From 46a4e75638c7af53978407b30c60e00b02a0e141 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 14:48:14 -0700 Subject: [PATCH 01/21] deps: @npmcli/git@5.0.7 --- node_modules/@npmcli/git/lib/errors.js | 6 +++--- node_modules/@npmcli/git/package.json | 8 ++++---- package-lock.json | 11 ++++++----- package.json | 2 +- workspaces/libnpmversion/package.json | 2 +- 5 files changed, 15 insertions(+), 14 deletions(-) diff --git a/node_modules/@npmcli/git/lib/errors.js b/node_modules/@npmcli/git/lib/errors.js index 7aeac4762866f..3ceaa45811669 100644 --- a/node_modules/@npmcli/git/lib/errors.js +++ b/node_modules/@npmcli/git/lib/errors.js @@ -8,7 +8,7 @@ class GitError extends Error { } class GitConnectionError extends GitError { - constructor (message) { + constructor () { super('A git connection error occurred') } @@ -18,13 +18,13 @@ class GitConnectionError extends GitError { } class GitPathspecError extends GitError { - constructor (message) { + constructor () { super('The git reference could not be found') } } class GitUnknownError extends GitError { - constructor (message) { + constructor () { super('An unknown git error occurred') } } diff --git a/node_modules/@npmcli/git/package.json b/node_modules/@npmcli/git/package.json index f7117f13a9399..cc641d2b1ad92 100644 --- a/node_modules/@npmcli/git/package.json +++ b/node_modules/@npmcli/git/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/git", - "version": "5.0.6", + "version": "5.0.7", "main": "lib/index.js", "files": [ "bin/", @@ -9,7 +9,7 @@ "description": "a util for spawning git from npm CLI contexts", "repository": { "type": "git", - "url": "https://github.com/npm/git.git" + "url": "git+https://github.com/npm/git.git" }, "author": "GitHub Inc.", "license": "ISC", @@ -31,7 +31,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.21.3", + "@npmcli/template-oss": "4.22.0", "npm-package-arg": "^11.0.0", "slash": "^3.0.0", "tap": "^16.0.1" @@ -51,7 +51,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.21.3", + "version": "4.22.0", "publish": true } } diff --git a/package-lock.json b/package-lock.json index 8bb95fa047922..9762175c4f02e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -162,7 +162,7 @@ "devDependencies": { "@npmcli/docs": "^1.0.0", "@npmcli/eslint-config": "^4.0.2", - "@npmcli/git": "^5.0.6", + "@npmcli/git": "^5.0.7", "@npmcli/mock-globals": "^1.0.0", "@npmcli/mock-registry": "^1.0.0", "@npmcli/template-oss": "4.22.0", @@ -1580,10 +1580,11 @@ } }, "node_modules/@npmcli/git": { - "version": "5.0.6", - "resolved": "https://registry.npmjs.org/@npmcli/git/-/git-5.0.6.tgz", - "integrity": "sha512-4x/182sKXmQkf0EtXxT26GEsaOATpD7WVtza5hrYivWZeo6QefC6xq9KAXrnjtFKBZ4rZwR7aX/zClYYXgtwLw==", + "version": "5.0.7", + "resolved": "https://registry.npmjs.org/@npmcli/git/-/git-5.0.7.tgz", + "integrity": "sha512-WaOVvto604d5IpdCRV2KjQu8PzkfE96d50CQGKgywXh2GxXmDeUO5EWcBC4V57uFyrNqx83+MewuJh3WTR3xPA==", "inBundle": true, + "license": "ISC", "dependencies": { "@npmcli/promise-spawn": "^7.0.0", "lru-cache": "^10.0.1", @@ -15055,7 +15056,7 @@ "version": "6.0.1", "license": "ISC", "dependencies": { - "@npmcli/git": "^5.0.6", + "@npmcli/git": "^5.0.7", "@npmcli/run-script": "^8.1.0", "json-parse-even-better-errors": "^3.0.0", "proc-log": "^4.2.0", diff --git a/package.json b/package.json index 31a0c5b6154b5..8b7f733c8720c 100644 --- a/package.json +++ b/package.json @@ -193,7 +193,7 @@ "devDependencies": { "@npmcli/docs": "^1.0.0", "@npmcli/eslint-config": "^4.0.2", - "@npmcli/git": "^5.0.6", + "@npmcli/git": "^5.0.7", "@npmcli/mock-globals": "^1.0.0", "@npmcli/mock-registry": "^1.0.0", "@npmcli/template-oss": "4.22.0", diff --git a/workspaces/libnpmversion/package.json b/workspaces/libnpmversion/package.json index 78841e8dbb3ba..6a38d74f80019 100644 --- a/workspaces/libnpmversion/package.json +++ b/workspaces/libnpmversion/package.json @@ -37,7 +37,7 @@ "tap": "^16.3.8" }, "dependencies": { - "@npmcli/git": "^5.0.6", + "@npmcli/git": "^5.0.7", "@npmcli/run-script": "^8.1.0", "json-parse-even-better-errors": "^3.0.0", "proc-log": "^4.2.0", From a566c9f19c6c2ac612caa704a0c614c7092ff220 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 14:49:46 -0700 Subject: [PATCH 02/21] deps: @npmcli/promise-spawn@7.0.2 --- .../@npmcli/promise-spawn/lib/index.js | 77 ++++++++++--------- .../@npmcli/promise-spawn/package.json | 8 +- package-lock.json | 11 +-- package.json | 2 +- smoke-tests/package.json | 2 +- 5 files changed, 51 insertions(+), 49 deletions(-) diff --git a/node_modules/@npmcli/promise-spawn/lib/index.js b/node_modules/@npmcli/promise-spawn/lib/index.js index b31395ebb5bcd..e147cb8f9c746 100644 --- a/node_modules/@npmcli/promise-spawn/lib/index.js +++ b/node_modules/@npmcli/promise-spawn/lib/index.js @@ -12,54 +12,55 @@ const promiseSpawn = (cmd, args, opts = {}, extra = {}) => { return spawnWithShell(cmd, args, opts, extra) } - let proc + let resolve, reject + const promise = new Promise((_resolve, _reject) => { + resolve = _resolve + reject = _reject + }) - const p = new Promise((res, rej) => { - proc = spawn(cmd, args, opts) + // Create error here so we have a more useful stack trace when rejecting + const closeError = new Error('command failed') - const stdout = [] - const stderr = [] + const stdout = [] + const stderr = [] - const reject = er => rej(Object.assign(er, { - cmd, - args, - ...stdioResult(stdout, stderr, opts), - ...extra, - })) + const getResult = (result) => ({ + cmd, + args, + ...result, + ...stdioResult(stdout, stderr, opts), + ...extra, + }) + const rejectWithOpts = (er, erOpts) => { + const resultError = getResult(erOpts) + reject(Object.assign(er, resultError)) + } - proc.on('error', reject) + const proc = spawn(cmd, args, opts) + promise.stdin = proc.stdin + promise.process = proc - if (proc.stdout) { - proc.stdout.on('data', c => stdout.push(c)).on('error', reject) - proc.stdout.on('error', er => reject(er)) - } + proc.on('error', rejectWithOpts) - if (proc.stderr) { - proc.stderr.on('data', c => stderr.push(c)).on('error', reject) - proc.stderr.on('error', er => reject(er)) - } + if (proc.stdout) { + proc.stdout.on('data', c => stdout.push(c)) + proc.stdout.on('error', rejectWithOpts) + } - proc.on('close', (code, signal) => { - const result = { - cmd, - args, - code, - signal, - ...stdioResult(stdout, stderr, opts), - ...extra, - } + if (proc.stderr) { + proc.stderr.on('data', c => stderr.push(c)) + proc.stderr.on('error', rejectWithOpts) + } - if (code || signal) { - rej(Object.assign(new Error('command failed'), result)) - } else { - res(result) - } - }) + proc.on('close', (code, signal) => { + if (code || signal) { + rejectWithOpts(closeError, { code, signal }) + } else { + resolve(getResult({ code, signal })) + } }) - p.stdin = proc.stdin - p.process = proc - return p + return promise } const spawnWithShell = (cmd, args, opts, extra) => { diff --git a/node_modules/@npmcli/promise-spawn/package.json b/node_modules/@npmcli/promise-spawn/package.json index 6e161b7404b85..1b633f84596d2 100644 --- a/node_modules/@npmcli/promise-spawn/package.json +++ b/node_modules/@npmcli/promise-spawn/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/promise-spawn", - "version": "7.0.1", + "version": "7.0.2", "files": [ "bin/", "lib/" @@ -9,7 +9,7 @@ "description": "spawn processes the way the npm cli likes to do", "repository": { "type": "git", - "url": "https://github.com/npm/promise-spawn.git" + "url": "git+https://github.com/npm/promise-spawn.git" }, "author": "GitHub Inc.", "license": "ISC", @@ -32,7 +32,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.21.3", + "@npmcli/template-oss": "4.22.0", "spawk": "^1.7.1", "tap": "^16.0.1" }, @@ -41,7 +41,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.21.3", + "version": "4.22.0", "publish": true }, "dependencies": { diff --git a/package-lock.json b/package-lock.json index 9762175c4f02e..fb411c6873153 100644 --- a/package-lock.json +++ b/package-lock.json @@ -92,7 +92,7 @@ "@npmcli/fs": "^3.1.0", "@npmcli/map-workspaces": "^3.0.6", "@npmcli/package-json": "^5.1.0", - "@npmcli/promise-spawn": "^7.0.1", + "@npmcli/promise-spawn": "^7.0.2", "@npmcli/redact": "^2.0.0", "@npmcli/run-script": "^8.1.0", "@sigstore/tuf": "^2.3.2", @@ -1690,10 +1690,11 @@ } }, "node_modules/@npmcli/promise-spawn": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/@npmcli/promise-spawn/-/promise-spawn-7.0.1.tgz", - "integrity": "sha512-P4KkF9jX3y+7yFUxgcUdDtLy+t4OlDGuEBLNs57AZsfSfg+uV6MLndqGpnl4831ggaEdXwR50XFoZP4VFtHolg==", + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/@npmcli/promise-spawn/-/promise-spawn-7.0.2.tgz", + "integrity": "sha512-xhfYPXoV5Dy4UkY0D+v2KkwvnDfiA/8Mt3sWCGI/hM03NsYIH8ZaG6QzS9x7pje5vHZBZJ2v6VRFVTWACnqcmQ==", "inBundle": true, + "license": "ISC", "dependencies": { "which": "^4.0.0" }, @@ -14763,7 +14764,7 @@ "devDependencies": { "@npmcli/eslint-config": "^4.0.0", "@npmcli/mock-registry": "^1.0.0", - "@npmcli/promise-spawn": "^7.0.0", + "@npmcli/promise-spawn": "^7.0.2", "@npmcli/template-oss": "4.22.0", "proxy": "^2.1.1", "semver": "^7.5.4", diff --git a/package.json b/package.json index 8b7f733c8720c..17b0116515fe1 100644 --- a/package.json +++ b/package.json @@ -57,7 +57,7 @@ "@npmcli/fs": "^3.1.0", "@npmcli/map-workspaces": "^3.0.6", "@npmcli/package-json": "^5.1.0", - "@npmcli/promise-spawn": "^7.0.1", + "@npmcli/promise-spawn": "^7.0.2", "@npmcli/redact": "^2.0.0", "@npmcli/run-script": "^8.1.0", "@sigstore/tuf": "^2.3.2", diff --git a/smoke-tests/package.json b/smoke-tests/package.json index 873e29c9a602f..6c5d61e635b2d 100644 --- a/smoke-tests/package.json +++ b/smoke-tests/package.json @@ -20,7 +20,7 @@ "devDependencies": { "@npmcli/eslint-config": "^4.0.0", "@npmcli/mock-registry": "^1.0.0", - "@npmcli/promise-spawn": "^7.0.0", + "@npmcli/promise-spawn": "^7.0.2", "@npmcli/template-oss": "4.22.0", "proxy": "^2.1.1", "semver": "^7.5.4", From 10a5f9de9cc4c7fa6a59993a61dcdde9ccde40fa Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 14:50:17 -0700 Subject: [PATCH 03/21] deps: bin-links@4.0.4 --- node_modules/bin-links/lib/shim-bin.js | 2 +- node_modules/bin-links/package.json | 10 +++++----- package-lock.json | 11 ++++++----- workspaces/arborist/package.json | 2 +- workspaces/libnpmexec/package.json | 2 +- 5 files changed, 14 insertions(+), 13 deletions(-) diff --git a/node_modules/bin-links/lib/shim-bin.js b/node_modules/bin-links/lib/shim-bin.js index d5e19c0f9617f..67e2702702f0a 100644 --- a/node_modules/bin-links/lib/shim-bin.js +++ b/node_modules/bin-links/lib/shim-bin.js @@ -17,7 +17,7 @@ const fixBin = require('./fix-bin.js') // nondeterminism. const seen = new Set() -const failEEXIST = ({ path, to, from }) => +const failEEXIST = ({ to, from }) => Promise.reject(Object.assign(new Error('EEXIST: file already exists'), { path: to, dest: from, diff --git a/node_modules/bin-links/package.json b/node_modules/bin-links/package.json index d5c11f7971f94..1872756bb4b48 100644 --- a/node_modules/bin-links/package.json +++ b/node_modules/bin-links/package.json @@ -1,12 +1,12 @@ { "name": "bin-links", - "version": "4.0.3", + "version": "4.0.4", "description": "JavaScript package binary linker", "main": "./lib/index.js", "scripts": { "snap": "tap", "test": "tap", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "postlint": "template-oss-check", "lintfix": "npm run lint -- --fix", "posttest": "npm run lint", @@ -14,7 +14,7 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/bin-links.git" + "url": "git+https://github.com/npm/bin-links.git" }, "keywords": [ "npm", @@ -30,7 +30,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.19.0", + "@npmcli/template-oss": "4.22.0", "require-inject": "^1.4.4", "tap": "^16.0.1" }, @@ -53,7 +53,7 @@ "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", "windowsCI": false, - "version": "4.19.0", + "version": "4.22.0", "publish": true } } diff --git a/package-lock.json b/package-lock.json index fb411c6873153..2f2727445c97e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2703,9 +2703,10 @@ } }, "node_modules/bin-links": { - "version": "4.0.3", - "resolved": "https://registry.npmjs.org/bin-links/-/bin-links-4.0.3.tgz", - "integrity": "sha512-obsRaULtJurnfox/MDwgq6Yo9kzbv1CPTk/1/s7Z/61Lezc8IKkFCOXNeVLXz0456WRzBQmSsDWlai2tIhBsfA==", + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/bin-links/-/bin-links-4.0.4.tgz", + "integrity": "sha512-cMtq4W5ZsEwcutJrVId+a/tjt8GSbS+h0oNkdl6+6rBuEv8Ot33Bevj5KPm40t309zuhVic8NjpuL42QCiJWWA==", + "license": "ISC", "dependencies": { "cmd-shim": "^6.0.0", "npm-normalize-package-bin": "^3.0.0", @@ -14791,7 +14792,7 @@ "@npmcli/query": "^3.1.0", "@npmcli/redact": "^2.0.0", "@npmcli/run-script": "^8.1.0", - "bin-links": "^4.0.1", + "bin-links": "^4.0.4", "cacache": "^18.0.0", "common-ancestor-path": "^1.0.1", "hosted-git-info": "^7.0.1", @@ -14915,7 +14916,7 @@ "@npmcli/eslint-config": "^4.0.0", "@npmcli/mock-registry": "^1.0.0", "@npmcli/template-oss": "4.22.0", - "bin-links": "^4.0.1", + "bin-links": "^4.0.4", "chalk": "^5.2.0", "just-extend": "^6.2.0", "just-safe-set": "^4.2.1", diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index 979a3dfc97c61..2f87864af00c6 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -14,7 +14,7 @@ "@npmcli/query": "^3.1.0", "@npmcli/redact": "^2.0.0", "@npmcli/run-script": "^8.1.0", - "bin-links": "^4.0.1", + "bin-links": "^4.0.4", "cacache": "^18.0.0", "common-ancestor-path": "^1.0.1", "hosted-git-info": "^7.0.1", diff --git a/workspaces/libnpmexec/package.json b/workspaces/libnpmexec/package.json index d85d08dfb8730..e454739594e5c 100644 --- a/workspaces/libnpmexec/package.json +++ b/workspaces/libnpmexec/package.json @@ -52,7 +52,7 @@ "@npmcli/eslint-config": "^4.0.0", "@npmcli/mock-registry": "^1.0.0", "@npmcli/template-oss": "4.22.0", - "bin-links": "^4.0.1", + "bin-links": "^4.0.4", "chalk": "^5.2.0", "just-extend": "^6.2.0", "just-safe-set": "^4.2.1", From 9790daad74bde8bb3f8f70dd7180435c72f38dfe Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 14:51:12 -0700 Subject: [PATCH 04/21] deps: cacache@18.0.3 --- node_modules/cacache/lib/content/read.js | 2 +- node_modules/cacache/lib/content/write.js | 2 +- node_modules/cacache/lib/entry-index.js | 2 +- node_modules/cacache/lib/verify.js | 6 +++--- node_modules/cacache/package.json | 8 ++++---- package-lock.json | 11 ++++++----- package.json | 2 +- workspaces/arborist/package.json | 2 +- 8 files changed, 18 insertions(+), 17 deletions(-) diff --git a/node_modules/cacache/lib/content/read.js b/node_modules/cacache/lib/content/read.js index a1fa8a08cc0f9..5f6192c3cec56 