Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-03-25 02:32:52 -05:00
Code Issues Activity

merge pull request #2182 from verdaccio/6.x

Browse source 
build: merge 6.x into master
This commit is contained in:
Juan Picado 2021-04-10 11:35:42 +02:00 committed by GitHub
commit 01f9b3c3b4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1661 changed files with 225267 additions and 54584 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
.babelrc Normal file
View file

@ -0,0 +1,26 @@
{
"presets": [ [
"@babel/env",
{
"useBuiltIns": "usage",
"corejs": {
"version": 3, "proposals": true
},
"targets": {
"node": 12
}
}
],
"@babel/typescript"
],
"plugins": [
"babel-plugin-dynamic-import-node",
"@babel/proposal-class-properties",
"@babel/proposal-object-rest-spread",
"@babel/plugin-proposal-optional-chaining",
"@babel/plugin-proposal-nullish-coalescing-operator"
],
"ignore": [
"**/*.d.ts"
]
}

8
.changeset/README.md Normal file
View file

@ -0,0 +1,8 @@
# Changesets
Hello and welcome! This folder has been automatically generated by `@changesets/cli`, a build tool that works
with multi-package repos, or single-package repos to help you version and publish your code. You can
find the full documentation for it [in our repository](https://github.com/changesets/changesets)
We have a quick list of common questions to get you started engaging with this project in
[our documentation](https://github.com/changesets/changesets/blob/master/docs/common-questions.md)

23
.changeset/big-lobsters-sin.md Normal file
View file

@ -0,0 +1,23 @@
---
'@verdaccio/local-storage': major
'@verdaccio/url': major
'verdaccio-aws-s3-storage': major
'verdaccio-google-cloud': major
'verdaccio-memory': major
'@verdaccio/store': major
---
# async storage plugin bootstrap
Gives a storage plugin the ability to perform asynchronous tasks on initialization
## Breaking change
Plugin must have an init method in which asynchronous tasks can be executed
```js
public async init(): Promise<void> {
this.data = await this._fetchLocalPackages();
this._sync();
}
```

10
.changeset/config.json Normal file
View file

@ -0,0 +1,10 @@
{
"$schema": "https://unpkg.com/@changesets/config@1.3.0/schema.json",
"changelog": "@changesets/cli/changelog",
"commit": false,
"linked": [],
"access": "public",
"baseBranch": "6.x",
"updateInternalDependencies": "patch",
"ignore": []
}

46
.changeset/few-cooks-destroy.md Normal file
View file

@ -0,0 +1,46 @@
---
'@verdaccio/api': major
'@verdaccio/auth': major
'@verdaccio/cli': major
'@verdaccio/config': major
'@verdaccio/commons-api': major
'@verdaccio/file-locking': major
'verdaccio-htpasswd': major
'@verdaccio/local-storage': major
'@verdaccio/readme': major
'@verdaccio/streams': major
'@verdaccio/types': major
'@verdaccio/hooks': major
'@verdaccio/loaders': major
'@verdaccio/logger': major
'@verdaccio/logger-prettify': major
'@verdaccio/middleware': major
'@verdaccio/mock': major
'@verdaccio/node-api': major
'@verdaccio/active-directory': major
'verdaccio-audit': major
'verdaccio-auth-memory': major
'verdaccio-aws-s3-storage': major
'verdaccio-google-cloud': major
'verdaccio-memory': major
'@verdaccio/proxy': major
'@verdaccio/server': major
'@verdaccio/store': major
'@verdaccio/dev-types': major
'@verdaccio/utils': major
'verdaccio': major
'@verdaccio/web': major
'@verdaccio/website': major
---
feat!: experiments config renamed to flags
- The `experiments` configuration is renamed to `flags`. The functionality is exactly the same.
```js
flags: token: false;
search: false;
```
- The `self_path` property from the config file is being removed in favor of `config_file` full path.
- Refactor `config` module, better types and utilities

6
.changeset/fifty-jars-rest.md Normal file
View file

@ -0,0 +1,6 @@
---
'@verdaccio/middleware': patch
'@verdaccio/web': patch
---
Remove @ts-ignore and any in packages/web/src/endpoint/package.ts

