Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release: npm@6.6.0 #113

Merged
merged 97 commits into from
Jan 18, 2019
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
97 commits
Select commit Hold shift + click to select a range
1065a78
config: support default user on IBM i (#65)
dmabupt Dec 10, 2018
31a7274
docs: Fix typo in npm-token documentation (#71)
GeorgeTaveras1231 Dec 10, 2018
890a744
pacote: pass git opts to pacote (#98)
larsgw Dec 10, 2018
02c837e
dist-tag: make 'ls' the default action (#106)
isaacs Dec 10, 2018
90e55a1
utils: check npm.config existence in error-handler.js (#108)
BeniCheni Dec 10, 2018
9cefcdc
npm-registry-fetch@3.8.0
zkat Aug 15, 2018
1c769c9
pacote@9.1.0
zkat Aug 15, 2018
f3bc553
figgy-pudding@3.5.1
zkat Aug 28, 2018
bf7199d
npm-profile@4.0.1
zkat Aug 29, 2018
118c504
semver@5.5.1
zkat Aug 31, 2018
eab4df9
libcipm@3.0.2
zkat Aug 31, 2018
b86e515
libnpm@1.4.0
zkat Nov 26, 2018
4cca9cb
config: add figgyConfig for things that use figgy-pudding
zkat Apr 5, 2018
ad67461
utils: add otplease util for otp prompting
zkat Aug 21, 2018
77625f9
access: stop using npm-registry-client
zkat Aug 21, 2018
6e922ae
whoami: stop using npm-registry-client
zkat Apr 5, 2018
584613e
ping: stop using npm-registry-client
zkat Apr 6, 2018
64de4eb
deprecate: stop using npm-registry-client
zkat Apr 6, 2018
6cd87d1
stars: stop using npm-registry-client
zkat Apr 6, 2018
2786834
star: stop using npm-registry-client
zkat Apr 6, 2018
514558e
view: stop using npm-registry-client
zkat Apr 6, 2018
dec07eb
audit: convert audit to new version of n-r-f
zkat Jul 27, 2018
0847419
outdated: stop using npm-registry-client
zkat Aug 16, 2018
45aff0e
dist-tag: stop using npm-registry-client
zkat Aug 16, 2018
846ddcc
anon-metrics: stop using npm-registry-client
zkat Aug 16, 2018
8971ba1
owner: stop using npm-registry-client
zkat Aug 16, 2018
99156e0
team: stop using npm-registry-client
zkat Aug 17, 2018
ab21553
hook: clean up and improve hook command
zkat Aug 24, 2018
b37a665
org: add npm org command
zkat Aug 24, 2018
d2af077
search: stop using npm-registry-client
zkat Aug 28, 2018
e0b4c68
logout: stop using npm-registry-client
zkat Aug 29, 2018
ff72350
login: update legacy auth to support latest npm-registry-fetch
zkat Aug 29, 2018
6ed9433
login: stop using npm-registry-client for SSO auth
zkat Aug 29, 2018
90a069e
unpublish: stop using npm-registry-client
zkat Aug 29, 2018
b24ed5f
publish: stop using npm-registry-client
zkat Aug 31, 2018
ec9fcc1
npm-registry-client: goodbye
zkat Aug 31, 2018
8a56fa3
figgy-config: fix opts.color defaults because npm is weird
zkat Aug 31, 2018
41d19e1
pacote: get rid of legacy pacoteOpts
zkat Aug 31, 2018
c5af34c
npm-registry-client@REMOVED
zkat Aug 31, 2018
125ff95
workers: fixup
zkat Aug 31, 2018
56fffbf
get-stream@4.1.0
zkat Oct 2, 2018
df972e9
npm-profile@REMOVED
zkat Nov 26, 2018
32c73bf
libnpm@2.0.1
zkat Nov 27, 2018
1c3b226
config: remove some config checks
zkat Nov 27, 2018
3c0a7b0
install: fix circular dependency with config stuff
zkat Nov 27, 2018
08fcb3f
test: update cache add test output
zkat Dec 5, 2018
c8135d9
test: remove get.js test for n-r-c
zkat Dec 5, 2018
ae936f2
config: fix passing of referer value