100644 --- a/node_modules/cacache/lib/content/read.js +++ b/node_modules/cacache/lib/content/read.js @@ -71,7 +71,7 @@ function readStream (cache, integrity, opts = {}) { module.exports.copy = copy function copy (cache, integrity, dest) { - return withContentSri(cache, integrity, (cpath, sri) => { + return withContentSri(cache, integrity, (cpath) => { return fs.copyFile(cpath, dest) }) } diff --git a/node_modules/cacache/lib/content/write.js b/node_modules/cacache/lib/content/write.js index 09ca4e4e5a4d3..e7187abca8788 100644 --- a/node_modules/cacache/lib/content/write.js +++ b/node_modules/cacache/lib/content/write.js @@ -160,7 +160,7 @@ async function makeTmp (cache, opts) { } } -async function moveToDestination (tmp, cache, sri, opts) { +async function moveToDestination (tmp, cache, sri) { const destination = contentPath(cache, sri) const destDir = path.dirname(destination) if (moveOperations.has(destination)) { diff --git a/node_modules/cacache/lib/entry-index.js b/node_modules/cacache/lib/entry-index.js index 722a37af5ce15..5bc2189382770 100644 --- a/node_modules/cacache/lib/entry-index.js +++ b/node_modules/cacache/lib/entry-index.js @@ -240,7 +240,7 @@ async function bucketEntries (bucket, filter) { return _bucketEntries(data, filter) } -function _bucketEntries (data, filter) { +function _bucketEntries (data) { const entries = [] data.split('\n').forEach((entry) => { if (!entry) { diff --git a/node_modules/cacache/lib/verify.js b/node_modules/cacache/lib/verify.js index 62e85c946490f..d7423da1295b6 100644 --- a/node_modules/cacache/lib/verify.js +++ b/node_modules/cacache/lib/verify.js @@ -68,11 +68,11 @@ async function verify (cache, opts) { return stats } -async function markStartTime (cache, opts) { +async function markStartTime () { return { startTime: new Date() } } -async function markEndTime (cache, opts) { +async function markEndTime () { return { endTime: new Date() } } @@ -213,7 +213,7 @@ async function rebuildIndex (cache, opts) { return stats } -async function rebuildBucket (cache, bucket, stats, opts) { +async function rebuildBucket (cache, bucket, stats) { await truncate(bucket._path) // This needs to be serialized because cacache explicitly // lets very racy bucket conflicts clobber each other. diff --git a/node_modules/cacache/package.json b/node_modules/cacache/package.json index 3f87af3e7dbce..0741183efc19b 100644 --- a/node_modules/cacache/package.json +++ b/node_modules/cacache/package.json @@ -1,6 +1,6 @@ { "name": "cacache", - "version": "18.0.2", + "version": "18.0.3", "cache-version": { "content": "2", "index": "5" @@ -26,7 +26,7 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/cacache.git" + "url": "git+https://github.com/npm/cacache.git" }, "keywords": [ "cache", @@ -60,7 +60,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.21.3", + "@npmcli/template-oss": "4.22.0", "tap": "^16.0.0" }, "engines": { @@ -69,7 +69,7 @@ "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", "windowsCI": false, - "version": "4.21.3", + "version": "4.22.0", "publish": "true" }, "author": "GitHub Inc.", diff --git a/package-lock.json b/package-lock.json index 2f2727445c97e..1dc3a408d5b73 100644 --- a/package-lock.json +++ b/package-lock.json @@ -98,7 +98,7 @@ "@sigstore/tuf": "^2.3.2", "abbrev": "^2.0.0", "archy": "~1.0.0", - "cacache": "^18.0.2", + "cacache": "^18.0.3", "chalk": "^5.3.0", "ci-info": "^4.0.0", "cli-columns": "^4.0.0", @@ -2812,10 +2812,11 @@ } }, "node_modules/cacache": { - "version": "18.0.2", - "resolved": "https://registry.npmjs.org/cacache/-/cacache-18.0.2.tgz", - "integrity": "sha512-r3NU8h/P+4lVUHfeRw1dtgQYar3DZMm4/cm2bZgOvrFC/su7budSOeqh52VJIC4U4iG1WWwV6vRW0znqBvxNuw==", + "version": "18.0.3", + "resolved": "https://registry.npmjs.org/cacache/-/cacache-18.0.3.tgz", + "integrity": "sha512-qXCd4rh6I07cnDqh8V48/94Tc/WSfj+o3Gn6NZ0aZovS255bUx8O13uKxRFd2eWG0xgsco7+YItQNPaa5E85hg==", "inBundle": true, + "license": "ISC", "dependencies": { "@npmcli/fs": "^3.1.0", "fs-minipass": "^3.0.0", @@ -14793,7 +14794,7 @@ "@npmcli/redact": "^2.0.0", "@npmcli/run-script": "^8.1.0", "bin-links": "^4.0.4", - "cacache": "^18.0.0", + "cacache": "^18.0.3", "common-ancestor-path": "^1.0.1", "hosted-git-info": "^7.0.1", "json-parse-even-better-errors": "^3.0.0", diff --git a/package.json b/package.json index 17b0116515fe1..ff39743d341d5 100644 --- a/package.json +++ b/package.json @@ -63,7 +63,7 @@ "@sigstore/tuf": "^2.3.2", "abbrev": "^2.0.0", "archy": "~1.0.0", - "cacache": "^18.0.2", + "cacache": "^18.0.3", "chalk": "^5.3.0", "ci-info": "^4.0.0", "cli-columns": "^4.0.0", diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index 2f87864af00c6..33e2689125994 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -15,7 +15,7 @@ "@npmcli/redact": "^2.0.0", "@npmcli/run-script": "^8.1.0", "bin-links": "^4.0.4", - "cacache": "^18.0.0", + "cacache": "^18.0.3", "common-ancestor-path": "^1.0.1", "hosted-git-info": "^7.0.1", "json-parse-even-better-errors": "^3.0.0", From 0b36bc8fd017ab567260a444e3c49f0aa49ad229 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 14:53:52 -0700 Subject: [PATCH 05/21] deps: hosted-git-info@7.0.2 --- node_modules/hosted-git-info/lib/hosts.js | 2 +- node_modules/hosted-git-info/package.json | 18 ++++++------------ package-lock.json | 11 ++++++----- package.json | 2 +- workspaces/arborist/package.json | 2 +- 5 files changed, 15 insertions(+), 20 deletions(-) diff --git a/node_modules/hosted-git-info/lib/hosts.js b/node_modules/hosted-git-info/lib/hosts.js index 6dac685f42cef..9a08efd1b2d7e 100644 --- a/node_modules/hosted-git-info/lib/hosts.js +++ b/node_modules/hosted-git-info/lib/hosts.js @@ -199,7 +199,7 @@ hosts.sourcehut = { `https://${domain}/${user}/${project}.git${maybeJoin('#', committish)}`, tarballtemplate: ({ domain, user, project, committish }) => `https://${domain}/${user}/${project}/archive/${maybeEncode(committish) || 'HEAD'}.tar.gz`, - bugstemplate: ({ user, project }) => null, + bugstemplate: () => null, extract: (url) => { let [, user, project, aux] = url.pathname.split('/', 4) diff --git a/node_modules/hosted-git-info/package.json b/node_modules/hosted-git-info/package.json index c2e31fa52676a..d7eebd474f625 100644 --- a/node_modules/hosted-git-info/package.json +++ b/node_modules/hosted-git-info/package.json @@ -1,11 +1,11 @@ { "name": "hosted-git-info", - "version": "7.0.1", + "version": "7.0.2", "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", "main": "./lib/index.js", "repository": { "type": "git", - "url": "https://github.com/npm/hosted-git-info.git" + "url": "git+https://github.com/npm/hosted-git-info.git" }, "keywords": [ "git", @@ -24,7 +24,7 @@ "snap": "tap", "test": "tap", "test:coverage": "tap --coverage-report=html", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "postlint": "template-oss-check", "lintfix": "npm run lint -- --fix", "template-oss-apply": "template-oss-apply --force" @@ -34,7 +34,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.18.0", + "@npmcli/template-oss": "4.22.0", "tap": "^16.0.1" }, "files": [ @@ -54,13 +54,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.18.0", - "publish": "true", - "ciVersions": [ - "16.14.0", - "16.x", - "18.0.0", - "18.x" - ] + "version": "4.22.0", + "publish": "true" } } diff --git a/package-lock.json b/package-lock.json index 1dc3a408d5b73..a2701e44753b3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -106,7 +106,7 @@ "fs-minipass": "^3.0.3", "glob": "^10.3.12", "graceful-fs": "^4.2.11", - "hosted-git-info": "^7.0.1", + "hosted-git-info": "^7.0.2", "ini": "^4.1.2", "init-package-json": "^6.0.2", "is-cidr": "^5.0.5", @@ -5909,10 +5909,11 @@ } }, "node_modules/hosted-git-info": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-7.0.1.tgz", - "integrity": "sha512-+K84LB1DYwMHoHSgaOY/Jfhw3ucPmSET5v98Ke/HdNSw4a0UktWzyW1mjhjpuxxTqOOsfWT/7iVshHmVZ4IpOA==", + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-7.0.2.tgz", + "integrity": "sha512-puUZAUKT5m8Zzvs72XWy3HtvVbTWljRE66cP60bxJzAqf2DgICo7lYTY2IHUmLnNpjYvw5bvmoHvPc0QO2a62w==", "inBundle": true, + "license": "ISC", "dependencies": { "lru-cache": "^10.0.1" }, @@ -14796,7 +14797,7 @@ "bin-links": "^4.0.4", "cacache": "^18.0.3", "common-ancestor-path": "^1.0.1", - "hosted-git-info": "^7.0.1", + "hosted-git-info": "^7.0.2", "json-parse-even-better-errors": "^3.0.0", "json-stringify-nice": "^1.1.4", "minimatch": "^9.0.4", diff --git a/package.json b/package.json index ff39743d341d5..23bf4555968a0 100644 --- a/package.json +++ b/package.json @@ -71,7 +71,7 @@ "fs-minipass": "^3.0.3", "glob": "^10.3.12", "graceful-fs": "^4.2.11", - "hosted-git-info": "^7.0.1", + "hosted-git-info": "^7.0.2", "ini": "^4.1.2", "init-package-json": "^6.0.2", "is-cidr": "^5.0.5", diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index 33e2689125994..aef01212762ec 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -17,7 +17,7 @@ "bin-links": "^4.0.4", "cacache": "^18.0.3", "common-ancestor-path": "^1.0.1", - "hosted-git-info": "^7.0.1", + "hosted-git-info": "^7.0.2", "json-parse-even-better-errors": "^3.0.0", "json-stringify-nice": "^1.1.4", "minimatch": "^9.0.4", From 3dee7723ccc5b4445f1a19b0b680206b75a22b05 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 14:55:15 -0700 Subject: [PATCH 06/21] deps: init-package-json@6.0.3 --- .../init-package-json/lib/init-package-json.js | 3 +++ node_modules/init-package-json/package.json | 11 ++++++----- package-lock.json | 9 +++++---- package.json | 2 +- 4 files changed, 15 insertions(+), 10 deletions(-) diff --git a/node_modules/init-package-json/lib/init-package-json.js b/node_modules/init-package-json/lib/init-package-json.js index 23fd3dc94dbe4..51cbd21a1ebe6 100644 --- a/node_modules/init-package-json/lib/init-package-json.js +++ b/node_modules/init-package-json/lib/init-package-json.js @@ -124,14 +124,17 @@ async function init (dir, if (yes) { await pkg.save() if (!config.get('silent')) { + // eslint-disable-next-line no-console console.log(`Wrote to ${msg}`) } return pkg.content } + // eslint-disable-next-line no-console console.log(`About to write to ${msg}`) const ok = await read({ prompt: 'Is this OK? ', default: 'yes' }) if (!ok || !ok.toLowerCase().startsWith('y')) { + // eslint-disable-next-line no-console console.log('Aborted.') return } diff --git a/node_modules/init-package-json/package.json b/node_modules/init-package-json/package.json index e867964e10156..969e124378966 100644 --- a/node_modules/init-package-json/package.json +++ b/node_modules/init-package-json/package.json @@ -1,6 +1,6 @@ { "name": "init-package-json", - "version": "6.0.2", + "version": "6.0.3", "main": "lib/init-package-json.js", "scripts": { "test": "tap", @@ -13,7 +13,7 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/init-package-json.git" + "url": "git+https://github.com/npm/init-package-json.git" }, "author": "GitHub Inc.", "license": "ISC", @@ -30,7 +30,7 @@ "devDependencies": { "@npmcli/config": "^8.2.0", "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.21.3", + "@npmcli/template-oss": "4.22.0", "tap": "^16.0.1" }, "engines": { @@ -41,7 +41,8 @@ "nyc-arg": [ "--exclude", "tap-snapshots/**" - ] + ], + "timeout": 300 }, "keywords": [ "init", @@ -59,7 +60,7 @@ ], "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.21.3", + "version": "4.22.0", "publish": true } } diff --git a/package-lock.json b/package-lock.json index a2701e44753b3..8696e554861ca 100644 --- a/package-lock.json +++ b/package-lock.json @@ -108,7 +108,7 @@ "graceful-fs": "^4.2.11", "hosted-git-info": "^7.0.2", "ini": "^4.1.2", - "init-package-json": "^6.0.2", + "init-package-json": "^6.0.3", "is-cidr": "^5.0.5", "json-parse-even-better-errors": "^3.0.1", "libnpmaccess": "^8.0.1", @@ -6104,10 +6104,11 @@ } }, "node_modules/init-package-json": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/init-package-json/-/init-package-json-6.0.2.tgz", - "integrity": "sha512-ZQ9bxt6PkqIH6fPU69HPheOMoUqIqVqwZj0qlCBfoSCG4lplQhVM/qB3RS4f0RALK3WZZSrNQxNtCZgphuf3IA==", + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/init-package-json/-/init-package-json-6.0.3.tgz", + "integrity": "sha512-Zfeb5ol+H+eqJWHTaGca9BovufyGeIfr4zaaBorPmJBMrJ+KBnN+kQx2ZtXdsotUTgldHmHQV44xvUWOUA7E2w==", "inBundle": true, + "license": "ISC", "dependencies": { "@npmcli/package-json": "^5.0.0", "npm-package-arg": "^11.0.0", diff --git a/package.json b/package.json index 23bf4555968a0..617bd70ea0521 100644 --- a/package.json +++ b/package.json @@ -73,7 +73,7 @@ "graceful-fs": "^4.2.11", "hosted-git-info": "^7.0.2", "ini": "^4.1.2", - "init-package-json": "^6.0.2", + "init-package-json": "^6.0.3", "is-cidr": "^5.0.5", "json-parse-even-better-errors": "^3.0.1", "libnpmaccess": "^8.0.1", From 25ccbbf665142d7c46477ee062e751e6b12461e0 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 14:57:02 -0700 Subject: [PATCH 07/21] deps: json-parse-even-better-errors@3.0.2 --- .../json-parse-even-better-errors/lib/index.js | 4 +++- .../json-parse-even-better-errors/package.json | 8 ++++---- package-lock.json | 13 +++++++------ package.json | 2 +- workspaces/arborist/package.json | 2 +- workspaces/libnpmversion/package.json | 2 +- 6 files changed, 17 insertions(+), 14 deletions(-) diff --git a/node_modules/json-parse-even-better-errors/lib/index.js b/node_modules/json-parse-even-better-errors/lib/index.js index c21dd645a778b..3ffdaac96d2dc 100644 --- a/node_modules/json-parse-even-better-errors/lib/index.js +++ b/node_modules/json-parse-even-better-errors/lib/index.js @@ -52,7 +52,9 @@ const parseError = (e, txt, context = 20) => { let errIdx if (badIndexMatch) { errIdx = +badIndexMatch[1] - } else if (msg.match(/^Unexpected end of JSON.*/i)) { + } else /* istanbul ignore next - doesnt happen in Node 22 */ if ( + msg.match(/^Unexpected end of JSON.