44
.changeset/gentle-trains-switch.md Normal file
View file

@ -0,0 +1,44 @@
---
'@verdaccio/api': major
'@verdaccio/auth': major
'@verdaccio/cli': major
'@verdaccio/config': major
'@verdaccio/commons-api': major
'@verdaccio/file-locking': major
'verdaccio-htpasswd': major
'@verdaccio/local-storage': major
'@verdaccio/readme': major
'@verdaccio/streams': major
'@verdaccio/types': major
'@verdaccio/hooks': major
'@verdaccio/loaders': major
'@verdaccio/logger': major
'@verdaccio/logger-prettify': major
'@verdaccio/middleware': major
'@verdaccio/mock': major
'@verdaccio/node-api': major
'@verdaccio/proxy': major
'@verdaccio/server': major
'@verdaccio/store': major
'@verdaccio/dev-types': major
'@verdaccio/utils': major
'verdaccio': major
'@verdaccio/web': major
---
- Replace signature handler for legacy tokens by removing deprecated crypto.createDecipher by createCipheriv
- Introduce environment variables for legacy tokens
### Code Improvements
- Add debug library for improve developer experience
### Breaking change
- The new signature invalidates all previous tokens generated by Verdaccio 4 or previous versions.
- The secret key must have 32 characters long.
### New environment variables
- `VERDACCIO_LEGACY_ALGORITHM`: Allows to define the specific algorithm for the token signature which by default is `aes-256-ctr`
- `VERDACCIO_LEGACY_ENCRYPTION_KEY`: By default, the token stores in the database, but using this variable allows to get it from memory

39
.changeset/hip-hounds-destroy.md Normal file
View file

@ -0,0 +1,39 @@
---
'@verdaccio/local-storage': patch
'@verdaccio/ui-theme': patch
'@verdaccio/server': patch
'@verdaccio/api': patch
'@verdaccio/auth': patch
'@verdaccio/cli': patch
'@verdaccio/config': patch
'@verdaccio/commons-api': patch
'@verdaccio/file-locking': patch
'verdaccio-htpasswd': patch
'@verdaccio/readme': patch
'@verdaccio/streams': patch
'@verdaccio/types': patch
'@verdaccio/hooks': patch
'@verdaccio/loaders': patch
'@verdaccio/logger': patch
'@verdaccio/logger-prettify': patch
'@verdaccio/middleware': patch
'@verdaccio/mock': patch
'@verdaccio/node-api': patch
'@verdaccio/active-directory': patch
'verdaccio-audit': patch
'verdaccio-auth-memory': patch
'verdaccio-aws-s3-storage': patch
'verdaccio-google-cloud': patch
'verdaccio-memory': patch
'@verdaccio/proxy': patch
'@verdaccio/store': patch
'@verdaccio/dev-types': patch
'@verdaccio/utils': patch
'verdaccio': patch
'@verdaccio/web': patch
'@verdaccio/e2e-cli': patch
'@verdaccio/e2e-ui': patch
'@verdaccio/website': patch
---
chore: add release step to private regisry on merge changeset pr

20
.changeset/late-adults-love.md Normal file
View file

@ -0,0 +1,20 @@
---
'@verdaccio/api': minor
'verdaccio-htpasswd': minor
'@verdaccio/local-storage': minor
---
feat: remove level dependency by lowdb for npm token cli as storage
### new npm token database
There will be a new database located in your storage named `.token-db.json` which
will store all references to created tokens, **it does not store tokens**, just
mask of them and related metadata required to reference them.
#### Breaking change
If you were relying on `npm token` experiment. This PR will replace the
used database (level) by a json plain based one (lowbd) which does not
require Node.js C++ compilation step and has less dependencies. Since was
a experiment there is no migration step.

