From 092f41fec40f418468605557fcb4f4e1babd9d45 Mon Sep 17 00:00:00 2001 From: reggi Date: Wed, 2 Oct 2024 13:25:17 -0400 Subject: [PATCH] deps: update npm-pick-manifest@10.0.0 --- node_modules/.gitignore | 12 +- .../git}/node_modules/hosted-git-info/LICENSE | 0 .../hosted-git-info/lib/from-url.js | 0 .../node_modules/hosted-git-info/lib/hosts.js | 0 .../node_modules/hosted-git-info/lib/index.js | 0 .../hosted-git-info/lib/parse-url.js | 0 .../node_modules/hosted-git-info/package.json | 0 .../node_modules/npm-install-checks/LICENSE | 0 .../npm-install-checks/lib/index.js | 0 .../npm-install-checks/package.json | 0 .../node_modules/npm-package-arg}/LICENSE | 0 .../node_modules/npm-package-arg/lib/npa.js | 0 .../node_modules/npm-package-arg/package.json | 0 .../node_modules/npm-pick-manifest/LICENSE.md | 0 .../npm-pick-manifest/lib/index.js | 0 .../npm-pick-manifest/package.json | 23 +- .../LICENSE | 0 .../npm-normalize-package-bin/lib/index.js | 0 .../npm-normalize-package-bin/package.json | 0 node_modules/npm-pick-manifest/package.json | 23 +- .../node_modules/npm-install-checks/LICENSE | 27 +++ .../npm-install-checks/lib/index.js | 101 ++++++++ .../npm-install-checks/package.json | 51 ++++ .../node_modules/npm-pick-manifest/LICENSE.md | 16 ++ .../npm-pick-manifest/lib/index.js | 224 ++++++++++++++++++ .../npm-pick-manifest/package.json | 57 +++++ package-lock.json | 173 ++++++++------ package.json | 2 +- workspaces/arborist/package.json | 2 +- 29 files changed, 609 insertions(+), 102 deletions(-) rename node_modules/{npm-pick-manifest => @npmcli/git}/node_modules/hosted-git-info/LICENSE (100%) rename node_modules/{npm-pick-manifest => @npmcli/git}/node_modules/hosted-git-info/lib/from-url.js (100%) rename node_modules/{npm-pick-manifest => @npmcli/git}/node_modules/hosted-git-info/lib/hosts.js (100%) rename node_modules/{npm-pick-manifest => @npmcli/git}/node_modules/hosted-git-info/lib/index.js (100%) rename node_modules/{npm-pick-manifest => @npmcli/git}/node_modules/hosted-git-info/lib/parse-url.js (100%) rename node_modules/{npm-pick-manifest => @npmcli/git}/node_modules/hosted-git-info/package.json (100%) rename node_modules/{npm-pick-manifest => @npmcli/git}/node_modules/npm-install-checks/LICENSE (100%) rename node_modules/{npm-pick-manifest => @npmcli/git}/node_modules/npm-install-checks/lib/index.js (100%) rename node_modules/{npm-pick-manifest => @npmcli/git}/node_modules/npm-install-checks/package.json (100%) rename node_modules/@npmcli/{package-json/node_modules/npm-normalize-package-bin => git/node_modules/npm-package-arg}/LICENSE (100%) rename node_modules/{npm-pick-manifest => @npmcli/git}/node_modules/npm-package-arg/lib/npa.js (100%) rename node_modules/{npm-pick-manifest => @npmcli/git}/node_modules/npm-package-arg/package.json (100%) rename node_modules/@npmcli/{package-json => git}/node_modules/npm-pick-manifest/LICENSE.md (100%) rename node_modules/@npmcli/{package-json => git}/node_modules/npm-pick-manifest/lib/index.js (100%) rename node_modules/@npmcli/{package-json => git}/node_modules/npm-pick-manifest/package.json (68%) rename node_modules/npm-pick-manifest/node_modules/{npm-package-arg => npm-normalize-package-bin}/LICENSE (100%) rename node_modules/{@npmcli/package-json => npm-pick-manifest}/node_modules/npm-normalize-package-bin/lib/index.js (100%) rename node_modules/{@npmcli/package-json => npm-pick-manifest}/node_modules/npm-normalize-package-bin/package.json (100%) create mode 100644 node_modules/pacote/node_modules/npm-install-checks/LICENSE create mode 100644 node_modules/pacote/node_modules/npm-install-checks/lib/index.js create mode 100644 node_modules/pacote/node_modules/npm-install-checks/package.json create mode 100644 node_modules/pacote/node_modules/npm-pick-manifest/LICENSE.md create mode 100644 node_modules/pacote/node_modules/npm-pick-manifest/lib/index.js create mode 100644 node_modules/pacote/node_modules/npm-pick-manifest/package.json diff --git a/node_modules/.gitignore b/node_modules/.gitignore index 011491bfaf5d8..835011f321bf4 100644 --- a/node_modules/.gitignore +++ b/node_modules/.gitignore @@ -24,7 +24,11 @@ !/@npmcli/git/node_modules/@npmcli/ /@npmcli/git/node_modules/@npmcli/* !/@npmcli/git/node_modules/@npmcli/promise-spawn +!/@npmcli/git/node_modules/hosted-git-info !/@npmcli/git/node_modules/ini +!/@npmcli/git/node_modules/npm-install-checks +!/@npmcli/git/node_modules/npm-package-arg +!/@npmcli/git/node_modules/npm-pick-manifest !/@npmcli/installed-package-contents !/@npmcli/map-workspaces !/@npmcli/map-workspaces/node_modules/ @@ -51,8 +55,6 @@ /@npmcli/package-json/node_modules/@npmcli/* !/@npmcli/package-json/node_modules/@npmcli/git !/@npmcli/package-json/node_modules/isexe -!