*/i) + ) { errIdx = txt.length - 1 } diff --git a/node_modules/json-parse-even-better-errors/package.json b/node_modules/json-parse-even-better-errors/package.json index 5d0a1d97d4d7e..c7156df325fa2 100644 --- a/node_modules/json-parse-even-better-errors/package.json +++ b/node_modules/json-parse-even-better-errors/package.json @@ -1,6 +1,6 @@ { "name": "json-parse-even-better-errors", - "version": "3.0.1", + "version": "3.0.2", "description": "JSON.parse with context information on error", "main": "lib/index.js", "files": [ @@ -18,7 +18,7 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/json-parse-even-better-errors.git" + "url": "git+https://github.com/npm/json-parse-even-better-errors.git" }, "keywords": [ "JSON", @@ -28,7 +28,7 @@ "license": "MIT", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.20.0", + "@npmcli/template-oss": "4.22.0", "tap": "^16.3.0" }, "tap": { @@ -43,7 +43,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.20.0", + "version": "4.22.0", "publish": true } } diff --git a/package-lock.json b/package-lock.json index 8696e554861ca..5fa5a37ca22d2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -110,7 +110,7 @@ "ini": "^4.1.2", "init-package-json": "^6.0.3", "is-cidr": "^5.0.5", - "json-parse-even-better-errors": "^3.0.1", + "json-parse-even-better-errors": "^3.0.2", "libnpmaccess": "^8.0.1", "libnpmdiff": "^6.0.3", "libnpmexec": "^8.0.0", @@ -6938,10 +6938,11 @@ "peer": true }, "node_modules/json-parse-even-better-errors": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-3.0.1.tgz", - "integrity": "sha512-aatBvbL26wVUCLmbWdCpeu9iF5wOyWpagiKkInA+kfws3sWdBrTnsvN2CKcyCYyUrc7rebNBlK6+kteg7ksecg==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-3.0.2.tgz", + "integrity": "sha512-fi0NG4bPjCHunUJffmLd0gxssIgkNmArMvis4iNah6Owg1MCJjWhEcDLmsK6iGkJq3tHwbDkTlce70/tmXN4cQ==", "inBundle": true, + "license": "MIT", "engines": { "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } @@ -14799,7 +14800,7 @@ "cacache": "^18.0.3", "common-ancestor-path": "^1.0.1", "hosted-git-info": "^7.0.2", - "json-parse-even-better-errors": "^3.0.0", + "json-parse-even-better-errors": "^3.0.2", "json-stringify-nice": "^1.1.4", "minimatch": "^9.0.4", "nopt": "^7.0.0", @@ -15063,7 +15064,7 @@ "dependencies": { "@npmcli/git": "^5.0.7", "@npmcli/run-script": "^8.1.0", - "json-parse-even-better-errors": "^3.0.0", + "json-parse-even-better-errors": "^3.0.2", "proc-log": "^4.2.0", "semver": "^7.3.7" }, diff --git a/package.json b/package.json index 617bd70ea0521..2d0b37f96b286 100644 --- a/package.json +++ b/package.json @@ -75,7 +75,7 @@ "ini": "^4.1.2", "init-package-json": "^6.0.3", "is-cidr": "^5.0.5", - "json-parse-even-better-errors": "^3.0.1", + "json-parse-even-better-errors": "^3.0.2", "libnpmaccess": "^8.0.1", "libnpmdiff": "^6.0.3", "libnpmexec": "^8.0.0", diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index aef01212762ec..09b94da358f16 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -18,7 +18,7 @@ "cacache": "^18.0.3", "common-ancestor-path": "^1.0.1", "hosted-git-info": "^7.0.2", - "json-parse-even-better-errors": "^3.0.0", + "json-parse-even-better-errors": "^3.0.2", "json-stringify-nice": "^1.1.4", "minimatch": "^9.0.4", "nopt": "^7.0.0", diff --git a/workspaces/libnpmversion/package.json b/workspaces/libnpmversion/package.json index 6a38d74f80019..0c1adbcda9af1 100644 --- a/workspaces/libnpmversion/package.json +++ b/workspaces/libnpmversion/package.json @@ -39,7 +39,7 @@ "dependencies": { "@npmcli/git": "^5.0.7", "@npmcli/run-script": "^8.1.0", - "json-parse-even-better-errors": "^3.0.0", + "json-parse-even-better-errors": "^3.0.2", "proc-log": "^4.2.0", "semver": "^7.3.7" }, From 06b3f5ab29723143e8cbf9aac1fd2d582c2a642f Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 14:58:22 -0700 Subject: [PATCH 08/21] deps: nopt@7.2.1 --- node_modules/nopt/lib/debug.js | 1 + node_modules/nopt/package.json | 10 +++++----- package-lock.json | 13 +++++++------ package.json | 2 +- workspaces/arborist/package.json | 2 +- workspaces/config/package.json | 2 +- 6 files changed, 16 insertions(+), 14 deletions(-) diff --git a/node_modules/nopt/lib/debug.js b/node_modules/nopt/lib/debug.js index e62198eb92e9a..544ab382ca85c 100644 --- a/node_modules/nopt/lib/debug.js +++ b/node_modules/nopt/lib/debug.js @@ -1,4 +1,5 @@ /* istanbul ignore next */ module.exports = process.env.DEBUG_NOPT || process.env.NOPT_DEBUG + // eslint-disable-next-line no-console ? (...a) => console.error(...a) : () => {} diff --git a/node_modules/nopt/package.json b/node_modules/nopt/package.json index 01b7de8fed934..37b770ad48771 100644 --- a/node_modules/nopt/package.json +++ b/node_modules/nopt/package.json @@ -1,12 +1,12 @@ { "name": "nopt", - "version": "7.2.0", + "version": "7.2.1", "description": "Option parsing for Node, supporting types, shorthands, etc. Used by npm.", "author": "GitHub Inc.", "main": "lib/nopt.js", "scripts": { "test": "tap", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "postlint": "template-oss-check", "template-oss-apply": "template-oss-apply --force", "lintfix": "npm run lint -- --fix", @@ -15,7 +15,7 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/nopt.git" + "url": "git+https://github.com/npm/nopt.git" }, "bin": { "nopt": "bin/nopt.js" @@ -26,7 +26,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.15.1", + "@npmcli/template-oss": "4.22.0", "tap": "^16.3.0" }, "tap": { @@ -45,7 +45,7 @@ "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", "windowsCI": false, - "version": "4.15.1", + "version": "4.22.0", "publish": true } } diff --git a/package-lock.json b/package-lock.json index 5fa5a37ca22d2..40994e28f5181 100644 --- a/package-lock.json +++ b/package-lock.json @@ -128,7 +128,7 @@ "minipass-pipeline": "^1.2.4", "ms": "^2.1.2", "node-gyp": "^10.1.0", - "nopt": "^7.2.0", + "nopt": "^7.2.1", "normalize-package-data": "^6.0.0", "npm-audit-report": "^5.0.0", "npm-install-checks": "^6.3.0", @@ -8754,10 +8754,11 @@ "dev": true }, "node_modules/nopt": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/nopt/-/nopt-7.2.0.tgz", - "integrity": "sha512-CVDtwCdhYIvnAzFoJ6NJ6dX3oga9/HyciQDnG1vQDjSLMeKLJ4A93ZqYKDrgYSr1FBY5/hMYC+2VCi24pgpkGA==", + "version": "7.2.1", + "resolved": "https://registry.npmjs.org/nopt/-/nopt-7.2.1.tgz", + "integrity": "sha512-taM24ViiimT/XntxbPyJQzCG+p4EKOpgD3mxFwW38mGjVUrfERQOeY4EDHjdnptttfHuHQXFx+lTP08Q+mLa/w==", "inBundle": true, + "license": "ISC", "dependencies": { "abbrev": "^2.0.0" }, @@ -14803,7 +14804,7 @@ "json-parse-even-better-errors": "^3.0.2", "json-stringify-nice": "^1.1.4", "minimatch": "^9.0.4", - "nopt": "^7.0.0", + "nopt": "^7.2.1", "npm-install-checks": "^6.2.0", "npm-package-arg": "^11.0.2", "npm-pick-manifest": "^9.0.0", @@ -14845,7 +14846,7 @@ "@npmcli/map-workspaces": "^3.0.2", "ci-info": "^4.0.0", "ini": "^4.1.2", - "nopt": "^7.0.0", + "nopt": "^7.2.1", "proc-log": "^4.2.0", "read-package-json-fast": "^3.0.2", "semver": "^7.3.5", diff --git a/package.json b/package.json index 2d0b37f96b286..e2e2e9ba5d81c 100644 --- a/package.json +++ b/package.json @@ -93,7 +93,7 @@ "minipass-pipeline": "^1.2.4", "ms": "^2.1.2", "node-gyp": "^10.1.0", - "nopt": "^7.2.0", + "nopt": "^7.2.1", "normalize-package-data": "^6.0.0", "npm-audit-report": "^5.0.0", "npm-install-checks": "^6.3.0", diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index 09b94da358f16..7be5181189abe 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -21,7 +21,7 @@ "json-parse-even-better-errors": "^3.0.2", "json-stringify-nice": "^1.1.4", "minimatch": "^9.0.4", - "nopt": "^7.0.0", + "nopt": "^7.2.1", "npm-install-checks": "^6.2.0", "npm-package-arg": "^11.0.2", "npm-pick-manifest": "^9.0.0", diff --git a/workspaces/config/package.json b/workspaces/config/package.json index af16aba48d5e8..f7083fbb78809 100644 --- a/workspaces/config/package.json +++ b/workspaces/config/package.json @@ -39,7 +39,7 @@ "@npmcli/map-workspaces": "^3.0.2", "ci-info": "^4.0.0", "ini": "^4.1.2", - "nopt": "^7.0.0", + "nopt": "^7.2.1", "proc-log": "^4.2.0", "read-package-json-fast": "^3.0.2", "semver": "^7.3.5", From 90483b6ef9a270f15d5ba2c06818d424f247c94a Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 14:59:25 -0700 Subject: [PATCH 09/21] deps: normalize-package-data@6.0.1 --- .../normalize-package-data/lib/fixer.js | 4 ++-- .../normalize-package-data/lib/normalize.js | 2 +- .../normalize-package-data/package.json | 18 ++++++------------ package-lock.json | 11 ++++++----- package.json | 2 +- workspaces/libnpmpublish/package.json | 2 +- 6 files changed, 17 insertions(+), 22 deletions(-) diff --git a/node_modules/normalize-package-data/lib/fixer.js b/node_modules/normalize-package-data/lib/fixer.js index bb78231d83ca9..9a1ccc906aee3 100644 --- a/node_modules/normalize-package-data/lib/fixer.js +++ b/node_modules/normalize-package-data/lib/fixer.js @@ -139,7 +139,7 @@ module.exports = { } }, - fixDependencies: function (data, strict) { + fixDependencies: function (data) { objectifyDeps(data, this.warn) addOptionalDepsToDeps(data, this.warn) this.fixBundleDependenciesField(data) @@ -415,7 +415,7 @@ function parsePerson (person) { return obj } -function addOptionalDepsToDeps (data, warn) { +function addOptionalDepsToDeps (data) { var o = data.optionalDependencies if (!o) { return diff --git a/node_modules/normalize-package-data/lib/normalize.js b/node_modules/normalize-package-data/lib/normalize.js index bf71d2c1e2235..e806f110315aa 100644 --- a/node_modules/normalize-package-data/lib/normalize.js +++ b/node_modules/normalize-package-data/lib/normalize.js @@ -26,7 +26,7 @@ function normalize (data, warn, strict) { strict = false } if (!warn || data.private) { - warn = function (msg) { /* noop */ } + warn = function () { /* noop */ } } if (data.scripts && diff --git a/node_modules/normalize-package-data/package.json b/node_modules/normalize-package-data/package.json index 48d2371d4a66b..7fc803fb5dbb5 100644 --- a/node_modules/normalize-package-data/package.json +++ b/node_modules/normalize-package-data/package.json @@ -1,18 +1,18 @@ { "name": "normalize-package-data", - "version": "6.0.0", + "version": "6.0.1", "author": "GitHub Inc.", "description": "Normalizes data that can be found in package.json files.", "license": "BSD-2-Clause", "repository": { "type": "git", - "url": "https://github.com/npm/normalize-package-data.git" + "url": "git+https://github.com/npm/normalize-package-data.git" }, "main": "lib/normalize.js", "scripts": { "test": "tap", "npmclilint": "npmcli-lint", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "lintfix": "npm run lint -- --fix", "posttest": "npm run lint", "postsnap": "npm run lintfix --", @@ -28,7 +28,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.18.0", + "@npmcli/template-oss": "4.22.0", "tap": "^16.0.1" }, "files": [ @@ -40,14 +40,8 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.18.0", - "publish": "true", - "ciVersions": [ - "16.14.0", - "16.x", - "18.0.0", - "18.x" - ] + "version": "4.22.0", + "publish": "true" }, "tap": { "branches": 86, diff --git a/package-lock.json b/package-lock.json index 40994e28f5181..b9838b8606d5c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -129,7 +129,7 @@ "ms": "^2.1.2", "node-gyp": "^10.1.0", "nopt": "^7.2.1", - "normalize-package-data": "^6.0.0", + "normalize-package-data": "^6.0.1", "npm-audit-report": "^5.0.0", "npm-install-checks": "^6.3.0", "npm-package-arg": "^11.0.2", @@ -8770,10 +8770,11 @@ } }, "node_modules/normalize-package-data": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-6.0.0.tgz", - "integrity": "sha512-UL7ELRVxYBHBgYEtZCXjxuD5vPxnmvMGq0jp/dGPKKrN7tfsBh2IY7TlJ15WWwdjRWD3RJbnsygUurTK3xkPkg==", + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-6.0.1.tgz", + "integrity": "sha512-6rvCfeRW+OEZagAB4lMLSNuTNYZWLVtKccK79VSTf//yTY5VOCgcpH80O+bZK8Neps7pUnd5G+QlMg1yV/2iZQ==", "inBundle": true, + "license": "BSD-2-Clause", "dependencies": { "hosted-git-info": "^7.0.0", "is-core-module": "^2.8.1", @@ -15006,7 +15007,7 @@ "license": "ISC", "dependencies": { "ci-info": "^4.0.0", - "normalize-package-data": "^6.0.0", + "normalize-package-data": "^6.0.1", "npm-package-arg": "^11.0.2", "npm-registry-fetch": "^17.0.1", "proc-log": "^4.2.0", diff --git a/package.json b/package.json index e2e2e9ba5d81c..2e4684c08ad8f 100644 --- a/package.json +++ b/package.json @@ -94,7 +94,7 @@ "ms": "^2.1.2", "node-gyp": "^10.1.0", "nopt": "^7.2.1", - "normalize-package-data": "^6.0.0", + "normalize-package-data": "^6.0.1", "npm-audit-report": "^5.0.0", "npm-install-checks": "^6.3.0", "npm-package-arg": "^11.0.2", diff --git a/workspaces/libnpmpublish/package.json b/workspaces/libnpmpublish/package.json index 4d22fc72e6412..8bdee5b746db8 100644 --- a/workspaces/libnpmpublish/package.json +++ b/workspaces/libnpmpublish/package.json @@ -39,7 +39,7 @@ "homepage": "https://npmjs.com/package/libnpmpublish", "dependencies": { "ci-info": "^4.0.0", - "normalize-package-data": "^6.0.0", + "normalize-package-data": "^6.0.1", "npm-package-arg": "^11.0.2", "npm-registry-fetch": "^17.0.1", "proc-log": "^4.2.0", From 21b7d30dc17544db2d15c2d81ce2d24ee9909cf2 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:12:20 -0700 Subject: [PATCH 10/21] deps: npm-pick-manifest@9.0.1 --- node_modules/npm-pick-manifest/lib/index.js | 4 ++-- node_modules/npm-pick-manifest/package.json | 18 ++++++------------ package-lock.json | 15 ++++++++------- package.json | 2 +- workspaces/arborist/package.json | 2 +- 5 files changed, 18 insertions(+), 23 deletions(-) diff --git a/node_modules/npm-pick-manifest/lib/index.js b/node_modules/npm-pick-manifest/lib/index.js index 8dbd2721c8996..42e41b1180461 100644 --- a/node_modules/npm-pick-manifest/lib/index.js +++ b/node_modules/npm-pick-manifest/lib/index.js @@ -134,7 +134,7 @@ const pickManifest = (packument, wanted, opts) => { const allEntries = Object.entries(versions) .concat(Object.entries(staged)) .concat(Object.entries(restricted)) - .filter(([ver, mani]) => isBefore(verTimes, ver, time)) + .filter(([ver]) => isBefore(verTimes, ver, time)) if (!allEntries.length) { throw Object.assign(new Error(`No versions available for ${name}`), { @@ -148,7 +148,7 @@ const pickManifest = (packument, wanted, opts) => { } const sortSemverOpt = { loose: true } - const entries = allEntries.filter(([ver, mani]) => + const entries = allEntries.filter(([ver]) => semver.satisfies(ver, range, { loose: true })) .sort((a, b) => { const [vera, mania] = a diff --git a/node_modules/npm-pick-manifest/package.json b/node_modules/npm-pick-manifest/package.json index e30c2cfe341fc..1167be1272712 100644 --- a/node_modules/npm-pick-manifest/package.json +++ b/node_modules/npm-pick-manifest/package.json @@ -1,6 +1,6 @@ { "name": "npm-pick-manifest", - "version": "9.0.0", + "version": "9.0.1", "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", "main": "./lib", "files": [ @@ -9,7 +9,7 @@ ], "scripts": { "coverage": "tap", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "test": "tap", "posttest": "npm run lint", "postlint": "template-oss-check", @@ -19,7 +19,7 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/npm-pick-manifest.git" + "url": "git+https://github.com/npm/npm-pick-manifest.git" }, "keywords": [ "npm", @@ -36,7 +36,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.18.0", + "@npmcli/template-oss": "4.22.0", "tap": "^16.0.1" }, "tap": { @@ -51,13 +51,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.18.0", - "publish": true, - "ciVersions": [ - "16.14.0", - "16.x", - "18.0.0", - "18.x" - ] + "version": "4.22.0", + "publish": true } } diff --git a/package-lock.json b/package-lock.json index b9838b8606d5c..b1810d2cd6662 100644 --- a/package-lock.json +++ b/package-lock.json @@ -133,7 +133,7 @@ "npm-audit-report": "^5.0.0", "npm-install-checks": "^6.3.0", "npm-package-arg": "^11.0.2", - "npm-pick-manifest": "^9.0.0", + "npm-pick-manifest": "^9.0.1", "npm-profile": "^10.0.0", "npm-registry-fetch": "^17.0.1", "npm-user-validate": "^2.0.0", @@ -1588,7 +1588,7 @@ "dependencies": { "@npmcli/promise-spawn": "^7.0.0", "lru-cache": "^10.0.1", - "npm-pick-manifest": "^9.0.0", + "npm-pick-manifest": "^9.0.1", "proc-log": "^4.0.0", "promise-inflight": "^1.0.1", "promise-retry": "^2.0.1", @@ -8864,10 +8864,11 @@ } }, "node_modules/npm-pick-manifest": { - "version": "9.0.0", - "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-9.0.0.tgz", - "integrity": "sha512-VfvRSs/b6n9ol4Qb+bDwNGUXutpy76x6MARw/XssevE0TnctIKcmklJZM5Z7nqs5z5aW+0S63pgCNbpkUNNXBg==", + "version": "9.0.1", + "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-9.0.1.tgz", + "integrity": "sha512-Udm1f0l2nXb3wxDpKjfohwgdFUSV50UVwzEIpDXVsbDMXVIEF81a/i0UhuQbhrPMMmdiq3+YMFLFIRVLs3hxQw==", "inBundle": true, + "license": "ISC", "dependencies": { "npm-install-checks": "^6.0.0", "npm-normalize-package-bin": "^3.0.0", @@ -9470,7 +9471,7 @@ "minipass": "^7.0.2", "npm-package-arg": "^11.0.0", "npm-packlist": "^8.0.0", - "npm-pick-manifest": "^9.0.0", + "npm-pick-manifest": "^9.0.1", "npm-registry-fetch": "^17.0.0", "proc-log": "^4.0.0", "promise-retry": "^2.0.1", @@ -14808,7 +14809,7 @@ "nopt": "^7.2.1", "npm-install-checks": "^6.2.0", "npm-package-arg": "^11.0.2", - "npm-pick-manifest": "^9.0.0", + "npm-pick-manifest": "^9.0.1", "npm-registry-fetch": "^17.0.1", "pacote": "^18.0.1", "parse-conflict-json": "^3.0.0", diff --git a/package.json b/package.json index 2e4684c08ad8f..239149ca27885 100644 --- a/package.json +++ b/package.json @@ -98,7 +98,7 @@ "npm-audit-report": "^5.0.0", "npm-install-checks": "^6.3.0", "npm-package-arg": "^11.0.2", - "npm-pick-manifest": "^9.0.0", + "npm-pick-manifest": "^9.0.1", "npm-profile": "^10.0.0", "npm-registry-fetch": "^17.0.1", "npm-user-validate": "^2.0.0", diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index 7be5181189abe..6bc356e34fa54 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -24,7 +24,7 @@ "nopt": "^7.2.1", "npm-install-checks": "^6.2.0", "npm-package-arg": "^11.0.2", - "npm-pick-manifest": "^9.0.0", + "npm-pick-manifest": "^9.0.1", "npm-registry-fetch": "^17.0.1", "pacote": "^18.0.1", "parse-conflict-json": "^3.0.0", From 062a8c573a02692514906e5b9c04765394e571f0 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:13:26 -0700 Subject: [PATCH 11/21] deps: pacote@18.0.5 --- mock-registry/package.json | 2 +- .../pacote/{lib/bin.js => bin/index.js} | 0 node_modules/pacote/lib/dir.js | 13 +-- node_modules/pacote/lib/fetcher.js | 69 +++++-------- node_modules/pacote/lib/file.js | 15 ++- node_modules/pacote/lib/git.js | 96 +++++++++---------- node_modules/pacote/lib/index.js | 10 +- node_modules/pacote/lib/registry.js | 28 +++--- node_modules/pacote/lib/remote.js | 12 +-- node_modules/pacote/lib/util/protected.js | 11 +++ node_modules/pacote/package.json | 10 +- package-lock.json | 23 ++--- package.json | 2 +- workspaces/arborist/package.json | 2 +- workspaces/libnpmdiff/package.json | 2 +- workspaces/libnpmexec/package.json | 2 +- workspaces/libnpmpack/package.json | 2 +- 17 files changed, 137 insertions(+), 162 deletions(-) rename node_modules/pacote/{lib/bin.js => bin/index.js} (100%) create mode 100644 node_modules/pacote/lib/util/protected.js diff --git a/mock-registry/package.json b/mock-registry/package.json index 2484e9dab161a..1295f931d3afa 100644 --- a/mock-registry/package.json +++ b/mock-registry/package.json @@ -51,7 +51,7 @@ "json-stringify-safe": "^5.0.1", "nock": "^13.3.3", "npm-package-arg": "^11.0.2", - "pacote": "^18.0.1", + "pacote": "^18.0.5", "tap": "^16.3.8" } } diff --git a/node_modules/pacote/lib/bin.js b/node_modules/pacote/bin/index.js similarity index 100% rename from node_modules/pacote/lib/bin.js rename to node_modules/pacote/bin/index.js diff --git a/node_modules/pacote/lib/dir.js b/node_modules/pacote/lib/dir.js index 135be8e6cba83..6674bb0bf23a1 100644 --- a/node_modules/pacote/lib/dir.js +++ b/node_modules/pacote/lib/dir.js @@ -4,13 +4,10 @@ const { Minipass } = require('minipass') const tarCreateOptions = require('./util/tar-create-options.js') const packlist = require('npm-packlist') const tar = require('tar') -const _prepareDir = Symbol('_prepareDir') const { resolve } = require('path') -const _readPackageJson = Symbol.for('package.Fetcher._readPackageJson') - const runScript = require('@npmcli/run-script') +const _ = require('./util/protected.js') -const _tarballFromResolved = Symbol.for('pacote.Fetcher._tarballFromResolved') class DirFetcher extends Fetcher { constructor (spec, opts) { super(spec, opts) @@ -30,7 +27,7 @@ class DirFetcher extends Fetcher { return ['directory'] } - [_prepareDir] () { + [_.prepareDir] () { return this.manifest().then(mani => { if (!mani.scripts || !mani.scripts.prepare) { return @@ -55,7 +52,7 @@ class DirFetcher extends Fetcher { }) } - [_tarballFromResolved] () { + [_.tarballFromResolved] () { if (!this.tree && !this.Arborist) { throw new Error('DirFetcher requires either a tree or an Arborist constructor to pack') } @@ -68,7 +65,7 @@ class DirFetcher extends Fetcher { // run the prepare script, get the list of files, and tar it up // pipe to the stream, and proxy errors the chain. - this[_prepareDir]() + this[_.prepareDir]() .then(async () => { if (!this.tree) { const arb = new this.Arborist({ path: this.resolved }) @@ -87,7 +84,7 @@ class DirFetcher extends Fetcher { return Promise.resolve(this.package) } - return this[_readPackageJson](this.resolved) + return this[_.readPackageJson](this.resolved) .then(mani => this.package = { ...mani, _integrity: this.integrity && String(this.integrity), diff --git a/node_modules/pacote/lib/fetcher.js b/node_modules/pacote/lib/fetcher.js index c4a707e7ef81e..ec5a807b79991 100644 --- a/node_modules/pacote/lib/fetcher.js +++ b/node_modules/pacote/lib/fetcher.js @@ -18,27 +18,12 @@ const getContents = require('@npmcli/installed-package-contents') const PackageJson = require('@npmcli/package-json') const { Minipass } = require('minipass') const cacheDir = require('./util/cache-dir.js') +const _ = require('./util/protected.js') // Pacote is only concerned with the package.json contents const packageJsonPrepare = (p) => PackageJson.prepare(p).then(pkg => pkg.content) const packageJsonNormalize = (p) => PackageJson.normalize(p).then(pkg => pkg.content) -// Private methods. -// Child classes should not have to override these. -// Users should never call them. -const _extract = Symbol('_extract') -const _mkdir = Symbol('_mkdir') -const _empty = Symbol('_empty') -const _toFile = Symbol('_toFile') -const _tarxOptions = Symbol('_tarxOptions') -const _entryMode = Symbol('_entryMode') -const _istream = Symbol('_istream') -const _assertType = Symbol('_assertType') -const _tarballFromCache = Symbol('_tarballFromCache') -const _tarballFromResolved = Symbol.for('pacote.Fetcher._tarballFromResolved') -const _cacheFetches = Symbol.for('pacote.Fetcher._cacheFetches') -const _readPackageJson = Symbol.for('package.Fetcher._readPackageJson') - class FetcherBase { constructor (spec, opts) { if (!opts || typeof opts !== 'object') { @@ -57,7 +42,7 @@ class FetcherBase { this.from = this.spec.registry ? `${this.spec.name}@${this.spec.rawSpec}` : this.spec.saveSpec - this[_assertType]() + this.#assertType() // clone the opts object so that others aren't upset when we mutate it // by adding/modifying the integrity value. this.opts = { ...opts } @@ -93,11 +78,9 @@ class FetcherBase { this.before = opts.before this.fullMetadata = this.before ? true : !!opts.fullMetadata this.fullReadJson = !!opts.fullReadJson - if (this.fullReadJson) { - this[_readPackageJson] = packageJsonPrepare - } else { - this[_readPackageJson] = packageJsonNormalize - } + this[_.readPackageJson] = this.fullReadJson + ? packageJsonPrepare + : packageJsonNormalize // rrh is a registry hostname or 'never' or 'always' // defaults to registry.npmjs.org @@ -188,7 +171,7 @@ class FetcherBase { // private, should be overridden. // Note that they should *not* calculate or check integrity or cache, // but *just* return the raw tarball data stream. - [_tarballFromResolved] () { + [_.tarballFromResolved] () { throw this.notImplementedError } @@ -204,17 +187,17 @@ class FetcherBase { // private // Note: cacache will raise a EINTEGRITY error if the integrity doesn't match - [_tarballFromCache] () { + #tarballFromCache () { return cacache.get.stream.byDigest(this.cache, this.integrity, this.opts) } - get [_cacheFetches] () { + get [_.cacheFetches] () { return true } - [_istream] (stream) { + #istream (stream) { // if not caching this, just return it - if (!this.opts.cache || !this[_cacheFetches]) { + if (!this.opts.cache || !this[_.cacheFetches]) { // instead of creating a new integrity stream, we only piggyback on the // provided stream's events if (stream.hasIntegrityEmitter) { @@ -267,7 +250,7 @@ class FetcherBase { return false } - [_assertType] () { + #assertType () { if (this.types && !this.types.includes(this.spec.type)) { throw new TypeError(`Wrong spec type (${ this.spec.type @@ -306,7 +289,7 @@ class FetcherBase { !this.preferOnline && this.integrity && this.resolved - ) ? streamHandler(this[_tarballFromCache]()).catch(er => { + ) ? streamHandler(this.#tarballFromCache()).catch(er => { if (this.isDataCorruptionError(er)) { log.warn('tarball', `cached data for ${ this.spec @@ -329,7 +312,7 @@ class FetcherBase { }. Extracting by manifest.`) } return this.resolve().then(() => retry(tryAgain => - streamHandler(this[_istream](this[_tarballFromResolved]())) + streamHandler(this.#istream(this[_.tarballFromResolved]())) .catch(streamErr => { // Most likely data integrity. A cache ENOENT error is unlikely // here, since we're definitely not reading from the cache, but it @@ -352,24 +335,24 @@ class FetcherBase { return cacache.rm.content(this.cache, this.integrity, this.opts) } - [_empty] (path) { + #empty (path) { return getContents({ path, depth: 1 }).then(contents => Promise.all( contents.map(entry => fs.rm(entry, { recursive: true, force: true })))) } - async [_mkdir] (dest) { - await this[_empty](dest) + async #mkdir (dest) { + await this.#empty(dest) return await fs.mkdir(dest, { recursive: true }) } // extraction is always the same. the only difference is where // the tarball comes from. async extract (dest) { - await this[_mkdir](dest) - return this.tarballStream((tarball) => this[_extract](dest, tarball)) + await this.#mkdir(dest) + return this.tarballStream((tarball) => this.#extract(dest, tarball)) } - [_toFile] (dest) { + #toFile (dest) { return this.tarballStream(str => new Promise((res, rej) => { const writer = new fsm.WriteStream(dest) str.on('error', er => writer.emit('error', er)) @@ -383,15 +366,15 @@ class FetcherBase { })) } - // don't use this[_mkdir] because we don't want to rimraf anything + // don't use this.#mkdir because we don't want to rimraf anything async tarballFile (dest) { const dir = dirname(dest) await fs.mkdir(dir, { recursive: true }) - return this[_toFile](dest) + return this.#toFile(dest) } - [_extract] (dest, tarball) { - const extractor = tar.x(this[_tarxOptions]({ cwd: dest })) + #extract (dest, tarball) { + const extractor = tar.x(this.#tarxOptions({ cwd: dest })) const p = new Promise((resolve, reject) => { extractor.on('end', () => { resolve({ @@ -416,7 +399,7 @@ class FetcherBase { // always ensure that entries are at least as permissive as our configured // dmode/fmode, but never more permissive than the umask allows. - [_entryMode] (path, mode, type) { + #entryMode (path, mode, type) { const m = /Directory|GNUDumpDir/.test(type) ? this.dmode : /File$/.test(type) ? this.fmode : /* istanbul ignore next - should never happen in a pkg */ 0 @@ -427,7 +410,7 @@ class FetcherBase { return ((mode | m) & ~this.umask) | exe | 0o600 } - [_tarxOptions] ({ cwd }) { + #tarxOptions ({ cwd }) { const sawIgnores = new Set() return { cwd, @@ -437,7 +420,7 @@ class FetcherBase { if (/Link$/.test(entry.type)) { return false } - entry.mode = this[_entryMode](entry.path, entry.mode, entry.type) + entry.mode = this.#entryMode(entry.path, entry.mode, entry.type) // this replicates the npm pack behavior where .gitignore files // are treated like .npmignore files, but only if a .npmignore // file is not present. diff --git a/node_modules/pacote/lib/file.js b/node_modules/pacote/lib/file.js index 95769de1374c9..307efedb31f7e 100644 --- a/node_modules/pacote/lib/file.js +++ b/node_modules/pacote/lib/file.js @@ -3,10 +3,7 @@ const cacache = require('cacache') const { resolve } = require('path') const { stat, chmod } = require('fs/promises') const Fetcher = require('./fetcher.js') - -const _exeBins = Symbol('_exeBins') -const _tarballFromResolved = Symbol.for('pacote.Fetcher._tarballFromResolved') -const _readPackageJson = Symbol.for('package.Fetcher._readPackageJson') +const _ = require('./util/protected.js') class FileFetcher extends Fetcher { constructor (spec, opts) { @@ -27,7 +24,7 @@ class FileFetcher extends Fetcher { // have to unpack the tarball for this. return cacache.tmp.withTmp(this.cache, this.opts, dir => this.extract(dir) - .then(() => this[_readPackageJson](dir)) + .then(() => this[_.readPackageJson](dir)) .then(mani => this.package = { ...mani, _integrity: this.integrity && String(this.integrity), @@ -36,7 +33,7 @@ class FileFetcher extends Fetcher { })) } - [_exeBins] (pkg, dest) { + #exeBins (pkg, dest) { if (!pkg.bin) { return Promise.resolve() } @@ -65,11 +62,11 @@ class FileFetcher extends Fetcher { // but if not, read the unpacked manifest and chmod properly. return super.extract(dest) .then(result => this.package ? result - : this[_readPackageJson](dest).then(pkg => - this[_exeBins](pkg, dest)).then(() => result)) + : this[_.readPackageJson](dest).then(pkg => + this.