6
.changeset/late-parents-act.md Normal file
View file

@ -0,0 +1,6 @@
---
'@verdaccio/hooks': patch
'@verdaccio/proxy': patch
---
refactor: migrate request to node-fetch at hooks package

6
.changeset/modern-spies-tell.md Normal file
View file

@ -0,0 +1,6 @@
---
'@verdaccio/ui-theme': minor
'verdaccio': minor
---
feat: ui theme plugin part of the application

51
.changeset/neat-toes-report.md Normal file
View file

@ -0,0 +1,51 @@
---
'@verdaccio/api': minor
'@verdaccio/auth': minor
'@verdaccio/cli': minor
'@verdaccio/config': minor
'@verdaccio/commons-api': minor
'@verdaccio/file-locking': minor
'verdaccio-htpasswd': minor
'@verdaccio/local-storage': minor
'@verdaccio/readme': minor
'@verdaccio/streams': minor
'@verdaccio/types': minor
'@verdaccio/hooks': minor
'@verdaccio/loaders': minor
'@verdaccio/logger': minor
'@verdaccio/logger-prettify': minor
'@verdaccio/middleware': minor
'@verdaccio/mock': minor
'@verdaccio/node-api': minor
'@verdaccio/active-directory': minor
'verdaccio-audit': minor
'verdaccio-auth-memory': minor
'verdaccio-aws-s3-storage': minor
'verdaccio-google-cloud': minor
'verdaccio-memory': minor
'@verdaccio/ui-theme': minor
'@verdaccio/proxy': minor
'@verdaccio/server': minor
'@verdaccio/store': minor
'@verdaccio/dev-types': minor
'@verdaccio/utils': minor
'verdaccio': minor
'@verdaccio/web': minor
---
feat: add server rate limit protection to all request
To modify custom values, use the server settings property.
```markdown
server:
## https://www.npmjs.com/package/express-rate-limit#configuration-options
rateLimit:
windowMs: 1000
max: 10000
```
The values are intended to be high, if you want to improve security of your server consider
using different values.

5
.changeset/perfect-kangaroos-agree.md Normal file
View file

@ -0,0 +1,5 @@
---
'@verdaccio/cli': major
---
feat: use clipanion over commander

30
.changeset/plenty-news-remember.md Normal file
View file

@ -0,0 +1,30 @@
---
'@verdaccio/auth': major
'verdaccio-htpasswd': major
'verdaccio-audit': major
'@verdaccio/server': major
'@verdaccio/cli-standalone': major
---
feat: standalone registry with no dependencies
## Usage
To install a server with no dependencies
```bash
npm install -g @verdaccio/standalone
```
with no internet required
```bash
npm install -g ./tarball.tar.gz
```
Bundles htpasswd and audit plugins.
### Breaking Change
It does not allow anymore the `auth` and `middleware` property at config file empty,
it will fallback to those plugins by default.

36
.changeset/plenty-spiders-melt.md Normal file
View file

@ -0,0 +1,36 @@
---
'@verdaccio/api': minor
'@verdaccio/auth': minor
'@verdaccio/cli': minor
'@verdaccio/config': minor
'@verdaccio/commons-api': minor
'@verdaccio/file-locking': minor
'verdaccio-htpasswd': minor
'@verdaccio/local-storage': minor
'@verdaccio/readme': minor
'@verdaccio/streams': minor
'@verdaccio/types': minor
'@verdaccio/hooks': minor
'@verdaccio/loaders': minor
'@verdaccio/logger': minor
'@verdaccio/logger-prettify': minor
'@verdaccio/middleware': minor
'@verdaccio/mock': minor
'@verdaccio/node-api': minor
'@verdaccio/proxy': minor
'@verdaccio/server': minor
'@verdaccio/store': minor
'@verdaccio/dev-types': minor
'@verdaccio/utils': minor
'verdaccio': minor
'@verdaccio/web': minor
'@verdaccio/website': minor
---
feat: add typescript project references settings
Reading https://ebaytech.berlin/optimizing-multi-package-apps-with-typescript-project-references-d5c57a3b4440 I realized I can use project references to solve the issue to pre-compile modules on develop mode.
It allows to navigate (IDE) trough the packages without need compile the packages.
Add two `tsconfig`, one using the previous existing configuration that is able to produce declaration files (`tsconfig.build`) and a new one `tsconfig` which is enables [_projects references_](https://www.typescriptlang.org/docs/handbook/project-references.html).