/@npmcli/package-json/node_modules/npm-normalize-package-bin -!/@npmcli/package-json/node_modules/npm-pick-manifest !/@npmcli/package-json/node_modules/proc-log !/@npmcli/package-json/node_modules/which !/@npmcli/promise-spawn @@ -239,9 +241,7 @@ !/npm-pick-manifest !/npm-pick-manifest/node_modules/ /npm-pick-manifest/node_modules/* -!/npm-pick-manifest/node_modules/hosted-git-info -!/npm-pick-manifest/node_modules/npm-install-checks -!/npm-pick-manifest/node_modules/npm-package-arg +!/npm-pick-manifest/node_modules/npm-normalize-package-bin !/npm-profile !/npm-registry-fetch !/npm-registry-fetch/node_modules/ @@ -273,7 +273,9 @@ !/pacote/node_modules/hosted-git-info !/pacote/node_modules/json-parse-even-better-errors !/pacote/node_modules/normalize-package-data +!/pacote/node_modules/npm-install-checks !/pacote/node_modules/npm-package-arg +!/pacote/node_modules/npm-pick-manifest !/pacote/node_modules/unique-filename !/pacote/node_modules/unique-slug !/parse-conflict-json diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/LICENSE b/node_modules/@npmcli/git/node_modules/hosted-git-info/LICENSE similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/hosted-git-info/LICENSE rename to node_modules/@npmcli/git/node_modules/hosted-git-info/LICENSE diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/lib/from-url.js b/node_modules/@npmcli/git/node_modules/hosted-git-info/lib/from-url.js similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/hosted-git-info/lib/from-url.js rename to node_modules/@npmcli/git/node_modules/hosted-git-info/lib/from-url.js diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/lib/hosts.js b/node_modules/@npmcli/git/node_modules/hosted-git-info/lib/hosts.js similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/hosted-git-info/lib/hosts.js rename to node_modules/@npmcli/git/node_modules/hosted-git-info/lib/hosts.js diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/lib/index.js b/node_modules/@npmcli/git/node_modules/hosted-git-info/lib/index.js similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/hosted-git-info/lib/index.js rename to node_modules/@npmcli/git/node_modules/hosted-git-info/lib/index.js diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/lib/parse-url.js b/node_modules/@npmcli/git/node_modules/hosted-git-info/lib/parse-url.js similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/hosted-git-info/lib/parse-url.js rename to node_modules/@npmcli/git/node_modules/hosted-git-info/lib/parse-url.js diff --git a/node_modules/npm-pick-manifest/node_modules/hosted-git-info/package.json b/node_modules/@npmcli/git/node_modules/hosted-git-info/package.json similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/hosted-git-info/package.json rename to node_modules/@npmcli/git/node_modules/hosted-git-info/package.json diff --git a/node_modules/npm-pick-manifest/node_modules/npm-install-checks/LICENSE b/node_modules/@npmcli/git/node_modules/npm-install-checks/LICENSE similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/npm-install-checks/LICENSE rename to node_modules/@npmcli/git/node_modules/npm-install-checks/LICENSE diff --git a/node_modules/npm-pick-manifest/node_modules/npm-install-checks/lib/index.js b/node_modules/@npmcli/git/node_modules/npm-install-checks/lib/index.js similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/npm-install-checks/lib/index.js rename to node_modules/@npmcli/git/node_modules/npm-install-checks/lib/index.js diff --git a/node_modules/npm-pick-manifest/node_modules/npm-install-checks/package.json b/node_modules/@npmcli/git/node_modules/npm-install-checks/package.json similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/npm-install-checks/package.json rename to node_modules/@npmcli/git/node_modules/npm-install-checks/package.json diff --git a/node_modules/@npmcli/package-json/node_modules/npm-normalize-package-bin/LICENSE b/node_modules/@npmcli/git/node_modules/npm-package-arg/LICENSE similarity index 100% rename from node_modules/@npmcli/package-json/node_modules/npm-normalize-package-bin/LICENSE rename to node_modules/@npmcli/git/node_modules/npm-package-arg/LICENSE diff --git a/node_modules/npm-pick-manifest/node_modules/npm-package-arg/lib/npa.js b/node_modules/@npmcli/git/node_modules/npm-package-arg/lib/npa.js similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/npm-package-arg/lib/npa.js rename to node_modules/@npmcli/git/node_modules/npm-package-arg/lib/npa.js diff --git a/node_modules/npm-pick-manifest/node_modules/npm-package-arg/package.json b/node_modules/@npmcli/git/node_modules/npm-package-arg/package.json similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/npm-package-arg/package.json