#exeBins(pkg, dest)).then(() => result)) } - [_tarballFromResolved] () { + [_.tarballFromResolved] () { // create a read stream and return it return new fsm.ReadStream(this.resolved) } diff --git a/node_modules/pacote/lib/git.js b/node_modules/pacote/lib/git.js index 2cac44ae528e6..23f4b1d218bcc 100644 --- a/node_modules/pacote/lib/git.js +++ b/node_modules/pacote/lib/git.js @@ -2,7 +2,6 @@ const Fetcher = require('./fetcher.js') const FileFetcher = require('./file.js') const RemoteFetcher = require('./remote.js') const DirFetcher = require('./dir.js') -const hashre = /^[a-f0-9]{40}$/ const git = require('@npmcli/git') const pickManifest = require('npm-pick-manifest') const npa = require('npm-package-arg') @@ -10,19 +9,10 @@ const { Minipass } = require('minipass') const cacache = require('cacache') const { log } = require('proc-log') const npm = require('./util/npm.js') - -const _resolvedFromRepo = Symbol('_resolvedFromRepo') -const _resolvedFromHosted = Symbol('_resolvedFromHosted') -const _resolvedFromClone = Symbol('_resolvedFromClone') -const _tarballFromResolved = Symbol.for('pacote.Fetcher._tarballFromResolved') -const _addGitSha = Symbol('_addGitSha') const addGitSha = require('./util/add-git-sha.js') -const _clone = Symbol('_clone') -const _cloneHosted = Symbol('_cloneHosted') -const _cloneRepo = Symbol('_cloneRepo') -const _setResolvedWithSha = Symbol('_setResolvedWithSha') -const _prepareDir = Symbol('_prepareDir') -const _readPackageJson = Symbol.for('package.Fetcher._readPackageJson') +const _ = require('./util/protected.js') + +const hashre = /^[a-f0-9]{40}$/ // get the repository url. // prefer https if there's auth, since ssh will drop that. @@ -84,8 +74,9 @@ class GitFetcher extends Fetcher { // fetch the git repo and then look at the current hash const h = this.spec.hosted // try to use ssh, fall back to git. - return h ? this[_resolvedFromHosted](h) - : this[_resolvedFromRepo](this.spec.fetchSpec) + return h + ? this.#resolvedFromHosted(h) + : this.#resolvedFromRepo(this.spec.fetchSpec) } // first try https, since that's faster and passphrase-less for @@ -93,23 +84,22 @@ class GitFetcher extends Fetcher { // Fall back to SSH to support private repos // NB: we always store the https url in resolved field if auth // is present, otherwise ssh if the hosted type provides it - [_resolvedFromHosted] (hosted) { - return this[_resolvedFromRepo](hosted.https && hosted.https()) - .catch(er => { - // Throw early since we know pathspec errors will fail again if retried - if (er instanceof git.errors.GitPathspecError) { - throw er - } - const ssh = hosted.sshurl && hosted.sshurl() - // no fallthrough if we can't fall through or have https auth - if (!ssh || hosted.auth) { - throw er - } - return this[_resolvedFromRepo](ssh) - }) + #resolvedFromHosted (hosted) { + return this.#resolvedFromRepo(hosted.https && hosted.https()).catch(er => { + // Throw early since we know pathspec errors will fail again if retried + if (er instanceof git.errors.GitPathspecError) { + throw er + } + const ssh = hosted.sshurl && hosted.sshurl() + // no fallthrough if we can't fall through or have https auth + if (!ssh || hosted.auth) { + throw er + } + return this.#resolvedFromRepo(ssh) + }) } - [_resolvedFromRepo] (gitRemote) { + #resolvedFromRepo (gitRemote) { // XXX make this a custom error class if (!gitRemote) { return Promise.reject(new Error(`No git url for ${this.spec}`)) @@ -130,17 +120,17 @@ class GitFetcher extends Fetcher { // the committish provided isn't in the rev list // things like HEAD~3 or @yesterday can land here. if (!revDoc || !revDoc.sha) { - return this[_resolvedFromClone]() + return this.#resolvedFromClone() } this.resolvedRef = revDoc this.resolvedSha = revDoc.sha - this[_addGitSha](revDoc.sha) + this.#addGitSha(revDoc.sha) return this.resolved }) } - [_setResolvedWithSha] (withSha) { + #setResolvedWithSha (withSha) { // we haven't cloned, so a tgz download is still faster // of course, if it's not a known host, we can't do that. this.resolved = !this.spec.hosted ? withSha @@ -149,18 +139,18 @@ class GitFetcher extends Fetcher { // when we get the git sha, we affix it to our spec to build up // either a git url with a hash, or a tarball download URL - [_addGitSha] (sha) { - this[_setResolvedWithSha](addGitSha(this.spec, sha)) + #addGitSha (sha) { + this.#setResolvedWithSha(addGitSha(this.spec, sha)) } - [_resolvedFromClone] () { + #resolvedFromClone () { // do a full or shallow clone, then look at the HEAD // kind of wasteful, but no other option, really - return this[_clone](() => this.resolved) + return this.#clone(() => this.resolved) } - [_prepareDir] (dir) { - return this[_readPackageJson](dir).then(mani => { + #prepareDir (dir) { + return this[_.readPackageJson](dir).then(mani => { // no need if we aren't going to do any preparation. const scripts = mani.scripts if (!mani.workspaces && (!scripts || !( @@ -200,13 +190,13 @@ class GitFetcher extends Fetcher { }) } - [_tarballFromResolved] () { + [_.tarballFromResolved] () { const stream = new Minipass() stream.resolved = this.resolved stream.from = this.from // check it out and then shell out to the DirFetcher tarball packer - this[_clone](dir => this[_prepareDir](dir) + this.#clone(dir => this.#prepareDir(dir) .then(() => new Promise((res, rej) => { if (!this.Arborist) { throw new Error('GitFetcher requires an Arborist constructor to pack a tarball') @@ -217,7 +207,7 @@ class GitFetcher extends Fetcher { resolved: null, integrity: null, }) - const dirStream = df[_tarballFromResolved]() + const dirStream = df[_.tarballFromResolved]() dirStream.on('error', rej) dirStream.on('end', res) dirStream.pipe(stream) @@ -235,7 +225,7 @@ class GitFetcher extends Fetcher { // TODO: after cloning, create a tarball of the folder, and add to the cache // with cacache.put.stream(), using a key that's deterministic based on the // spec and repo, so that we don't ever clone the same thing multiple times. - [_clone] (handler, tarballOk = true) { + #clone (handler, tarballOk = true) { const o = { tmpPrefix: 'git-clone' } const ref = this.resolvedSha || this.spec.gitCommittish const h = this.spec.hosted @@ -258,7 +248,7 @@ class GitFetcher extends Fetcher { }).extract(tmp).then(() => handler(tmp), er => { // fall back to ssh download if tarball fails if (er.constructor.name.match(/^Http/)) { - return this[_clone](handler, false) + return this.#clone(handler, false) } else { throw er } @@ -266,12 +256,12 @@ class GitFetcher extends Fetcher { } const sha = await ( - h ? this[_cloneHosted](ref, tmp) - : this[_cloneRepo](this.spec.fetchSpec, ref, tmp) + h ? this.#cloneHosted(ref, tmp) + : this.#cloneRepo(this.spec.fetchSpec, ref, tmp) ) this.resolvedSha = sha if (!this.resolved) { - await this[_addGitSha](sha) + await this.#addGitSha(sha) } return handler(tmp) }) @@ -282,9 +272,9 @@ class GitFetcher extends Fetcher { // Fall back to SSH to support private repos // NB: we always store the https url in resolved field if auth // is present, otherwise ssh if the hosted type provides it - [_cloneHosted] (ref, tmp) { + #cloneHosted (ref, tmp) { const hosted = this.spec.hosted - return this[_cloneRepo](hosted.https({ noCommittish: true }), ref, tmp) + return this.#cloneRepo(hosted.https({ noCommittish: true }), ref, tmp) .catch(er => { // Throw early since we know pathspec errors will fail again if retried if (er instanceof git.errors.GitPathspecError) { @@ -295,11 +285,11 @@ class GitFetcher extends Fetcher { if (!ssh || hosted.auth) { throw er } - return this[_cloneRepo](ssh, ref, tmp) + return this.#cloneRepo(ssh, ref, tmp) }) } - [_cloneRepo] (repo, ref, tmp) { + #cloneRepo (repo, ref, tmp) { const { opts, spec } = this return git.clone(repo, ref, tmp, { ...opts, spec }) } @@ -311,8 +301,8 @@ class GitFetcher extends Fetcher { return this.spec.hosted && this.resolved ? FileFetcher.prototype.manifest.apply(this) - : this[_clone](dir => - this[_readPackageJson](dir) + : this.#clone(dir => + this[_.readPackageJson](dir) .then(mani => this.package = { ...mani, _resolved: this.resolved, diff --git a/node_modules/pacote/lib/index.js b/node_modules/pacote/lib/index.js index cbcbd7c92d15f..f35314d275d5f 100644 --- a/node_modules/pacote/lib/index.js +++ b/node_modules/pacote/lib/index.js @@ -5,6 +5,10 @@ const FileFetcher = require('./file.js') const DirFetcher = require('./dir.js') const RemoteFetcher = require('./remote.js') +const tarball = (spec, opts) => get(spec, opts).tarball() +tarball.stream = (spec, handler, opts) => get(spec, opts).tarballStream(handler) +tarball.file = (spec, dest, opts) => get(spec, opts).tarballFile(dest) + module.exports = { GitFetcher, RegistryFetcher, @@ -14,10 +18,6 @@ module.exports = { resolve: (spec, opts) => get(spec, opts).resolve(), extract: (spec, dest, opts) => get(spec, opts).extract(dest), manifest: (spec, opts) => get(spec, opts).manifest(), - tarball: (spec, opts) => get(spec, opts).tarball(), packument: (spec, opts) => get(spec, opts).packument(), + tarball, } -module.exports.tarball.stream = (spec, handler, opts) => - get(spec, opts).tarballStream(handler) -module.exports.tarball.file = (spec, dest, opts) => - get(spec, opts).tarballFile(dest) diff --git a/node_modules/pacote/lib/registry.js b/node_modules/pacote/lib/registry.js index b6a8d49b84f32..f2b5a8a547cc9 100644 --- a/node_modules/pacote/lib/registry.js +++ b/node_modules/pacote/lib/registry.js @@ -1,6 +1,5 @@ const Fetcher = require('./fetcher.js') const RemoteFetcher = require('./remote.js') -const _tarballFromResolved = Symbol.for('pacote.Fetcher._tarballFromResolved') const pacoteVersion = require('../package.json').version const removeTrailingSlashes = require('./util/trailing-slashes.js') const PackageJson = require('@npmcli/package-json') @@ -9,6 +8,8 @@ const ssri = require('ssri') const crypto = require('crypto') const npa = require('npm-package-arg') const sigstore = require('sigstore') +const fetch = require('npm-registry-fetch') +const _ = require('./util/protected.js') // Corgis are cute. 🐕🐶 const corgiDoc = 'application/vnd.npm.install-v1+json; q=1.0, application/json; q=0.8, */*' @@ -18,9 +19,6 @@ const fullDoc = 'application/json' // cutoff date. const MISSING_TIME_CUTOFF = '2015-01-01T00:00:00.000Z' -const fetch = require('npm-registry-fetch') - -const _headers = Symbol('_headers') class RegistryFetcher extends Fetcher { constructor (spec, opts) { super(spec, opts) @@ -63,7 +61,7 @@ class RegistryFetcher extends Fetcher { return this.resolved } - [_headers] () { + #headers () { return { // npm will override UA, but ensure that we always send *something* 'user-agent': this.opts.userAgent || @@ -80,7 +78,7 @@ class RegistryFetcher extends Fetcher { // note this might be either an in-flight promise for a request, // or the actual packument, but we never want to make more than // one request at a time for the same thing regardless. - if (this.packumentCache && this.packumentCache.has(this.packumentUrl)) { + if (this.packumentCache?.has(this.packumentUrl)) { return this.packumentCache.get(this.packumentUrl) } @@ -90,21 +88,21 @@ class RegistryFetcher extends Fetcher { try { const res = await fetch(this.packumentUrl, { ...this.opts, - headers: this[_headers](), + headers: this.#headers(), spec: this.spec, + // never check integrity for packuments themselves integrity: null, }) const packument = await res.json() - packument._contentLength = +res.headers.get('content-length') - if (this.packumentCache) { - this.packumentCache.set(this.packumentUrl, packument) + const contentLength = res.headers.get('content-length') + if (contentLength) { + packument._contentLength = Number(contentLength) } + this.packumentCache?.set(this.packumentUrl, packument) return packument } catch (err) { - if (this.packumentCache) { - this.packumentCache.delete(this.packumentUrl) - } + this.packumentCache?.delete(this.packumentUrl) if (err.code !== 'E404' || this.fullMetadata) { throw err } @@ -350,13 +348,13 @@ class RegistryFetcher extends Fetcher { return this.package } - [_tarballFromResolved] () { + [_.tarballFromResolved] () { // we use a RemoteFetcher to get the actual tarball stream return new RemoteFetcher(this.resolved, { ...this.opts, resolved: this.resolved, pkgid: `registry:${this.spec.name}@${this.resolved}`, - })[_tarballFromResolved]() + })[_.tarballFromResolved]() } get types () { diff --git a/node_modules/pacote/lib/remote.js b/node_modules/pacote/lib/remote.js index fd617459fb031..9a743322ace4e 100644 --- a/node_modules/pacote/lib/remote.js +++ b/node_modules/pacote/lib/remote.js @@ -1,12 +1,10 @@ const Fetcher = require('./fetcher.js') const FileFetcher = require('./file.js') -const _tarballFromResolved = Symbol.for('pacote.Fetcher._tarballFromResolved') const pacoteVersion = require('../package.json').version const fetch = require('npm-registry-fetch') const { Minipass } = require('minipass') +const _ = require('./util/protected.js') -const _cacheFetches = Symbol.for('pacote.Fetcher._cacheFetches') -const _headers = Symbol('_headers') class RemoteFetcher extends Fetcher { constructor (spec, opts) { super(spec, opts) @@ -25,17 +23,17 @@ class RemoteFetcher extends Fetcher { // Don't need to cache tarball fetches in pacote, because make-fetch-happen // will write into cacache anyway. - get [_cacheFetches] () { + get [_.cacheFetches] () { return false } - [_tarballFromResolved] () { + [_.tarballFromResolved] () { const stream = new Minipass() stream.hasIntegrityEmitter = true const fetchOpts = { ...this.opts, - headers: this[_headers](), + headers: this.