6
.changeset/plenty-tables-refuse.md Normal file
View file

@ -0,0 +1,6 @@
---
'@verdaccio/cli': minor
'@verdaccio/node-api': minor
---
feat: improve cli loggin on start up

67
.changeset/pre.json Normal file
View file

@ -0,0 +1,67 @@
{
"mode": "pre",
"tag": "6-next",
"initialVersions": {
"@verdaccio/api": "6.0.0-alpha.0",
"@verdaccio/auth": "6.0.0-alpha.0",
"@verdaccio/cli": "6.0.0-alpha.0",
"@verdaccio/config": "6.0.0-alpha.0",
"@verdaccio/commons-api": "11.0.0-alpha.0",
"@verdaccio/file-locking": "11.0.0-alpha.0",
"verdaccio-htpasswd": "11.0.0-alpha.0",
"@verdaccio/local-storage": "11.0.0-alpha.0",
"@verdaccio/readme": "11.0.0-alpha.0",
"@verdaccio/streams": "11.0.0-alpha.0",
"@verdaccio/types": "11.0.0-alpha.0",
"@verdaccio/hooks": "6.0.0-alpha.0",
"@verdaccio/loaders": "6.0.0-alpha.0",
"@verdaccio/logger": "6.0.0-alpha.0",
"@verdaccio/logger-prettify": "6.0.0-alpha.0",
"@verdaccio/middleware": "6.0.0-alpha.0",
"@verdaccio/mock": "6.0.0-alpha.0",
"@verdaccio/node-api": "6.0.0-alpha.0",
"@verdaccio/proxy": "6.0.0-alpha.0",
"@verdaccio/server": "6.0.0-alpha.0",
"@verdaccio/store": "6.0.0-alpha.0",
"@verdaccio/dev-types": "6.0.0-alpha.0",
"@verdaccio/utils": "6.0.0-alpha.0",
"verdaccio": "6.0.0-alpha.0",
"@verdaccio/web": "6.0.0-alpha.0",
"@verdaccio/active-directory": "11.0.0-alpha.0",
"verdaccio-audit": "11.0.0-alpha.0",
"verdaccio-auth-memory": "11.0.0-alpha.0",
"verdaccio-aws-s3-storage": "11.0.0-alpha.0",
"verdaccio-google-cloud": "11.0.0-alpha.0",
"verdaccio-memory": "11.0.0-alpha.0",
"@verdaccio/website": "0.0.1",
"@verdaccio/ui-theme": "6.0.0-alpha.1",
"@verdaccio/e2e-cli": "1.0.0",
"@verdaccio/e2e-ui": "1.0.0",
"@verdaccio/cli-standalone": "6.0.0-alpha.3",
"@verdaccio/cli-ui": "6.0.0-alpha.3",
"@verdaccio/tarball": "11.0.0-alpha.3",
"@verdaccio/url": "11.0.0-alpha.3"
},
"changesets": [
"big-lobsters-sin",
"few-cooks-destroy",
"fifty-jars-rest",
"gentle-trains-switch",
"hip-hounds-destroy",
"late-adults-love",
"late-parents-act",
"modern-spies-tell",
"neat-toes-report",
"perfect-kangaroos-agree",
"plenty-news-remember",
"plenty-spiders-melt",
"plenty-tables-refuse",
"pretty-hounds-tap",
"shiny-chefs-heal",
"smart-apricots-kneel",
"spicy-frogs-press",
"tender-bags-call",
"three-pots-sit",
"two-dolls-check"
]
}

29
.changeset/pretty-hounds-tap.md Normal file
View file

@ -0,0 +1,29 @@
---
'@verdaccio/api': patch
'@verdaccio/auth': patch
'@verdaccio/cli': patch
'@verdaccio/config': patch
'@verdaccio/commons-api': patch
'@verdaccio/file-locking': patch
'verdaccio-htpasswd': patch
'@verdaccio/local-storage': patch
'@verdaccio/readme': patch
'@verdaccio/streams': patch
'@verdaccio/types': patch
'@verdaccio/hooks': patch
'@verdaccio/loaders': patch
'@verdaccio/logger': patch
'@verdaccio/logger-prettify': patch
'@verdaccio/middleware': patch
'@verdaccio/mock': patch
'@verdaccio/node-api': patch
'@verdaccio/proxy': patch
'@verdaccio/server': patch
'@verdaccio/store': patch
'@verdaccio/dev-types': patch
'@verdaccio/utils': patch
'verdaccio': patch
'@verdaccio/web': patch
---
Enable prerelease mode with **changesets**

