From 7f9a9d24cf5a640b96f23e14cbe0c5c68ec2d66d Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Wed, 10 Apr 2024 11:22:24 -0700 Subject: [PATCH] fix: use @npmcli/redact for url cleaning --- DEPENDENCIES.md | 2 ++ lib/commands/owner.js | 3 ++- lib/commands/ping.js | 4 ++-- package-lock.json | 1 + workspaces/arborist/lib/arborist/build-ideal-tree.js | 4 ++-- workspaces/arborist/lib/place-dep.js | 4 ++-- workspaces/arborist/package.json | 1 + 7 files changed, 12 insertions(+), 7 deletions(-) diff --git a/DEPENDENCIES.md b/DEPENDENCIES.md index 12025b3fd07fe..6642cafee5ef0 100644 --- a/DEPENDENCIES.md +++ b/DEPENDENCIES.md @@ -177,6 +177,7 @@ graph LR; npmcli-arborist-->npmcli-node-gyp["@npmcli/node-gyp"]; npmcli-arborist-->npmcli-package-json["@npmcli/package-json"]; npmcli-arborist-->npmcli-query["@npmcli/query"]; + npmcli-arborist-->npmcli-redact["@npmcli/redact"]; npmcli-arborist-->npmcli-run-script["@npmcli/run-script"]; npmcli-arborist-->npmcli-template-oss["@npmcli/template-oss"]; npmcli-arborist-->npmlog; @@ -623,6 +624,7 @@ graph LR; npmcli-arborist-->npmcli-node-gyp["@npmcli/node-gyp"]; npmcli-arborist-->npmcli-package-json["@npmcli/package-json"]; npmcli-arborist-->npmcli-query["@npmcli/query"]; + npmcli-arborist-->npmcli-redact["@npmcli/redact"]; npmcli-arborist-->npmcli-run-script["@npmcli/run-script"]; npmcli-arborist-->npmcli-template-oss["@npmcli/template-oss"]; npmcli-arborist-->npmlog; diff --git a/lib/commands/owner.js b/lib/commands/owner.js index 5b54dd41f3d60..e530e1c51c8e1 100644 --- a/lib/commands/owner.js +++ b/lib/commands/owner.js @@ -5,6 +5,7 @@ const log = require('../utils/log-shim') const otplease = require('../utils/otplease.js') const pkgJson = require('@npmcli/package-json') const BaseCommand = require('../base-command.js') +const { redact } = require('@npmcli/redact') const readJson = async (path) => { try { @@ -119,7 +120,7 @@ class Owner extends BaseCommand { this.npm.output(maintainers.map(m => `${m.name} <${m.email}>`).join('\n')) } } catch (err) { - log.error('owner ls', "Couldn't get owner data", npmFetch.cleanUrl(pkg)) + log.error('owner ls', "Couldn't get owner data", redact(pkg)) throw err } } diff --git a/lib/commands/ping.js b/lib/commands/ping.js index c79e6a96cee40..2d60f5d69a8da 100644 --- a/lib/commands/ping.js +++ b/lib/commands/ping.js @@ -1,4 +1,4 @@ -const { cleanUrl } = require('npm-registry-fetch') +const { redact } = require('@npmcli/redact') const log = require('../utils/log-shim') const pingUtil = require('../utils/ping.js') const BaseCommand = require('../base-command.js') @@ -9,7 +9,7 @@ class Ping extends BaseCommand { static name = 'ping' async exec (args) { - const cleanRegistry = cleanUrl(this.npm.config.get('registry')) + const cleanRegistry = redact(this.npm.config.get('registry')) log.notice('PING', cleanRegistry) const start = Date.now() const details = await pingUtil({ ...this.npm.flatOptions }) diff --git a/package-lock.json b/package-lock.json index 0b0e4c3c1c24c..2616771660fa8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16130,6 +16130,7 @@ "@npmcli/node-gyp": "^3.0.0", "@npmcli/package-json": "^5.0.0", "@npmcli/query": "^3.1.0", + "@npmcli/redact": "^1.1.0", "@npmcli/run-script": "^7.0.2", "bin-links": "^4.0.1", "cacache": "^18.0.0", diff --git a/workspaces/arborist/lib/arborist/build-ideal-tree.js b/workspaces/arborist/lib/arborist/build-ideal-tree.js index 8ceb6b72123f6..75e4d373259a0 100644 --- a/workspaces/arborist/lib/arborist/build-ideal-tree.js +++ b/workspaces/arborist/lib/arborist/build-ideal-tree.js @@ -12,7 +12,7 @@ const { readdirScoped } = require('@npmcli/fs') const { lstat, readlink } = require('fs/promises') const { depth } = require('treeverse') const log = require('proc-log') -const { cleanUrl } = require('npm-registry-fetch') +const { redact } = require('@npmcli/redact') const { OK, @@ -1213,7 +1213,7 @@ This is a one-time fix-up, please be patient... if (this.#manifests.has(spec.raw)) { return this.#manifests.get(spec.raw) } else { - const cleanRawSpec = cleanUrl(spec.rawSpec) + const cleanRawSpec = redact(spec.rawSpec) log.silly('fetch manifest', spec.raw.replace(spec.rawSpec, cleanRawSpec)) const o = { ...options, diff --git a/workspaces/arborist/lib/place-dep.js b/workspaces/arborist/lib/place-dep.js index e757d0c38a6d7..bf0fef6525343 100644 --- a/workspaces/arborist/lib/place-dep.js +++ b/workspaces/arborist/lib/place-dep.js @@ -9,7 +9,7 @@ const localeCompare = require('@isaacs/string-locale-compare')('en') const log = require('proc-log') -const { cleanUrl } = require('npm-registry-fetch') +const { redact } = require('@npmcli/redact') const deepestNestingTarget = require('./deepest-nesting-target.js') const CanPlaceDep = require('./can-place-dep.js') const { @@ -188,7 +188,7 @@ class PlaceDep { `${this.dep.name}@${this.dep.version}`, this.canPlace.description, `for: ${this.edge.from.package._id || this.edge.from.location}`, - `want: ${cleanUrl(this.edge.spec || '*')}` + `want: ${redact(this.edge.spec || '*')}` ) const placementType = this.canPlace.canPlace === CONFLICT diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index d7c393d99dfa5..bc44c401de305 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -12,6 +12,7 @@ "@npmcli/node-gyp": "^3.0.0", "@npmcli/package-json": "^5.0.0", "@npmcli/query": "^3.1.0", + "@npmcli/redact": "^1.1.0", "@npmcli/run-script": "^7.0.2", "bin-links": "^4.0.1", "cacache": "^18.0.0",