypkVTZFpEiRoSipPEPlMrh0HW/XsjkJ5WgnCirpNUw==", + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-4.0.1.tgz", + "integrity": "sha512-eT7NrxAsppPRQEBSwKSosReE+v8OzABwEScQYk5d4uxaEPlzxTIku7LINXtBGalthkLhJnq5lBI89PfK43zAKg==", "requires": { "lru-cache": "^6.0.0" } @@ -13764,9 +13819,9 @@ "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" }, "jsdom": { - "version": "16.5.0", - "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-16.5.0.tgz", - "integrity": "sha512-QxZH0nmDTnTTVI0YDm4RUlaUPl5dcyn62G5TMDNfMmTW+J1u1v9gCR8WR+WZ6UghAa7nKJjDOFaI00eMMWvJFQ==", + "version": "16.5.1", + "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-16.5.1.tgz", + "integrity": "sha512-pF73EOsJgwZekbDHEY5VO/yKXUkab/DuvrQB/ANVizbr6UAHJsDdHXuotZYwkJSGQl1JM+ivXaqY+XBDDL4TiA==", "dev": true, "requires": { "abab": "^2.0.5", @@ -14002,13 +14057,13 @@ } }, "libnpmversion": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/libnpmversion/-/libnpmversion-1.0.11.tgz", - "integrity": "sha512-HKbfJ0wwx+W9Br4bvbHUMN/YIe7B8qmFtdaLZnXEUozaaTD6gGpIEf1aH1xRlGfNPocT6YBz3O6+RAgSndAgbA==", + "version": "1.0.12", + "resolved": "https://registry.npmjs.org/libnpmversion/-/libnpmversion-1.0.12.tgz", + "integrity": "sha512-Z5L2+JXUHC4xH9VkN/3BiVflnMag2bH1Ijy8ISKFw8fBQv9IXNSQgZbzwtfo4VBg0y+ieaKYbzpfbgjfUr31mw==", "requires": { "@npmcli/git": "^2.0.6", "@npmcli/run-script": "^1.8.3", - "read-package-json-fast": "^2.0.1", + "json-parse-even-better-errors": "^2.3.1", "semver": "^7.3.4", "stringify-package": "^1.0.1" } @@ -14067,9 +14122,9 @@ } }, "lodash": { - "version": "4.17.20", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz", - "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==", + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==", "dev": true }, "lodash.flattendeep": { @@ -14452,14 +14507,24 @@ } }, "normalize-package-data": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-3.0.0.tgz", - "integrity": "sha512-6lUjEI0d3v6kFrtgA/lOx4zHCWULXsFNIjHolnZCKCTLA6m/G625cdn3O7eNmT0iD3jfo6HZ9cdImGZwf21prw==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-3.0.2.tgz", + "integrity": "sha512-6CdZocmfGaKnIHPVFhJJZ3GuR8SsLKvDANFp47Jmy51aKIr8akjAWTSxtpI+MBgBFdSMRyo4hMpDlT6dTffgZg==", "requires": { - "hosted-git-info": "^3.0.6", - "resolve": "^1.17.0", - "semver": "^7.3.2", + "hosted-git-info": "^4.0.1", + "resolve": "^1.20.0", + "semver": "^7.3.4", "validate-npm-package-license": "^3.0.1" + }, + "dependencies": { + "hosted-git-info": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-4.0.1.tgz", + "integrity": "sha512-eT7NrxAsppPRQEBSwKSosReE+v8OzABwEScQYk5d4uxaEPlzxTIku7LINXtBGalthkLhJnq5lBI89PfK43zAKg==", + "requires": { + "lru-cache": "^6.0.0" + } + } } }, "normalize-path": { @@ -14504,13 +14569,23 @@ "integrity": "sha512-EPfafl6JL5/rU+ot6P3gRSCpPDW5VmIzX959Ob1+ySFUuuYHWHekXpwdUZcKP5C+DS4GEtdJluwBjnsNDl+fSA==" }, "npm-package-arg": { - "version": "8.1.1", - "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-8.1.1.tgz", - "integrity": "sha512-CsP95FhWQDwNqiYS+Q0mZ7FAEDytDZAkNxQqea6IaAFJTAY9Lhhqyl0irU/6PMc7BGfUmnsbHcqxJD7XuVM/rg==", + "version": "8.1.2", + "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-8.1.2.tgz", + "integrity": "sha512-6Eem455JsSMJY6Kpd3EyWE+n5hC+g9bSyHr9K9U2zqZb7+02+hObQ2c0+8iDk/mNF+8r1MhY44WypKJAkySIYA==", "requires": { - "hosted-git-info": "^3.0.6", - "semver": "^7.0.0", + "hosted-git-info": "^4.0.1", + "semver": "^7.3.4", "validate-npm-package-name": "^3.0.0" + }, + "dependencies": { + "hosted-git-info": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-4.0.1.tgz", + "integrity": "sha512-eT7NrxAsppPRQEBSwKSosReE+v8OzABwEScQYk5d4uxaEPlzxTIku7LINXtBGalthkLhJnq5lBI89PfK43zAKg==", + "requires": { + "lru-cache": "^6.0.0" + } + } } }, "npm-packlist": { @@ -14525,13 +14600,14 @@ } }, "npm-pick-manifest": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-6.1.0.tgz", - "integrity": "sha512-ygs4k6f54ZxJXrzT0x34NybRlLeZ4+6nECAIbr2i0foTnijtS1TJiyzpqtuUAJOps/hO0tNDr8fRV5g+BtRlTw==", + "version": "6.1.1", + "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-6.1.1.tgz", + "integrity": "sha512-dBsdBtORT84S8V8UTad1WlUyKIY9iMsAmqxHbLdeEeBNMLQDlDWWra3wYUx9EBEIiG/YwAy0XyNHDd2goAsfuA==", "requires": { "npm-install-checks": "^4.0.0", - "npm-package-arg": "^8.0.0", - "semver": "^7.0.0" + "npm-normalize-package-bin": "^1.0.1", + "npm-package-arg": "^8.1.2", + "semver": "^7.3.4" } }, "npm-profile": { @@ -14827,9 +14903,9 @@ } }, "pacote": { - "version": "11.3.0", - "resolved": "https://registry.npmjs.org/pacote/-/pacote-11.3.0.tgz", - "integrity": "sha512-cygprcGpEVqvDzpuPMkGVXW/ooc2ibpoosuJ4YHcUXozDs9VJP7Vha+41pYppG2MVNis4t1BB8IygIBh7vVr2Q==", + "version": "11.3.1", + "resolved": "https://registry.npmjs.org/pacote/-/pacote-11.3.1.tgz", + "integrity": "sha512-TymtwoAG12cczsJIrwI/euOQKtjrQHlD0k0oyt9QSmZGpqa+KdlxKdWR/YUjYizkixaVyztxt/Wsfo8bL3A6Fg==", "requires": { "@npmcli/git": "^2.0.1", "@npmcli/installed-package-contents": "^1.0.6", @@ -15069,11 +15145,6 @@ "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" }, - "puka": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/puka/-/puka-1.0.1.tgz", - "integrity": "sha512-ssjRZxBd7BT3dte1RR3VoeT2cT/ODH8x+h0rUF1rMqB0srHYf48stSDWfiYakTp5UBZMxroZhB2+ExLDHm7W3g==" - }, "pump": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", @@ -15549,9 +15620,9 @@ } }, "semver": { - "version": "7.3.4", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.4.tgz", - "integrity": "sha512-tCfb2WLjqFAtXn4KEdxIhalnRtoKFN7nAwj0B3ZXCbQloV2tq5eDbcTmT68JJD3nRJq24/XgxtQKFIpQdtvmVw==", + "version": "7.3.5", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", + "integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", "requires": { "lru-cache": "^6.0.0" } @@ -17991,9 +18062,9 @@ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "yaml": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.0.tgz", - "integrity": "sha512-yr2icI4glYaNG+KWONODapy2/jDdMSDnrONSjblABjD9B4Z5LgiircSt8m8sRZFNi08kG9Sm0uSHtEmP3zaEGg==", + "version": "1.10.2", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "integrity": "sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==", "dev": true }, "yapool": { diff --git a/package.json b/package.json index afd3b36cb08f7..c4b10a831b610 100644 --- a/package.json +++ b/package.json @@ -1,5 +1,5 @@ { - "version": "7.6.3", + "version": "7.7.0", "name": "npm", "description": "a package manager for JavaScript", "keywords": [ @@ -42,16 +42,16 @@ "./package.json": "./package.json" }, "dependencies": { - "@npmcli/arborist": "^2.2.8", + "@npmcli/arborist": "^2.2.9", "@npmcli/ci-detect": "^1.2.0", - "@npmcli/config": "^1.2.9", - "@npmcli/run-script": "^1.8.3", + "@npmcli/config": "^2.0.0", + "@npmcli/run-script": "^1.8.4", "abbrev": "~1.1.1", "ansicolors": "~0.3.2", "ansistyles": "~0.1.3", "archy": "~1.0.0", "byte-size": "^7.0.1", - "cacache": "^15.0.5", + "cacache": "^15.0.6", "chalk": "^4.1.0", "chownr": "^2.0.0", "cli-columns": "^3.1.2", @@ -59,7 +59,7 @@ "columnify": "~1.5.4", "glob": "^7.1.4", "graceful-fs": "^4.2.6", - "hosted-git-info": "^3.0.8", + "hosted-git-info": "^4.0.1", "ini": "^2.0.0", "init-package-json": "^2.0.2", "is-cidr": "^4.0.2", @@ -74,7 +74,7 @@ "libnpmpublish": "^4.0.0", "libnpmsearch": "^3.1.0", "libnpmteam": "^2.0.2", - "libnpmversion": "^1.0.11", + "libnpmversion": "^1.0.12", "make-fetch-happen": "^8.0.14", "minipass": "^3.1.3", "minipass-pipeline": "^1.2.4", @@ -84,14 +84,14 @@ "node-gyp": "^7.1.2", "nopt": "^5.0.0", "npm-audit-report": "^2.1.4", - "npm-package-arg": "^8.1.1", - "npm-pick-manifest": "^6.1.0", + "npm-package-arg": "^8.1.2", + "npm-pick-manifest": "^6.1.1", "npm-profile": "^5.0.2", "npm-registry-fetch": "^9.0.0", "npm-user-validate": "^1.0.1", "npmlog": "~4.1.2", "opener": "^1.5.2", - "pacote": "^11.3.0", + "pacote": "^11.3.1", "parse-conflict-json": "^1.1.1", "qrcode-terminal": "^0.12.0", "read": "~1.0.7", @@ -99,7 +99,7 @@ "read-package-json-fast": "^2.0.2", "readdir-scoped-modules": "^1.1.0", "rimraf": "^3.0.2", - "semver": "^7.3.4", + "semver": "^7.3.5", "ssri": "^8.0.1", "tar": "^6.1.0", "text-table": "~0.2.0", @@ -180,17 +180,17 @@ "devDependencies": { "@mdx-js/mdx": "^1.6.22", "cmark-gfm": "^0.8.5", - "eslint": "^7.21.0", + "eslint": "^7.22.0", "eslint-plugin-import": "^2.22.1", "eslint-plugin-node": "^11.1.0", "eslint-plugin-promise": "^4.3.1", "eslint-plugin-standard": "^5.0.0", - "jsdom": "^16.4.0", + "jsdom": "^16.5.1", "licensee": "^8.1.0", "marked-man": "^0.7.0", "require-inject": "^1.4.4", "tap": "^14.11.0", - "yaml": "^1.10.0" + "yaml": "^1.10.2" }, "scripts": { "dumpconf": "env | grep npm | sort | uniq", diff --git a/scripts/config-doc.js b/scripts/config-doc.js new file mode 100644 index 0000000000000..9bb4628898028 --- /dev/null +++ b/scripts/config-doc.js @@ -0,0 +1,50 @@ +const { shorthands, describeAll } = require('../lib/utils/config/index.js') +const { writeFileSync, readFileSync } = require('fs') +const { resolve } = require('path') +const configDoc = resolve(__dirname, '../docs/content/using-npm/config.md') + +const addBetweenTags = (doc, startTag, endTag, body) => { + const startSplit = doc.split(startTag) + if (startSplit.length !== 2) + throw new Error('Did not find exactly one start tag') + + const endSplit = startSplit[1].split(endTag) + if (endSplit.length !== 2) + throw new Error('Did not find exactly one end tag') + + return [ + startSplit[0], + startTag, + '\n\n', + body, + '\n\n', + endTag, + endSplit[1], + ].join('') +} + +const addDescriptions = doc => { + const startTag = '' + const endTag = '' + return addBetweenTags(doc, startTag, endTag, describeAll()) +} + +const addShorthands = doc => { + const startTag = '' + const endTag = '' + const body = Object.entries(shorthands) + .sort(([shorta, expansiona], [shortb, expansionb]) => { + // sort by what they're short FOR + return expansiona.join(' ').localeCompare(expansionb.join(' ')) || + shorta.localeCompare(shortb) + }) + .map(([short, expansion]) => { + const dash = short.length === 1 ? '-' : '--' + return `* \`${dash}${short}\`: \`${expansion.join(' ')}\`` + }).join('\n') + return addBetweenTags(doc, startTag, endTag, body) +} + +const doc = readFileSync(configDoc, 'utf8') +writeFileSync(configDoc, addDescriptions(addShorthands(doc))) +console.log(`updated docs/content/using-npm/config.md`) diff --git a/tap-snapshots/test-lib-dist-tag.js-TAP.test.js b/tap-snapshots/test-lib-dist-tag.js-TAP.test.js index 89a87ae64e137..06936795bcf03 100644 --- a/tap-snapshots/test-lib-dist-tag.js-TAP.test.js +++ b/tap-snapshots/test-lib-dist-tag.js-TAP.test.js @@ -8,6 +8,8 @@ exports[`test/lib/dist-tag.js TAP add missing args > should exit usage error message 1`] = ` npm dist-tag +Modify package distribution tags + Usage: npm dist-tag add @ [] npm dist-tag rm @@ -21,6 +23,8 @@ Run "npm help dist-tag" for more info exports[`test/lib/dist-tag.js TAP add missing pkg name > should exit usage error message 1`] = ` npm dist-tag +Modify package distribution tags + Usage: npm dist-tag add @ [] npm dist-tag rm @@ -43,6 +47,8 @@ dist-tag add 1.0.0 to @scoped/another@7.7.7 exports[`test/lib/dist-tag.js TAP borked cmd usage > should show usage error 1`] = ` npm dist-tag +Modify package distribution tags + Usage: npm dist-tag add @ [] npm dist-tag rm @@ -62,6 +68,8 @@ latest: 1.0.0 exports[`test/lib/dist-tag.js TAP ls on missing name in current package > should throw usage error message 1`] = ` npm dist-tag +Modify package distribution tags + Usage: npm dist-tag add @ [] npm dist-tag rm @@ -111,6 +119,8 @@ exports[`test/lib/dist-tag.js TAP remove existing tag > should return success ms exports[`test/lib/dist-tag.js TAP remove missing pkg name > should exit usage error message 1`] = ` npm dist-tag +Modify package distribution tags + Usage: npm dist-tag add @ [] npm dist-tag rm diff --git a/tap-snapshots/test-lib-publish.js-TAP.test.js b/tap-snapshots/test-lib-publish.js-TAP.test.js index 97ce7a7733384..172ed5b29f478 100644 --- a/tap-snapshots/test-lib-publish.js-TAP.test.js +++ b/tap-snapshots/test-lib-publish.js-TAP.test.js @@ -8,8 +8,13 @@ exports[`test/lib/publish.js TAP shows usage with wrong set of arguments > should print usage 1`] = ` npm publish +Publish a package + Usage: -npm publish [] [--tag ] [--access ] [--dry-run] +npm publish [] + +Options: +[--tag ] [--access ] [--dry-run] Run "npm help publish" for more info ` diff --git