From b47b29988e38f05f951ce80dc80e159ca75fb15f Mon Sep 17 00:00:00 2001 From: dead_horse Date: Thu, 3 Mar 2016 10:35:31 +0800 Subject: [PATCH 1/2] chore: fix readme --- README.md | 28 ++++++++++++---------------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 40ca9073..a5a13058 100644 --- a/README.md +++ b/README.md @@ -96,9 +96,17 @@ co(function*() { ## Support Features +- [x] all types of npm package + - [x] a) a folder containing a program described by a package.json file (`npm install file:eslint-rule`) + - [x] b) a gzipped tarball containing (a) (`npm install ./rule.tgz`) + - [x] c) a url that resolves to (b) (`npm install https://github.com/indexzero/forever/tarball/v0.5.6`) + - [x] d) a @ that is published on the registry with (c) + - [x] e) a @ (see npm-dist-tag) that points to (d) + - [x] f) a that has a "latest" tag satisfying (e) + - [x] g) a that resolves to (a) (`npm install git://github.com/timaschew/cogent#fix-redirects`) +- [x] All platform support - [x] global install (`-g, --global`) -- [x] postinstall script - - [x] support Windows +- [x] `preinstall`, `install`, `postinstall` scripts - [x] node-gyp - [x] node-pre-gyp - [x] bin (yo@1.6.0, fsevents@1.0.6) @@ -108,16 +116,6 @@ co(function*() { - [x] peerDependencies (co-defer@1.0.0, co-mocha@1.1.2, estraverse-fb@1.3.1) - [x] deprecate message - [x] `--production` mode -- [x] cleanup when install failed -- all types of npm package - - [x] a) a folder containing a program described by a package.json file (`npm install file:eslint-rule`) - - [x] b) a gzipped tarball containing (a) (`npm install ./rule.tgz`) - - [x] c) a url that resolves to (b) (`npm install https://github.com/indexzero/forever/tarball/v0.5.6`) - - [x] d) a @ that is published on the registry with (c) - - [x] e) a @ (see npm-dist-tag) that points to (d) - - [x] f) a that has a "latest" tag satisfying (e) - - [x] g) a that resolves to (a) (`npm install git://github.com/timaschew/cogent#fix-redirects`) -- [x] `preinstall`, `install`, `postinstall` scripts - [x] `save`, `save-dev`, `save-optional` ## Different with NPM @@ -141,10 +139,8 @@ Two rules: e.g.: -- app: `{ "dependencies": { "a": "1.0.0" } }` (root) -- a@1.0.0: `{ "dependencies": { "c": "2.0.0", "b": "1.0.0" } }` -- b@1.0.0: `{ "dependencies": { "c": "1.0.0" } }` -- c@1.0.0 & c@2.0.0: `{ "dependencies": { } }` +- app: `{ "dependencies": { "debug": "2.2.0", "ms": "0.5.1" } }` (root) +- debug@2.2.0: `{ "dependencies": { "ms": "0.7.1" } }` ```bash app/ From 4a8e3d47d5682c218997d6abc4b44725c75d5019 Mon Sep 17 00:00:00 2001 From: dead_horse Date: Thu, 3 Mar 2016 10:47:45 +0800 Subject: [PATCH 2/2] feat: support read strict-ssl from npm config --- bin/install.js | 11 +++++++++++ lib/download/npm.js | 6 +++--- lib/download/remote.js | 2 +- lib/get.js | 3 ++- 4 files changed, 17 insertions(+), 5 deletions(-) diff --git a/bin/install.js b/bin/install.js index 9c42e4db..3d1edd2a 100755 --- a/bin/install.js +++ b/bin/install.js @@ -142,6 +142,7 @@ co(function*() { config.targetDir = path.join(npmPrefix, 'lib'); config.binDir = path.join(npmPrefix, 'bin'); } + config.strictSSL = getStrictSSL(); yield npminstall(config); if (!argv.global && pkgs.length > 0) { @@ -183,6 +184,16 @@ function getVersionSavePrefix() { } } +function getStrictSSL() { + try { + const strictSSL = execSync('npm config get strict-ssl').toString().trim(); + return strictSSL !== 'false'; + } catch (err) { + console.error(`exec npm config get strict-ssl ERROR: ${err.message}`); + return true; + } +} + function* updateDependencies(root, pkgs, propName) { const savePrefix = getVersionSavePrefix(); const pkgFile = path.join(root, 'package.json'); diff --git a/lib/download/npm.js b/lib/download/npm.js index 0623f5b4..21cda235 100644 --- a/lib/download/npm.js +++ b/lib/download/npm.js @@ -33,7 +33,7 @@ module.exports = function* (pkg, options) { timeout: options.timeout, followRedirect: true, gzip: true, - }); + }, options); const realPkg = result.data; options.totalJSONSize += result.res.size; options.totalJSONCount += 1; @@ -111,7 +111,7 @@ function* getTarballStream(pkg, options) { timeout: options.timeout, followRedirect: true, streaming: true, - }); + }, options); if (result.status !== 200) { destroy(result.res); @@ -142,7 +142,7 @@ function* getTarballStream(pkg, options) { timeout: options.timeout, followRedirect: true, writeStream: fs.createWriteStream(tmpFile), - }); + }, options); if (result.status !== 200) { throw new Error(`Download ${pkg.dist.tarball} status: ${result.status} error, should be 200`); diff --git a/lib/download/remote.js b/lib/download/remote.js index 16980ffe..dc42a17c 100644 --- a/lib/download/remote.js +++ b/lib/download/remote.js @@ -42,7 +42,7 @@ function* getTarballStream(url, options) { timeout: options.timeout, followRedirect: true, streaming: true, - }); + }, options); if (result.status !== 200) { destroy(result.res); diff --git a/lib/get.js b/lib/get.js index d8b4060c..27341420 100644 --- a/lib/get.js +++ b/lib/get.js @@ -31,11 +31,12 @@ const httpsKeepaliveAgent = new HttpsAgent({ const USER_AGENT = 'npminstall/' + require('../package.json').version + ' ' + urllib.USER_AGENT; -function* get(url, options) { +function* get(url, options, globalOptions) { options.httpsAgent = httpsKeepaliveAgent; options.agent = httpKeepaliveAgent; options.headers = options.headers || {}; options.headers['User-Agent'] = USER_AGENT; + options.rejectUnauthorized = globalOptions.strictSSL; const result = yield _get(url, options, 5); debug('GET %s, headers: %j from %j', result.status, result.headers, url); if (result.status < 100 || result.status >= 300) {