zkat Dec 5, 2018
569491b
licensee@5.0.0
zkat Dec 11, 2018
a3ba0cc
deps: move rimraf to prod deps
zkat Dec 11, 2018
0fad6ce
deps: alpha-order bundleDeps
zkat Dec 12, 2018
1a20b38
deps: fix up gitignore issues with devDeps
zkat Dec 12, 2018
7645157
deps: make prepare run `rebuild` to make sure bins from deps are there
zkat Dec 12, 2018
a06ac85
doc: update changelog for npm@6.6.0
zkat Dec 12, 2018
dd3aa1c
update AUTHORS
Dec 12, 2018
56440dd
6.6.0-next.0
Dec 12, 2018
fb3bbb7
npm-audit-report@1.3.2
zkat Dec 18, 2018
f1edffb
scripts: Modernize maketest
iarna Dec 19, 2018
ae26347
test: maketest: Use promise based example common.npm call
iarna Dec 19, 2018
d9970da
scripts: maketest: Use newEnv for env production
iarna Dec 19, 2018
1342071
install: fix checking for optional dep
larsgw Oct 7, 2018
2401b75
test: Correct docs for fake-registry interface
iarna Dec 20, 2018
a22e6f5
profile: update profile to support new npm-profile API (#131)
zkat Dec 21, 2018
7a2f6b0
deps: remove tink experiments (#129)
larsgw Dec 21, 2018
f63a0d6
spdx-license-ids@3.0.3
zkat Jan 7, 2019
f350e71
aproba@2.0.0
Jan 8, 2019
a67e4d8
byte-size@5.0.1
Jan 8, 2019
8bea4ef
cacache@11.3.2
Jan 8, 2019
9d47768
chownr@1.1.1
Jan 8, 2019
70da139
ci-info@2.0.0
Jan 8, 2019
bcdeddc
cli-table3@0.5.1
Jan 8, 2019
63aab82
is-cidr@3.0.0
Jan 8, 2019
d522bd9
JSONStream@1.3.5
Jan 8, 2019
2a59bfc
libnpmhook@5.0.2
Jan 8, 2019
66d60e3
marked@0.6.0
Jan 8, 2019
8213def
npm-packlist@1.2.0
Jan 8, 2019
e4ffc6a
unique-filename@1.1.1
Jan 8, 2019
09a5c2f
semver@5.6.0
Jan 8, 2019
740e79e
rimraf@2.6.3
Jan 8, 2019
455476c
require-inject@1.4.4
Jan 8, 2019
3f40251
npm-pick-manifest@2.2.3
Jan 8, 2019
4ffa8a8
query-string@6.2.0
Jan 8, 2019
a0a0ca9
pacote@9.3.0
Jan 8, 2019
5777ea8
readable-stream@3.1.1
Jan 8, 2019
887e943
lru-cache@4.1.5
Jan 8, 2019
41f1552
deps: updating semver docs
Jan 9, 2019
c5b6056
Handle git branch references correctly (#123)
johanneswuerbach Jan 9, 2019
f58b43e
audit: report any errors above 400 as potentially not supporting audi…
zkat Jan 9, 2019
a5c9e6f
cli,outdated: default homepage to an empty string (#124)
anchnk Jan 9, 2019
5d07635
doc: fix npm-prefix description (#116)
larsgw Jan 9, 2019
c665f35
chore: replace var with const/let in lib/repo.js (#119)
watilde Jan 9, 2019
371442f
doc: update changelog for npm@6.6.0
Jan 10, 2019
b9d4dcb
update AUTHORS
Jan 10, 2019
6c89adb
6.6.0-next.1
Jan 10, 2019
46639ba
chore: Update package-lock.json for https tarball URLs
Jan 11, 2019
f277bce
doc: update changelog for npm@6.6.0
Jan 17, 2019
bb8688d
6.6.0
Jan 17, 2019
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
7 changes: 7 additions & 0 deletions AUTHORS
Original file line number Diff line number Diff line change
Expand Up @@ -612,3 +612,10 @@ Joe Bottigliero <joe@bottigliero.com>
Nikolai Vavilov <vvnicholas@gmail.com>
Kelvin Jin <kelvinjin@google.com>
乱序 <midare@utakana.de>
Audrey Eschright <audrey@npmjs.com>
Xu Meng <dmabupt@gmail.com>
George <george.taveras1231@gmail.com>
Beni von Cheni <benjaminlchen@gmail.com>
Frédéric Harper <fharper@npmjs.com>
Johannes Würbach <johannes.wuerbach@googlemail.com>
ƇʘƁ̆ąƇ́ <anchnk@users.noreply.github.com>
261 changes: 258 additions & 3 deletions CHANGELOG.md