5
.changeset/shiny-chefs-heal.md Normal file
View file

@ -0,0 +1,5 @@
---
'@verdaccio/api': patch
---
testing changesets

79
.changeset/smart-apricots-kneel.md Normal file
View file

@ -0,0 +1,79 @@
---
'@verdaccio/ui-theme': major
'@verdaccio/cli-standalone': major
'@verdaccio/web': major
---
feat: flexible user interface generator
**breaking change**
The UI does not provide a pre-generated `index.html`, instead the server generates
the body of the web application based in few parameters:
- Webpack manifest
- User configuration details
It allows inject html tags, javascript and new CSS to make the page even more flexible.
### Web new properties for dynamic template
The new set of properties are made in order allow inject _html_ and _JavaScript_ scripts within the template. This
might be useful for scenarios like Google Analytics scripts or custom html in any part of the body.
- metaScripts: html injected before close the `head` element.
- scriptsBodyAfter: html injected before close the `body` element.
- bodyAfter: html injected after _verdaccio_ JS scripts.
```yaml
web:
scriptsBodyAfter:
- '<script type="text/javascript" src="https://my.company.com/customJS.min.js"></script>'
metaScripts:
- '<script type="text/javascript" src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>'
- '<script type="text/javascript" src="https://browser.sentry-cdn.com/5.15.5/bundle.min.js"></script>'
- '<meta name="robots" content="noindex" />'
bodyBefore:
- '<div id="myId">html before webpack scripts</div>'
bodyAfter:
- '<div id="myId">html after webpack scripts</div>'
```
### UI plugin changes
- `index.html` is not longer used, template is generated based on `manifest.json` generated by webpack.
- Plugin must export:
- the manifest file.
- the manifest files: matcher (array of id that generates required scripts to run the ui)
- static path: The absolute path where the files are located in `node_modules`
```
exports.staticPath = path.join(__dirname, 'static');
exports.manifest = require('./static/manifest.json');
exports.manifestFiles = {
js: ['runtime.js', 'vendors.js', 'main.js'],
css: [],
ico: 'favicon.ico',
};
```
- Remove font files
- CSS is inline on JS (this will help with #2046)
### Docker v5 Examples
- Move all current examples to v4 folder
- Remove any v3 example
- Create v5 folder with Nginx Example
#### Related tickets
https://github.com/verdaccio/verdaccio/issues/1523
https://github.com/verdaccio/verdaccio/issues/1297
https://github.com/verdaccio/verdaccio/issues/1593
https://github.com/verdaccio/verdaccio/discussions/1539
https://github.com/verdaccio/website/issues/264
https://github.com/verdaccio/verdaccio/issues/1565
https://github.com/verdaccio/verdaccio/issues/1251
https://github.com/verdaccio/verdaccio/issues/2029
https://github.com/verdaccio/docker-examples/issues/29

32
.changeset/spicy-frogs-press.md Normal file
View file

@ -0,0 +1,32 @@
---
'verdaccio-htpasswd': major
---
feat: allow other password hashing algorithms (#1917)
**breaking change**
The current implementation of the `htpasswd` module supports multiple hash formats on verify, but only `crypt` on sign in.
`crypt` is an insecure old format, so to improve the security of the new `verdaccio` release we introduce the support of multiple hash algorithms on sign in step.
### New hashing algorithms
The new possible hash algorithms to use are `bcrypt`, `md5`, `sha1`. `bcrypt` is chosen as a default, because of its customizable complexity and overall reliability. You can read more about them [here](https://httpd.apache.org/docs/2.4/misc/password_encryptions.html).
Two new properties are added to `auth` section in the configuration file:
- `algorithm` to choose the way you want to hash passwords.
- `rounds` is used to determine `bcrypt` complexity. So one can improve security according to increasing computational power.
Example of the new `auth` config file section:
```yaml
auth:
htpasswd:
file: ./htpasswd
max_users: 1000
# Hash algorithm, possible options are: "bcrypt", "md5", "sha1", "crypt".
algorithm: bcrypt
# Rounds number for "bcrypt", will be ignored for other algorithms.
rounds: 10
```