a/tap-snapshots/test-lib-utils-config-definition.js-TAP.test.js b/tap-snapshots/test-lib-utils-config-definition.js-TAP.test.js new file mode 100644 index 0000000000000..ad506ae8e3585 --- /dev/null +++ b/tap-snapshots/test-lib-utils-config-definition.js-TAP.test.js @@ -0,0 +1,264 @@ +/* IMPORTANT + * This snapshot file is auto-generated, but designed for humans. + * It should be checked into source control and tracked carefully. + * Re-generate by setting TAP_SNAPSHOT=1 and running tests. + * Make sure to inspect the output below. Do not ignore changes! + */ +'use strict' +exports[`test/lib/utils/config/definition.js TAP basic definition > description of deprecated thing 1`] = ` +#### \`deprecated\` + +* Default: A number bigger than 1 +* Type: An expression of a numeric quantity using numerals +* DEPRECATED: do not use this + +it should not be used ever + +not even once. +` + +exports[`test/lib/utils/config/definition.js TAP basic definition > human-readable description 1`] = ` +#### \`key\` + +* Default: "some default value" +* Type: Number or String + +just a test thingie +` + +exports[`test/lib/utils/config/definition.js TAP long description > cols=-1 1`] = ` +#### \`walden\` + +* Default: true +* Type: Boolean + +WHEN I WROTE the +following pages, +or rather the +bulk of them, I +lived alone, in +the woods, a +mile from any +neighbor, in a +house which I +had built +myself, on the +shore of Walden +Pond, in +Concord, +Massachusetts, +and earned my +living by the +labor of my +hands only. I +lived there two +years and two +months. At +present I am a +sojourner in +civilized life +again. + +I should not +obtrude my +affairs so much +on the notice of +my readers if +very particular +inquiries had +not been made by +my townsmen +concerning my +mode of life, +which some would +call +impertinent, +though they do +not appear to me +at all +impertinent, +but, considering +the +circumstances, +very natural and +pertinent. + +\`\`\` +this.is('a', { + code: 'sample', +}) + +with (multiple) { + blocks() +} +\`\`\` + +` + +exports[`test/lib/utils/config/definition.js TAP long description > cols=0 1`] = ` +#### \`walden\` + +* Default: true +* Type: Boolean + +WHEN I WROTE the +following pages, +or rather the +bulk of them, I +lived alone, in +the woods, a +mile from any +neighbor, in a +house which I +had built +myself, on the +shore of Walden +Pond, in +Concord, +Massachusetts, +and earned my +living by the +labor of my +hands only. I +lived there two +years and two +months. At +present I am a +sojourner in +civilized life +again. + +I should not +obtrude my +affairs so much +on the notice of +my readers if +very particular +inquiries had +not been made by +my townsmen +concerning my +mode of life, +which some would +call +impertinent, +though they do +not appear to me +at all +impertinent, +but, considering +the +circumstances, +very natural and +pertinent. + +\`\`\` +this.is('a', { + code: 'sample', +}) + +with (multiple) { + blocks() +} +\`\`\` + +` + +exports[`test/lib/utils/config/definition.js TAP long description > cols=40 1`] = ` +#### \`walden\` + +* Default: true +* Type: Boolean + +WHEN I WROTE the following pages, or +rather the bulk of them, I lived +alone, in the woods, a mile from any +neighbor, in a house which I had +built myself, on the shore of Walden +Pond, in Concord, Massachusetts, and +earned my living by the labor of my +hands only. I lived there two years +and two months. At present I am a +sojourner in civilized life again. + +I should not obtrude my affairs so +much on the notice of my readers if +very particular inquiries had not +been made by my townsmen concerning +my mode of life, which some would +call impertinent, though they do not +appear to me at all impertinent, +but, considering the circumstances, +very natural and pertinent. + +\`\`\` +this.is('a', { + code: 'sample', +}) + +with (multiple) { + blocks() +} +\`\`\` + +` + +exports[`test/lib/utils/config/definition.js TAP long description > cols=9000 1`] = ` +#### \`walden\` + +* Default: true +* Type: Boolean + +WHEN I WROTE the following pages, or rather the bulk of them, I lived alone, +in the woods, a mile from any neighbor, in a house which I had built myself, +on the shore of Walden Pond, in Concord, Massachusetts, and earned my living +by the labor of my hands only. I lived there two years and two months. At +present I am a sojourner in civilized life again. + +I should not obtrude my affairs so much on the notice of my readers if very +particular inquiries had not been made by my townsmen concerning my mode of +life, which some would call impertinent, though they do not appear to me at +all impertinent, but, considering the circumstances, very natural and +pertinent. + +\`\`\` +this.is('a', { + code: 'sample', +}) + +with (multiple) { + blocks() +} +\`\`\` + +` + +exports[`test/lib/utils/config/definition.js TAP long description > cols=NaN 1`] = ` +#### \`walden\` + +* Default: true +* Type: Boolean + +WHEN I WROTE the following pages, or rather the bulk of them, I lived alone, +in the woods, a mile from any neighbor, in a house which I had built myself, +on the shore of Walden Pond, in Concord, Massachusetts, and earned my living +by the labor of my hands only. I lived there two years and two months. At +present I am a sojourner in civilized life again. + +I should not obtrude my affairs so much on the notice of my readers if very +particular inquiries had not been made by my townsmen concerning my mode of +life, which some would call impertinent, though they do not appear to me at +all impertinent, but, considering the circumstances, very natural and +pertinent. + +\`\`\` +this.is('a', { + code: 'sample', +}) + +with (multiple) { + blocks() +} +\`\`\` + +` diff --git a/tap-snapshots/test-lib-utils-config-definitions.js-TAP.test.js b/tap-snapshots/test-lib-utils-config-definitions.js-TAP.test.js new file mode 100644 index 0000000000000..2ed810da8a284 --- /dev/null +++ b/tap-snapshots/test-lib-utils-config-definitions.js-TAP.test.js @@ -0,0 +1,156 @@ +/* IMPORTANT + * This snapshot file is auto-generated, but designed for humans. + * It should be checked into source control and tracked carefully. + * Re-generate by setting TAP_SNAPSHOT=1 and running tests. + * Make sure to inspect the output below. Do not ignore changes! + */ +'use strict' +exports[`test/lib/utils/config/definitions.js TAP > all config keys 1`] = ` +Array [ + "_auth", + "access", + "all", + "allow-same-version", + "also", + "always-auth", + "audit", + "audit-level", + "auth-type", + "before", + "bin-links", + "browser", + "ca", + "cache", + "cache-max", + "cache-min", + "cafile", + "call", + "cert", + "ci-name", + "cidr", + "color", + "commit-hooks", + "depth", + "description", + "diff", + "diff-ignore-all-space", + "diff-name-only", + "diff-no-prefix", + "diff-dst-prefix", + "diff-src-prefix", + "diff-text", + "diff-unified", + "dry-run", + "editor", + "engine-strict", + "fetch-retries", + "fetch-retry-factor", + "fetch-retry-maxtimeout", + "fetch-retry-mintimeout", + "fetch-timeout", + "force", + "foreground-scripts", + "format-package-lock", + "fund", + "git", + "git-tag-version", + "global", + "global-style", + "globalconfig", + "heading", + "https-proxy", + "if-present", + "ignore-scripts", + "include", + "include-staged", + "init-author-email", + "init-author-name", + "init-author-url", + "init-license", + "init-module", + "init-version", + "init.author.email", + "init.author.name", + "init.author.url", + "init.license", + "init.module", + "init.version", + "json", + "key", + "legacy-bundling", + "legacy-peer-deps", + "link", + "local-address", + "loglevel", + "logs-max", + "long", + "maxsockets", + "message", + "node-options", + "node-version", + "noproxy", + "npm-version", + "offline", + "omit", + "only", + "optional", + "otp", + "package", + "package-lock", + "package-lock-only", + "parseable", + "prefer-offline", + "prefer-online", + "prefix", + "preid", + "production", + "progress", + "proxy", + "read-only", + "rebuild-bundle", + "registry", + "save", + "save-bundle", + "save-dev", + "save-exact", + "save-optional", + "save-peer", + "save-prefix", + "save-prod", + "scope", + "script-shell", + "searchexclude", + "searchlimit", + "searchopts", + "searchstaleness", + "shell", + "shrinkwrap", + "sign-git-commit", + "sign-git-tag", + "sso-poll-frequency", + "sso-type", + "strict-peer-deps", + "strict-ssl", + "tag", + "tag-version-prefix", + "timing", + "tmp", + "umask", + "unicode", + "update-notifier", + "usage", + "user-agent", + "userconfig", + "version", + "versions", + "viewer", + "which", + "workspace", + "workspaces", + "yes", +] +` + +exports[`test/lib/utils/config/definitions.js TAP > all config keys that are shared to flatOptions 1`] = ` +Array [] +` diff --git a/tap-snapshots/test-lib-utils-config-describe-all.js-TAP.test.js b/tap-snapshots/test-lib-utils-config-describe-all.js-TAP.test.js new file mode 100644 index 0000000000000..8323e793e075f --- /dev/null +++ b/tap-snapshots/test-lib-utils-config-describe-all.js-TAP.test.js @@ -0,0 +1,1377 @@ +/* IMPORTANT + * This snapshot file is auto-generated, but designed for humans. + * It should be checked into source control and tracked carefully. + * Re-generate by setting TAP_SNAPSHOT=1 and running tests. + * Make sure to inspect the output below. Do not ignore changes! + */ +'use strict' +exports[`test/lib/utils/config/describe-all.js TAP > must match snapshot 1`] = ` +#### \`_auth\` + +* Default: null +* Type: null or String + +A basic-auth string to use when authenticating against the npm registry. + +Warning: This should generally not be set via a command-line option. It is +safer to use a registry-provided authentication bearer token stored in the +~/.npmrc file by running \`npm login\`. + +#### \`access\` + +* Default: 'restricted' for scoped packages, 'public' for unscoped packages +* Type: null, "restricted", or "public" + +When publishing scoped packages, the access level defaults to \`restricted\`. +If you want your scoped package to be publicly viewable (and installable) +set \`--access=public\`. The only valid values for \`access\` are \`public\` and +\`restricted\`. Unscoped packages _always_ have an access level of \`public\`. + +#### \`all\` + +* Default: false +* Type: Boolean + +When running \`npm outdated\` and \`npm ls\`, setting \`--all\` will show all +outdated or installed packages, rather than only those directly depended +upon by the current project. + +#### \`allow-same-version\` + +* Default: false +* Type: Boolean + +Prevents throwing an error when \`npm version\` is used to set the new version +to the same value as the current version. + +#### \`always-auth\` + +* Default: false +* Type: Boolean + +Force npm to always require authentication when accessing the registry, even +for \`GET\` requests. + +#### \`audit\` + +* Default: true +* Type: Boolean + +When "true" submit audit reports alongside \`npm install\` runs to the default +registry and all registries configured for scopes. See the documentation for +[\`npm audit\`](/commands/npm-audit) for details on what is submitted. + +#### \`audit-level\` + +* Default: null +* Type: "low", "moderate", "high", "critical", "none", or null + +The minimum level of vulnerability for \`npm audit\` to exit with a non-zero +exit code. + +#### \`before\` + +* Default: null +* Type: null or Date + +If passed to \`npm install\`, will rebuild the npm tree such that only +versions that were available **on or before** the \`--before\` time get +installed. If there's no versions available for the current set of direct +dependencies, the command will error. + +If the requested version is a \`dist-tag\` and the given tag does not pass the +\`--before\` filter, the most recent version less than or equal to that tag +will be used. For example, \`foo@latest\` might install \`foo@1.2\` even though +\`latest\` is \`2.0\`. + +#### \`bin-links\` + +* Default: true +* Type: Boolean + +Tells npm to create symlinks (or \`.cmd\` shims on Windows) for package +executables. + +Set to false to have it not do this. This can be used to work around the +fact that some file systems don't support symlinks, even on ostensibly Unix +systems. + +#### \`browser\` + +* Default: OS X: \`"open"\`, Windows: \`"start"\`, Others: \`"xdg-open"\` +* Type: null, Boolean, or String + +The browser that is called by npm commands to open websites. + +Set to \`false\` to suppress browser behavior and instead print urls to +terminal. + +Set to \`true\` to use default system URL opener. + +#### \`ca\` + +* Default: null +* Type: null or String (can be set multiple times) + +The Certificate Authority signing certificate that is trusted for SSL +connections to the registry. Values should be in PEM format (Windows calls +it "Base-64 encoded X.509 (.CER)") with newlines replaced by the string +"\\n". For example: + +\`\`\`ini +ca="-----BEGIN CERTIFICATE-----\\nXXXX\\nXXXX\\n-----END CERTIFICATE-----" +\`\`\` + +Set to \`null\` to only allow "known" registrars, or to a specific CA cert to +trust only that specific signing authority. + +Multiple CAs can be trusted by specifying an array of certificates: + +\`\`\`ini +ca[]="..." +ca[]="..." +\`\`\` + +See also the \`strict-ssl\` config. + +#### \`cache\` + +* Default: Windows: \`%LocalAppData%\\npm-cache\`, Posix: \`~/.npm\` +* Type: Path + +The location of npm's cache directory. See [\`npm +cache\`](/commands/npm-cache) + +#### \`cafile\` + +* Default: null +* Type: Path + +A path to a file containing one or multiple Certificate Authority signing +certificates. Similar to the \`ca\` setting, but allows for multiple CA's, as +well as for the CA information to be stored in a file on disk. + +#### \`call\` + +* Default: "" +* Type: String + +Optional companion option for \`npm exec\`, \`npx\` that allows for specifying a +custom command to be run along with the installed packages. + +\`\`\`bash +npm exec --package yo --package generator-node --call "yo node" +\`\`\` + + +#### \`cert\` + +* Default: null +* Type: null or String + +A client certificate to pass when accessing the registry. Values should be +in PEM format (Windows calls it "Base-64 encoded X.509 (.CER)") with +newlines replaced by the string "\\n". For example: + +\`\`\`ini +cert="-----BEGIN CERTIFICATE-----\\nXXXX\\nXXXX\\n-----END CERTIFICATE-----" +\`\`\` + +It is _not_ the path to a certificate file (and there is no "certfile" +option). + +#### \`ci-name\` + +* Default: The name of the current CI system, or \`null\` when not on a known CI + platform. +* Type: null or String + +The name of a continuous integration system. If not set explicitly, npm will +detect the current CI environment using the +[\`@npmcli/ci-detect\`](http://npm.im/@npmcli/ci-detect) module. + +#### \`cidr\` + +* Default: null +* Type: null or String (can be set multiple times) + +This is a list of CIDR address to be used when configuring limited access +tokens with the \`npm token create\` command. + +#### \`color\` + +* Default: true unless the NO_COLOR environ is set to something other than '0' +* Type: "always" or Boolean + +If false, never shows colors. If \`"always"\` then always shows colors. If +true, then only prints color codes for tty file descriptors. + +#### \`commit-hooks\` + +* Default: true +* Type: Boolean + +Run git commit hooks when using the \`npm version\` command. + +#### \`depth\` + +* Default: \`Infinity\` if \`--all\` is set, otherwise \`1\` +* Type: null or Number + +The depth to go when recursing packages for \`npm ls\`. + +If not set, \`npm ls\` will show only the immediate dependencies of the root +project. If \`--all\` is set, then npm will show all dependencies by default. + +#### \`description\` + +* Default: true +* Type: Boolean + +Show the description in \`npm search\` + +#### \`diff\` + +* Default: +* Type: String (can be set multiple times) + +Define arguments to compare in \`npm diff\`. + +#### \`diff-dst-prefix\` + +* Default: "b/" +* Type: String + +Destination prefix to be used in \`npm diff\` output. + +#### \`diff-ignore-all-space\` + +* Default: false +* Type: Boolean + +Ignore whitespace when comparing lines in \`npm diff\`. + +#### \`diff-name-only\` + +* Default: false +* Type: Boolean + +Prints only filenames when using \`npm diff\`. + +#### \`diff-no-prefix\` + +* Default: false +* Type: Boolean + +Do not show any source or destination prefix in \`npm diff\` output. + +Note: this causes \`npm diff\` to ignore the \`--diff-src-prefix\` and +\`--diff-dst-prefix\` configs. + +#### \`diff-src-prefix\` + +* Default: "a/" +* Type: String + +Source prefix to be used in \`npm diff\` output. + +#### \`diff-text\` + +* Default: false +* Type: Boolean + +Treat all files as text in \`npm diff\`. + +#### \`diff-unified\` + +* Default: 3 +* Type: Number + +The number of lines of context to print in \`npm diff\`. + +#### \`dry-run\` + +* Default: false +* Type: Boolean + +Indicates that you don't want npm to make any changes and that it should +only report what it would have done. This can be passed into any of the +commands that modify your local installation, eg, \`install\`, \`update\`, +\`dedupe\`, \`uninstall\`, as well as \`pack\` and \`publish\`. + +Note: This is NOT honored by other network related commands, eg \`dist-tags\`, +\`owner\`, etc. + +#### \`editor\` + +* Default: The EDITOR or VISUAL environment variables, or 'notepad.exe' on + Windows, or 'vim' on Unix systems +* Type: String + +The command to run for \`npm edit\` and \`npm config edit\`. + +#### \`engine-strict\` + +* Default: false +* Type: Boolean + +If set to true, then npm will stubbornly refuse to install (or even consider +installing) any package that claims to not be compatible with the current +Node.js version. + +This can be overridden by setting the \`--force\` flag. + +#### \`fetch-retries\` + +* Default: 2 +* Type: Number + +The "retries" config for the \`retry\` module to use when fetching packages +from the registry. + +npm will retry idempotent read requests to the registry in the case of +network failures or 5xx HTTP errors. + +#### \`fetch-retry-factor\` + +* Default: 10 +* Type: Number + +The "factor" config for the \`retry\` module to use when fetching packages. + +#### \`fetch-retry-maxtimeout\` + +* Default: 60000 (1 minute) +* Type: Number + +The "maxTimeout" config for the \`retry\` module to use when fetching +packages. + +#### \`fetch-retry-mintimeout\` + +* Default: 10000 (10 seconds) +* Type: Number + +The "minTimeout" config for the \`retry\` module to use when fetching +packages. + +#### \`fetch-timeout\` + +* Default: 300000 (5 minutes) +* Type: Number + +The maximum amount of time to wait for HTTP requests to complete. + +#### \`force\` + +* Default: false +* Type: Boolean + +Removes various protections against unfortunate side effects, common +mistakes, unnecessary performance degradation, and malicious input. + +* Allow clobbering non-npm files in global installs. +* Allow the \`npm version\` command to work on an unclean git repository. +* Allow deleting the cache folder with \`npm cache clean\`. +* Allow installing packages that have an \`engines\` declaration requiring a + different version of npm. +* Allow installing packages that have an \`engines\` declaration requiring a + different version of \`node\`, even if \`--engine-strict\` is enabled. +* Allow \`npm audit fix\` to install modules outside your stated dependency + range (including SemVer-major changes). +* Allow unpublishing all versions of a published package. +* Allow conflicting peerDependencies to be installed in the root project. + +If you don't have a clear idea of what you want to do, it is strongly +recommended that you do not use this option! + +#### \`foreground-scripts\` + +* Default: false +* Type: Boolean + +Run all build scripts (ie, \`preinstall\`, \`install\`, and \`postinstall\`) +scripts for installed packages in the foreground process, sharing standard +input, output, and error with the main npm process. + +Note that this will generally make installs run slower, and be much noisier, +but can be useful for debugging. + +#### \`format-package-lock\` + +* Default: true +* Type: Boolean + +Format \`package-lock.json\` or \`npm-shrinkwrap.json\` as a human readable +file. + +#### \`fund\` + +* Default: true +* Type: Boolean + +When "true" displays the message at the end of each \`npm install\` +acknowledging the number of dependencies looking for funding. See [\`npm +fund\`](/commands/npm-fund) for details. + +#### \`git\` + +* Default: "git" +* Type: String + +The command to use for git commands. If git is installed on the computer, +but is not in the \`PATH\`, then set this to the full path to the git binary. + +#### \`git-tag-version\` + +* Default: true +* Type: Boolean + +Tag the commit when using the \`npm version\` command. + +#### \`global\` + +* Default: false +* Type: Boolean + +Operates in "global" mode, so that packages are installed into the \`prefix\` +folder instead of the current working directory. See +[folders](/configuring-npm/folders) for more on the differences in behavior. + +* packages are installed into the \`{prefix}/lib/node_modules\` folder, instead + of the current working directory. +* bin files are linked to \`{prefix}/bin\` +* man pages are linked to \`{prefix}/share/man\` + +#### \`global-style\` + +* Default: false +* Type: Boolean + +Causes npm to install the package into your local \`node_modules\` folder with +the same layout it uses with the global \`node_modules\` folder. Only your +direct dependencies will show in \`node_modules\` and everything they depend +on will be flattened in their \`node_modules\` folders. This obviously will +eliminate some deduping. If used with \`legacy-bundling\`, \`legacy-bundling\` +will be preferred. + +#### \`globalconfig\` + +* Default: The global --prefix setting plus 'etc/npmrc'. For example, + '/usr/local/etc/npmrc' +* Type: Path + +The config file to read for global config options. + +#### \`heading\` + +* Default: "npm" +* Type: String + +The string that starts all the debugging log output. + +#### \`https-proxy\` + +* Default: null +* Type: null or URL + +A proxy to use for outgoing https requests. If the \`HTTPS_PROXY\` or +\`https_proxy\` or \`HTTP_PROXY\` or \`http_proxy\` environment variables are set, +proxy settings will be honored by the underlying \`make-fetch-happen\` +library. + +#### \`if-present\` + +* Default: false +* Type: Boolean + +If true, npm will not exit with an error code when \`run-script\` is invoked +for a script that isn't defined in the \`scripts\` section of \`package.json\`. +This option can be used when it's desirable to optionally run a script when +it's present and fail if the script fails. This is useful, for example, when +running scripts that may only apply for some builds in an otherwise generic +CI setup. + +#### \`ignore-scripts\` + +* Default: false +* Type: Boolean + +If true, npm does not run scripts specified in package.json files. + +#### \`include\` + +* Default: +* Type: "prod", "dev", "optional", or "peer" (can be set multiple times) + +Option that allows for defining which types of dependencies to install. + +This is the inverse of \`--omit=\`. + +Dependency types specified in \`--include\` will not be omitted, regardless of +the order in which omit/include are specified on the command-line. + +#### \`include-staged\` + +* Default: false +* Type: Boolean + +Allow installing "staged" published packages, as defined by [npm RFC PR +#92](https://github.com/npm/rfcs/pull/92). + +This is experimental, and not implemented by the npm public registry. + +#### \`init-author-email\` + +* Default: "" +* Type: String + +The value \`npm init\` should use by default for the package author's email. + +#### \`init-author-name\` + +* Default: "" +* Type: String + +The value \`npm init\` should use by default for the package author's name. + +#### \`init-author-url\` + +* Default: "" +* Type: "" or URL + +The value \`npm init\` should use by default for the package author's +homepage. + +#### \`init-license\` + +* Default: "ISC" +* Type: String + +The value \`npm init\` should use by default for the package license. + +#### \`init-module\` + +* Default: "~/.npm-init.js" +* Type: Path + +A module that will be loaded by the \`npm init\` command. See the +documentation for the +[init-package-json](https://github.com/npm/init-package-json) module for +more information, or [npm init](/commands/npm-init). + +#### \`init-version\` + +* Default: "1.0.0" +* Type: SemVer string + +The value that \`npm init\` should use by default for the package version +number, if not already set in