2017-04-23 13:02:26 -05:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
let assert = require('assert');
|
|
|
|
let Semver = require('semver');
|
|
|
|
let URL = require('url');
|
|
|
|
let Logger = require('./logger');
|
2013-05-31 01:26:11 -05:00
|
|
|
|
2014-11-16 12:44:46 -05:00
|
|
|
module.exports.validate_package = function(name) {
|
2017-04-23 13:02:26 -05:00
|
|
|
name = name.split('/', 2);
|
2014-11-16 12:44:46 -05:00
|
|
|
if (name.length === 1) {
|
|
|
|
// normal package
|
2017-04-23 13:02:26 -05:00
|
|
|
return module.exports.validate_name(name[0]);
|
2014-11-16 12:44:46 -05:00
|
|
|
} else {
|
|
|
|
// scoped package
|
|
|
|
return name[0][0] === '@'
|
|
|
|
&& module.exports.validate_name(name[0].slice(1))
|
2017-04-23 13:02:26 -05:00
|
|
|
&& module.exports.validate_name(name[1]);
|
2014-11-16 12:44:46 -05:00
|
|
|
}
|
2017-04-23 13:02:26 -05:00
|
|
|
};
|
2014-11-16 12:44:46 -05:00
|
|
|
|
2013-05-31 01:26:11 -05:00
|
|
|
// from normalize-package-data/lib/fixer.js
|
|
|
|
module.exports.validate_name = function(name) {
|
2017-04-23 13:02:26 -05:00
|
|
|
if (typeof(name) !== 'string') return false;
|
|
|
|
name = name.toLowerCase();
|
2014-11-12 06:14:37 -05:00
|
|
|
|
|
|
|
// all URL-safe characters and "@" for issue #75
|
|
|
|
if (!name.match(/^[-a-zA-Z0-9_.!~*'()@]+$/)
|
|
|
|
|| name.charAt(0) === '.' // ".bin", etc.
|
|
|
|
|| name.charAt(0) === '-' // "-" is reserved by couchdb
|
|
|
|
|| name === 'node_modules'
|
|
|
|
|| name === '__proto__'
|
|
|
|
|| name === 'package.json'
|
|
|
|
|| name === 'favicon.ico'
|
|
|
|
) {
|
2017-04-23 13:02:26 -05:00
|
|
|
return false;
|
2014-11-12 06:14:37 -05:00
|
|
|
} else {
|
2017-04-23 13:02:26 -05:00
|
|
|
return true;
|
2014-11-12 06:14:37 -05:00
|
|
|
}
|
2017-04-23 13:02:26 -05:00
|
|
|
};
|
2013-05-31 01:26:11 -05:00
|
|
|
|
2013-10-22 02:29:57 -05:00
|
|
|
module.exports.is_object = function(obj) {
|
2017-04-23 13:02:26 -05:00
|
|
|
return typeof(obj) === 'object' && obj !== null && !Array.isArray(obj);
|
|
|
|
};
|
2013-05-31 17:57:28 -05:00
|
|
|
|
|
|
|
module.exports.validate_metadata = function(object, name) {
|
2017-04-23 13:02:26 -05:00
|
|
|
assert(module.exports.is_object(object), 'not a json object');
|
|
|
|
assert.equal(object.name, name);
|
2013-10-26 07:18:36 -05:00
|
|
|
|
2014-11-12 06:14:37 -05:00
|
|
|
if (!module.exports.is_object(object['dist-tags'])) {
|
2017-04-23 13:02:26 -05:00
|
|
|
object['dist-tags'] = {};
|
2014-11-12 06:14:37 -05:00
|
|
|
}
|
2013-10-26 07:18:36 -05:00
|
|
|
|
2014-11-12 06:14:37 -05:00
|
|
|
if (!module.exports.is_object(object['versions'])) {
|
2017-04-23 13:02:26 -05:00
|
|
|
object['versions'] = {};
|
2014-11-12 06:14:37 -05:00
|
|
|
}
|
2013-10-26 07:18:36 -05:00
|
|
|
|
2017-04-17 08:12:31 -05:00
|
|
|
return object;
|
2017-04-23 13:02:26 -05:00
|
|
|
};
|
2013-05-31 17:57:28 -05:00
|
|
|
|
2013-06-18 13:14:55 -05:00
|
|
|
module.exports.filter_tarball_urls = function(pkg, req, config) {
|
2014-11-12 06:14:37 -05:00
|
|
|
function filter(_url) {
|
2017-04-23 13:02:26 -05:00
|
|
|
if (!req.headers.host) return _url;
|
2014-11-12 06:14:37 -05:00
|
|
|
|
2017-04-23 13:02:26 -05:00
|
|
|
let filename = URL.parse(_url).pathname.replace(/^.*\//, '');
