diff --git a/node_modules/minipass-fetch/lib/index.js b/node_modules/minipass-fetch/lib/index.js index b1878ac0c06b5..f81492db095f1 100644 --- a/node_modules/minipass-fetch/lib/index.js +++ b/node_modules/minipass-fetch/lib/index.js @@ -143,8 +143,20 @@ const fetch = async (url, opts) => { const location = headers.get('Location') // HTTP fetch step 5.3 - const locationURL = location === null ? null - : (new URL(location, request.url)).toString() + let locationURL = null + try { + locationURL = location === null ? null : new URL(location, request.url).toString() + } catch { + // error here can only be invalid URL in Location: header + // do not throw when options.redirect == manual + // let the user extract the errorneous redirect URL + if (request.redirect !== 'manual') { + /* eslint-disable-next-line max-len */ + reject(new FetchError(`uri requested responds with an invalid redirect URL: ${location}`, 'invalid-redirect')) + finalize() + return + } + } // HTTP fetch step 5.5 if (request.redirect === 'error') { diff --git a/node_modules/minipass-fetch/lib/request.js b/node_modules/minipass-fetch/lib/request.js index e620df6de2c01..1126f6a84dd80 100644 --- a/node_modules/minipass-fetch/lib/request.js +++ b/node_modules/minipass-fetch/lib/request.js @@ -265,6 +265,7 @@ class Request extends Body { secureProtocol, servername, sessionIdContext, + timeout: request.timeout, } } } diff --git a/node_modules/minipass-fetch/package.json b/node_modules/minipass-fetch/package.json index fc6f88473317a..16127ec14efcf 100644 --- a/node_modules/minipass-fetch/package.json +++ b/node_modules/minipass-fetch/package.json @@ -1,6 +1,6 @@ { "name": "minipass-fetch", - "version": "3.0.1", + "version": "3.0.2", "description": "An implementation of window.fetch in Node.js using Minipass streams", "license": "MIT", "main": "lib/index.js", @@ -24,7 +24,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.10.0", + "@npmcli/template-oss": "4.13.0", "@ungap/url-search-params": "^0.2.2", "abort-controller": "^3.0.0", "abortcontroller-polyfill": "~1.7.3", @@ -63,6 +63,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.10.0" + "version": "4.13.0", + "publish": "true" } } diff --git a/node_modules/normalize-package-data/AUTHORS b/node_modules/normalize-package-data/AUTHORS new file mode 100644 index 0000000000000..66282ba1d1197 --- /dev/null +++ b/node_modules/normalize-package-data/AUTHORS @@ -0,0 +1,4 @@ +# Names sorted by how much code was originally theirs. +Isaac Z. Schlueter +Meryn Stol +Robert Kowalski diff --git a/node_modules/tuf-js/dist/utils/url.js b/node_modules/tuf-js/dist/utils/url.js new file mode 100644 index 0000000000000..ce67fe2c23053 --- /dev/null +++ b/node_modules/tuf-js/dist/utils/url.js @@ -0,0 +1,14 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.join = void 0; +const url_1 = require("url"); +function join(base, path) { + return new url_1.URL(ensureTrailingSlash(base) + removeLeadingSlash(path)).toString(); +} +exports.join = join; +function ensureTrailingSlash(path) { + return path.endsWith('/') ? path : path + '/'; +} +function removeLeadingSlash(path) { + return path.startsWith('/') ? path.slice(1) : path; +} diff --git a/package-lock.json b/package-lock.json index 03f1e28874a3f..16ea2859439ac 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8581,9 +8581,9 @@ } }, "node_modules/minipass-fetch": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-3.0.1.tgz", - "integrity": "sha512-t9/wowtf7DYkwz8cfMSt0rMwiyNIBXf5CKZ3S5ZMqRqMYT0oLTp0x1WorMI9WTwvaPg21r1JbFxJMum8JrLGfw==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-3.0.2.tgz", + "integrity": "sha512-/ZpF1CQaWYqjbhfFgKNt3azxztEpc/JUPuMkqOgrnMQqcU8CbE409AUdJYTIWryl3PP5CBaTJZT71N49MXP/YA==", "inBundle": true, "dependencies": { "minipass": "^4.0.0",