rename to node_modules/@npmcli/git/node_modules/npm-package-arg/package.json diff --git a/node_modules/@npmcli/package-json/node_modules/npm-pick-manifest/LICENSE.md b/node_modules/@npmcli/git/node_modules/npm-pick-manifest/LICENSE.md similarity index 100% rename from node_modules/@npmcli/package-json/node_modules/npm-pick-manifest/LICENSE.md rename to node_modules/@npmcli/git/node_modules/npm-pick-manifest/LICENSE.md diff --git a/node_modules/@npmcli/package-json/node_modules/npm-pick-manifest/lib/index.js b/node_modules/@npmcli/git/node_modules/npm-pick-manifest/lib/index.js similarity index 100% rename from node_modules/@npmcli/package-json/node_modules/npm-pick-manifest/lib/index.js rename to node_modules/@npmcli/git/node_modules/npm-pick-manifest/lib/index.js diff --git a/node_modules/@npmcli/package-json/node_modules/npm-pick-manifest/package.json b/node_modules/@npmcli/git/node_modules/npm-pick-manifest/package.json similarity index 68% rename from node_modules/@npmcli/package-json/node_modules/npm-pick-manifest/package.json rename to node_modules/@npmcli/git/node_modules/npm-pick-manifest/package.json index 5763088c250b6..4c0dd50630def 100644 --- a/node_modules/@npmcli/package-json/node_modules/npm-pick-manifest/package.json +++ b/node_modules/@npmcli/git/node_modules/npm-pick-manifest/package.json @@ -1,6 +1,6 @@ { "name": "npm-pick-manifest", - "version": "10.0.0", + "version": "9.1.0", "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", "main": "./lib", "files": [ @@ -9,14 +9,13 @@ ], "scripts": { "coverage": "tap", - "lint": "npm run eslint", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", "test": "tap", "posttest": "npm run lint", "postlint": "template-oss-check", - "lintfix": "npm run eslint -- --fix", + "lintfix": "npm run lint -- --fix", "snap": "tap", - "template-oss-apply": "template-oss-apply --force", - "eslint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"" + "template-oss-apply": "template-oss-apply --force" }, "repository": { "type": "git", @@ -30,14 +29,14 @@ "author": "GitHub Inc.", "license": "ISC", "dependencies": { - "npm-install-checks": "^7.1.0", - "npm-normalize-package-bin": "^4.0.0", - "npm-package-arg": "^12.0.0", + "npm-install-checks": "^6.0.0", + "npm-normalize-package-bin": "^3.0.0", + "npm-package-arg": "^11.0.0", "semver": "^7.3.5" }, "devDependencies": { - "@npmcli/eslint-config": "^5.0.0", - "@npmcli/template-oss": "4.23.3", + "@npmcli/eslint-config": "^4.0.0", + "@npmcli/template-oss": "4.22.0", "tap": "^16.0.1" }, "tap": { @@ -48,11 +47,11 @@ ] }, "engines": { - "node": "^18.17.0 || >=20.5.0" + "node": "^16.14.0 || >=18.0.0" }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.23.3", + "version": "4.22.0", "publish": true } } diff --git a/node_modules/npm-pick-manifest/node_modules/npm-package-arg/LICENSE b/node_modules/npm-pick-manifest/node_modules/npm-normalize-package-bin/LICENSE similarity index 100% rename from node_modules/npm-pick-manifest/node_modules/npm-package-arg/LICENSE rename to node_modules/npm-pick-manifest/node_modules/npm-normalize-package-bin/LICENSE diff --git a/node_modules/@npmcli/package-json/node_modules/npm-normalize-package-bin/lib/index.js b/node_modules/npm-pick-manifest/node_modules/npm-normalize-package-bin/lib/index.js similarity index 100% rename from node_modules/@npmcli/package-json/node_modules/npm-normalize-package-bin/lib/index.js rename to node_modules/npm-pick-manifest/node_modules/npm-normalize-package-bin/lib/index.js diff --git a/node_modules/@npmcli/package-json/node_modules/npm-normalize-package-bin/package.json b/node_modules/npm-pick-manifest/node_modules/npm-normalize-package-bin/package.json similarity index 100% rename from node_modules/@npmcli/package-json/node_modules/npm-normalize-package-bin/package.json rename to node_modules/npm-pick-manifest/node_modules/npm-normalize-package-bin/package.json diff --git a/node_modules/npm-pick-manifest/package.json b/node_modules/npm-pick-manifest/package.json index 4c0dd50630def..5763088c250b6 100644 --- a/node_modules/npm-pick-manifest/package.json +++ b/node_modules/npm-pick-manifest/package.json @@ -1,6 +1,6 @@ { "name": "npm-pick-manifest", - "version": "9.1.0", + "version": "10.0.0", "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", "main": "./lib", "files": [ @@ -9,13 +9,14 @@ ], "scripts": { "coverage": "tap", - "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", + "lint": "npm run eslint", "test": "tap", "posttest": "npm run lint", "postlint": "template-oss-check", - "lintfix": "npm run lint -- --fix", + "lintfix": "npm run eslint -- --fix", "snap": "tap", - "template-oss-apply": "template-oss-apply --force" + "template-oss-apply": "template-oss-apply --force", + "eslint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"" }, "repository": { "type": "git", @@ -29,14 +30,14 @@ "author": "GitHub Inc.", "license": "ISC", "dependencies": { - "npm-install-checks": "^6.0.0", - "npm-normalize-package-bin": "^3.0.0", - "npm-package-arg": "^11.0.0", + "npm-install-checks": "^7.1.0", + "npm-normalize-package-bin": "^4.0.0", + "npm-package-arg": "^12.0.0", "semver": "^7.3.5" }, "devDependencies": { - "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.22.0", + "@npmcli/eslint-config": "^5.0.0", + "@npmcli/template-oss": "4.23.3", "tap": "^16.0.1" }, "tap": { @@ -47,11 +48,11 @@ ] }, "engines": { - "node": "^16.14.0 || >=18.0.0" + "node": "^18.17.0 || >=20.5.0" }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.22.0", + "version": "4.23.3", "publish": true } } diff --git a/node_modules/pacote/node_modules/npm-install-checks/LICENSE b/node_modules/pacote/node_modules/npm-install-checks/LICENSE new file mode 100644 index 0000000000000..3bed8320c15b2 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-install-checks/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) Robert Kowalski and Isaac Z. Schlueter ("Authors") +All rights reserved. + +The BSD License + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS +BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/node_modules/pacote/node_modules/npm-install-checks/lib/index.js b/node_modules/pacote/node_modules/npm-install-checks/lib/index.js new file mode 100644 index 0000000000000..545472b61dc60 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-install-checks/lib/index.js @@ -0,0 +1,101 @@ +const semver = require('semver') + +const checkEngine = (target, npmVer, nodeVer, force = false) => { + const nodev = force ? null : nodeVer + const eng = target.engines + const opt = { includePrerelease: true } + if (!eng) { + return + } + + const nodeFail = nodev && eng.node && !semver.satisfies(nodev, eng.node, opt) + const npmFail = npmVer && eng.npm && !semver.satisfies(npmVer, eng.npm, opt) + if (nodeFail || npmFail) { + throw Object.assign(new Error('Unsupported engine'), { + pkgid: target._id, + current: { node: nodeVer, npm: npmVer }, + required: eng, + code: 'EBADENGINE', + }) + } +} + +const isMusl = (file) => file.includes('libc.musl-') || file.includes('ld-musl-') + +const checkPlatform = (target, force = false, environment = {}) => { + if (force) { + return + } + + const platform = environment.os || process.platform + const arch = environment.cpu || process.arch + const osOk = target.os ? checkList(platform, target.os) : true + const cpuOk = target.cpu ? checkList(arch, target.cpu) : true + + let libcOk = true + let libcFamily = null + if (target.libc) { + // libc checks only work in linux, any value is a failure if we aren't + if (environment.libc) { + libcOk = checkList(environment.libc, target.libc) + } else if (platform !== 'linux') { + libcOk = false + } else { + const report = process.report.getReport() + if (report.header?.glibcVersionRuntime) { + libcFamily = 'glibc' + } else if (Array.isArray(report.sharedObjects) && report.sharedObjects.some(isMusl)) { + libcFamily = 'musl' + } + libcOk = libcFamily ? checkList(libcFamily, target.libc) : false + } + } + + if (!osOk || !cpuOk || !libcOk) { + throw Object.assign(new Error('Unsupported platform'), { + pkgid: target._id, + current: { + os: platform, + cpu: arch, + libc: libcFamily, + }, + required: { + os: target.os, + cpu: target.cpu, + libc: target.libc, + }, + code: 'EBADPLATFORM', + }) + } +} + +const checkList = (value, list) => { + if (typeof list === 'string') { + list = [list] + } + if (list.length === 1 && list[0] === 'any') { + return true + } + // match none of the negated values, and at least one of the + // non-negated values, if any are present. + let negated = 0 + let match = false + for (const entry of list) { + const negate = entry.charAt(0) === '!' + const test = negate ? entry.slice(1) : entry + if (negate) { + negated++ + if (value === test) { + return false + } + } else { + match = match || value === test + } + } + return match || negated === list.length +} + +module.exports = { + checkEngine, + checkPlatform, +} diff --git a/node_modules/pacote/node_modules/npm-install-checks/package.json b/node_modules/pacote/node_modules/npm-install-checks/package.json new file mode 100644 index 0000000000000..11a3b87750e25 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-install-checks/package.json @@ -0,0 +1,51 @@ +{ + "name": "npm-install-checks", + "version": "6.3.0", + "description": "Check the engines and platform fields in