|
2014-11-12 06:14:37 -05:00
|
|
|
|
|
|
|
if (config.url_prefix != null) {
|
2017-04-23 13:02:26 -05:00
|
|
|
var result = config.url_prefix.replace(/\/$/, '');
|
2014-11-12 06:14:37 -05:00
|
|
|
} else {
|
2017-04-23 13:02:26 -05:00
|
|
|
var result = req.protocol + '://' + req.headers.host;
|
2014-11-12 06:14:37 -05:00
|
|
|
}
|
|
|
|
|
2017-04-17 08:12:31 -05:00
|
|
|
return `${result}/${pkg.name.replace(/\//g, '%2f')}/-/${filename}`;
|
2014-11-12 06:14:37 -05:00
|
|
|
}
|
|
|
|
|
2017-04-23 13:02:26 -05:00
|
|
|
for (let ver in pkg.versions) {
|
|
|
|
let dist = pkg.versions[ver].dist;
|
2014-11-12 06:14:37 -05:00
|
|
|
if (dist != null && dist.tarball != null) {
|
2017-04-23 13:02:26 -05:00
|
|
|
// dist.__verdaccio_orig_tarball = dist.tarball
|
|
|
|
dist.tarball = filter(dist.tarball);
|
2014-11-12 06:14:37 -05:00
|
|
|
}
|
|
|
|
}
|
2017-04-23 13:02:26 -05:00
|
|
|
return pkg;
|
|
|
|
};
|
2013-06-18 13:14:55 -05:00
|
|
|
|
2016-04-18 14:53:00 -05:00
|
|
|
module.exports.tag_version = function(data, version, tag) {
|
|
|
|
if (tag) {
|
|
|
|
if (data['dist-tags'][tag] !== version) {
|
|
|
|
if (Semver.parse(version, true)) {
|
|
|
|
// valid version - store
|
2017-04-23 13:02:26 -05:00
|
|
|
data['dist-tags'][tag] = version;
|
|
|
|
return true;
|
2016-04-18 14:53:00 -05:00
|
|
|
}
|
|
|
|
}
|
2017-04-23 13:02:26 -05:00
|
|
|
Logger.logger.warn({ver: version, tag: tag}, 'ignoring bad version @{ver} in @{tag}');
|
2016-04-18 14:53:00 -05:00
|
|
|
if (tag && data['dist-tags'][tag]) {
|
2017-04-23 13:02:26 -05:00
|
|
|
delete data['dist-tags'][tag];
|
2016-04-18 14:53:00 -05:00
|
|
|
}
|
2014-11-12 06:14:37 -05:00
|
|
|
}
|
2017-04-23 13:02:26 -05:00
|
|
|
return false;
|
|
|
|
};
|
2013-12-27 08:06:30 -05:00
|
|
|
|
2014-01-18 13:57:44 -05:00
|
|
|
// gets version from a package object taking into account semver weirdness
|
|
|
|
module.exports.get_version = function(object, version) {
|
2017-04-23 13:02:26 -05:00
|
|
|
if (object.versions[version] != null) return object.versions[version];
|
2014-11-12 06:14:37 -05:00
|
|
|
|
|
|
|
try {
|
2017-04-23 13:02:26 -05:00
|
|
|
version = Semver.parse(version, true);
|
|
|
|
for (let k in object.versions) {
|
2014-11-12 06:14:37 -05:00
|
|
|
if (version.compare(Semver.parse(k, true)) === 0) {
|
2017-04-23 13:02:26 -05:00
|
|
|
return object.versions[k];
|
2014-11-12 06:14:37 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
} catch (err) {
|
2017-04-23 13:02:26 -05:00
|
|
|
return undefined;
|
2014-11-12 06:14:37 -05:00
|
|
|
}
|
2017-04-23 13:02:26 -05:00
|
|
|
};
|
2014-01-18 13:57:44 -05:00
|
|
|
|
2015-03-28 10:03:36 -05:00
|
|
|
module.exports.parse_address = function parse_address(addr) {
|
|
|
|
//
|
|
|
|
// Allow:
|
|
|
|
//
|
2015-04-21 18:36:57 -05:00
|
|
|
// - https:localhost:1234 - protocol + host + port
|
|
|
|
// - localhost:1234 - host + port
|
|
|
|
// - 1234 - port
|
|
|
|
// - http::1234 - protocol + port
|
|
|
|
// - https://localhost:443/ - full url + https
|
|
|
|
// - http://[::1]:443/ - ipv6
|
|
|
|
// - unix:/tmp/http.sock - unix sockets
|
|
|
|
// - https://unix:/tmp/http.sock - unix sockets (https)
|
|
|
|
//
|
|
|
|
// TODO: refactor it to something more reasonable?