package.json. + +#### \`json\` + +* Default: false +* Type: Boolean + +Whether or not to output JSON data, rather than the normal output. + +This feature is currently experimental, and the output data structures for +many commands is either not implemented in JSON yet, or subject to change. +Only the output from \`npm ls --json\` and \`npm search --json\` are currently +valid. + +#### \`key\` + +* Default: null +* Type: null or String + +A client key to pass when accessing the registry. Values should be in PEM +format with newlines replaced by the string "\\n". For example: + +\`\`\`ini +key="-----BEGIN PRIVATE KEY-----\\nXXXX\\nXXXX\\n-----END PRIVATE KEY-----" +\`\`\` + +It is _not_ the path to a key file (and there is no "keyfile" option). + +#### \`legacy-bundling\` + +* Default: false +* Type: Boolean + +Causes npm to install the package such that versions of npm prior to 1.4, +such as the one included with node 0.8, can install the package. This +eliminates all automatic deduping. If used with \`global-style\` this option +will be preferred. + +#### \`legacy-peer-deps\` + +* Default: false +* Type: Boolean + +Causes npm to completely ignore \`peerDependencies\` when building a package +tree, as in npm versions 3 through 6. + +If a package cannot be installed because of overly strict \`peerDependencies\` +that collide, it provides a way to move forward resolving the situation. + +This differs from \`--omit=peer\`, in that \`--omit=peer\` will avoid unpacking +\`peerDependencies\` on disk, but will still design a tree such that +\`peerDependencies\` _could_ be unpacked in a correct place. + +Use of \`legacy-peer-deps\` is not recommended, as it will not enforce the +\`peerDependencies\` contract that meta-dependencies may rely on. + +#### \`link\` + +* Default: false +* Type: Boolean + +If true, then local installs will link if there is a suitable globally +installed package. + +Note that this means that local installs can cause things to be installed +into the global space at the same time. The link is only done if one of the +two conditions are met: + +* The package is not already installed globally, or +* the globally installed version is identical to the version that is being + installed locally. + +#### \`local-address\` + +* Default: null +* Type: IP Address + +The IP address of the local interface to use when making connections to the +npm registry. Must be IPv4 in versions of Node prior to 0.12. + +#### \`loglevel\` + +* Default: "notice" +* Type: "silent", "error", "warn", "notice", "http", "timing", "info", + "verbose", or "silly" + +What level of logs to report. On failure, *all* logs are written to +\`npm-debug.log\` in the current working directory. + +Any logs of a higher level than the setting are shown. The default is +"notice". + +#### \`logs-max\` + +* Default: 10 +* Type: Number + +The maximum number of log files to store. + +#### \`long\` + +* Default: false +* Type: Boolean + +Show extended information in \`npm ls\` and \`npm search\`. + +#### \`maxsockets\` + +* Default: Infinity +* Type: Number + +The maximum number of connections to use per origin (protocol/host/port +combination). + +#### \`message\` + +* Default: "%s" +* Type: String + +Commit message which is used by \`npm version\` when creating version commit. + +Any "%s" in the message will be replaced with the version number. + +#### \`node-options\` + +* Default: null +* Type: null or String + +Options to pass through to Node.js via the \`NODE_OPTIONS\` environment +variable. This does not impact how npm itself is executed but it does impact +how lifecycle scripts are called. + +#### \`node-version\` + +* Default: Node.js \`process.version\` value +* Type: SemVer string + +The node version to use when checking a package's \`engines\` setting. + +#### \`noproxy\` + +* Default: The value of the NO_PROXY environment variable +* Type: String (can be set multiple times) + +Domain extensions that should bypass any proxies. + +Also accepts a comma-delimited string. + +#### \`npm-version\` + +* Default: Output of \`npm --version\` +* Type: SemVer string + +The npm version to use when checking a package's \`engines\` setting. + +#### \`offline\` + +* Default: false +* Type: Boolean + +Force offline mode: no network requests will be done during install. To +allow the CLI to fill in missing cache data, see \`--prefer-offline\`. + +#### \`omit\` + +* Default: 'dev' if the NODE_ENV environment variable is set to 'production', + otherwise empty. +* Type: "dev", "optional", or "peer" (can be set multiple times) + +Dependency types to omit from the installation tree on disk. + +Note that these dependencies _are_ still resolved and added to the +\`package-lock.json\` or \`npm-shrinkwrap.json\` file. They are just not +physically installed on disk. + +If a package type appears in both the \`--include\` and \`--omit\` lists, then +it will be included. + +If the resulting omit list includes \`'dev'\`, then the \`NODE_ENV\` environment +variable will be set to \`'production'\` for all lifecycle scripts. + +#### \`otp\` + +* Default: null +* Type: null or String + +This is a one-time password from a two-factor authenticator. It's needed +when publishing or changing package permissions with \`npm access\`. + +If not set, and a registry response fails with a challenge for a one-time +password, npm will prompt on the command line for one. + +#### \`package\` + +* Default: +* Type: String (can be set multiple times) + +The package to install for [\`npm exec\`](/commands/npm-exec) + +#### \`package-lock\` + +* Default: true +* Type: Boolean + +If set to false, then ignore \`package-lock.json\` files when installing. This +will also prevent _writing_ \`package-lock.json\` if \`save\` is true. + +When package package-locks are disabled, automatic pruning of extraneous +modules will also be disabled. To remove extraneous modules with +package-locks disabled use \`npm prune\`. + +#### \`package-lock-only\` + +* Default: false +* Type: Boolean + +If set to true, it will update only the \`package-lock.json\`, instead of +checking \`node_modules\` and downloading dependencies. + +#### \`parseable\` + +* Default: false +* Type: Boolean + +Output parseable results from commands that write to standard output. For +\`npm search\`, this will be tab-separated table format. + +#### \`prefer-offline\` + +* Default: false +* Type: Boolean + +If true, staleness checks for cached data will be bypassed, but missing data +will be requested from the server. To force full offline mode, use +\`--offline\`. + +#### \`prefer-online\` + +* Default: false +* Type: Boolean + +If true, staleness checks for cached data will be forced, making the CLI +look for updates immediately even for fresh package data. + +#### \`prefix\` + +* Default: In global mode, the folder where the node executable is installed. + In local mode, the nearest parent folder containing either a package.json + file or a node_modules folder. +* Type: Path + +The location to install global items. If set on the command line, then it +forces non-global commands to run in the specified folder. + +#### \`preid\` + +* Default: "" +* Type: String + +The "prerelease identifier" to use as a prefix for the "prerelease" part of +a semver. Like the \`rc\` in \`1.2.0-rc.8\`. + +#### \`progress\` + +* Default: \`true\` unless running in a known CI system +* Type: Boolean + +When set to \`true\`, npm will display a progress bar during time intensive +operations, if \`process.stderr\` is a TTY. + +Set to \`false\` to suppress the progress bar. + +#### \`proxy\` + +* Default: null +* Type: null, false, or URL + +A proxy to use for outgoing http requests. If the \`HTTP_PROXY\` or +\`http_proxy\` environment variables are set, proxy settings will be honored +by the underlying \`request\` library. + +#### \`read-only\` + +* Default: false +* Type: Boolean + +This is used to mark a token as unable to publish when configuring limited +access tokens with the \`npm token create\` command. + +#### \`rebuild-bundle\` + +* Default: true +* Type: Boolean + +Rebuild bundled dependencies after installation. + +#### \`registry\` + +* Default: "https://registry.npmjs.org/" +* Type: URL + +The base URL of the npm registry. + +#### \`save\` + +* Default: true +* Type: Boolean + +Save installed packages to a package.json file as dependencies. + +When used with the \`npm rm\` command, removes the dependency from +package.json. + +#### \`save-bundle\` + +* Default: false +* Type: Boolean + +If a package would be saved at install time by the use of \`--save\`, +\`--save-dev\`, or \`--save-optional\`, then also put it in the +\`bundleDependencies\` list. + +Ignore if \`--save-peer\` is set, since peerDependencies cannot be bundled. + +#### \`save-dev\` + +* Default: false +* Type: Boolean + +Save installed packages to a package.json file as \`devDependencies\`. + +#### \`save-exact\` + +* Default: false +* Type: Boolean + +Dependencies saved to package.json will be configured with an exact version +rather than using npm's default semver range operator. + +#### \`save-optional\` + +* Default: false +* Type: Boolean + +Save installed packages to a package.json file as \`optionalDependencies\`. + +#### \`save-peer\` + +* Default: false +* Type: Boolean + +Save installed packages. to a package.json file as \`peerDependencies\` + +#### \`save-prefix\` + +* Default: "^" +* Type: String + +Configure how versions of packages installed to a package.json file via +\`--save\` or \`--save-dev\` get prefixed. + +For example if a package has version \`1.2.3\`, by default its version is set +to \`^1.2.3\` which allows minor upgrades for that package, but after \`npm +config set save-prefix='~'\` it would be set to \`~1.2.3\` which only allows +patch upgrades. + +#### \`save-prod\` + +* Default: false +* Type: Boolean + +Save installed packages into \`dependencies\` specifically. This is useful if +a package already exists in \`devDependencies\` or \`optionalDependencies\`, but +you want to move it to be a non-optional production dependency. + +This is the default behavior if \`--save\` is true, and neither \`--save-dev\` +or \`--save-optional\` are true. + +#### \`scope\` + +* Default: the scope of the current project, if any, or "" +* Type: String + +Associate an operation with a scope for a scoped registry. + +Useful when logging in to a private registry for the first time: + +\`\`\`bash +npm login --scope=@mycorp --registry=https://registry.mycorp.com +\`\`\` + +This will cause \`@mycorp\` to be mapped to the registry for future +installation of packages specified according to the pattern +\`@mycorp/package\`. + +#### \`script-shell\` + +* Default: '/bin/sh' on POSIX systems, 'cmd.exe' on Windows +* Type: null or String + +The shell to use for scripts run with the \`npm run\` command. + +#### \`searchexclude\` + +* Default: "" +* Type: String + +Space-separated options that limit the results from search. + +#### \`searchlimit\` + +* Default: 20 +* Type: Number + +Number of items to limit search results to. Will not apply at all to legacy +searches. + +#### \`searchopts\` + +* Default: "" +* Type: String + +Space-separated options that are always passed to search. + +#### \`searchstaleness\` + +* Default: 900 +* Type: Number + +The age of the cache, in seconds, before another registry request is made if +using legacy search endpoint. + +#### \`shell\` + +* Default: SHELL environment variable, or "bash" on Posix, or "cmd.exe" on + Windows +* Type: String + +The shell to run for the \`npm explore\` command. + +#### \`sign-git-commit\` + +* Default: false +* Type: Boolean + +If set to true, then the \`npm version\` command will commit the new package +version using \`-S\` to add a signature. + +Note that git requires you to have set up GPG keys in your git configs for +this to work properly. + +#### \`sign-git-tag\` + +* Default: false +* Type: Boolean + +If set to true, then the \`npm version\` command will tag the version using +\`-s\` to add a signature. + +Note that git requires you to have set up GPG keys in your git configs for +this to work properly. + +#### \`strict-peer-deps\` + +* Default: false +* Type: Boolean + +If set to \`true\`, and \`--legacy-peer-deps\` is not set, then _any_ +conflicting \`peerDependencies\` will be treated as an install failure, even +if npm could reasonably guess the appropriate resolution based on non-peer +dependency relationships. + +By default, conflicting \`peerDependencies\` deep in the dependency graph will +be resolved using the nearest non-peer dependency specification, even if +doing so will result in some packages receiving a peer dependency outside +the range set in their package's \`peerDependencies\` object. + +When such and override is performed, a warning is printed, explaining the +conflict and the packages involved. If \`--strict-peer-deps\` is set, then +this warning is treated as a failure. + +#### \`strict-ssl\` + +* Default: true +* Type: Boolean + +Whether or not to do SSL key validation when making requests to the registry +via https. + +See also the \`ca\` config. + +#### \`tag\` + +* Default: "latest" +* Type: String + +If you ask npm to install a package and don't tell it a specific version, +then it will install the specified tag. + +Also the tag that is added to the package@version specified by the \`npm tag\` +command, if no explicit tag is given. + +#### \`tag-version-prefix\` + +* Default: "v" +* Type: String + +If set, alters the prefix used when tagging a new version when performing a +version increment using \`npm-version\`. To remove the prefix altogether, set +it to the empty string: \`""\`. + +Because other tools may rely on the convention that npm version tags look +like \`v1.0.0\`, _only use this property if it is absolutely necessary_. In +particular, use care when overriding this setting for public packages. + +#### \`timing\` + +* Default: false +* Type: Boolean + +If true, writes an \`npm-debug\` log to \`_logs\` and timing information to +\`_timing.json\`, both in your cache, even if the command completes +successfully. \`_timing.json\` is a newline delimited list of JSON objects. + +You can quickly view it with this [json](https://npm.im/json) command line: +\`npm exec -- json -g < ~/.npm/_timing.json\`. + +#### \`umask\` + +* Default: 0 +* Type: Octal numeric string in range 0000..0777 (0..511) + +The "umask" value to use when setting the file creation mode on files and +folders. + +Folders and executables are given a mode which is \`0o777\` masked against +this value. Other files are given a mode which is \`0o666\` masked against +this value. + +Note that the underlying system will _also_ apply its own umask value to +files and folders that are created, and npm does not circumvent this, but +rather adds the \`--umask\` config to it. + +Thus, the effective default umask value on most POSIX systems is 0o22, +meaning that folders and executables are created with a mode of 0o755 and +other files are created with a mode of 0o644. + +#### \`unicode\` + +* Default: false on windows, true on mac/unix systems with a unicode locale, + as defined by the LC_ALL, LC_CTYPE, or LANG environment variables. +* Type: Boolean + +When set to true, npm uses unicode characters in the tree output. When +false, it uses ascii characters instead of unicode glyphs. + +#### \`update-notifier\` + +* Default: true +* Type: Boolean + +Set to false to suppress the update notification when using an older version +of npm than the latest. + +#### \`usage\` + +* Default: false +* Type: Boolean + +Show short usage output about the command specified. + +#### \`user-agent\` + +* Default: "npm/{npm-version} node/{node-version} {platform} {arch} {ci}" +* Type: String + +Sets the User-Agent request header. The following fields are replaced with +their actual counterparts: + +* \`{npm-version}\` - The npm version in use +* \`{node-version}\` - The Node.js version in use +* \`{platform}\` - The value of \`process.platform\` +* \`{arch}\` - The value of \`process.arch\` +* \`{ci}\` - The value of the \`ci-name\` config, if set, prefixed with \`ci/\`, or + an empty string if \`ci-name\` is empty. + +#### \`userconfig\` + +* Default: "~/.npmrc" +* Type: Path + +The location of user-level configuration settings. + +This may be overridden by the \`npm_config_userconfig\` environment variable +or the \`--userconfig\` command line option, but may _not_ be overridden by +settings in the \`globalconfig\` file. + +#### \`version\` + +* Default: false +* Type: Boolean + +If true, output the npm version and exit successfully. + +Only relevant when specified explicitly on the command line. + +#### \`versions\` + +* Default: false +* Type: Boolean + +If true, output the npm version as well as node's \`process.versions\` map and +the version in the current working directory's \`package.json\` file if one +exists, and exit successfully. + +Only relevant when specified explicitly on the command line. + +#### \`viewer\` + +* Default: "man" on Posix, "browser" on Windows +* Type: String + +The program to use to view help content. + +Set to \`"browser"\` to view html help content in the default web browser. + +#### \`which\` + +* Default: null +* Type: null or Number + +If there are multiple funding sources, which 1-indexed source URL to open. + +#### \`workspace\` + +* Default: +* Type: String (can be set multiple times) + +Enable running a command in the context of the configured workspaces of the +current project while filtering by running only the workspaces defined by +this configuration option. + +Valid values for the \`workspace\` config are either: - Workspace names - Path +to a workspace directory - Path to a parent workspace directory (will result +to selecting all of the nested workspaces) + +#### \`workspaces\` + +* Default: false +* Type: Boolean + +Enable running a command in the context of **all** the configured +workspaces. + +#### \`yes\` + +* Default: null +* Type: null or Boolean + +Automatically answer "yes" to any prompts that npm might print on the +command line. + +#### \`also\` + +* Default: null +* Type: null, "dev", or "development" +* DEPRECATED: Please use --include=dev instead. + +When set to \`dev\` or \`development\`, this is an alias for \`--include=dev\`. + +#### \`auth-type\` + +* Default: "legacy" +* Type: "legacy", "sso", "saml", or "oauth" +* DEPRECATED: This method of SSO/SAML/OAuth is deprecated and will be removed + in a future version of npm in favor of web-based login. + +What authentication strategy to use with \`adduser\`/\`login\`. + +#### \`cache-max\` + +* Default: Infinity +* Type: Number +* DEPRECATED: This option has been deprecated in favor of \`--prefer-online\` + +\`--cache-max=0\` is an alias for \`--prefer-online\` + +#### \`cache-min\` + +* Default: 0 +* Type: Number +* DEPRECATED: This option has been deprecated in favor of \`--prefer-offline\`. + +\`--cache-min=9999 (or bigger)\` is an alias for \`--prefer-offline\`. + +#### \`init.author.email\` + +* Default: "" +* Type: String +* DEPRECATED: Use \`--init-author-email\` instead. + +Alias for \`--init-author-email\` + +#### \`init.author.name\` + +* Default: "" +* Type: String +* DEPRECATED: Use \`--init-author-name\` instead. + +Alias for \`--init-author-name\` + +#### \`init.author.url\` + +* Default: "" +* Type: "" or URL +* DEPRECATED: Use \`--init-author-url\` instead. + +Alias for \`--init-author-url\` + +#### \`init.license\` + +* Default: "ISC" +* Type: String +* DEPRECATED: Use \`--init-license\` instead. + +Alias for \`--init-license\` + +#### \`init.module\` + +* Default: "~/.npm-init.js" +* Type: Path +* DEPRECATED: Use \`--init-module\` instead. + +Alias for \`--init-module\` + +#### \`init.version\` + +* Default: "1.0.0" +* Type: SemVer string +* DEPRECATED: Use \`--init-version\` instead. + +Alias for \`--init-version\` + +#### \`only\` + +* Default: null +* Type: null, "prod", or "production" +* DEPRECATED: Use \`--omit=dev\` to omit dev dependencies from the install. + +When set to \`prod\` or \`production\`, this is an alias for \`--omit=dev\`. + +#### \`optional\` + +* Default: null +* Type: null or Boolean +* DEPRECATED: Use \`--omit=optional\` to exclude optional dependencies, or + \`--include=optional\` to include them. + +Default value does install optional deps unless otherwise omitted. + +Alias for --include=optional or --omit=optional + +#### \`production\` + +* Default: false +* Type: Boolean +* DEPRECATED: Use \`--omit=dev\` instead. + +Alias for \`--omit=dev\` + +#### \`shrinkwrap\` + +* Default: true +* Type: Boolean +* DEPRECATED: Use the --package-lock setting instead. + +Alias for --package-lock + +#### \`sso-poll-frequency\` + +* Default: 500 +* Type: Number +* DEPRECATED: The --auth-type method of SSO/SAML/OAuth will be removed in a + future version of npm in favor of web-based login. + +When used with SSO-enabled \`auth-type\`s, configures how regularly the +registry should be polled while the user is completing authentication. + +#### \`sso-type\` + +* Default: "oauth" +* Type: null, "oauth", or "saml" +* DEPRECATED: The --auth-type method of SSO/SAML/OAuth will be removed in a + future version of npm in favor of web-based login. + +If \`--auth-type=sso\`, the type of SSO type to use. + +#### \`tmp\` + +* Default: The value returned by the Node.js \`os.tmpdir()\` method + +* Type: Path +* DEPRECATED: This setting is no longer used. npm stores temporary files in a + special location in the cache, and they are managed by + [\`cacache\`](http://npm.im/cacache). + +Historically, the location where temporary files were stored. No longer +relevant. +` diff --git a/tap-snapshots/test-lib-utils-config-index.js-TAP.test.js b/tap-snapshots/test-lib-utils-config-index.js-TAP.test.js new file mode 100644 index 0000000000000..1e5ca232452e0 --- /dev/null +++ b/tap-snapshots/test-lib-utils-config-index.js-TAP.test.js @@ -0,0 +1,133 @@ +/* IMPORTANT + * This snapshot file is auto-generated, but designed for humans. + * It should be checked into source control and tracked carefully. + * Re-generate by setting TAP_SNAPSHOT=1 and running tests. + * Make sure to inspect the output below. Do not ignore changes! + */ +'use strict' +exports[`test/lib/utils/config/index.js TAP > shorthands 1`] = ` +Object { + "?": Array [ + "--usage", + ], + "a": Array [ + "--all", + ], + "B": Array [ + "--save-bundle", + ], + "c": Array [ + "--call", + ], + "C": Array [ + "--prefix", + ], + "d": Array [ + "--loglevel", + "info", + ], + "D": Array [ + "--save-dev", + ], + "dd": Array [ + "--loglevel", + "verbose", + ], + "ddd": Array [ + "--loglevel", + "silly", + ], + "desc": Array [ + "--description", + ], + "E": Array [ + "--save-exact", + ], + "enjoy-by": Array [ + "--before", + ], + "f": Array [ + "--force", + ], + "g": Array [ + "--global", + ], + "h": Array [ + "--usage", + ], + "H": Array [ + "--usage", + ], + "help": Array [ + "--usage", + ], + "l": Array [ + "--long", + ], + "local": Array [ + "--no-global", + ], + "m": Array [ + "--message", + ], + "n": Array [ + "--no-yes", + ], + "no": Array [ + "--no-yes", + ], + "O": Array [ + "--save-optional", + ], + "p": Array [ + "--parseable", + ], + "P": Array [ + "--save-prod", + ], + "porcelain": Array [ + "--parseable", + ], + "q": Array [ + "--loglevel", + "warn", + ], + "quiet": Array [ + "--loglevel", + "warn", + ], + "readonly": Array [ + "--read-only", + ], + "reg": Array [ + "--registry", + ], + "s": Array [ + "--loglevel", + "silent", + ], + "S": Array [ + "--save", + ], + "silent": Array [ + "--loglevel", + "silent", + ], + "v": Array [ + "--version", + ], + "verbose": Array [ + "--loglevel", + "verbose", + ], + "w": Array [ + "--workspace", + ], + "ws": Array [ + "--workspaces", + ], + "y": Array [ + "--yes", + ], +} +` diff --git a/tap-snapshots/test-lib-utils-config.js-TAP.test.js b/tap-snapshots/test-lib-utils-config.js-TAP.test.js deleted file mode 100644 index 39927e600e123..0000000000000 --- a/tap-snapshots/test-lib-utils-config.js-TAP.test.js +++ /dev/null @@ -1,1110 +0,0 @@ -/* IMPORTANT - * This snapshot file is auto-generated, but designed for humans. - * It should be checked into source control and tracked carefully. - * Re-generate by setting TAP_SNAPSHOT=1 and running tests. - * Make sure to inspect the output below. Do not ignore changes! - */ -'use strict' -exports[`test/lib/utils/config.js TAP no working network interfaces, on windows > must match snapshot 1`] = ` -Object { - "defaults": Object { - "_auth": null, - "access": null, - "all": false, - "allow-same-version": false, - "also": null, - "always-auth": false, - "audit": true, - "audit-level": null, - "auth-type": "legacy", - "before": null, - "bin-links": true, - "browser": null, - "ca": null, - "cache": "{CACHE