Large diffs are not rendered by default.

8 changes: 8 additions & 0 deletions doc/cli/npm-access.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@ npm-access(1) -- Set access level on published packages
npm access grant <read-only|read-write> <scope:team> [<package>]
npm access revoke <scope:team> [<package>]

npm access 2fa-required [<package>]
npm access 2fa-not-required [<package>]

npm access ls-packages [<user>|<scope>|<scope:team>]
npm access ls-collaborators [<package> [<user>]]
npm access edit [<package>]
Expand All @@ -28,6 +31,10 @@ subcommand.
Add or remove the ability of users and teams to have read-only or read-write
access to a package.

* 2fa-required / 2fa-not-required:
Configure whether a package requires that anyone publishing it have two-factor
authentication enabled on their account.

* ls-packages:
Show all of the packages a user or a team is able to access, along with the
access level, except for read-only public packages (it won't print the whole
Expand Down Expand Up @@ -70,6 +77,7 @@ Management of teams and team memberships is done with the `npm team` command.

## SEE ALSO

* [`libnpmaccess`](https://npm.im/libnpmaccess)
* npm-team(1)
* npm-publish(1)
* npm-config(7)
Expand Down
2 changes: 2 additions & 0 deletions doc/cli/npm-dist-tag.md
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@ Add, remove, and enumerate distribution tags on a package:
Show all of the dist-tags for a package, defaulting to the package in
the current prefix.

This is the default action if none is specified.

A tag can be used when installing packages as a reference to a version instead
of using a specific version number:

Expand Down
3 changes: 2 additions & 1 deletion doc/cli/npm-prefix.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@ npm-prefix(1) -- Display prefix
## DESCRIPTION

Print the local prefix to standard out. This is the closest parent directory
to contain a package.json file unless `-g` is also specified.
to contain a `package.json` file or `node_modules` directory, unless `-g` is
also specified.

If `-g` is specified, this will be the value of the global prefix. See
`npm-config(7)` for more detail.
Expand Down
2 changes: 1 addition & 1 deletion doc/cli/npm-token.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ npm-token(1) -- Manage your authentication tokens

## DESCRIPTION

This list you list, create and revoke authentication tokens.
This lets you list, create and revoke authentication tokens.