|
2015-03-28 10:03:36 -05:00
|
|
|
//
|
|
|
|
// protocol : // ( host )|( ipv6 ): port /
|
2017-04-23 13:02:26 -05:00
|
|
|
var m = /^((https?):(\/\/)?)?((([^\/:]*)|\[([^\[\]]+)\]):)?(\d+)\/?$/.exec(addr);
|
2015-03-28 10:03:36 -05:00
|
|
|
|
2015-04-21 18:36:57 -05:00
|
|
|
if (m) return {
|
2015-03-28 10:03:36 -05:00
|
|
|
proto: m[2] || 'http',
|
2017-04-23 13:02:26 -05:00
|
|
|
host: m[6] || m[7] || 'localhost',
|
|
|
|
port: m[8] || '4873',
|
|
|
|
};
|
2015-04-21 18:36:57 -05:00
|
|
|
|
2017-04-23 13:02:26 -05:00
|
|
|
var m = /^((https?):(\/\/)?)?unix:(.*)$/.exec(addr);
|
2015-04-21 18:36:57 -05:00
|
|
|
|
|
|
|
if (m) return {
|
|
|
|
proto: m[2] || 'http',
|
2017-04-23 13:02:26 -05:00
|
|
|
path: m[4],
|
|
|
|
};
|
2015-04-21 18:36:57 -05:00
|
|
|
|
2017-04-23 13:02:26 -05:00
|
|
|
return null;
|
|
|
|
};
|
2015-03-28 10:03:36 -05:00
|
|
|
|
2013-12-27 08:06:30 -05:00
|
|
|
// function filters out bad semver versions and sorts the array
|
|
|
|
module.exports.semver_sort = function semver_sort(array) {
|
2014-11-12 06:14:37 -05:00
|
|
|
return array
|
|
|
|
.filter(function(x) {
|
|
|
|
if (!Semver.parse(x, true)) {
|
2017-04-23 13:02:26 -05:00
|
|
|
Logger.logger.warn( {ver: x}, 'ignoring bad version @{ver}' );
|
|
|
|
return false;
|
2014-11-12 06:14:37 -05:00
|
|
|
}
|
2017-04-23 13:02:26 -05:00
|
|
|
return true;
|
2014-11-12 06:14:37 -05:00
|
|
|
})
|
|
|
|
.sort(Semver.compareLoose)
|
2017-04-23 13:02:26 -05:00
|
|
|
.map(String);
|
|
|
|
};
|
2013-12-27 08:06:30 -05:00
|
|
|
|
2016-04-18 14:53:00 -05:00
|
|
|
// flatten arrays of tags
|
2017-04-23 13:02:26 -05:00
|
|
|
module.exports.normalize_dist_tags = function(data) {
|
|
|
|
let sorted;
|
2016-04-18 14:53:00 -05:00
|
|
|
|
|
|
|
if (!data['dist-tags'].latest) {
|
|
|
|
// overwrite latest with highest known version based on semver sort
|
2017-04-23 13:02:26 -05:00
|
|
|
sorted = module.exports.semver_sort(Object.keys(data.versions));
|
2016-04-18 14:53:00 -05:00
|
|
|
if (sorted && sorted.length) {
|
2017-04-23 13:02:26 -05:00
|
|
|
data['dist-tags'].latest = sorted.pop();
|
2016-04-18 14:53:00 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-04-23 13:02:26 -05:00
|
|
|
for (let tag in data['dist-tags']) {
|
2016-04-18 14:53:00 -05:00
|
|
|
if (Array.isArray(data['dist-tags'][tag])) {
|
|
|
|
if (data['dist-tags'][tag].length) {
|
|
|
|
// sort array
|
2017-04-23 13:02:26 -05:00
|
|
|
sorted = module.exports.semver_sort(data['dist-tags'][tag]);
|
2016-04-18 14:53:00 -05:00
|
|
|
if (sorted.length) {
|
|
|
|
// use highest version based on semver sort
|
2017-04-23 13:02:26 -05:00
|
|
|
data['dist-tags'][tag] = sorted.pop();
|
2016-04-18 14:53:00 -05:00
|
|
|
}
|
|
|
|
} else {
|
2017-04-23 13:02:26 -05:00
|
|
|
delete data['dist-tags'][tag];
|
2016-04-18 14:53:00 -05:00
|
|
|
}
|
|
|
|
} else if (typeof data['dist-tags'][tag] === 'string') {
|
|
|
|
if (!Semver.parse(data['dist-tags'][tag], true)) {
|
|
|
|
// if the version is invalid, delete the dist-tag entry
|
2017-04-23 13:02:26 -05:00
|
|
|
delete data['dist-tags'][tag];
|
2016-04-18 14:53:00 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2017-04-23 13:02:26 -05:00
|
|
|
};
|