Add a 'check-coverage' script so we can track towards completion

.github/workflows/ci.yml

@@ -37,16 +37,18 @@ jobs:
     - name: Install dependencies
       run: node . install
 
-      # Run the tests
+      # Run the tests, but not if we're just gonna do coveralls later anyway
     - name: Run Tap tests
-      run: node . test -- -t600 -Rclassic -c
+      if: matrix.platform.os != 'ubuntu-latest' || matrix.node-version != '12.x'
+      run: node . test -- -t600 -Rbase -c
       env:
         DEPLOY_VERSION: testing
 
       # Run coverage check
     - name: Run coverage report
-      if: matrix.os == 'ubuntu-latest' && matrix.node-version == '12.x'
-      run: node . test -- -t600 -Rclassic -c
+      if: matrix.platform.os == 'ubuntu-latest' && matrix.node-version == '12.x'
+      # turn off --check-coverage until 100%, so CI failure is relevant
+      run: node . run check-coverage -- -t600 --no-check-coverage -Rbase -c
       env:
         DEPLOY_VERSION: testing
         COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_OPTIONAL_TOKEN }}
@@ -55,5 +57,7 @@ jobs:
     #   if: matrix.os == 'ubuntu-latest'
     #   run: sudo PATH=$PATH $(which node) . test -- --coverage  --timeout 600
 
+    # no need to check licenses everywhere, they don't change between versions
     - name: Validate licenses
+      if: matrix.os == 'ubuntu-latest' && matrix.node-version == '12.x'
       run: node . run licenses

docs/content/using-npm/config.md

@@ -1161,6 +1161,24 @@ should be polled while the user is completing authentication.
 
 If `--auth-type=sso`, the type of SSO type to use.
 
+#### strict-peer-deps
+
+* Default: false
+* Type: Boolean
+
+If set to `true`, and `--legacy-peer-deps` is not set, then _any_
+conflicting `peerDependencies` will be treated as an install failure, even
+if npm could reasonably guess the appropriate resolution based on non-peer
+dependency relationships.
+
+By default, conflicting `peerDependencies` in the dependency graph will be
+resolved using the nearest non-peer dependency specification, even if doing
+so will result in some packages receiving a peer dependency outside the
+range set in their package's `peerDependencies` object.  When such and
+override is performed, a warning is printed, explaining the conflict and
+the packages involved.  If `--strict-peer-deps` is set, then the warning is
+treated as a failure.
+
 #### strict-ssl
 
 * Default: true

lib/utils/config.js

@@ -111,6 +111,7 @@ const defaults = {
   key: null,
   'legacy-bundling': false,
   'legacy-peer-deps': false,
+  'strict-peer-deps': false,
   link: false,
   'local-address': undefined,
   loglevel: 'notice',
@@ -229,7 +230,6 @@ const types = {
   group: [Number, String],
   'https-proxy': [null, url],
   'user-agent': String,
-  'ham-it-up': Boolean,
   heading: String,
   'if-present': Boolean,
   include: [Array, 'prod', 'dev', 'optional', 'peer'],
@@ -246,6 +246,7 @@ const types = {
   key: [null, String],
   'legacy-bundling': Boolean,
   'legacy-peer-deps': Boolean,
+  'strict-peer-deps': Boolean,
   link: Boolean,
   'local-address': getLocalAddresses(),
   loglevel: [

lib/utils/flat-options.js

@@ -170,6 +170,7 @@ const flatOptions = npm => npm.flatOptions || Object.freeze({
   shell: npm.config.get('shell'),
   omit: buildOmitList(npm),
   legacyPeerDeps: npm.config.get('legacy-peer-deps'),
+  strictPeerDeps: npm.config.get('strict-peer-deps'),
 
   // npx stuff
   call: npm.config.get('call'),

package.json

@@ -224,6 +224,7 @@
     "preversion": "bash scripts/update-authors.sh && git add AUTHORS && git commit -m \"update AUTHORS\" || true",
     "licenses": "licensee --production --errors-only",
     "test": "tap",
+    "check-coverage": "tap",
     "snap": "tap",
     "test:nocleanup": "NO_TEST_CLEANUP=1 npm run test --",
     "sudotest": "sudo npm run test --",