package.json", + "main": "lib/index.js", + "dependencies": { + "semver": "^7.1.1" + }, + "devDependencies": { + "@npmcli/eslint-config": "^4.0.0", + "@npmcli/template-oss": "4.19.0", + "tap": "^16.0.1" + }, + "scripts": { + "test": "tap", + "lint": "eslint \"**/*.js\"", + "postlint": "template-oss-check", + "template-oss-apply": "template-oss-apply --force", + "lintfix": "npm run lint -- --fix", + "snap": "tap", + "posttest": "npm run lint" + }, + "repository": { + "type": "git", + "url": "https://github.com/npm/npm-install-checks.git" + }, + "keywords": [ + "npm,", + "install" + ], + "license": "BSD-2-Clause", + "files": [ + "bin/", + "lib/" + ], + "engines": { + "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + }, + "author": "GitHub Inc.", + "templateOSS": { + "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", + "version": "4.19.0", + "publish": "true" + }, + "tap": { + "nyc-arg": [ + "--exclude", + "tap-snapshots/**" + ] + } +} diff --git a/node_modules/pacote/node_modules/npm-pick-manifest/LICENSE.md b/node_modules/pacote/node_modules/npm-pick-manifest/LICENSE.md new file mode 100644 index 0000000000000..8d28acf866d93 --- /dev/null +++ b/node_modules/pacote/node_modules/npm-pick-manifest/LICENSE.md @@ -0,0 +1,16 @@ +ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for +any purpose with or without fee is hereby granted, provided that the +above copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE COPYRIGHT HOLDER DISCLAIMS +ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE +COPYRIGHT HOLDER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE +USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/pacote/node_modules/npm-pick-manifest/lib/index.js b/node_modules/pacote/node_modules/npm-pick-manifest/lib/index.js new file mode 100644 index 0000000000000..82807971844bf --- /dev/null +++ b/node_modules/pacote/node_modules/npm-pick-manifest/lib/index.js @@ -0,0 +1,224 @@ +'use strict' + +const npa = require('npm-package-arg') +const semver = require('semver') +const { checkEngine } = require('npm-install-checks') +const normalizeBin = require('npm-normalize-package-bin') + +const engineOk = (manifest, npmVersion, nodeVersion) => { + try { + checkEngine(manifest, npmVersion, nodeVersion) + return true + } catch (_) { + return false + } +} + +const isBefore = (verTimes, ver, time) => + !verTimes || !verTimes[ver] || Date.parse(verTimes[ver]) <= time + +const avoidSemverOpt = { includePrerelease: true, loose: true } +const shouldAvoid = (ver, avoid) => + avoid && semver.satisfies(ver, avoid, avoidSemverOpt) + +const decorateAvoid = (result, avoid) => + result && shouldAvoid(result.version, avoid) + ? { ...result, _shouldAvoid: true } + : result + +const pickManifest = (packument, wanted, opts) => { + const { + defaultTag = 'latest', + before = null, + nodeVersion = process.version, + npmVersion = null, + includeStaged = false, + avoid = null, + avoidStrict = false, + } = opts + + const { name, time: verTimes } = packument + const versions = packument.versions || {} + + if (avoidStrict) { + const looseOpts = { + ...opts, + avoidStrict: false, + } + + const result = pickManifest(packument, wanted, looseOpts) + if (!result || !result._shouldAvoid) { + return result + } + + const caret = pickManifest(packument, `^${result.version}`, looseOpts) + if (!caret || !caret._shouldAvoid) { + return { + ...caret, + _outsideDependencyRange: true, + _isSemVerMajor: false, + } + } + + const star = pickManifest(packument, '*', looseOpts) + if (!star || !star._shouldAvoid) { + return { + ...star, + _outsideDependencyRange: true, + _isSemVerMajor: true, + } + } + + throw Object.assign(new Error(`No avoidable versions for ${name}`), { + code: 'ETARGET', + name, + wanted, + avoid, + before, + versions: Object.keys(versions), + }) + } + + const staged = (includeStaged && packument.stagedVersions && + packument.stagedVersions.versions) || {} + const restricted = (packument.policyRestrictions && + packument.policyRestrictions.versions) || {} + + const time = before && verTimes ? +(new Date(before)) : Infinity + const spec = npa.resolve(name, wanted || defaultTag) + const type = spec.type + const distTags = packument['dist-tags'] || {} + + if (type !== 'tag' && type !== 'version' && type !