* `npm token list`:
Shows a table of all active authentication tokens. You can request this as
Expand Down
21 changes: 16 additions & 5 deletions doc/misc/semver.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,6 @@ As a command-line utility:
```
$ semver -h

SemVer 5.3.0

A JavaScript implementation of the http://semver.org/ specification
Copyright Isaac Z. Schlueter

Expand All @@ -54,6 +52,9 @@ Options:
-l --loose
Interpret versions and ranges loosely

-p --include-prerelease
Always include prerelease versions in range matching

-c --coerce
Coerce a string into SemVer if possible
(does not imply --loose)
Expand Down Expand Up @@ -289,9 +290,19 @@ part ::= nr | [-0-9A-Za-z]+

## Functions

All methods and classes take a final `loose` boolean argument that, if
true, will be more forgiving about not-quite-valid semver strings.
The resulting output will always be 100% strict, of course.
All methods and classes take a final `options` object argument. All
options in this object are `false` by default. The options supported
are:

- `loose` Be more forgiving about not-quite-valid semver strings.
(Any resulting output will always be 100% strict compliant, of
course.) For backwards compatibility reasons, if the `options`
argument is a boolean value instead of an object, it is interpreted
to be the `loose` param.
- `includePrerelease` Set to suppress the [default
behavior](https://github.com/npm/node-semver#prerelease-tags) of
excluding prerelease tagged versions from ranges unless they are
explicitly opted into.

Strict-mode Comparators and Ranges will be strict about the SemVer
strings that they parse.
Expand Down
216 changes: 142 additions & 74 deletions lib/access.js
Original file line number Diff line number Diff line change
@@ -1,28 +1,50 @@
'use strict'
/* eslint-disable standard/no-callback-literal */

var resolve = require('path').resolve
const BB = require('bluebird')

var readPackageJson = require('read-package-json')
var mapToRegistry = require('./utils/map-to-registry.js')
var npm = require('./npm.js')
var output = require('./utils/output.js')

var whoami = require('./whoami')
const figgyPudding = require('figgy-pudding')
const libaccess = require('libnpm/access')
const npmConfig = require('./config/figgy-config.js')
const output = require('./utils/output.js')
const otplease = require('./utils/otplease.js')
const path = require('path')
const prefix = require('./npm.js').prefix
const readPackageJson = BB.promisify(require('read-package-json'))
const usage = require('./utils/usage.js')
const whoami = require('./whoami.js')

module.exports = access

access.usage =
access.usage = usage(
'npm access',
'npm access public [<package>]\n' +
'npm access restricted [<package>]\n' +
'npm access grant <read-only|read-write> <scope:team> [<package>]\n' +
'npm access revoke <scope:team> [<package>]\n' +
'npm access 2fa-required [<package>]\n' +
'npm access 2fa-not-required [<package>]\n' +
'npm access ls-packages [<user>|<scope>|<scope:team>]\n' +
'npm access ls-collaborators [<package> [<user>]]\n' +
'npm access edit [<package>]'
)

access.subcommands = [
'public', 'restricted', 'grant', 'revoke',
'ls-packages', 'ls-collaborators', 'edit',
'2fa-required', '2fa-not-required'
]

const AccessConfig = figgyPudding({
json: {}
})

access.subcommands = ['public', 'restricted', 'grant', 'revoke',
'ls-packages', 'ls-collaborators', 'edit']
function UsageError (msg = '') {
throw Object.assign(new Error(
(msg ? `\nUsage: ${msg}\n\n` : '') +
access.usage
), {code: 'EUSAGE'})
}

access.completion = function (opts, cb) {
var argv = opts.conf.argv.remain
Expand All @@ -42,6 +64,8 @@ access.completion = function (opts, cb) {
case 'ls-packages':
case 'ls-collaborators':
case 'edit':
case '2fa-required':
case '2fa-not-required':
return cb(null, [])
case 'revoke':
return cb(null, [])
Expand All @@ -50,81 +74,125 @@ access.completion = function (opts, cb) {
}
}

function access (args, cb) {
var cmd = args.shift()
var params
return parseParams(cmd, args, function (err, p) {
if (err) { return cb(err) }
params = p
return mapToRegistry(params.package, npm.config, invokeCmd)
})
function access ([cmd, ...args], cb) {
return BB.try(() => {
const fn = access.subcommands.includes(cmd) && access[cmd]
if (!cmd) { UsageError('Subcommand is required.') }
if (!fn) { UsageError(`${cmd} is not a recognized subcommand.`) }