9
.changeset/tender-bags-call.md Normal file
View file

@ -0,0 +1,9 @@
---
'@verdaccio/logger': major
---
logging prettifier only in development mode
- Verdaccio prettify `@verdaccio/logger-prettify` the logging which looks beautiful. But there are scenarios which does not make sense in production. This feature enables disable by default the prettifies if production `NODE_ENV` is enabled.
- Updates pino.js to `^6.7.0`.
- Suppress the warning when prettifier is enabled `suppressFlushSyncWarning`

33
.changeset/three-pots-sit.md Normal file
View file

@ -0,0 +1,33 @@
---
'@verdaccio/api': patch
'@verdaccio/auth': patch
'@verdaccio/cli': patch
'@verdaccio/config': patch
'@verdaccio/commons-api': patch
'@verdaccio/file-locking': patch
'verdaccio-htpasswd': patch
'@verdaccio/local-storage': patch
'@verdaccio/readme': patch
'@verdaccio/types': patch
'@verdaccio/hooks': patch
'@verdaccio/loaders': patch
'@verdaccio/logger': patch
'@verdaccio/logger-prettify': patch
'@verdaccio/middleware': patch
'@verdaccio/mock': patch
'@verdaccio/node-api': patch
'@verdaccio/proxy': patch
'@verdaccio/server': patch
'@verdaccio/store': patch
'@verdaccio/dev-types': patch
'@verdaccio/utils': patch
'verdaccio': patch
---
ESLint Warnings Fixed
Related to issue #1461
- max-len: most of the sensible max-len errors are fixed
- no-unused-vars: most of these types of errors are fixed by deleting not needed declarations
- @typescript-eslint/no-unused-vars: same as above

28
.changeset/two-dolls-check.md Normal file
View file

@ -0,0 +1,28 @@
---
'@verdaccio/cli': major
'@verdaccio/config': major
'@verdaccio/types': major
'@verdaccio/logger': major
'@verdaccio/node-api': major
'verdaccio-google-cloud': major
'verdaccio': major
---
feat: node api new structure based on promise
```js
import { runServer } from '@verdaccio/node-api';
// or
import { runServer } from 'verdaccio';
const app = await runServer(); // default configuration
const app = await runServer('./config/config.yaml');
const app = await runServer({ configuration });
app.listen(4000, (event) => {
// do something
});
```
### Breaking Change
If you are using the node-api, the new structure is Promise based and less arguments.

19
.dockerignore
View file

@ -8,19 +8,22 @@
.*
# you can add exceptions like in .gitignore to maintain a whitelist:
# e.g.
!babel.config.js
!.babelrc
!.eslintrc
!.prettierrc
!.prettierrc.json
!.prettierignore
!.eslintignore
!.stylelintrc
!.jest.config.js
!.jestEnvironment.js
!.yarnrc.yml
!.yarn/releases/yarn-berry.cjs
!.yarn/plugins/*
# do not copy over node_modules we will run `npm install` anyway
# do not copy over node_modules we will run `pnpm install` anyway
node_modules
website
jest
docs
contrib
docker-examples
website
systemd
# output from test runs and similar things
*.log

3
.editorconfig
View file

@ -7,6 +7,7 @@ end_of_line = lf
insert_final_newline = true
# 2 space indentation
[{.,}*.{js,jsx,yml,yaml}]
[{.,}*.{ts,tsx,js,jsx,yml,yaml}]
indent_style = space
indent_size = 2
quote_type = single

31
.eslintignore
View file

@ -1,22 +1,11 @@
node_modules
coverage/
wiki/
static/
flow-typed/
website/
**/fixtures/**
**/mock/store/**
**/partials/**
**/types/custom.d.ts
build/
*.md
*.lock
*.yaml
Dockerfile
*.rpi
*.html
*.scss
*.png
*.jpg
*.sh
*.ico
test/unit/partials/
types/custom.d.ts
docker-examples/
LICENSE
coverage/
flow-typed/
node_modules/
static/
website/
wiki/

2
.eslintrc
View file

@ -59,7 +59,7 @@
"camelcase": "off",
"guard-for-in": "error",
"new-cap": "error",
"max-len": ["error", 180],
"max-len": ["error", 100],
"no-console": ["error", { "allow": ["warn"] }],
"no-constant-condition": "error",
"no-debugger": "error",