== 'range') { + throw new Error('Only tag, version, and range are supported') + } + + // if the type is 'tag', and not just the implicit default, then it must + // be that exactly, or nothing else will do. + if (wanted && type === 'tag') { + const ver = distTags[wanted] + // if the version in the dist-tags is before the before date, then + // we use that. Otherwise, we get the highest precedence version + // prior to the dist-tag. + if (isBefore(verTimes, ver, time)) { + return decorateAvoid(versions[ver] || staged[ver] || restricted[ver], avoid) + } else { + return pickManifest(packument, `<=${ver}`, opts) + } + } + + // similarly, if a specific version, then only that version will do + if (wanted && type === 'version') { + const ver = semver.clean(wanted, { loose: true }) + const mani = versions[ver] || staged[ver] || restricted[ver] + return isBefore(verTimes, ver, time) ? decorateAvoid(mani, avoid) : null + } + + // ok, sort based on our heuristics, and pick the best fit + const range = type === 'range' ? wanted : '*' + + // if the range is *, then we prefer the 'latest' if available + // but skip this if it should be avoided, in that case we have + // to try a little harder. + const defaultVer = distTags[defaultTag] + if (defaultVer && + (range === '*' || semver.satisfies(defaultVer, range, { loose: true })) && + !restricted[defaultVer] && + !shouldAvoid(defaultVer, avoid)) { + const mani = versions[defaultVer] + const ok = mani && + isBefore(verTimes, defaultVer, time) && + engineOk(mani, npmVersion, nodeVersion) && + !mani.deprecated && + !staged[defaultVer] + if (ok) { + return mani + } + } + + // ok, actually have to sort the list and take the winner + const allEntries = Object.entries(versions) + .concat(Object.entries(staged)) + .concat(Object.entries(restricted)) + .filter(([ver]) => isBefore(verTimes, ver, time)) + + if (!allEntries.length) { + throw Object.assign(new Error(`No versions available for ${name}`), { + code: 'ENOVERSIONS', + name, + type, + wanted, + before, + versions: Object.keys(versions), + }) + } + + const sortSemverOpt = { loose: true } + const entries = allEntries.filter(([ver]) => + semver.satisfies(ver, range, { loose: true })) + .sort((a, b) => { + const [vera, mania] = a + const [verb, manib] = b + const notavoida = !shouldAvoid(vera, avoid) + const notavoidb = !shouldAvoid(verb, avoid) + const notrestra = !restricted[vera] + const notrestrb = !restricted[verb] + const notstagea = !staged[vera] + const notstageb = !staged[verb] + const notdepra = !mania.deprecated + const notdeprb = !manib.deprecated + const enginea = engineOk(mania, npmVersion, nodeVersion) + const engineb = engineOk(manib, npmVersion, nodeVersion) + // sort by: + // - not an avoided version + // - not restricted + // - not staged + // - not deprecated and engine ok + // - engine ok + // - not deprecated + // - semver + return (notavoidb - notavoida) || + (notrestrb - notrestra) || + (notstageb - notstagea) || + ((notdeprb && engineb) - (notdepra && enginea)) || + (engineb - enginea) || + (notdeprb - notdepra) || + semver.rcompare(vera, verb, sortSemverOpt) + }) + + return decorateAvoid(entries[0] && entries[0][1], avoid) +} + +module.exports = (packument, wanted, opts = {}) => { + const mani = pickManifest(packument, wanted, opts) + const picked = mani && normalizeBin(mani) + const policyRestrictions = packument.policyRestrictions + const restricted = (policyRestrictions && policyRestrictions.versions) || {} + + if (picked && !restricted[picked.version]) { + return picked + } + + const { before = null, defaultTag = 'latest' } = opts + const bstr = before ? new Date(before).toLocaleString() : '' + const { name } = packument + const pckg = `${name}@${wanted}` + + (before ? ` with a date before ${bstr}` : '') + + const isForbidden = picked && !!restricted[picked.version] + const polMsg = isForbidden ? policyRestrictions.message : '' + + const msg = !isForbidden ? `No matching version found for ${pckg}.` + : `Could not download ${pckg} due to policy violations:\n${polMsg}` + + const code = isForbidden ? 'E403' : 'ETARGET' + throw Object.assign(new Error(msg), { + code, + type: npa.resolve(packument.name, wanted).type, + wanted, + versions: Object.keys(packument.versions ?? {}), + name, + distTags: packument['dist-tags'], + defaultTag, + }) +} diff --git a/node_modules/pacote/node_modules/npm-pick-manifest/package.json b/node_modules/pacote/node_modules/npm-pick-manifest/package.json new file mode 100644 index 0000000000000..4c0dd50630def --- /dev/null +++ b/node_modules/pacote/node_modules/npm-pick-manifest/package.json @@ -0,0 +1,57 @@ +{ + "name": "npm-pick-manifest", + "version": "9.1.0", + "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", + "main": "./lib", + "files": [ + "bin/", + "lib/" + ], + "scripts": { + "coverage": "tap", + "lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"", + "test": "tap", + "posttest": "npm run lint", + "postlint": "template-oss-check", + "lintfix": "npm run lint -- --fix", + "snap": "tap", + "template-oss-apply": "template-oss-apply --force" + }, + "repository": { + "type": "git", + "url": "git+https://github.com/npm/npm-pick-manifest.git" + }, + "keywords": [ + "npm", + "semver", + "package manager" + ], + "author": "GitHub