#headers(), spec: this.spec, integrity: this.integrity, algorithms: [this.pickIntegrityAlgorithm()], @@ -59,7 +57,7 @@ class RemoteFetcher extends Fetcher { return stream } - [_headers] () { + #headers () { return { // npm will override this, but ensure that we always send *something* 'user-agent': this.opts.userAgent || diff --git a/node_modules/pacote/lib/util/protected.js b/node_modules/pacote/lib/util/protected.js new file mode 100644 index 0000000000000..3334550150e99 --- /dev/null +++ b/node_modules/pacote/lib/util/protected.js @@ -0,0 +1,11 @@ +const readPackageJson = Symbol.for('package.Fetcher._readPackageJson') +const prepareDir = Symbol('_prepareDir') +const tarballFromResolved = Symbol.for('pacote.Fetcher._tarballFromResolved') +const cacheFetches = Symbol.for('pacote.Fetcher._cacheFetches') + +module.exports = { + readPackageJson, + prepareDir, + tarballFromResolved, + cacheFetches, +} diff --git a/node_modules/pacote/package.json b/node_modules/pacote/package.json index 4c1751644cd57..a391df823b9c6 100644 --- a/node_modules/pacote/package.json +++ b/node_modules/pacote/package.json @@ -1,10 +1,10 @@ { "name": "pacote", - "version": "18.0.3", + "version": "18.0.5", "description": "JavaScript package downloader", "author": "GitHub Inc.", "bin": { - "pacote": "lib/bin.js" + "pacote": "bin/index.js" }, "license": "ISC", "main": "lib/index.js", @@ -27,7 +27,7 @@ "devDependencies": { "@npmcli/arborist": "^7.1.0", "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.21.4", + "@npmcli/template-oss": "4.22.0", "hosted-git-info": "^7.0.0", "mutate-fs": "^2.1.1", "nock": "^13.2.4", @@ -67,11 +67,11 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/pacote.git" + "url": "git+https://github.com/npm/pacote.git" }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.21.4", + "version": "4.22.0", "windowsCI": false, "publish": "true" } diff --git a/package-lock.json b/package-lock.json index b1810d2cd6662..26b2c5856fb69 100644 --- a/package-lock.json +++ b/package-lock.json @@ -138,7 +138,7 @@ "npm-registry-fetch": "^17.0.1", "npm-user-validate": "^2.0.0", "p-map": "^4.0.0", - "pacote": "^18.0.3", + "pacote": "^18.0.5", "parse-conflict-json": "^3.0.1", "proc-log": "^4.2.0", "qrcode-terminal": "^0.12.0", @@ -234,7 +234,7 @@ "json-stringify-safe": "^5.0.1", "nock": "^13.3.3", "npm-package-arg": "^11.0.2", - "pacote": "^18.0.1", + "pacote": "^18.0.5", "tap": "^16.3.8" }, "engines": { @@ -9456,10 +9456,11 @@ } }, "node_modules/pacote": { - "version": "18.0.3", - "resolved": "https://registry.npmjs.org/pacote/-/pacote-18.0.3.tgz", - "integrity": "sha512-GFCGn27RSf2xa5DHShI7DzI8dCf5F0+9N+fbSpItZvi9ykSouPRXMKzfl2jF35Zoi9QysNF/aqeqQyU2tOJBbA==", + "version": "18.0.5", + "resolved": "https://registry.npmjs.org/pacote/-/pacote-18.0.5.tgz", + "integrity": "sha512-AtbhPJE1gFPFdIb04spfX0UprUL0xK2eOBVVQnDNbLg7/VPrK/NkqgZRv7fkPPMM/zxZukjCkuGh+tZh7arrwQ==", "inBundle": true, + "license": "ISC", "dependencies": { "@npmcli/git": "^5.0.0", "@npmcli/installed-package-contents": "^2.0.1", @@ -9471,7 +9472,7 @@ "minipass": "^7.0.2", "npm-package-arg": "^11.0.0", "npm-packlist": "^8.0.0", - "npm-pick-manifest": "^9.0.1", + "npm-pick-manifest": "^9.0.0", "npm-registry-fetch": "^17.0.0", "proc-log": "^4.0.0", "promise-retry": "^2.0.1", @@ -9480,7 +9481,7 @@ "tar": "^6.1.11" }, "bin": { - "pacote": "lib/bin.js" + "pacote": "bin/index.js" }, "engines": { "node": "^16.14.0 || >=18.0.0" @@ -14811,7 +14812,7 @@ "npm-package-arg": "^11.0.2", "npm-pick-manifest": "^9.0.1", "npm-registry-fetch": "^17.0.1", - "pacote": "^18.0.1", + "pacote": "^18.0.5", "parse-conflict-json": "^3.0.0", "proc-log": "^4.2.0", "proggy": "^2.0.0", @@ -14892,7 +14893,7 @@ "diff": "^5.1.0", "minimatch": "^9.0.4", "npm-package-arg": "^11.0.2", - "pacote": "^18.0.1", + "pacote": "^18.0.5", "tar": "^6.2.1" }, "devDependencies": { @@ -14912,7 +14913,7 @@ "@npmcli/run-script": "^8.1.0", "ci-info": "^4.0.0", "npm-package-arg": "^11.0.2", - "pacote": "^18.0.1", + "pacote": "^18.0.5", "proc-log": "^4.2.0", "read": "^3.0.1", "read-package-json-fast": "^3.0.2", @@ -14990,7 +14991,7 @@ "@npmcli/arborist": "^7.2.1", "@npmcli/run-script": "^8.1.0", "npm-package-arg": "^11.0.2", - "pacote": "^18.0.1" + "pacote": "^18.0.5" }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", diff --git a/package.json b/package.json index 239149ca27885..a014a266b79e9 100644 --- a/package.json +++ b/package.json @@ -103,7 +103,7 @@ "npm-registry-fetch": "^17.0.1", "npm-user-validate": "^2.0.0", "p-map": "^4.0.0", - "pacote": "^18.0.3", + "pacote": "^18.0.5", "parse-conflict-json": "^3.0.1", "proc-log": "^4.2.0", "qrcode-terminal": "^0.12.0", diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index 6bc356e34fa54..fb33009648859 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -26,7 +26,7 @@ "npm-package-arg": "^11.0.2", "npm-pick-manifest": "^9.0.1", "npm-registry-fetch": "^17.0.1", - "pacote": "^18.0.1", + "pacote": "^18.0.5", "parse-conflict-json": "^3.0.0", "proc-log": "^4.2.0", "proggy": "^2.0.0", diff --git a/workspaces/libnpmdiff/package.json b/workspaces/libnpmdiff/package.json index 60d00018fc381..382f9f43e8d55 100644 --- a/workspaces/libnpmdiff/package.json +++ b/workspaces/libnpmdiff/package.json @@ -52,7 +52,7 @@ "diff": "^5.1.0", "minimatch": "^9.0.4", "npm-package-arg": "^11.0.2", - "pacote": "^18.0.1", + "pacote": "^18.0.5", "tar": "^6.2.1" }, "templateOSS": { diff --git a/workspaces/libnpmexec/package.json b/workspaces/libnpmexec/package.json index e454739594e5c..cd051b4616a31 100644 --- a/workspaces/libnpmexec/package.json +++ b/workspaces/libnpmexec/package.json @@ -63,7 +63,7 @@ "@npmcli/run-script": "^8.1.0", "ci-info": "^4.0.0", "npm-package-arg": "^11.0.2", - "pacote": "^18.0.1", + "pacote": "^18.0.5", "proc-log": "^4.2.0", "read": "^3.0.1", "read-package-json-fast": "^3.0.2", diff --git a/workspaces/libnpmpack/package.json b/workspaces/libnpmpack/package.json index b0bc033b952cf..2bc6553f1ec8d 100644 --- a/workspaces/libnpmpack/package.json +++ b/workspaces/libnpmpack/package.json @@ -39,7 +39,7 @@ "@npmcli/arborist": "^7.2.1", "@npmcli/run-script": "^8.1.0", "npm-package-arg": "^11.0.2", - "pacote": "^18.0.1" + "pacote": "^18.0.5" }, "engines": { "node": "^16.14.0 || >=18.0.0" From 4c0668594ddfe735e2e6cbd46127efaccbfb976f Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:15:45 -0700 Subject: [PATCH 12/21] deps: ssri@10.0.6 --- node_modules/ssri/lib/index.js | 2 +- node_modules/ssri/package.json | 10 +++++----- package-lock.json | 13 +++++++------ package.json | 2 +- workspaces/arborist/package.json | 2 +- workspaces/libnpmpublish/package.json | 2 +- 6 files changed, 16 insertions(+), 15 deletions(-) diff --git a/node_modules/ssri/lib/index.js b/node_modules/ssri/lib/index.js index d0ff9dfaf24a7..7d749ed480fb9 100644 --- a/node_modules/ssri/lib/index.js +++ b/node_modules/ssri/lib/index.js @@ -535,7 +535,7 @@ function createIntegrity (opts) { hashes.forEach(h => h.update(chunk, enc)) return this }, - digest: function (enc) { + digest: function () { const integrity = algorithms.reduce((acc, algo) => { const digest = hashes.shift().digest('base64') const hash = new Hash( diff --git a/node_modules/ssri/package.json b/node_modules/ssri/package.json index 8750bd744d28b..28395414e4643 100644 --- a/node_modules/ssri/package.json +++ b/node_modules/ssri/package.json @@ -1,6 +1,6 @@ { "name": "ssri", - "version": "10.0.5", + "version": "10.0.6", "description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.", "main": "lib/index.js", "files": [ @@ -13,7 +13,7 @@ "posttest": "npm run lint", "test": "tap", "coverage": "tap", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "postlint": "template-oss-check", "template-oss-apply": "template-oss-apply --force", "lintfix": "npm run lint -- --fix", @@ -28,7 +28,7 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/ssri.git" + "url": "git+https://github.com/npm/ssri.git" }, "keywords": [ "w3c", @@ -51,7 +51,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.18.0", + "@npmcli/template-oss": "4.22.0", "tap": "^16.0.1" }, "engines": { @@ -59,7 +59,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.18.0", + "version": "4.22.0", "publish": "true" } } diff --git a/package-lock.json b/package-lock.json index 26b2c5856fb69..b3f27e6366ded 100644 --- a/package-lock.json +++ b/package-lock.json @@ -145,7 +145,7 @@ "read": "^3.0.1", "semver": "^7.6.0", "spdx-expression-parse": "^4.0.0", - "ssri": "^10.0.5", + "ssri": "^10.0.6", "supports-color": "^9.4.0", "tar": "^6.2.1", "text-table": "~0.2.0", @@ -11100,10 +11100,11 @@ "inBundle": true }, "node_modules/ssri": { - "version": "10.0.5", - "resolved": "https://registry.npmjs.org/ssri/-/ssri-10.0.5.tgz", - "integrity": "sha512-bSf16tAFkGeRlUNDjXu8FzaMQt6g2HZJrun7mtMbIPOddxt3GLMSz5VWUWcqTJUPfLEaDIepGxv+bYQW49596A==", + "version": "10.0.6", + "resolved": "https://registry.npmjs.org/ssri/-/ssri-10.0.6.tgz", + "integrity": "sha512-MGrFH9Z4NP9Iyhqn16sDtBpRRNJ0Y2hNa6D65h736fVSaPCHr4DM4sWUNvVaSuC+0OBGhwsrydQwmgfg5LncqQ==", "inBundle": true, + "license": "ISC", "dependencies": { "minipass": "^7.0.3" }, @@ -14820,7 +14821,7 @@ "promise-call-limit": "^3.0.1", "read-package-json-fast": "^3.0.2", "semver": "^7.3.7", - "ssri": "^10.0.5", + "ssri": "^10.0.6", "treeverse": "^3.0.0", "walk-up-path": "^3.0.1" }, @@ -15015,7 +15016,7 @@ "proc-log": "^4.2.0", "semver": "^7.3.7", "sigstore": "^2.2.0", - "ssri": "^10.0.5" + "ssri": "^10.0.6" }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", diff --git a/package.json b/package.json index a014a266b79e9..35f649fddd14f 100644 --- a/package.json +++ b/package.json @@ -110,7 +110,7 @@ "read": "^3.0.1", "semver": "^7.6.0", "spdx-expression-parse": "^4.0.0", - "ssri": "^10.0.5", + "ssri": "^10.0.6", "supports-color": "^9.4.0", "tar": "^6.2.1", "text-table": "~0.2.0", diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index fb33009648859..d920a03261d3e 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -34,7 +34,7 @@ "promise-call-limit": "^3.0.1", "read-package-json-fast": "^3.0.2", "semver": "^7.3.7", - "ssri": "^10.0.5", + "ssri": "^10.0.6", "treeverse": "^3.0.0", "walk-up-path": "^3.0.1" }, diff --git a/workspaces/libnpmpublish/package.json b/workspaces/libnpmpublish/package.json index 8bdee5b746db8..9299549eeef42 100644 --- a/workspaces/libnpmpublish/package.json +++ b/workspaces/libnpmpublish/package.json @@ -45,7 +45,7 @@ "proc-log": "^4.2.0", "semver": "^7.3.7", "sigstore": "^2.2.0", - "ssri": "^10.0.5" + "ssri": "^10.0.6" }, "engines": { "node": "^16.14.0 || >=18.0.0" From 0d3ce2ece491ff78e3659df52a75be6e52a4efa5 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:16:43 -0700 Subject: [PATCH 13/21] deps: @npmcli/metavuln-calculator@7.1.1 --- node_modules/@npmcli/metavuln-calculator/lib/index.js | 2 +- node_modules/@npmcli/metavuln-calculator/package.json | 8 ++++---- package-lock.json | 9 +++++---- workspaces/arborist/package.json | 2 +- 4 files changed, 11 insertions(+), 10 deletions(-) diff --git a/node_modules/@npmcli/metavuln-calculator/lib/index.js b/node_modules/@npmcli/metavuln-calculator/lib/index.js index 2a4e08395e7ed..971409b5bad44 100644 --- a/node_modules/@npmcli/metavuln-calculator/lib/index.js +++ b/node_modules/@npmcli/metavuln-calculator/lib/index.js @@ -107,7 +107,7 @@ class Calculator { const timeEnd = time.start(`metavuln:packument:${name}`) const p = pacote.packument(name, { ...this[_options] }) - .catch((er) => { + .catch(() => { // presumably not something from the registry. // an empty packument will have an effective range of * return { diff --git a/node_modules/@npmcli/metavuln-calculator/package.json b/node_modules/@npmcli/metavuln-calculator/package.json index 74c23ad62bd7a..a7ec02d2ee72b 100644 --- a/node_modules/@npmcli/metavuln-calculator/package.json +++ b/node_modules/@npmcli/metavuln-calculator/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/metavuln-calculator", - "version": "7.1.0", + "version": "7.1.1", "main": "lib/index.js", "files": [ "bin/", @@ -9,7 +9,7 @@ "description": "Calculate meta-vulnerabilities from package security advisories", "repository": { "type": "git", - "url": "https://github.com/npm/metavuln-calculator.git" + "url": "git+https://github.com/npm/metavuln-calculator.git" }, "author": "GitHub Inc.", "license": "ISC", @@ -34,7 +34,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.21.4", + "@npmcli/template-oss": "4.22.0", "require-inject": "^1.4.4", "tap": "^16.0.1" }, @@ -50,7 +50,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.21.4", + "version": "4.22.0", "publish": "true", "ciVersions": [ "16.14.0", diff --git a/package-lock.json b/package-lock.json index b3f27e6366ded..8b9ba4c643efa 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1631,9 +1631,10 @@ } }, "node_modules/@npmcli/metavuln-calculator": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/@npmcli/metavuln-calculator/-/metavuln-calculator-7.1.0.tgz", - "integrity": "sha512-D4VZzVLZ4Mw+oUCWyQ6qzlm5SGlrLnhKtZscDwQXFFc1FUPvw69Ibo2E5ZpJAmjFSYkA5UlCievWmREW0JLC3w==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/@npmcli/metavuln-calculator/-/metavuln-calculator-7.1.1.tgz", + "integrity": "sha512-Nkxf96V0lAx3HCpVda7Vw4P23RILgdi/5K1fmj2tZkWIYLpXAN8k2UVVOsW16TsS5F8Ws2I7Cm+PU1/rsVF47g==", + "license": "ISC", "dependencies": { "cacache": "^18.0.0", "json-parse-even-better-errors": "^3.0.0", @@ -14794,7 +14795,7 @@ "@npmcli/fs": "^3.1.0", "@npmcli/installed-package-contents": "^2.1.0", "@npmcli/map-workspaces": "^3.0.2", - "@npmcli/metavuln-calculator": "^7.1.0", + "@npmcli/metavuln-calculator": "^7.1.1", "@npmcli/name-from-folder": "^2.0.0", "@npmcli/node-gyp": "^3.0.0", "@npmcli/package-json": "^5.1.0", diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index d920a03261d3e..96ef5baa9b196 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -7,7 +7,7 @@ "@npmcli/fs": "^3.1.0", "@npmcli/installed-package-contents": "^2.1.0", "@npmcli/map-workspaces": "^3.0.2", - "@npmcli/metavuln-calculator": "^7.1.0", + "@npmcli/metavuln-calculator": "^7.1.1", "@npmcli/name-from-folder": "^2.0.0", "@npmcli/node-gyp": "^3.0.0", "@npmcli/package-json": "^5.1.0", From 12fee96c60040b793c6fc200b17e5e6b25d9bb7d Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:17:33 -0700 Subject: [PATCH 14/21] deps: ignore-walk@6.0.5 --- docs/package.json | 2 +- node_modules/ignore-walk/lib/index.js | 4 ++-- node_modules/ignore-walk/package.json | 10 +++++----- package-lock.json | 9 +++++---- 4 files changed, 13 insertions(+), 12 deletions(-) diff --git a/docs/package.json b/docs/package.json index a3766c7b92aa0..d3f0ecbd26e92 100644 --- a/docs/package.json +++ b/docs/package.json @@ -24,7 +24,7 @@ "@npmcli/eslint-config": "^4.0.0", "@npmcli/template-oss": "4.22.0", "front-matter": "^4.0.2", - "ignore-walk": "^6.0.1", + "ignore-walk": "^6.0.5", "jsdom": "^24.0.0", "rehype-stringify": "^9.0.3", "remark-gfm": "^3.0.1", diff --git a/node_modules/ignore-walk/lib/index.js b/node_modules/ignore-walk/lib/index.js index ad3aecc7389c6..366d95e2d516c 100644 --- a/node_modules/ignore-walk/lib/index.js +++ b/node_modules/ignore-walk/lib/index.js @@ -85,7 +85,7 @@ class Walker extends EE { .filter(e => this.isIgnoreFile(e)) let igCount = newIg.length - const then = _ => { + const then = () => { if (--igCount === 0) { this.filterEntries() } @@ -141,7 +141,7 @@ class Walker extends EE { if (entryCount === 0) { this.emit('done', this.result) } else { - const then = _ => { + const then = () => { if (--entryCount === 0) { this.emit('done', this.result) } diff --git a/node_modules/ignore-walk/package.json b/node_modules/ignore-walk/package.json index cebd4795f953a..f44a7a587a10b 100644 --- a/node_modules/ignore-walk/package.json +++ b/node_modules/ignore-walk/package.json @@ -1,18 +1,18 @@ { "name": "ignore-walk", - "version": "6.0.4", + "version": "6.0.5", "description": "Nested/recursive `.gitignore`/`.npmignore` parsing and filtering.", "main": "lib/index.js", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.19.0", + "@npmcli/template-oss": "4.22.0", "mutate-fs": "^2.1.1", "tap": "^16.0.1" }, "scripts": { "test": "tap", "posttest": "npm run lint", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "lintfix": "npm run lint -- --fix", "postlint": "template-oss-check", "template-oss-apply": "template-oss-apply --force", @@ -31,7 +31,7 @@ "license": "ISC", "repository": { "type": "git", - "url": "https://github.com/npm/ignore-walk.git" + "url": "git+https://github.com/npm/ignore-walk.git" }, "files": [ "bin/", @@ -56,7 +56,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.19.0", + "version": "4.22.0", "content": "scripts/template-oss", "publish": "true" } diff --git a/package-lock.json b/package-lock.json index 8b9ba4c643efa..1b359ef175dbc 100644 --- a/package-lock.json +++ b/package-lock.json @@ -194,7 +194,7 @@ "@npmcli/eslint-config": "^4.0.0", "@npmcli/template-oss": "4.22.0", "front-matter": "^4.0.2", - "ignore-walk": "^6.0.1", + "ignore-walk": "^6.0.5", "jsdom": "^24.0.0", "rehype-stringify": "^9.0.3", "remark-gfm": "^3.0.1", @@ -6015,10 +6015,11 @@ } }, "node_modules/ignore-walk": { - "version": "6.0.4", - "resolved": "https://registry.npmjs.org/ignore-walk/-/ignore-walk-6.0.4.tgz", - "integrity": "sha512-t7sv42WkwFkyKbivUCglsQW5YWMskWtbEf4MNKX5u/CCWHKSPzN4FtBQGsQZgCLbxOzpVlcbWVK5KB3auIOjSw==", + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/ignore-walk/-/ignore-walk-6.0.5.tgz", + "integrity": "sha512-VuuG0wCnjhnylG1ABXT3dAuIpTNDs/G8jlpmwXY03fXoXy/8ZK8/T+hMzt8L4WnrLCJgdybqgPagnF/f97cg3A==", "inBundle": true, + "license": "ISC", "dependencies": { "minimatch": "^9.0.0" }, From 1a01526ccbe04db2181f93ad00c371989312659e Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:18:17 -0700 Subject: [PATCH 15/21] deps: npm-user-validate@2.0.1 --- node_modules/npm-user-validate/package.json | 11 ++++++----- package-lock.json | 9 +++++---- package.json | 2 +- 3 files changed, 12 insertions(+), 10 deletions(-) diff --git a/node_modules/npm-user-validate/package.json b/node_modules/npm-user-validate/package.json index 8cf48f80f86a8..15a1305356ef3 100644 --- a/node_modules/npm-user-validate/package.json +++ b/node_modules/npm-user-validate/package.json @@ -1,16 +1,16 @@ { "name": "npm-user-validate", - "version": "2.0.0", + "version": "2.0.1", "description": "User validations for npm", "main": "lib/index.js", "devDependencies": { "@npmcli/eslint-config": "^4.0.1", - "@npmcli/template-oss": "4.11.0", + "@npmcli/template-oss": "4.22.0", "tap": "^16.3.2" }, "scripts": { "test": "tap", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "postlint": "template-oss-check", "template-oss-apply": "template-oss-apply --force", "lintfix": "npm run lint -- --fix", @@ -19,7 +19,7 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/npm-user-validate.git" + "url": "git+https://github.com/npm/npm-user-validate.git" }, "keywords": [ "npm", @@ -37,7 +37,8 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.11.0" + "version": "4.22.0", + "publish": true }, "tap": { "nyc-arg": [ diff --git a/package-lock.json b/package-lock.json index 1b359ef175dbc..7d02f427b2e65 100644 --- a/package-lock.json +++ b/package-lock.json @@ -136,7 +136,7 @@ "npm-pick-manifest": "^9.0.1", "npm-profile": "^10.0.0", "npm-registry-fetch": "^17.0.1", - "npm-user-validate": "^2.0.0", + "npm-user-validate": "^2.0.1", "p-map": "^4.0.0", "pacote": "^18.0.5", "parse-conflict-json": "^3.0.1", @@ -8941,10 +8941,11 @@ } }, "node_modules/npm-user-validate": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/npm-user-validate/-/npm-user-validate-2.0.0.tgz", - "integrity": "sha512-sSWeqAYJ2dUPStJB+AEj0DyLRltr/f6YNcvCA7phkB8/RMLMnVsQ41GMwHo/ERZLYNDsyB2wPm7pZo1mqPOl7Q==", + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/npm-user-validate/-/npm-user-validate-2.0.1.tgz", + "integrity": "sha512-d17PKaF2h8LSGFl5j4b1gHOJt1fgH7YUcCm1kNSJvaLWWKXlBsuUvx0bBEkr0qhsVA9XP5LtRZ83hdlhm2QkgA==", "inBundle": true, + "license": "BSD-2-Clause", "engines": { "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } diff --git a/package.json b/package.json index 35f649fddd14f..d050b128c10ec 100644 --- a/package.json +++ b/package.json @@ -101,7 +101,7 @@ "npm-pick-manifest": "^9.0.1", "npm-profile": "^10.0.0", "npm-registry-fetch": "^17.0.1", - "npm-user-validate": "^2.0.0", + "npm-user-validate": "^2.0.1", "p-map": "^4.0.0", "pacote": "^18.0.5", "parse-conflict-json": "^3.0.1", From 2ec8b73efef3dfa25b621fc78c732952d0ba7bfd Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:19:03 -0700 Subject: [PATCH 16/21] deps: validate-npm-package-name@5.0.1 --- DEPENDENCIES.md | 2 - node_modules/.gitignore | 1 - node_modules/builtins/License | 20 ----- node_modules/builtins/index.js | 80 ------------------- node_modules/builtins/package.json | 19 ----- .../validate-npm-package-name/lib/index.js | 10 +-- .../validate-npm-package-name/package.json | 19 ++--- package-lock.json | 21 ++--- package.json | 2 +- 9 files changed, 17 insertions(+), 157 deletions(-) delete mode 100644 node_modules/builtins/License delete mode 100644 node_modules/builtins/index.js delete mode 100644 node_modules/builtins/package.json diff --git a/DEPENDENCIES.md b/DEPENDENCIES.md index 88128ab1ad9ec..89b2792ac512a 100644 --- a/DEPENDENCIES.md +++ b/DEPENDENCIES.md @@ -266,7 +266,6 @@ graph LR; bin-links-->read-cmd-shim; bin-links-->write-file-atomic; brace-expansion-->balanced-match; - builtins-->semver; cacache-->fs-minipass; cacache-->glob; cacache-->lru-cache; @@ -777,7 +776,6 @@ graph LR; unique-slug-->imurmurhash; validate-npm-package-license-->spdx-correct; validate-npm-package-license-->spdx-expression-parse; - validate-npm-package-name-->builtins; which-->isexe; wrap-ansi-->ansi-styles; wrap-ansi-->string-width; diff --git a/node_modules/.gitignore b/node_modules/.gitignore index 2075e41dc40b5..c5e8e1f8c9db7 100644 --- a/node_modules/.gitignore +++ b/node_modules/.gitignore @@ -54,7 +54,6 @@ !/bin-links !/binary-extensions !/brace-expansion -!/builtins !/cacache !/chalk !/chownr diff --git a/node_modules/builtins/License b/node_modules/builtins/License deleted file mode 100644 index b142e5dc08133..0000000000000 --- a/node_modules/builtins/License +++ /dev/null @@ -1,20 +0,0 @@ -Copyright (c) 2015 Julian Gruber - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE -LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/builtins/index.js b/node_modules/builtins/index.js deleted file mode 100644 index 01d23876aae32..0000000000000 --- a/node_modules/builtins/index.js +++ /dev/null @@ -1,80 +0,0 @@ -'use strict' - -const satisfies = require('semver/functions/satisfies') - -const permanentModules = [ - 'assert', - 'buffer', - 'child_process', - 'cluster', - 'console', - 'constants', - 'crypto', - 'dgram', - 'dns', - 'domain', - 'events', - 'fs', - 'http', - 'https', - 'module', - 'net', - 'os', - 'path', - 'punycode', - 'querystring', - 'readline', - 'repl', - 'stream', - 'string_decoder', - 'sys', - 'timers', - 'tls', - 'tty', - 'url', - 'util', - 'vm', - 'zlib' -] - -const versionLockedModules = { - freelist: '<6.0.0', - v8: '>=1.0.0', - process: '>=1.1.0', - inspector: '>=8.0.0', - async_hooks: '>=8.1.0', - http2: '>=8.4.0', - perf_hooks: '>=8.5.0', - trace_events: '>=10.0.0', - worker_threads: '>=12.0.0', - 'node:test': '>=18.0.0' -} - -const experimentalModules = { - worker_threads: '>=10.5.0', - wasi: '>=12.16.0', - diagnostics_channel: '^14.17.0 || >=15.1.0' -} - -module.exports = ({ version = process.version, experimental = false } = {}) => { - const builtins = [...permanentModules] - - for (const [name, semverRange] of Object.entries(versionLockedModules)) { - if (version === '*' || satisfies(version, semverRange)) { - builtins.push(name) - } - } - - if (experimental) { - for (const [name, semverRange] of Object.entries(experimentalModules)) { - if ( - !builtins.includes(name) && - (version === '*' || satisfies(version, semverRange)) - ) { - builtins.push(name) - } - } - } - - return builtins -} diff --git a/node_modules/builtins/package.json b/node_modules/builtins/package.json deleted file mode 100644 index d37e02e076818..0000000000000 --- a/node_modules/builtins/package.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "name": "builtins", - "version": "5.1.0", - "description": "List of node.js builtin modules", - "repository": "juliangruber/builtins", - "license": "MIT", - "main": "index.js", - "files": [], - "scripts": { - "test": "standard --fix && node--test" - }, - "dependencies": { - "semver": "^7.0.0" - }, - "devDependencies": { - "standard": "^17.0.0", - "test": "^3.0.0" - } -} diff --git a/node_modules/validate-npm-package-name/lib/index.js b/node_modules/validate-npm-package-name/lib/index.js index e7e612bfbdf4d..fd800d5a5eae1 100644 --- a/node_modules/validate-npm-package-name/lib/index.js +++ b/node_modules/validate-npm-package-name/lib/index.js @@ -1,7 +1,7 @@ 'use strict' +const { builtinModules: builtins } = require('module') var scopedPackagePattern = new RegExp('^(?:@([^/]+?)[/])?([^/]+?)$') -var builtins = require('builtins') var blacklist = [ 'node_modules', 'favicon.ico', @@ -52,11 +52,9 @@ function validate (name) { // Generate warnings for stuff that used to be allowed // core module names like http, events, util, etc - builtins({ version: '*' }).forEach(function (builtin) { - if (name.toLowerCase() === builtin) { - warnings.push(builtin + ' is a core module name') - } - }) + if (builtins.includes(name.toLowerCase())) { + warnings.push(name + ' is a core module name') + } if (name.length > 214) { warnings.push('name can no longer contain more than 214 characters') diff --git a/node_modules/validate-npm-package-name/package.json b/node_modules/validate-npm-package-name/package.json index 5579a5c33a76b..8a38b66e1d3e4 100644 --- a/node_modules/validate-npm-package-name/package.json +++ b/node_modules/validate-npm-package-name/package.json @@ -1,17 +1,14 @@ { "name": "validate-npm-package-name", - "version": "5.0.0", + "version": "5.0.1", "description": "Give me a string and I'll tell you if it's a valid npm package name", "main": "lib/", "directories": { "test": "test" }, - "dependencies": { - "builtins": "^5.0.0" - }, "devDependencies": { - "@npmcli/eslint-config": "^3.0.1", - "@npmcli/template-oss": "4.5.1", + "@npmcli/eslint-config": "^4.0.0", + "@npmcli/template-oss": "4.22.0", "tap": "^16.0.1" }, "scripts": { @@ -19,7 +16,7 @@ "test:code": "tap ${TAP_FLAGS:-'--'} test/*.js", "test:style": "standard", "test": "tap", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "postlint": "template-oss-check", "template-oss-apply": "template-oss-apply --force", "lintfix": "npm run lint -- --fix", @@ -28,7 +25,7 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/validate-npm-package-name.git" + "url": "git+https://github.com/npm/validate-npm-package-name.git" }, "keywords": [ "npm", @@ -51,12 +48,10 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.5.1" + "version": "4.22.0", + "publish": true }, "tap": { - "statements": 88, - "branches": 92, - "lines": 88, "nyc-arg": [ "--exclude", "tap-snapshots/**" diff --git a/package-lock.json b/package-lock.json index 7d02f427b2e65..037b4fede40f9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -151,7 +151,7 @@ "text-table": "~0.2.0", "tiny-relative-date": "^1.3.0", "treeverse": "^3.0.0", - "validate-npm-package-name": "^5.0.0", + "validate-npm-package-name": "^5.0.1", "which": "^4.0.0", "write-file-atomic": "^5.0.1" }, @@ -2803,15 +2803,6 @@ "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", "dev": true }, - "node_modules/builtins": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/builtins/-/builtins-5.1.0.tgz", - "integrity": "sha512-SW9lzGTLvWTP1AY8xeAMZimqDrIaSdLQUcVr9DMef51niJ022Ri87SwRRKYm4A6iHfkPaiVUu/Duw2Wc4J7kKg==", - "inBundle": true, - "dependencies": { - "semver": "^7.0.0" - } - }, "node_modules/cacache": { "version": "18.0.3", "resolved": "https://registry.npmjs.org/cacache/-/cacache-18.0.3.tgz", @@ -14328,13 +14319,11 @@ } }, "node_modules/validate-npm-package-name": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-5.0.0.tgz", - "integrity": "sha512-YuKoXDAhBYxY7SfOKxHBDoSyENFeW5VvIIQp2TGQuit8gpK6MnWaQelBKxso72DoxTZfZdcP3W90LqpSkgPzLQ==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-5.0.1.tgz", + "integrity": "sha512-OljLrQ9SQdOUqTaQxqL5dEfZWrXExyyWsozYlAWFawPVNuD83igl7uJD2RTkNMbniIYgt8l81eCJGIdQF7avLQ==", "inBundle": true, - "dependencies": { - "builtins": "^5.0.0" - }, + "license": "ISC", "engines": { "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } diff --git a/package.json b/package.json index d050b128c10ec..99c0b9b13a73e 100644 --- a/package.json +++ b/package.json @@ -116,7 +116,7 @@ "text-table": "~0.2.0", "tiny-relative-date": "^1.3.0", "treeverse": "^3.0.0", - "validate-npm-package-name": "^5.0.0", + "validate-npm-package-name": "^5.0.1", "which": "^4.0.0", "write-file-atomic": "^5.0.1" }, From b52ce03a2e0067cec626ad4ed604d0b3a28777e7 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:20:01 -0700 Subject: [PATCH 17/21] deps: minipass@7.1.0 --- node_modules/minipass/package.json | 4 ++-- package-lock.json | 11 ++++++----- package.json | 2 +- workspaces/libnpmorg/package.json | 2 +- 4 files changed, 10 insertions(+), 9 deletions(-) diff --git a/node_modules/minipass/package.json b/node_modules/minipass/package.json index 4398347289164..76038f55de57b 100644 --- a/node_modules/minipass/package.json +++ b/node_modules/minipass/package.json @@ -1,6 +1,6 @@ { "name": "minipass", - "version": "7.0.4", + "version": "7.1.0", "description": "minimal implementation of a PassThrough stream", "main": "./dist/commonjs/index.js", "types": "./dist/commonjs/index.d.ts", @@ -57,7 +57,6 @@ "end-of-stream": "^1.4.0", "node-abort-controller": "^3.1.1", "prettier": "^2.6.2", - "sync-content": "^1.0.2", "tap": "^18.3.0", "through2": "^2.0.3", "tshy": "^1.2.2", @@ -75,6 +74,7 @@ "node": ">=16 || 14 >=14.17" }, "tap": { + "typecheck": true, "include": [ "test/*.ts" ] diff --git a/package-lock.json b/package-lock.json index 037b4fede40f9..eeadbffc469a0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -124,7 +124,7 @@ "libnpmversion": "^6.0.0", "make-fetch-happen": "^13.0.1", "minimatch": "^9.0.4", - "minipass": "^7.0.4", + "minipass": "^7.1.0", "minipass-pipeline": "^1.2.4", "ms": "^2.1.2", "node-gyp": "^10.1.0", @@ -8391,10 +8391,11 @@ } }, "node_modules/minipass": { - "version": "7.0.4", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", - "integrity": "sha512-jYofLM5Dam9279rdkWzqHozUo4ybjdZmCsDHePy5V/PbBcVMiSZR97gmAy45aqi8CK1lG2ECd356FU86avfwUQ==", + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.0.tgz", + "integrity": "sha512-oGZRv2OT1lO2UF1zUcwdTb3wqUwI0kBGTgt/T7OdSj6M6N5m3o5uPf0AIW6lVxGGoiWUR7e2AwTE+xiwK8WQig==", "inBundle": true, + "license": "ISC", "engines": { "node": ">=16 || 14 >=14.17" } @@ -14969,7 +14970,7 @@ "devDependencies": { "@npmcli/eslint-config": "^4.0.0", "@npmcli/template-oss": "4.22.0", - "minipass": "^7.0.4", + "minipass": "^7.1.0", "nock": "^13.3.3", "tap": "^16.3.8" }, diff --git a/package.json b/package.json index 99c0b9b13a73e..fb69c11e2c089 100644 --- a/package.json +++ b/package.json @@ -89,7 +89,7 @@ "libnpmversion": "^6.0.0", "make-fetch-happen": "^13.0.1", "minimatch": "^9.0.4", - "minipass": "^7.0.4", + "minipass": "^7.1.0", "minipass-pipeline": "^1.2.4", "ms": "^2.1.2", "node-gyp": "^10.1.0", diff --git a/workspaces/libnpmorg/package.json b/workspaces/libnpmorg/package.json index 7e346d15c5c6a..ed3e3410443d8 100644 --- a/workspaces/libnpmorg/package.json +++ b/workspaces/libnpmorg/package.json @@ -29,7 +29,7 @@ "devDependencies": { "@npmcli/eslint-config": "^4.0.0", "@npmcli/template-oss": "4.22.0", - "minipass": "^7.0.4", + "minipass": "^7.1.0", "nock": "^13.3.3", "tap": "^16.3.8" }, From 9cd3f9dc6c7268428dc6ced3f5ce3f8dca50e9eb Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:21:09 -0700 Subject: [PATCH 18/21] deps: cmd-shim@6.0.3 --- DEPENDENCIES.md | 2 ++ node_modules/cmd-shim/lib/index.js | 2 +- node_modules/cmd-shim/package.json | 10 +++++----- package-lock.json | 6 +++--- 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/DEPENDENCIES.md b/DEPENDENCIES.md index 89b2792ac512a..222abd4bf2030 100644 --- a/DEPENDENCIES.md +++ b/DEPENDENCIES.md @@ -88,6 +88,7 @@ graph LR; normalize-package-data-->semver; npm-->abbrev; npm-->cacache; + npm-->cmd-shim; npm-->fs-minipass; npm-->hosted-git-info; npm-->ini; @@ -469,6 +470,7 @@ graph LR; npm-->ci-info; npm-->cli-columns; npm-->cli-table3; + npm-->cmd-shim; npm-->diff; npm-->fastest-levenshtein; npm-->fs-minipass; diff --git a/node_modules/cmd-shim/lib/index.js b/node_modules/cmd-shim/lib/index.js index 9cf2243ebf035..c13890aed3263 100644 --- a/node_modules/cmd-shim/lib/index.js +++ b/node_modules/cmd-shim/lib/index.js @@ -56,7 +56,7 @@ const writeShim = (from, to) => const prog = shebang[2] const args = shebang[3] || '' return writeShim_(from, to, prog, args, vars) - }, er => writeShim_(from, to)) + }, () => writeShim_(from, to)) const writeShim_ = (from, to, prog, args, variables) => { let shTarget = relative(dirname(to), from) diff --git a/node_modules/cmd-shim/package.json b/node_modules/cmd-shim/package.json index ec274b2768fbb..094ca2df619d2 100644 --- a/node_modules/cmd-shim/package.json +++ b/node_modules/cmd-shim/package.json @@ -1,11 +1,11 @@ { "name": "cmd-shim", - "version": "6.0.2", + "version": "6.0.3", "description": "Used in npm for command line application support", "scripts": { "test": "tap", "snap": "tap", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "postlint": "template-oss-check", "template-oss-apply": "template-oss-apply --force", "lintfix": "npm run lint -- --fix", @@ -13,12 +13,12 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/cmd-shim.git" + "url": "git+https://github.com/npm/cmd-shim.git" }, "license": "ISC", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.19.0", + "@npmcli/template-oss": "4.22.0", "tap": "^16.0.1" }, "files": [ @@ -41,7 +41,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.19.0", + "version": "4.22.0", "publish": true } } diff --git a/package-lock.json b/package-lock.json index eeadbffc469a0..65b0f08a6262b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -3149,9 +3149,9 @@ } }, "node_modules/cmd-shim": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/cmd-shim/-/cmd-shim-6.0.2.tgz", - "integrity": "sha512-+FFYbB0YLaAkhkcrjkyNLYDiOsFSfRjwjY19LXk/psmMx1z00xlCv7hhQoTGXXIKi+YXHL/iiFo8NqMVQX9nOw==", + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/cmd-shim/-/cmd-shim-6.0.3.tgz", + "integrity": "sha512-FMabTRlc5t5zjdenF6mS0MBeFZm0XqHqeOkcskKFb/LYCcRQ5fVgLOHVc4Lq9CqABd9zhjwPjMBCJvMCziSVtA==", "engines": { "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } From 80e072be60d9291beb4d6d2d61049c05205141ab Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:22:01 -0700 Subject: [PATCH 19/21] deps: minipass-fetch@3.0.5 --- DEPENDENCIES.md | 4 ++-- node_modules/minipass-fetch/lib/body.js | 2 +- node_modules/minipass-fetch/lib/index.js | 2 +- node_modules/minipass-fetch/package.json | 10 +++++----- package-lock.json | 6 +++--- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/DEPENDENCIES.md b/DEPENDENCIES.md index 222abd4bf2030..02890f43192a4 100644 --- a/DEPENDENCIES.md +++ b/DEPENDENCIES.md @@ -88,7 +88,6 @@ graph LR; normalize-package-data-->semver; npm-->abbrev; npm-->cacache; - npm-->cmd-shim; npm-->fs-minipass; npm-->hosted-git-info; npm-->ini; @@ -106,6 +105,7 @@ graph LR; npm-->libnpmteam; npm-->libnpmversion; npm-->make-fetch-happen; + npm-->minipass-fetch; npm-->nopt; npm-->normalize-package-data; npm-->npm-audit-report; @@ -470,7 +470,6 @@ graph LR; npm-->ci-info; npm-->cli-columns; npm-->cli-table3; - npm-->cmd-shim; npm-->diff; npm-->fastest-levenshtein; npm-->fs-minipass; @@ -495,6 +494,7 @@ graph LR; npm-->libnpmversion; npm-->make-fetch-happen; npm-->minimatch; + npm-->minipass-fetch; npm-->minipass-pipeline; npm-->minipass; npm-->ms; diff --git a/node_modules/minipass-fetch/lib/body.js b/node_modules/minipass-fetch/lib/body.js index 6a517a2138540..62286bd1de0d9 100644 --- a/node_modules/minipass-fetch/lib/body.js +++ b/node_modules/minipass-fetch/lib/body.js @@ -146,7 +146,7 @@ class Body { // do the pipe in the promise, because the pipe() can send too much // data through right away and upset the MP Sized object - return new Promise((resolve, reject) => { + return new Promise((resolve) => { // if the stream is some other kind of stream, then pipe through a MP // so we can collect it more easily. if (stream !== upstream) { diff --git a/node_modules/minipass-fetch/lib/index.js b/node_modules/minipass-fetch/lib/index.js index 77e82555e984f..da402161670e6 100644 --- a/node_modules/minipass-fetch/lib/index.js +++ b/node_modules/minipass-fetch/lib/index.js @@ -103,7 +103,7 @@ const fetch = async (url, opts) => { let reqTimeout = null if (request.timeout) { - req.once('socket', socket => { + req.once('socket', () => { reqTimeout = setTimeout(() => { reject(new FetchError(`network timeout at: ${ request.url}`, 'request-timeout')) diff --git a/node_modules/minipass-fetch/package.json b/node_modules/minipass-fetch/package.json index 581275ba27d4f..d491a7fba126d 100644 --- a/node_modules/minipass-fetch/package.json +++ b/node_modules/minipass-fetch/package.json @@ -1,6 +1,6 @@ { "name": "minipass-fetch", - "version": "3.0.4", + "version": "3.0.5", "description": "An implementation of window.fetch in Node.js using Minipass streams", "license": "MIT", "main": "lib/index.js", @@ -8,7 +8,7 @@ "test:tls-fixtures": "./test/fixtures/tls/setup.sh", "test": "tap", "snap": "tap", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "postlint": "template-oss-check", "lintfix": "npm run lint -- --fix", "posttest": "npm run lint", @@ -24,7 +24,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.18.0", + "@npmcli/template-oss": "4.22.0", "@ungap/url-search-params": "^0.2.2", "abort-controller": "^3.0.0", "abortcontroller-polyfill": "~1.7.3", @@ -45,7 +45,7 @@ }, "repository": { "type": "git", - "url": "https://github.com/npm/minipass-fetch.git" + "url": "git+https://github.com/npm/minipass-fetch.git" }, "keywords": [ "fetch", @@ -63,7 +63,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.18.0", + "version": "4.22.0", "publish": "true" } } diff --git a/package-lock.json b/package-lock.json index 65b0f08a6262b..dafe35bbfdd9a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8413,9 +8413,9 @@ } }, "node_modules/minipass-fetch": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-3.0.4.tgz", - "integrity": "sha512-jHAqnA728uUpIaFm7NWsCnqKT6UqZz7GcI/bDpPATuwYyKwJwW0remxSCxUlKiEty+eopHGa3oc8WxgQ1FFJqg==", + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-3.0.5.tgz", + "integrity": "sha512-2N8elDQAtSnFV0Dk7gt15KHsS0Fyz6CbYZ360h0WTYV1Ty46li3rAXVOQj1THMNLdmrD9Vt5pBPtWtVkpwGBqg==", "inBundle": true, "dependencies": { "minipass": "^7.0.3", From 4ca6e6066233d4eb8ad57c01ea85d8492d6bc226 Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:22:30 -0700 Subject: [PATCH 20/21] deps: npm-bundled@3.0.1 --- DEPENDENCIES.md | 4 ++-- node_modules/npm-bundled/lib/index.js | 2 +- node_modules/npm-bundled/package.json | 13 ++++++------- package-lock.json | 7 ++++--- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/DEPENDENCIES.md b/DEPENDENCIES.md index 02890f43192a4..4f382e5714b97 100644 --- a/DEPENDENCIES.md +++ b/DEPENDENCIES.md @@ -105,10 +105,10 @@ graph LR; npm-->libnpmteam; npm-->libnpmversion; npm-->make-fetch-happen; - npm-->minipass-fetch; npm-->nopt; npm-->normalize-package-data; npm-->npm-audit-report; + npm-->npm-bundled; npm-->npm-install-checks; npm-->npm-package-arg; npm-->npm-packlist; @@ -494,7 +494,6 @@ graph LR; npm-->libnpmversion; npm-->make-fetch-happen; npm-->minimatch; - npm-->minipass-fetch; npm-->minipass-pipeline; npm-->minipass; npm-->ms; @@ -503,6 +502,7 @@ graph LR; npm-->nopt; npm-->normalize-package-data; npm-->npm-audit-report; + npm-->npm-bundled; npm-->npm-install-checks; npm-->npm-package-arg; npm-->npm-packlist; diff --git a/node_modules/npm-bundled/lib/index.js b/node_modules/npm-bundled/lib/index.js index 4f54ca647c087..f5ee0bb3ea765 100644 --- a/node_modules/npm-bundled/lib/index.js +++ b/node_modules/npm-bundled/lib/index.js @@ -154,7 +154,7 @@ class BundleWalker extends EE { path: p, parent: this, }) - child.on('done', _ => { + child.on('done', () => { if (--this.children === 0) { this.done() } diff --git a/node_modules/npm-bundled/package.json b/node_modules/npm-bundled/package.json index f41066ab2e6d3..2744ca6af67fc 100644 --- a/node_modules/npm-bundled/package.json +++ b/node_modules/npm-bundled/package.json @@ -1,25 +1,23 @@ { "name": "npm-bundled", - "version": "3.0.0", + "version": "3.0.1", "description": "list things in node_modules that are bundledDependencies, or transitive dependencies thereof", "main": "lib/index.js", "repository": { "type": "git", - "url": "https://github.com/npm/npm-bundled.git" + "url": "git+https://github.com/npm/npm-bundled.git" }, "author": "GitHub Inc.", "license": "ISC", "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.5.1", - "mkdirp": "^1.0.4", + "@npmcli/template-oss": "4.22.0", "mutate-fs": "^2.1.1", - "rimraf": "^3.0.2", "tap": "^16.3.0" }, "scripts": { "test": "tap", - "lint": "eslint \"**/*.js\"", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "postlint": "template-oss-check", "template-oss-apply": "template-oss-apply --force", "lintfix": "npm run lint -- --fix", @@ -38,7 +36,8 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.5.1" + "version": "4.22.0", + "publish": true }, "tap": { "nyc-arg": [ diff --git a/package-lock.json b/package-lock.json index dafe35bbfdd9a..7c5498f46f7ff 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8798,10 +8798,11 @@ } }, "node_modules/npm-bundled": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/npm-bundled/-/npm-bundled-3.0.0.tgz", - "integrity": "sha512-Vq0eyEQy+elFpzsKjMss9kxqb9tG3YHg4dsyWuUENuzvSUWe1TCnW/vV9FkhvBk/brEDoDiVd+M1Btosa6ImdQ==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/npm-bundled/-/npm-bundled-3.0.1.tgz", + "integrity": "sha512-+AvaheE/ww1JEwRHOrn4WHNzOxGtVp+adrg2AeZS/7KuxGUYFuBta98wYpfHBbJp6Tg6j1NKSEVHNcfZzJHQwQ==", "inBundle": true, + "license": "ISC", "dependencies": { "npm-normalize-package-bin": "^3.0.0" }, From 1b0493460760f0d4e35383c32ef4514bbb197b1a Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 6 May 2024 15:23:20 -0700 Subject: [PATCH 21/21] deps: promzard@1.0.2 --- DEPENDENCIES.md | 2 -- node_modules/promzard/lib/index.js | 1 + node_modules/promzard/package.json | 8 ++++---- package-lock.json | 6 +++--- 4 files changed, 8 insertions(+), 9 deletions(-) diff --git a/DEPENDENCIES.md b/DEPENDENCIES.md index 4f382e5714b97..89b2792ac512a 100644 --- a/DEPENDENCIES.md +++ b/DEPENDENCIES.md @@ -108,7 +108,6 @@ graph LR; npm-->nopt; npm-->normalize-package-data; npm-->npm-audit-report; - npm-->npm-bundled; npm-->npm-install-checks; npm-->npm-package-arg; npm-->npm-packlist; @@ -502,7 +501,6 @@ graph LR; npm-->nopt; npm-->normalize-package-data; npm-->npm-audit-report; - npm-->npm-bundled; npm-->npm-install-checks; npm-->npm-package-arg; npm-->npm-packlist; diff --git a/node_modules/promzard/lib/index.js b/node_modules/promzard/lib/index.js index 52c8a3c828313..130bb4e3aa9e5 100644 --- a/node_modules/promzard/lib/index.js +++ b/node_modules/promzard/lib/index.js @@ -133,6 +133,7 @@ class PromZard { o[k] = await this.#prompt(prompt, def, tx) } catch (er) { if (er.notValid) { + // eslint-disable-next-line no-console console.log(er.message) i-- } else { diff --git a/node_modules/promzard/package.json b/node_modules/promzard/package.json index a4253193232b8..71b0ed439a440 100644 --- a/node_modules/promzard/package.json +++ b/node_modules/promzard/package.json @@ -2,9 +2,9 @@ "author": "GitHub Inc.", "name": "promzard", "description": "prompting wizardly", - "version": "1.0.1", + "version": "1.0.2", "repository": { - "url": "https://github.com/npm/promzard.git", + "url": "git+https://github.com/npm/promzard.git", "type": "git" }, "dependencies": { @@ -12,7 +12,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.21.3", + "@npmcli/template-oss": "4.22.0", "tap": "^16.3.0" }, "main": "lib/index.js", @@ -35,7 +35,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.21.3", + "version": "4.22.0", "publish": true }, "tap": { diff --git a/package-lock.json b/package-lock.json index 7c5498f46f7ff..806af2f7396df 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9791,9 +9791,9 @@ } }, "node_modules/promzard": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/promzard/-/promzard-1.0.1.tgz", - "integrity": "sha512-ulDF77aULEHUoJkN5XZgRV5loHXBaqd9eorMvLNLvi2gXMuRAtwH6Gh4zsMHQY1kTt7tyv/YZwZW5C2gtj8F2A==", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/promzard/-/promzard-1.0.2.tgz", + "integrity": "sha512-2FPputGL+mP3jJ3UZg/Dl9YOkovB7DX0oOr+ck5QbZ5MtORtds8k/BZdn+02peDLI8/YWbmzx34k5fA+fHvCVQ==", "inBundle": true, "dependencies": { "read": "^3.0.1"