function invokeCmd (err, uri, auth, base) {
if (err) { return cb(err) }
params.auth = auth
try {
return npm.registry.access(cmd, uri, params, function (err, data) {
if (!err && data) {
output(JSON.stringify(data, undefined, 2))
}
cb(err, data)
})
} catch (e) {
cb(e.message + '\n\nUsage:\n' + access.usage)
}
}
return fn(args, AccessConfig(npmConfig()))
}).then(
x => cb(null, x),
err => err.code === 'EUSAGE' ? cb(err.message) : cb(err)
)
}

function parseParams (cmd, args, cb) {
// mapToRegistry will complain if package is undefined,
// but it's not needed for ls-packages
var params = { 'package': '' }
if (cmd === 'grant') {
params.permissions = args.shift()
}
if (['grant', 'revoke', 'ls-packages'].indexOf(cmd) !== -1) {
var entity = (args.shift() || '').split(':')
params.scope = entity[0]
params.team = entity[1]
}
access.public = ([pkg], opts) => {
return modifyPackage(pkg, opts, libaccess.public)
}

if (cmd === 'ls-packages') {
if (!params.scope) {
whoami([], true, function (err, scope) {
params.scope = scope
cb(err, params)
})
} else {
cb(null, params)
access.restricted = ([pkg], opts) => {
return modifyPackage(pkg, opts, libaccess.restricted)
}

access.grant = ([perms, scopeteam, pkg], opts) => {
return BB.try(() => {
if (!perms || (perms !== 'read-only' && perms !== 'read-write')) {
UsageError('First argument must be either `read-only` or `read-write.`')
}
} else {
getPackage(args.shift(), function (err, pkg) {
if (err) return cb(err)
params.package = pkg
if (!scopeteam) {
UsageError('`<scope:team>` argument is required.')
}
const [, scope, team] = scopeteam.match(/^@?([^:]+):(.*)$/) || []
if (!scope && !team) {
UsageError(
'Second argument used incorrect format.\n' +
'Example: @example:developers'
)
}
return modifyPackage(pkg, opts, (pkgName, opts) => {
return libaccess.grant(pkgName, scopeteam, perms, opts)
})
})
}

if (cmd === 'ls-collaborators') params.user = args.shift()
cb(null, params)
access.revoke = ([scopeteam, pkg], opts) => {
return BB.try(() => {
if (!scopeteam) {
UsageError('`<scope:team>` argument is required.')
}
const [, scope, team] = scopeteam.match(/^@?([^:]+):(.*)$/) || []
if (!scope || !team) {
UsageError(
'First argument used incorrect format.\n' +
'Example: @example:developers'
)
}
return modifyPackage(pkg, opts, (pkgName, opts) => {
return libaccess.revoke(pkgName, scopeteam, opts)
})
}
})
}

access['2fa-required'] = access.tfaRequired = ([pkg], opts) => {
return modifyPackage(pkg, opts, libaccess.tfaRequired, false)
}

access['2fa-not-required'] = access.tfaNotRequired = ([pkg], opts) => {
return modifyPackage(pkg, opts, libaccess.tfaNotRequired, false)
}

access['ls-packages'] = access.lsPackages = ([owner], opts) => {
return (
owner ? BB.resolve(owner) : BB.fromNode(cb => whoami([], true, cb))
).then(owner => {
return libaccess.lsPackages(owner, opts)
}).then(pkgs => {
// TODO - print these out nicely (breaking change)
output(JSON.stringify(pkgs, null, 2))
})
}

access['ls-collaborators'] = access.lsCollaborators = ([pkg, usr], opts) => {
return getPackage(pkg).then(pkgName =>
libaccess.lsCollaborators(pkgName, usr, opts)
).then(collabs => {
// TODO - print these out nicely (breaking change)
output(JSON.stringify(collabs, null, 2))
})
}

function getPackage (name, cb) {
if (name && name.trim()) {
cb(null, name.trim())
} else {
readPackageJson(
resolve(npm.prefix, 'package.json'),
function (err, data) {
if (err) {
access['edit'] = () => BB.reject(new Error('edit subcommand is not implemented yet'))

function modifyPackage (pkg, opts, fn, requireScope = true) {
return getPackage(pkg, requireScope).then(pkgName =>
otplease(opts, opts => fn(pkgName, opts))
)
}

function getPackage (name, requireScope = true) {
return BB.try(() => {
if (name && name.trim()) {
return name.trim()
} else {
return readPackageJson(
path.resolve(prefix, 'package.json')
).then(
data => data.name,
err => {
if (err.code === 'ENOENT') {
cb(new Error('no package name passed to command and no package.json found'))
throw new Error('no package name passed to command and no package.json found')
} else {
cb(err)
throw err
}
} else {
cb(null, data.name)
}
}
)
}
)
}
}).then(name => {
if (requireScope && !name.match(/^@[^/]+\/.*$/)) {
UsageError('This command is only available for scoped packages.')
} else {
return name
}
})
}
Loading