tap-snapshots/test-lib-utils-config.js-TAP.test.js

@@ -117,6 +117,7 @@ Object {
     "sign-git-tag": false,
     "sso-poll-frequency": 500,
     "sso-type": "oauth",
+    "strict-peer-deps": false,
     "strict-ssl": true,
     "tag": "latest",
     "tag-version-prefix": "v",
@@ -347,7 +348,6 @@ Object {
       "{Number TYPE}",
       "{String TYPE}",
     ],
-    "ham-it-up": "{Boolean TYPE}",
     "heading": "{String TYPE}",
     "https-proxy": Array [
       null,
@@ -495,6 +495,7 @@ Object {
       "oauth",
       "saml",
     ],
+    "strict-peer-deps": "{Boolean TYPE}",
     "strict-ssl": "{Boolean TYPE}",
     "tag": "{String TYPE}",
     "tag-version-prefix": "{String TYPE}",
@@ -625,6 +626,7 @@ Object {
     "sign-git-tag": false,
     "sso-poll-frequency": 500,
     "sso-type": "oauth",
+    "strict-peer-deps": false,
     "strict-ssl": true,
     "tag": "latest",
     "tag-version-prefix": "v",
@@ -855,7 +857,6 @@ Object {
       "{Number TYPE}",
       "{String TYPE}",
     ],
-    "ham-it-up": "{Boolean TYPE}",
     "heading": "{String TYPE}",
     "https-proxy": Array [
       null,
@@ -1003,6 +1004,7 @@ Object {
       "oauth",
       "saml",
     ],
+    "strict-peer-deps": "{Boolean TYPE}",
     "strict-ssl": "{Boolean TYPE}",
     "tag": "{String TYPE}",
     "tag-version-prefix": "{String TYPE}",
@@ -1133,6 +1135,7 @@ Object {
     "sign-git-tag": false,
     "sso-poll-frequency": 500,
     "sso-type": "oauth",
+    "strict-peer-deps": false,
     "strict-ssl": true,
     "tag": "latest",
     "tag-version-prefix": "v",
@@ -1363,7 +1366,6 @@ Object {
       "{Number TYPE}",
       "{String TYPE}",
     ],
-    "ham-it-up": "{Boolean TYPE}",
     "heading": "{String TYPE}",
     "https-proxy": Array [
       null,
@@ -1513,6 +1515,7 @@ Object {
       "oauth",
       "saml",
     ],
+    "strict-peer-deps": "{Boolean TYPE}",
     "strict-ssl": "{Boolean TYPE}",
     "tag": "{String TYPE}",
     "tag-version-prefix": "{String TYPE}",

tap-snapshots/test-lib-utils-flat-options.js-TAP.test.js

@@ -111,6 +111,7 @@ Object {
   "signGitTag": "sign-git-tag",
   "ssoPollFrequency": undefined,
   "ssoType": undefined,
+  "strictPeerDeps": undefined,
   "strictSSL": "strict-ssl",
   "tag": "tag",
   "tagVersionPrefix": "tag-version-prefix",

test/coverage-map.js

@@ -1,6 +1,14 @@
 'use strict'
 
+const full = process.env.npm_lifecycle_event === 'check-coverage'
 const coverageMap = (filename) => {
+  if (full && /load-all.js$/.test(filename)) {
+    const glob = require('glob')
+    const { resolve, relative } = require('path')
+    const dir = resolve(__dirname, '../lib')
+    return glob.sync(`${dir}/**/*.js`)
+      .map(f => relative(process.cwd(), f))
+  }
   if (/^test\/(lib|bin)\//.test(filename)) {
     return filename.replace(/^test\//, '')
   }

test/lib/load-all.js

@@ -0,0 +1,30 @@
+const t = require('tap')
+const glob = require('glob')
+const { resolve } = require('path')
+
+const full = process.env.npm_lifecycle_event === 'check-coverage'
+
+if (!full) {
+  t.pass('nothing to do here, not checking for full coverage')
+} else {
+  // some files do config.get() on load, so have to load npm first
+  const npm = require('../../lib/npm.js')
+  t.test('load npm first', t => npm.load(t.end))
+
+  t.test('load all the files', t => {
+    // just load all the files so we measure coverage for the missing tests
+    const dir = resolve(__dirname, '../../lib')
+    for (const f of glob.sync(`${dir}/**/*.js`)) {
+      require(f)
+      t.pass('loaded ' + f)
+    }
+    t.pass('loaded all files')
+    t.end()
+  })
+
+  t.test('call the error handle so we dont freak out', t => {
+    const errorHandler = require('../../lib/utils/error-handler.js')
+    errorHandler()
+    t.end()
+  })
+}