DIR} npm-cache", - "cache-lock-retries": 10, - "cache-lock-stale": 60000, - "cache-lock-wait": 10000, - "cache-max": null, - "cache-min": 10, - "cafile": null, - "call": "", - "cert": null, - "ci-name": null, - "cidr": null, - "color": true, - "commit-hooks": true, - "depth": null, - "description": true, - "dev": false, - "diff": Array [], - "diff-dst-prefix": "", - "diff-ignore-all-space": false, - "diff-name-only": false, - "diff-no-prefix": false, - "diff-src-prefix": "", - "diff-text": false, - "diff-unified": null, - "dry-run": false, - "editor": "vim", - "engine-strict": false, - "fetch-retries": 2, - "fetch-retry-factor": 10, - "fetch-retry-maxtimeout": 60000, - "fetch-retry-mintimeout": 10000, - "fetch-timeout": 300000, - "force": false, - "foreground-script": false, - "format-package-lock": true, - "fund": true, - "git": "git", - "git-tag-version": true, - "global": false, - "global-style": false, - "heading": "npm", - "https-proxy": null, - "if-present": false, - "ignore-prepublish": false, - "ignore-scripts": false, - "include": Array [], - "include-staged": false, - "init-author-email": "", - "init-author-name": "", - "init-author-url": "", - "init-license": "ISC", - "init-module": "~/.npm-init.js", - "init-version": "1.0.0", - "init.author.email": "", - "init.author.name": "", - "init.author.url": "", - "init.license": "ISC", - "init.module": "~/.npm-init.js", - "init.version": "1.0.0", - "json": false, - "key": null, - "legacy-bundling": false, - "legacy-peer-deps": false, - "link": false, - "local-address": undefined, - "loglevel": "notice", - "logs-max": 10, - "long": false, - "maxsockets": 50, - "message": "%s", - "node-options": null, - "node-version": "v14.8.0", - "noproxy": null, - "npm-version": "7.0.0", - "offline": false, - "omit": Array [], - "only": null, - "optional": true, - "otp": null, - "package": Array [], - "package-lock": true, - "package-lock-only": false, - "parseable": false, - "prefer-offline": false, - "prefer-online": false, - "preid": "", - "production": false, - "progress": true, - "proxy": null, - "read-only": false, - "rebuild-bundle": true, - "registry": "https://registry.npmjs.org/", - "rollback": true, - "save": true, - "save-bundle": false, - "save-dev": false, - "save-exact": false, - "save-optional": false, - "save-prefix": "^", - "save-prod": false, - "scope": "", - "script-shell": null, - "scripts-prepend-node-path": "warn-only", - "searchexclude": null, - "searchlimit": 20, - "searchopts": "", - "searchstaleness": 900, - "shell": "cmd.exe", - "shrinkwrap": true, - "sign-git-commit": false, - "sign-git-tag": false, - "sso-poll-frequency": 500, - "sso-type": "oauth", - "strict-peer-deps": false, - "strict-ssl": true, - "tag": "latest", - "tag-version-prefix": "v", - "timing": false, - "tmp": "/tmp", - "umask": 0, - "unicode": true, - "update-notifier": true, - "usage": false, - "user-agent": "npm/{npm-version} node/{node-version} {platform} {arch} {ci}", - "userconfig": "~/.npmrc", - "version": false, - "versions": false, - "viewer": "browser", - }, - "shorthands": Object { - "?": Array [ - "--usage", - ], - "a": Array [ - "--all", - ], - "B": Array [ - "--save-bundle", - ], - "c": Array [ - "--call", - ], - "C": Array [ - "--prefix", - ], - "d": Array [ - "--loglevel", - "info", - ], - "D": Array [ - "--save-dev", - ], - "dd": Array [ - "--loglevel", - "verbose", - ], - "ddd": Array [ - "--loglevel", - "silly", - ], - "desc": Array [ - "--description", - ], - "E": Array [ - "--save-exact", - ], - "enjoy-by": Array [ - "--before", - ], - "f": Array [ - "--force", - ], - "g": Array [ - "--global", - ], - "h": Array [ - "--usage", - ], - "H": Array [ - "--usage", - ], - "help": Array [ - "--usage", - ], - "l": Array [ - "--long", - ], - "local": Array [ - "--no-global", - ], - "m": Array [ - "--message", - ], - "n": Array [ - "--no-yes", - ], - "no-desc": Array [ - "--no-description", - ], - "no-reg": Array [ - "--no-registry", - ], - "noreg": Array [ - "--no-registry", - ], - "O": Array [ - "--save-optional", - ], - "p": Array [ - "--parseable", - ], - "P": Array [ - "--save-prod", - ], - "porcelain": Array [ - "--parseable", - ], - "q": Array [ - "--loglevel", - "warn", - ], - "quiet": Array [ - "--loglevel", - "warn", - ], - "readonly": Array [ - "--read-only", - ], - "reg": Array [ - "--registry", - ], - "s": Array [ - "--loglevel", - "silent", - ], - "S": Array [ - "--save", - ], - "silent": Array [ - "--loglevel", - "silent", - ], - "v": Array [ - "--version", - ], - "verbose": Array [ - "--loglevel", - "verbose", - ], - "y": Array [ - "--yes", - ], - }, - "types": Object { - "_auth": Array [ - null, - "{String TYPE}", - ], - "access": Array [ - null, - "restricted", - "public", - ], - "all": "{Boolean TYPE}", - "allow-same-version": "{Boolean TYPE}", - "also": Array [ - null, - "dev", - "development", - ], - "always-auth": "{Boolean TYPE}", - "audit": "{Boolean TYPE}", - "audit-level": Array [ - "low", - "moderate", - "high", - "critical", - "none", - null, - ], - "auth-type": Array [ - "legacy", - "sso", - "saml", - "oauth", - ], - "before": Array [ - null, - "{Date TYPE}", - ], - "bin-links": "{Boolean TYPE}", - "browser": Array [ - null, - "{Boolean TYPE}", - "{String TYPE}", - ], - "ca": Array [ - null, - "{String TYPE}", - "{Array TYPE}", - ], - "cache": "{PATH MODULE}", - "cache-lock-retries": "{Number TYPE}", - "cache-lock-stale": "{Number TYPE}", - "cache-lock-wait": "{Number TYPE}", - "cache-max": "{Number TYPE}", - "cache-min": "{Number TYPE}", - "cafile": "{PATH MODULE}", - "call": "{String TYPE}", - "cert": Array [ - null, - "{String TYPE}", - ], - "ci-name": Array [ - null, - "{String TYPE}", - ], - "cidr": Array [ - null, - "{String TYPE}", - "{Array TYPE}", - ], - "color": Array [ - "always", - "{Boolean TYPE}", - ], - "commit-hooks": "{Boolean TYPE}", - "depth": Array [ - null, - "{Number TYPE}", - ], - "description": "{Boolean TYPE}", - "dev": "{Boolean TYPE}", - "diff": Array [ - "{String TYPE}", - "{Array TYPE}", - ], - "diff-dst-prefix": "{String TYPE}", - "diff-ignore-all-space": "{Boolean TYPE}", - "diff-name-only": "{Boolean TYPE}", - "diff-no-prefix": "{Boolean TYPE}", - "diff-src-prefix": "{String TYPE}", - "diff-text": "{Boolean TYPE}", - "diff-unified": Array [ - null, - "{Number TYPE}", - ], - "dry-run": "{Boolean TYPE}", - "editor": "{String TYPE}", - "engine-strict": "{Boolean TYPE}", - "fetch-retries": "{Number TYPE}", - "fetch-retry-factor": "{Number TYPE}", - "fetch-retry-maxtimeout": "{Number TYPE}", - "fetch-retry-mintimeout": "{Number TYPE}", - "fetch-timeout": "{Number TYPE}", - "force": "{Boolean TYPE}", - "foreground-script": "{Boolean TYPE}", - "format-package-lock": "{Boolean TYPE}", - "fund": "{Boolean TYPE}", - "git": "{String TYPE}", - "git-tag-version": "{Boolean TYPE}", - "global": "{Boolean TYPE}", - "global-style": "{Boolean TYPE}", - "globalconfig": "{PATH MODULE}", - "heading": "{String TYPE}", - "https-proxy": Array [ - null, - "{URL MODULE}", - ], - "if-present": "{Boolean TYPE}", - "ignore-prepublish": "{Boolean TYPE}", - "ignore-scripts": "{Boolean TYPE}", - "include": Array [ - "{Array TYPE}", - "prod", - "dev", - "optional", - "peer", - ], - "include-staged": "{Boolean TYPE}", - "init-author-email": "{String TYPE}", - "init-author-name": "{String TYPE}", - "init-author-url": Array [ - "", - "{URL MODULE}", - ], - "init-license": "{String TYPE}", - "init-module": "{PATH MODULE}", - "init-version": "{SEMVER MODULE}", - "init.author.email": "{String TYPE}", - "init.author.name": "{String TYPE}", - "init.author.url": Array [ - "", - "{URL MODULE}", - ], - "init.license": "{String TYPE}", - "init.module": "{PATH MODULE}", - "init.version": "{SEMVER MODULE}", - "json": "{Boolean TYPE}", - "key": Array [ - null, - "{String TYPE}", - ], - "legacy-bundling": "{Boolean TYPE}", - "legacy-peer-deps": "{Boolean TYPE}", - "link": "{Boolean TYPE}", - "local-address": Array [ - undefined, - ], - "loglevel": Array [ - "silent", - "error", - "warn", - "notice", - "http", - "timing", - "info", - "verbose", - "silly", - ], - "logs-max": "{Number TYPE}", - "long": "{Boolean TYPE}", - "maxsockets": "{Number TYPE}", - "message": "{String TYPE}", - "node-options": Array [ - null, - "{String TYPE}", - ], - "node-version": Array [ - null, - "{SEMVER MODULE}", - ], - "noproxy": Array [ - null, - "{String TYPE}", - "{Array TYPE}", - ], - "npm-version": "{SEMVER MODULE}", - "offline": "{Boolean TYPE}", - "omit": Array [ - "{Array TYPE}", - "dev", - "optional", - "peer", - ], - "only": Array [ - null, - "dev", - "development", - "prod", - "production", - ], - "optional": "{Boolean TYPE}", - "otp": Array [ - null, - "{String TYPE}", - ], - "package": Array [ - "{String TYPE}", - "{Array TYPE}", - ], - "package-lock": "{Boolean TYPE}", - "package-lock-only": "{Boolean TYPE}", - "parseable": "{Boolean TYPE}", - "prefer-offline": "{Boolean TYPE}", - "prefer-online": "{Boolean TYPE}", - "prefix": "{PATH MODULE}", - "preid": "{String TYPE}", - "production": "{Boolean TYPE}", - "progress": "{Boolean TYPE}", - "proxy": Array [ - null, - false, - "{URL MODULE}", - ], - "read-only": "{Boolean TYPE}", - "rebuild-bundle": "{Boolean TYPE}", - "registry": Array [ - null, - "{URL MODULE}", - ], - "rollback": "{Boolean TYPE}", - "save": "{Boolean TYPE}", - "save-bundle": "{Boolean TYPE}", - "save-dev": "{Boolean TYPE}", - "save-exact": "{Boolean TYPE}", - "save-optional": "{Boolean TYPE}", - "save-prefix": "{String TYPE}", - "save-prod": "{Boolean TYPE}", - "scope": "{String TYPE}", - "script-shell": Array [ - null, - "{String TYPE}", - ], - "scripts-prepend-node-path": Array [ - "{Boolean TYPE}", - "auto", - "warn-only", - ], - "searchexclude": Array [ - null, - "{String TYPE}", - ], - "searchlimit": "{Number TYPE}", - "searchopts": "{String TYPE}", - "searchstaleness": "{Number TYPE}", - "shell": "{String TYPE}", - "shrinkwrap": "{Boolean TYPE}", - "sign-git-commit": "{Boolean TYPE}", - "sign-git-tag": "{Boolean TYPE}", - "sso-poll-frequency": "{Number TYPE}", - "sso-type": Array [ - null, - "oauth", - "saml", - ], - "strict-peer-deps": "{Boolean TYPE}", - "strict-ssl": "{Boolean TYPE}", - "tag": "{String TYPE}", - "tag-version-prefix": "{String TYPE}", - "timing": "{Boolean TYPE}", - "tmp": "{PATH MODULE}", - "umask": "{Umask TYPE}", - "unicode": "{Boolean TYPE}", - "update-notifier": "{Boolean TYPE}", - "usage": "{Boolean TYPE}", - "user-agent": "{String TYPE}", - "userconfig": "{PATH MODULE}", - "version": "{Boolean TYPE}", - "versions": "{Boolean TYPE}", - "viewer": "{String TYPE}", - }, -} -` - -exports[`test/lib/utils/config.js TAP working network interfaces, not windows > must match snapshot 1`] = ` -Object { - "defaults": Object { - "_auth": null, - "access": null, - "all": false, - "allow-same-version": false, - "also": null, - "always-auth": false, - "audit": true, - "audit-level": null, - "auth-type": "legacy", - "before": null, - "bin-links": true, - "browser": null, - "ca": null, - "cache": "{CACHE DIR} .npm", - "cache-lock-retries": 10, - "cache-lock-stale": 60000, - "cache-lock-wait": 10000, - "cache-max": null, - "cache-min": 10, - "cafile": null, - "call": "", - "cert": null, - "ci-name": null, - "cidr": null, - "color": true, - "commit-hooks": true, - "depth": null, - "description": true, - "dev": false, - "diff": Array [], - "diff-dst-prefix": "", - "diff-ignore-all-space": false, - "diff-name-only": false, - "diff-no-prefix": false, - "diff-src-prefix": "", - "diff-text": false, - "diff-unified": null, - "dry-run": false, - "editor": "vim", - "engine-strict": false, - "fetch-retries": 2, - "fetch-retry-factor": 10, - "fetch-retry-maxtimeout": 60000, - "fetch-retry-mintimeout": 10000, - "fetch-timeout": 300000, - "force": false, - "foreground-script": false, - "format-package-lock": true, - "fund": true, - "git": "git", - "git-tag-version": true, - "global": false, - "global-style": false, - "heading": "npm", - "https-proxy": null, - "if-present": false, - "ignore-prepublish": false, - "ignore-scripts": false, - "include": Array [], - "include-staged": false, - "init-author-email": "", - "init-author-name": "", - "init-author-url": "", - "init-license": "ISC", - "init-module": "~/.npm-init.js", - "init-version": "1.0.0", - "init.author.email": "", - "init.author.name": "", - "init.author.url": "", - "init.license": "ISC", - "init.module": "~/.npm-init.js", - "init.version": "1.0.0", - "json": false, - "key": null, - "legacy-bundling": false, - "legacy-peer-deps": false, - "link": false, - "local-address": undefined, - "loglevel": "notice", - "logs-max": 10, - "long": false, - "maxsockets": 50, - "message": "%s", - "node-options": null, - "node-version": "v14.8.0", - "noproxy": null, - "npm-version": "7.0.0", - "offline": false, - "omit": Array [], - "only": null, - "optional": true, - "otp": null, - "package": Array [], - "package-lock": true, - "package-lock-only": false, - "parseable": false, - "prefer-offline": false, - "prefer-online": false, - "preid": "", - "production": false, - "progress": true, - "proxy": null, - "read-only": false, - "rebuild-bundle": true, - "registry": "https://registry.npmjs.org/", - "rollback": true, - "save": true, - "save-bundle": false, - "save-dev": false, - "save-exact": false, - "save-optional": false, - "save-prefix": "^", - "save-prod": false, - "scope": "", - "script-shell": null, - "scripts-prepend-node-path": "warn-only", - "searchexclude": null, - "searchlimit": 20, - "searchopts": "", - "searchstaleness": 900, - "shell": "/usr/local/bin/bash", - "shrinkwrap": true, - "sign-git-commit": false, - "sign-git-tag": false, - "sso-poll-frequency": 500, - "sso-type": "oauth", - "strict-peer-deps": false, - "strict-ssl": true, - "tag": "latest", - "tag-version-prefix": "v", - "timing": false, - "tmp": "/tmp", - "umask": 0, - "unicode": true, - "update-notifier": true, - "usage": false, - "user-agent": "npm/{npm-version} node/{node-version} {platform} {arch} {ci}", - "userconfig": "~/.npmrc", - "version": false, - "versions": false, - "viewer": "man", - }, - "shorthands": Object { - "?": Array [ - "--usage", - ], - "a": Array [ - "--all", - ], - "B": Array [ - "--save-bundle", - ], - "c": Array [ - "--call", - ], - "C": Array [ - "--prefix", - ], - "d": Array [ - "--loglevel", - "info", - ], - "D": Array [ - "--save-dev", - ], - "dd": Array [ - "--loglevel", - "verbose", - ], - "ddd": Array [ - "--loglevel", - "silly", - ], - "desc": Array [ - "--description", - ], - "E": Array [ - "--save-exact", - ], - "enjoy-by": Array [ - "--before", - ], - "f": Array [ - "--force", - ], - "g": Array [ - "--global", - ], - "h": Array [ - "--usage", - ], - "H": Array [ - "--usage", - ], - "help": Array [ - "--usage", - ], - "l": Array [ - "--long", - ], - "local": Array [ - "--no-global", - ], - "m": Array [ - "--message", - ], - "n": Array [ - "--no-yes", - ], - "no-desc": Array [ - "--no-description", - ], - "no-reg": Array [ - "--no-registry", - ], - "noreg": Array [ - "--no-registry", - ], - "O": Array [ - "--save-optional", - ], - "p": Array [ - "--parseable", - ], - "P": Array [ - "--save-prod", - ], - "porcelain": Array [ - "--parseable", - ], - "q": Array [ - "--loglevel", - "warn", - ], - "quiet": Array [ - "--loglevel", - "warn", - ], - "readonly": Array [ - "--read-only", - ], - "reg": Array [ - "--registry", - ], - "s": Array [ - "--loglevel", - "silent", - ], - "S": Array [ - "--save", - ], - "silent": Array [ - "--loglevel", - "silent", - ], - "v": Array [ - "--version", - ], - "verbose": Array [ - "--loglevel", - "verbose", - ], - "y": Array [ - "--yes", - ], - }, - "types": Object { - "_auth": Array [ - null, - "{String TYPE}", - ], - "access": Array [ - null, - "restricted", - "public", - ], - "all": "{Boolean TYPE}", - "allow-same-version": "{Boolean TYPE}", - "also": Array [ - null, - "dev", - "development", - ], - "always-auth": "{Boolean TYPE}", - "audit": "{Boolean TYPE}", - "audit-level": Array [ - "low", - "moderate", - "high", - "critical", - "none", - null, - ], - "auth-type": Array [ - "legacy", - "sso", - "saml", - "oauth", - ], - "before": Array [ - null, - "{Date TYPE}", - ], - "bin-links": "{Boolean TYPE}", - "browser": Array [ - null, - "{Boolean TYPE}", - "{String TYPE}", - ], - "ca": Array [ - null, - "{String TYPE}", - "{Array TYPE}", - ], - "cache": "{PATH MODULE}", - "cache-lock-retries": "{Number TYPE}", - "cache-lock-stale": "{Number TYPE}", - "cache-lock-wait": "{Number TYPE}", - "cache-max": "{Number TYPE}", - "cache-min": "{Number TYPE}", - "cafile": "{PATH MODULE}", - "call": "{String TYPE}", - "cert": Array [ - null, - "{String TYPE}", - ], - "ci-name": Array [ - null, - "{String TYPE}", - ], - "cidr": Array [ - null, - "{String TYPE}", - "{Array TYPE}", - ], - "color": Array [ - "always", - "{Boolean TYPE}", - ], - "commit-hooks": "{Boolean TYPE}", - "depth": Array [ - null, - "{Number TYPE}", - ], - "description": "{Boolean TYPE}", - "dev": "{Boolean TYPE}", - "diff": Array [ - "{String TYPE}", - "{Array TYPE}", - ], - "diff-dst-prefix": "{String TYPE}", - "diff-ignore-all-space": "{Boolean TYPE}", - "diff-name-only": "{Boolean TYPE}", - "diff-no-prefix": "{Boolean TYPE}", - "diff-src-prefix": "{String TYPE}", - "diff-text": "{Boolean TYPE}", - "diff-unified": Array [ - null, - "{Number TYPE}", - ], - "dry-run": "{Boolean TYPE}", - "editor": "{String TYPE}", - "engine-strict": "{Boolean TYPE}", - "fetch-retries": "{Number TYPE}", - "fetch-retry-factor": "{Number TYPE}", - "fetch-retry-maxtimeout": "{Number TYPE}", - "fetch-retry-mintimeout": "{Number TYPE}", - "fetch-timeout": "{Number TYPE}", - "force": "{Boolean TYPE}", - "foreground-script": "{Boolean TYPE}", - "format-package-lock": "{Boolean TYPE}", - "fund": "{Boolean TYPE}", - "git": "{String TYPE}", - "git-tag-version": "{Boolean TYPE}", - "global": "{Boolean TYPE}", - "global-style": "{Boolean TYPE}", - "globalconfig": "{PATH MODULE}", - "heading": "{String TYPE}", - "https-proxy": Array [ - null, - "{URL MODULE}", - ], - "if-present": "{Boolean TYPE}", - "ignore-prepublish": "{Boolean TYPE}", - "ignore-scripts": "{Boolean TYPE}", - "include": Array [ - "{Array TYPE}", - "prod", - "dev", - "optional", - "peer", - ], - "include-staged": "{Boolean TYPE}", - "init-author-email": "{String TYPE}", - "init-author-name": "{String TYPE}", - "init-author-url": Array [ - "", - "{URL MODULE}", - ], - "init-license": "{String TYPE}", - "init-module": "{PATH MODULE}", - "init-version": "{SEMVER MODULE}", - "init.author.email": "{String TYPE}", - "init.author.name": "{String TYPE}", - "init.author.url": Array [ - "", - "{URL MODULE}", - ], - "init.license": "{String TYPE}", - "init.module": "{PATH MODULE}", - "init.version": "{SEMVER MODULE}", - "json": "{Boolean TYPE}", - "key": Array [ - null, - "{String TYPE}", - ], - "legacy-bundling": "{Boolean TYPE}", - "legacy-peer-deps": "{Boolean TYPE}", - "link": "{Boolean TYPE}", - "local-address": Array [ - undefined, - "127.0.0.1", - "no place like home", - ], - "loglevel": Array [ - "silent", - "error", - "warn", - "notice", - "http", - "timing", - "info", - "verbose", - "silly", - ], - "logs-max": "{Number TYPE}", - "long": "{Boolean TYPE}", - "maxsockets": "{Number TYPE}", - "message": "{String TYPE}", - "node-options": Array [ - null, - "{String TYPE}", - ], - "node-version": Array [ - null, - "{SEMVER MODULE}", - ], - "noproxy": Array [ - null, - "{String TYPE}", - "{Array TYPE}", - ], - "npm-version": "{SEMVER MODULE}", - "offline": "{Boolean TYPE}", - "omit": Array [ - "{Array TYPE}", - "dev", - "optional", - "peer", - ], - "only": Array [ - null, - "dev", - "development", - "prod", - "production", - ], - "optional": "{Boolean TYPE}", - "otp": Array [ - null, - "{String TYPE}", - ], - "package": Array [ - "{String TYPE}", - "{Array TYPE}", - ], - "package-lock": "{Boolean TYPE}", - "package-lock-only": "{Boolean TYPE}", - "parseable": "{Boolean TYPE}", - "prefer-offline": "{Boolean TYPE}", - "prefer-online": "{Boolean TYPE}", - "prefix": "{PATH MODULE}", - "preid": "{String TYPE}", - "production": "{Boolean TYPE}", - "progress": "{Boolean TYPE}", - "proxy": Array [ - null, - false, - "{URL MODULE}", - ], - "read-only": "{Boolean TYPE}", - "rebuild-bundle": "{Boolean TYPE}", - "registry": Array [ - null, - "{URL MODULE}", - ], - "rollback": "{Boolean TYPE}", - "save": "{Boolean TYPE}", - "save-bundle": "{Boolean TYPE}", - "save-dev": "{Boolean TYPE}", - "save-exact": "{Boolean TYPE}", - "save-optional": "{Boolean TYPE}", - "save-prefix": "{String TYPE}", - "save-prod": "{Boolean TYPE}", - "scope": "{String TYPE}", - "script-shell": Array [ - null, - "{String TYPE}", - ], - "scripts-prepend-node-path": Array [ - "{Boolean TYPE}", - "auto", - "warn-only", - ], - "searchexclude": Array [ - null, - "{String TYPE}", - ], - "searchlimit": "{Number TYPE}", - "searchopts": "{String TYPE}", - "searchstaleness": "{Number TYPE}", - "shell": "{String TYPE}", - "shrinkwrap": "{Boolean TYPE}", - "sign-git-commit": "{Boolean TYPE}", - "sign-git-tag": "{Boolean TYPE}", - "sso-poll-frequency": "{Number TYPE}", - "sso-type": Array [ - null, - "oauth", - "saml", - ], - "strict-peer-deps": "{Boolean TYPE}", - "strict-ssl": "{Boolean TYPE}", - "tag": "{String TYPE}", - "tag-version-prefix": "{String TYPE}", - "timing": "{Boolean TYPE}", - "tmp": "{PATH MODULE}", - "umask": "{Umask TYPE}", - "unicode": "{Boolean TYPE}", - "update-notifier": "{Boolean TYPE}", - "usage": "{Boolean TYPE}", - "user-agent": "{String TYPE}", - "userconfig": "{PATH MODULE}", - "version": "{Boolean TYPE}", - "versions": "{Boolean TYPE}", - "viewer": "{String TYPE}", - }, -} -` diff --git a/tap-snapshots/test-lib-utils-flat-options.js-TAP.test.js b/tap-snapshots/test-lib-utils-flat-options.js-TAP.test.js deleted file mode 100644 index 47de89e976148..0000000000000 --- a/tap-snapshots/test-lib-utils-flat-options.js-TAP.test.js +++ /dev/null @@ -1,129 +0,0 @@ -/* IMPORTANT - * This snapshot file is auto-generated, but designed for humans. - * It should be checked into source control and tracked carefully. - * Re-generate by setting TAP_SNAPSHOT=1 and running tests. - * Make sure to inspect the output below. Do not ignore changes! - */ -'use strict' -exports[`test/lib/utils/flat-options.js TAP basic > flat options 1`] = ` -Object { - "_auth": undefined, - "@scope:registry": "@scope:registry", - "//nerf.dart:_authToken": "//nerf.dart:_authToken", - "access": "access", - "all": undefined, - "allowSameVersion": "allow-same-version", - "alwaysAuth": "always-auth", - "audit": "audit", - "auditLevel": "audit-level", - "authType": "auth-type", - "before": "before", - "binLinks": "bin-links", - "browser": "browser", - "ca": "ca", - "cache": "cache/_cacache", - "cafile": "cafile", - "call": "call", - "cert": "cert", - "cidr": "cidr", - "color": true, - "commitHooks": "commit-hooks", - "defaultTag": "tag", - "depth": "depth", - "diff": undefined, - "diffDstPrefix": undefined, - "diffIgnoreAllSpace": undefined, - "diffNameOnly": undefined, - "diffNoPrefix": undefined, - "diffSrcPrefix": undefined, - "diffText": undefined, - "diffUnified": undefined, - "dmode": 511, - "dryRun": "dry-run", - "editor": "editor", - "engineStrict": "engine-strict", - "fmode": 438, - "force": "force", - "foregroundScripts": false, - "formatPackageLock": "format-package-lock", - "fund": "fund", - "git": "git", - "gitTagVersion": "git-tag-version", - "global": "global", - "globalPrefix": "/usr/local", - "globalStyle": "global-style", - "hashAlgorithm": "sha1", - "ignoreScripts": undefined, - "includeStaged": undefined, - "json": undefined, - "key": "key", - "legacyBundling": "legacy-bundling", - "legacyPeerDeps": undefined, - "localPrefix": "/path/to/npm/cli", - "log": Object {}, - "long": undefined, - "message": "message", - "nodeBin": "/path/to/some/node", - "nodeVersion": "1.2.3", - "noProxy": "noproxy", - "npmBin": "/path/to/npm/bin.js", - "npmCommand": null, - "npmSession": "12345", - "npmVersion": "7.6.5", - "offline": "offline", - "omit": Array [], - "otp": "otp", - "package": "package", - "packageLock": true, - "packageLockOnly": "package-lock-only", - "parseable": undefined, - "preferDedupe": undefined, - "preferOffline": "prefer-offline", - "preferOnline": "prefer-online", - "prefix": "/path/to/npm/cli", - "preid": "preid", - "projectScope": "@npmcli", - "proxy": "proxy", - "readOnly": "read-only", - "rebuildBundle": "rebuild-bundle", - "registry": "registry", - "retry": Object { - "factor": "fetch-retry-factor", - "maxTimeout": "fetch-retry-maxtimeout", - "minTimeout": "fetch-retry-mintimeout", - "retries": "fetch-retries", - }, - "save": "save", - "saveBundle": false, - "savePrefix": "", - "saveType": "peerOptional", - "scope": "", - "scriptShell": "script-shell", - "search": Object { - "description": "description", - "exclude": "searchexclude", - "limit": "searchlimit", - "opts": Null Object { - "from": "1", - }, - "staleness": "searchstaleness", - }, - "shell": undefined, - "signGitCommit": "sign-git-commit", - "signGitTag": "sign-git-tag", - "ssoPollFrequency": undefined, - "ssoType": undefined, - "strictPeerDeps": undefined, - "strictSSL": "strict-ssl", - "tag": "tag", - "tagVersionPrefix": "tag-version-prefix", - "timeout": "fetch-timeout", - "tmp": "/tmp", - "umask": 18, - "unicode": undefined, - "userAgent": "user-agent", - "viewer": "viewer", - "which": undefined, - "yes": undefined, -} -` diff --git a/tap-snapshots/test-lib-utils-npm-usage.js-TAP.test.js b/tap-snapshots/test-lib-utils-npm-usage.js-TAP.test.js index caabec66bc829..260e2ab8f8d50 100644 --- a/tap-snapshots/test-lib-utils-npm-usage.js-TAP.test.js +++ b/tap-snapshots/test-lib-utils-npm-usage.js-TAP.test.js @@ -6,8 +6,9 @@ */ 'use strict' exports[`test/lib/utils/npm-usage.js TAP usage basic usage > must match snapshot 1`] = ` +npm -Usage: npm +Usage: npm install install all the dependencies in your project npm install add the dependency to your project @@ -38,55 +39,12 @@ More configuration info: npm help config Configuration fields: npm help 7 config npm@{VERSION} {BASEDIR} - -` - -exports[`test/lib/utils/npm-usage.js TAP usage did you mean? > must match snapshot 1`] = ` - -Usage: npm - -npm install install all the dependencies in your project -npm install add the dependency to your project -npm test run this project's tests -npm run run the script named -npm -h quick help on -npm -l display usage info for all commands -npm help search for help on -npm help npm more involved overview - -All commands: - - access, adduser, audit, bin, bugs, cache, ci, completion, - config, dedupe, deprecate, diff, dist-tag, docs, doctor, - edit, exec, explain, explore, find-dupes, fund, get, help, - hook, init, install, install-ci-test, install-test, link, - ll, login, logout, ls, org, outdated, owner, pack, ping, - prefix, profile, prune, publish, rebuild, repo, restart, - root, run-script, search, set, set-script, shrinkwrap, star, - stars, start, stop, team, test, token, uninstall, unpublish, - unstar, update, version, view, whoami - -Specify configs in the ini-formatted file: - /some/config/file/.npmrc -or on the command line via: npm --key=value - -More configuration info: npm help config -Configuration fields: npm help 7 config - -npm@{VERSION} {BASEDIR} - -` - -exports[`test/lib/utils/npm-usage.js TAP usage did you mean? > must match snapshot 2`] = ` - -Did you mean one of these? - install - uninstall ` exports[`test/lib/utils/npm-usage.js TAP usage set process.stdout.columns columns=0 > must match snapshot 1`] = ` +npm -Usage: npm +Usage: npm install install all the dependencies in your project npm install add the dependency to your project @@ -117,12 +75,12 @@ More configuration info: npm help config Configuration fields: npm help 7 config npm@{VERSION} {BASEDIR} - ` exports[`test/lib/utils/npm-usage.js TAP usage set process.stdout.columns columns=90 > must match snapshot 1`] = ` +npm -Usage: npm +Usage: npm install install all the dependencies in your project npm install add the dependency to your project @@ -153,12 +111,12 @@ More configuration info: npm help config Configuration fields: npm help 7 config npm@{VERSION} {BASEDIR} - ` exports[`test/lib/utils/npm-usage.js TAP usage with browser > must match snapshot 1`] = ` +npm -Usage: npm +Usage: npm install install all the dependencies in your project npm install add the dependency to your project @@ -189,12 +147,12 @@ More configuration info: npm help config Configuration fields: npm help 7 config npm@{VERSION} {BASEDIR} - ` exports[`test/lib/utils/npm-usage.js TAP usage with long > must match snapshot 1`] = ` +npm -Usage: npm +Usage: npm install install all the dependencies in your project npm install add the dependency to your project @@ -209,6 +167,8 @@ All commands: access npm access + Set access level on published packages + Usage: npm access public [] npm access restricted [] @@ -224,8 +184,13 @@ All commands: adduser npm adduser + Add a registry user account + Usage: - npm adduser [--registry=url] [--scope=@orgname] [--always-auth] + npm adduser + + Options: + [--registry ] [--scope <@scope>] [--always-auth] aliases: login, add-user @@ -233,21 +198,32 @@ All commands: audit npm audit + Run a security audit + Usage: - npm audit [--json] [--production] - npm audit fix [--force|--package-lock-only|--dry-run|--production|--only=(dev|prod)] + npm audit [fix] + + Options: + [--dry-run] [-f|--force] [--json] [--package-lock-only] [--production] Run "npm help audit" for more info bin npm bin + Display npm bin folder + Usage: - npm bin [-g] + npm bin + + Options: + [-g|--global] Run "npm help bin" for more info bugs npm bugs + Report bugs for a package in a web browser + Usage: npm bugs [] @@ -257,6 +233,8 @@ All commands: cache npm cache + Manipulates packages cache + Usage: npm cache add npm cache add @@ -270,6 +248,8 @@ All commands: ci npm ci + Install a project with a clean slate + Usage: npm ci @@ -279,7 +259,7 @@ All commands: completion npm completion - npm command completion script. save to ~/.bashrc or ~/.zshrc + Tab Completion for npm Usage: npm completion @@ -288,6 +268,8 @@ All commands: config npm config + Manage the npm configuration files + Usage: npm config set = [= ...] npm config get [ [ ...]] @@ -301,6 +283,8 @@ All commands: dedupe npm dedupe + Reduce duplication in the package tree + Usage: npm dedupe @@ -310,6 +294,8 @@ All commands: deprecate npm deprecate + Deprecate a version of a package + Usage: npm deprecate [@] @@ -317,6 +303,8 @@ All commands: diff npm diff + The registry diff command + Usage: npm diff [...] npm diff --diff= [...] @@ -328,6 +316,8 @@ All commands: dist-tag npm dist-tag + Modify package distribution tags + Usage: npm dist-tag add @ [] npm dist-tag rm @@ -337,12 +327,21 @@ All commands: Run "npm help dist-tag" for more info - docs npm docs [ [ ...]] + docs npm docs + + Open documentation for a package in a web browser + + Usage: + npm docs [ [ ...]] alias: home + + Run "npm help docs" for more info doctor npm doctor + Check your npm environment + Usage: npm doctor @@ -350,6 +349,8 @@ All commands: edit npm edit + Edit an installed package + Usage: npm edit [/...] @@ -357,7 +358,7 @@ All commands: exec npm exec - Run a command from a local or remote npm package. + Run a command from a local or remote npm package Usage: npm exec -- [@] [args...] @@ -371,6 +372,8 @@ All commands: explain npm explain + Explain installed packages + Usage: npm explain @@ -380,6 +383,8 @@ All commands: explore npm explore + Browse an installed package + Usage: npm explore [ -- ] @@ -387,6 +392,8 @@ All commands: find-dupes npm find-dupes + Find duplication in the package tree + Usage: npm find-dupes @@ -394,13 +401,20 @@ All commands: fund npm fund + Retrieve funding information + Usage: - npm fund [--json] [--browser] [--unicode] [[<@scope>/] [--which=] + npm fund [[<@scope>/]] + + Options: + [--json] [--browser|--browser ] [--unicode] [--which ] Run "npm help fund" for more info get npm get + Get a value from the npm configuration + Usage: npm get [ ...] (See \`npm config\`) @@ -408,6 +422,8 @@ All commands: help npm help + Get help on npm + Usage: npm help [] @@ -417,6 +433,8 @@ All commands: hook npm hook + Manage registry hooks + Usage: npm hook add [--type=] npm hook ls [pkg] @@ -427,6 +445,8 @@ All commands: init npm init + Create a package.json file + Usage: npm init [--force|-f|--yes|-y|--scope] npm init <@scope> (same as \`npx <@scope>/create\`) @@ -438,6 +458,8 @@ All commands: install npm install + Install a package + Usage: npm install [<@scope>/] npm install [<@scope>/]@ @@ -448,7 +470,10 @@ All commands: npm install npm install npm install - npm install / [--save-prod|--save-dev|--save-optional|--save-peer] [--save-exact] [--no-save] + npm install / + + Options: + [-S|--save|--no-save|--save-prod|--save-dev|--save-optional|--save-peer] [-E|--save-exact] aliases: i, in, ins, inst, insta, instal, isnt, isnta, isntal, add @@ -456,6 +481,8 @@ All commands: install-ci-test npm install-ci-test + Install a project with a clean slate and run tests + Usage: npm install-ci-test @@ -465,6 +492,8 @@ All commands: install-test npm install-test + Install package(s) and run tests + Usage: npm install-test [<@scope>/] npm install-test [<@scope>/]@ @@ -475,7 +504,10 @@ All commands: npm install-test npm install-test npm install-test - npm install-test / [--save-prod|--save-dev|--save-optional|--save-peer] [--save-exact] [--no-save] + npm install-test / + + Options: + [-S|--save|--no-save|--save-prod|--save-dev|--save-optional|--save-peer] [-E|--save-exact] alias: it @@ -483,6 +515,8 @@ All commands: link npm link + Symlink a package folder + Usage: npm link (in package dir) npm link [<@scope>/][@] @@ -493,6 +527,8 @@ All commands: ll npm ll + List installed packages + Usage: npm ll [[<@scope>/] ...] @@ -502,8 +538,13 @@ All commands: login npm adduser + Add a registry user account + Usage: - npm adduser [--registry=url] [--scope=@orgname] [--always-auth] + npm adduser + + Options: + [--registry ] [--scope <@scope>] [--always-auth] aliases: login, add-user @@ -511,13 +552,20 @@ All commands: logout npm logout + Log out of the registry + Usage: - npm logout [--registry=] [--scope=<@scope>] + npm logout + + Options: + [--registry ] [--scope <@scope>] Run "npm help logout" for more info ls npm ls + List installed packages + Usage: npm ls npm ls [[<@scope>/] ...] @@ -527,6 +575,8 @@ All commands: org npm org + Manage orgs + Usage: npm org set orgname username [developer | admin | owner] npm org rm orgname username @@ -538,6 +588,8 @@ All commands: outdated npm outdated + Check for outdated packages + Usage: npm outdated [[<@scope>/] ...] @@ -545,6 +597,8 @@ All commands: owner npm owner + Manage package owners + Usage: npm owner add [<@scope>/] npm owner rm [<@scope>/] @@ -556,22 +610,32 @@ All commands: pack npm pack + Create a tarball from a package + Usage: - npm pack [[<@scope>/]...] [--dry-run] + npm pack [[<@scope>/]...] + + Options: + [--dry-run] Run "npm help pack" for more info ping npm ping - ping registry + Ping npm registry Usage: npm ping + Options: + [--registry ] + Run "npm help ping" for more info prefix npm prefix + Display prefix + Usage: npm prefix [-g] @@ -579,6 +643,8 @@ All commands: profile npm profile + Change settings on your registry profile + Usage: npm profile enable-2fa [auth-only|auth-and-writes] npm profile disable-2fa @@ -589,20 +655,32 @@ All commands: prune npm prune + Remove extraneous packages + Usage: - npm prune [[<@scope>/]...] [--production] + npm prune [[<@scope>/]...] + + Options: + [--production] Run "npm help prune" for more info publish npm publish + Publish a package + Usage: - npm publish [] [--tag ] [--access ] [--dry-run] + npm publish [] + + Options: + [--tag ] [--access ] [--dry-run] Run "npm help publish" for more info rebuild npm rebuild + Rebuild a package + Usage: npm rebuild [[<@scope>/][@] ...] @@ -612,6 +690,8 @@ All commands: repo npm repo + Open package repository page in the browser + Usage: npm repo [ [ ...]] @@ -619,6 +699,8 @@ All commands: restart npm restart + Restart a package + Usage: npm restart [-- ] @@ -626,13 +708,20 @@ All commands: root npm root + Display npm root + Usage: - npm root [-g] + npm root + + Options: + [-g|--global] Run "npm help root" for more info run-script npm run-script + Run arbitrary package scripts + Usage: npm run-script [-- ] @@ -642,8 +731,13 @@ All commands: search npm search + Search for pacakges + Usage: - npm search [-l|--long] [--json] [--parseable] [--no-description] [search terms ...] + npm search [search terms ...] + + Options: + [-l|--long] [--json] [-p|--parseable] [--no-description] aliases: s, se, find @@ -651,6 +745,8 @@ All commands: set npm set + Set a value in the npm configuration + Usage: npm set = [= ...] (See \`npm config\`) @@ -658,6 +754,8 @@ All commands: set-script npm set-script + Set tasks in the scripts section of package.json + Usage: npm set-script [