Inc.", + "license": "ISC", + "dependencies": { + "npm-install-checks": "^6.0.0", + "npm-normalize-package-bin": "^3.0.0", + "npm-package-arg": "^11.0.0", + "semver": "^7.3.5" + }, + "devDependencies": { + "@npmcli/eslint-config": "^4.0.0", + "@npmcli/template-oss": "4.22.0", + "tap": "^16.0.1" + }, + "tap": { + "check-coverage": true, + "nyc-arg": [ + "--exclude", + "tap-snapshots/**" + ] + }, + "engines": { + "node": "^16.14.0 || >=18.0.0" + }, + "templateOSS": { + "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", + "version": "4.22.0", + "publish": true + } +} diff --git a/package-lock.json b/package-lock.json index e964e0b9eb0ef..712e536241c24 100644 --- a/package-lock.json +++ b/package-lock.json @@ -133,7 +133,7 @@ "npm-audit-report": "^6.0.0", "npm-install-checks": "^7.1.0", "npm-package-arg": "^12.0.0", - "npm-pick-manifest": "^9.1.0", + "npm-pick-manifest": "^10.0.0", "npm-profile": "^10.0.0", "npm-registry-fetch": "^17.1.0", "npm-user-validate": "^2.0.1", @@ -1618,6 +1618,19 @@ "node": "^16.14.0 || >=18.0.0" } }, + "node_modules/@npmcli/git/node_modules/hosted-git-info": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-7.0.2.tgz", + "integrity": "sha512-puUZAUKT5m8Zzvs72XWy3HtvVbTWljRE66cP60bxJzAqf2DgICo7lYTY2IHUmLnNpjYvw5bvmoHvPc0QO2a62w==", + "inBundle": true, + "license": "ISC", + "dependencies": { + "lru-cache": "^10.0.1" + }, + "engines": { + "node": "^16.14.0 || >=18.0.0" + } + }, "node_modules/@npmcli/git/node_modules/ini": { "version": "4.1.3", "resolved": "https://registry.npmjs.org/ini/-/ini-4.1.3.tgz", @@ -1628,6 +1641,51 @@ "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } }, + "node_modules/@npmcli/git/node_modules/npm-install-checks": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/npm-install-checks/-/npm-install-checks-6.3.0.tgz", + "integrity": "sha512-W29RiK/xtpCGqn6f3ixfRYGk+zRyr+Ew9F2E20BfXxT5/euLdA/Nm7fO7OeTGuAmTs30cpgInyJ0cYe708YTZw==", + "inBundle": true, + "license": "BSD-2-Clause", + "dependencies": { + "semver": "^7.1.1" + }, + "engines": { + "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + } + }, + "node_modules/@npmcli/git/node_modules/npm-package-arg": { + "version": "11.0.3", + "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-11.0.3.tgz", + "integrity": "sha512-sHGJy8sOC1YraBywpzQlIKBE4pBbGbiF95U6Auspzyem956E0+FtDtsx1ZxlOJkQCZ1AFXAY/yuvtFYrOxF+Bw==", + "inBundle": true, + "license": "ISC", + "dependencies": { + "hosted-git-info": "^7.0.0", + "proc-log": "^4.0.0", + "semver": "^7.3.5", + "validate-npm-package-name": "^5.0.0" + }, + "engines": { + "node": "^16.14.0 || >=18.0.0" + } + }, + "node_modules/@npmcli/git/node_modules/npm-pick-manifest": { + "version": "9.1.0", + "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-9.1.0.tgz", + "integrity": "sha512-nkc+3pIIhqHVQr085X9d2JzPzLyjzQS96zbruppqC9aZRm/x8xx6xhI98gHtsfELP2bE+loHq8ZaHFHhe+NauA==", + "inBundle": true, + "license": "ISC", + "dependencies": { + "npm-install-checks": "^6.0.0", + "npm-normalize-package-bin": "^3.0.0", + "npm-package-arg": "^11.0.0", + "semver": "^7.3.5" + }, + "engines": { + "node": "^16.14.0 || >=18.0.0" + } + }, "node_modules/@npmcli/installed-package-contents": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/@npmcli/installed-package-contents/-/installed-package-contents-2.1.0.tgz", @@ -1832,32 +1890,6 @@ "node": ">=16" } }, - "node_modules/@npmcli/package-json/node_modules/npm-normalize-package-bin": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/npm-normalize-package-bin/-/npm-normalize-package-bin-4.0.0.tgz", - "integrity": "sha512-TZKxPvItzai9kN9H/TkmCtx/ZN/hvr3vUycjlfmH0ootY9yFBzNOpiXAdIn1Iteqsvk4lQn6B5PTrt+n6h8k/w==", - "inBundle": true, - "license": "ISC", - "engines": { - "node": "^18.17.0 || >=20.5.0" - } - }, - "node_modules/@npmcli/package-json/node_modules/npm-pick-manifest": { - "version": "10.0.0", - "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-10.0.0.tgz", - "integrity": "sha512-r4fFa4FqYY8xaM7fHecQ9Z2nE9hgNfJR+EmoKv0+chvzWkBcORX3r0FpTByP+CbOVJDladMXnPQGVN8PBLGuTQ==", - "inBundle": true, - "license": "ISC", - "dependencies": { - "npm-install-checks": "^7.1.0", - "npm-normalize-package-bin": "^4.0.0", - "npm-package-arg": "^12.0.0", - "semver": "^7.3.5" - }, - "engines": { - "node": "^18.17.0 || >=20.5.0" - } - }, "node_modules/@npmcli/package-json/node_modules/proc-log": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-5.0.0.tgz", @@ -10294,61 +10326,29 @@ } }, "node_modules/npm-pick-manifest": { - "version": "9.1.0", - "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-9.1.0.tgz", - "integrity": "sha512-nkc+3pIIhqHVQr085X9d2JzPzLyjzQS96zbruppqC9aZRm/x8xx6xhI98gHtsfELP2bE+loHq8ZaHFHhe+NauA==", + "version": "10.0.0", + "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-10.0.0.tgz", + "integrity": "sha512-r4fFa4FqYY8xaM7fHecQ9Z2nE9hgNfJR+EmoKv0+chvzWkBcORX3r0FpTByP+CbOVJDladMXnPQGVN8PBLGuTQ==", "inBundle": true, "license": "ISC", "dependencies": { - "npm-install-checks": "^6.0.0", - "npm-normalize-package-bin": "^3.0.0", - "npm-package-arg": "^11.0.0", + "npm-install-checks": "^7.1.0", + "npm-normalize-package-bin": "^4.0.0", + "npm-package-arg": "^12.0.0", "semver": "^7.3.5" }, "engines": { - "node": "^16.14.0 || >=18.0.0" - } - }, - "node_modules/npm-pick-manifest/node_modules/hosted-git-info": { - "version": "7.0.2", - "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-7.0.2.tgz", - "integrity": "sha512-puUZAUKT5m8Zzvs72XWy3HtvVbTWljRE66cP60bxJzAqf2DgICo7lYTY2IHUmLnNpjYvw5bvmoHvPc0QO2a62w==", - "inBundle": true, - "license": "ISC", - "dependencies": { - "lru-cache": "^10.0.1" - }, - "engines": { - "node": "^16.14.0 || >=18.0.0" - } - }, - "node_modules/npm-pick-manifest/node_modules/npm-install-checks": { - "version": "6.3.0", - "resolved": "https://registry.npmjs.org/npm-install-checks/-/npm-install-checks-6.3.0.tgz", - "integrity": "sha512-W29RiK/xtpCGqn6f3ixfRYGk+zRyr+Ew9F2E20BfXxT5/euLdA/Nm7fO7OeTGuAmTs30cpgInyJ0cYe708YTZw==", - "inBundle": true, - "license": "BSD-2-Clause", - "dependencies": { - "semver": "^7.1.1" - }, - "engines": { - "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + "node": "^18.17.0 || >=20.5.0" } }, - "node_modules/npm-pick-manifest/node_modules/npm-package-arg": { - "version": "11.0.3", - "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-11.0.3.tgz", - "integrity": "sha512-sHGJy8sOC1YraBywpzQlIKBE4pBbGbiF95U6Auspzyem956E0+FtDtsx1ZxlOJkQCZ1AFXAY/yuvtFYrOxF+Bw==", + "node_modules/npm-pick-manifest/node_modules/npm-normalize-package-bin": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/npm-normalize-package-bin/-/npm-normalize-package-bin-4.0.0.tgz", + "integrity": "sha512-TZKxPvItzai9kN9H/TkmCtx/ZN/hvr3vUycjlfmH0ootY9yFBzNOpiXAdIn1Iteqsvk4lQn6B5PTrt+n6h8k/w==", "inBundle": true, "license": "ISC", - "dependencies": { - "hosted-git-info": "^7.0.0", - "proc-log": "^4.0.0", - "semver": "^7.3.5", - "validate-npm-package-name": "^5.0.0" - }, "engines": { - "node": "^16.14.0 || >=18.0.0" + "node": "^18.17.0 || >=20.5.0" } }, "node_modules/npm-profile": { @@ -11289,6 +11289,19 @@ "node": "^16.14.0 || >=18.0.0" } }, + "node_modules/pacote/node_modules/npm-install-checks": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/npm-install-checks/-/npm-install-checks-6.3.0.tgz", + "integrity": "sha512-W29RiK/xtpCGqn6f3ixfRYGk+zRyr+Ew9F2E20BfXxT5/euLdA/Nm7fO7OeTGuAmTs30cpgInyJ0cYe708YTZw==", + "inBundle": true, + "license": "BSD-2-Clause", + "dependencies": { + "semver": "^7.1.1" + }, + "engines": { + "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + } + }, "node_modules/pacote/node_modules/npm-package-arg": { "version": "11.0.3", "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-11.0.3.tgz", @@ -11305,6 +11318,22 @@ "node": "^16.14.0 || >=18.0.0" } }, + "node_modules/pacote/node_modules/npm-pick-manifest": { + "version": "9.1.0", + "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-9.1.0.tgz", + "integrity": "sha512-nkc+3pIIhqHVQr085X9d2JzPzLyjzQS96zbruppqC9aZRm/x8xx6xhI98gHtsfELP2bE+loHq8ZaHFHhe+NauA==", + "inBundle": true, + "license": "ISC", + "dependencies": { + "npm-install-checks": "^6.0.0", + "npm-normalize-package-bin": "^3.0.0", + "npm-package-arg": "^11.0.0", + "semver": "^7.3.5" + }, + "engines": { + "node": "^16.14.0 || >=18.0.0" + } + }, "node_modules/pacote/node_modules/unique-filename": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/unique-filename/-/unique-filename-3.0.0.tgz", @@ -17088,7 +17117,7 @@ "nopt": "^8.0.0", "npm-install-checks": "^7.1.0", "npm-package-arg": "^12.0.0", - "npm-pick-manifest": "^9.0.1", + "npm-pick-manifest": "^10.0.0", "npm-registry-fetch": "^17.0.1", "pacote": "^18.0.6", "parse-conflict-json": "^3.0.0", diff --git a/package.json b/package.json index 535076bb1e1df..ad3c90e8087e3 100644 --- a/package.json +++ b/package.json @@ -98,7 +98,7 @@ "npm-audit-report": "^6.0.0", "npm-install-checks": "^7.1.0", "npm-package-arg": "^12.0.0", - "npm-pick-manifest": "^9.1.0", + "npm-pick-manifest": "^10.0.0", "npm-profile": "^10.0.0", "npm-registry-fetch": "^17.1.0", "npm-user-validate": "^2.0.1", diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index 7b11e3a6c777c..d3d697e1cfed8 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -25,7 +25,7 @@ "nopt": "^8.0.0", "npm-install-checks": "^7.1.0", "npm-package-arg": "^12.0.0", - "npm-pick-manifest": "^9.0.1", + "npm-pick-manifest": "^10.0.0", "npm-registry-fetch": "^17.0.1", "pacote": "^18.0.6", "parse-conflict-json": "^3.0.0",