199
.gitattributes vendored Normal file
View file

@ -0,0 +1,199 @@
## GITATTRIBUTES FOR WEB PROJECTS
#
# These settings are for any web project.
#
# Details per file setting:
# text These files should be normalized (i.e. convert CRLF to LF).
# binary These files are binary and should be left untouched.
#
# Note that binary is a macro for -text -diff.
######################################################################
# Auto detect
## Handle line endings automatically for files detected as
## text and leave all files detected as binary untouched.
## This will handle all files NOT defined below.
* text=lf
# Source code
*.bash text eol=lf
*.bat text eol=crlf
*.cmd text eol=crlf
*.coffee text eol=lf
*.css text eol=lf
*.htm text diff=html
*.html text diff=html
*.inc text eol=lf
*.ini text eol=lf
*.js text eol=lf
*.json text eol=lf
*.jsx text eol=lf
*.less text eol=lf
*.ls text eol=lf
*.map text -diff
*.od text eol=lf
*.onlydata text eol=lf
*.php text diff=php
*.pl text eol=lf
*.ps1 text eol=crlf
*.py text diff=python
*.rb text diff=ruby
*.sass text eol=lf
*.scm text eol=lf
*.scss text diff=css
*.sh text eol=lf
*.sql text eol=lf
*.styl text eol=lf
*.tag text eol=lf
*.ts text eol=lf
*.tsx text eol=lf
*.xml text eol=lf
*.xhtml text diff=html
# Docker
Dockerfile text eol=lf
# Documentation
*.ipynb text eol=lf
*.markdown text eol=lf
*.md text eol=lf
*.mdwn text eol=lf
*.mdown text eol=lf
*.mkd text eol=lf
*.mkdn text eol=lf
*.mdtxt text eol=lf
*.mdtext text eol=lf
*.txt text eol=lf
AUTHORS text eol=lf
CHANGELOG text eol=lf
CHANGES text eol=lf
CONTRIBUTING text eol=lf
COPYING text eol=lf
copyright text eol=lf
*COPYRIGHT* text eol=lf
INSTALL text eol=lf
license text eol=lf
LICENSE text eol=lf
NEWS text eol=lf
readme text eol=lf
*README* text eol=lf
TODO text eol=lf
# Templates
*.dot text eol=lf
*.ejs text eol=lf
*.haml text eol=lf
*.handlebars text eol=lf
*.hbs text eol=lf
*.hbt text eol=lf
*.jade text eol=lf
*.latte text eol=lf
*.mustache text eol=lf
*.njk text eol=lf
*.phtml text eol=lf
*.tmpl text eol=lf
*.tpl text eol=lf
*.twig text eol=lf
*.vue text eol=lf
# Configs
*.cnf text eol=lf
*.conf text eol=lf
*.config text eol=lf
.editorconfig text eol=lf
.env text eol=lf
.gitattributes text eol=lf
.gitconfig text eol=lf
.htaccess text eol=lf
*.lock text -diff
package-lock.json text -diff
*.toml text eol=lf
*.yaml text eol=lf
*.yml text eol=lf
browserslist text eol=lf
Makefile text eol=lf
makefile text eol=lf
# Heroku
Procfile text eol=lf
# Graphics
*.ai binary
*.bmp binary
*.eps binary
*.gif binary
*.gifv binary
*.ico binary
*.jng binary
*.jp2 binary
*.jpg binary
*.jpeg binary
*.jpx binary
*.jxr binary
*.pdf binary
*.png binary
*.psb binary
*.psd binary
# SVG treated as an asset (binary) by default.
*.svg text eol=lf
# If you want to treat it as binary,
# use the following line instead.
# *.svg binary
*.svgz binary
*.tif binary
*.tiff binary
*.wbmp binary
*.webp binary
# Audio
*.kar binary
*.m4a binary
*.mid binary
*.midi binary
*.mp3 binary
*.ogg binary
*.ra binary
# Video
*.3gpp binary
*.3gp binary
*.as binary
*.asf binary
*.asx binary
*.fla binary
*.flv binary
*.m4v binary
*.mng binary
*.mov binary
*.mp4 binary
*.mpeg binary
*.mpg binary
*.ogv binary
*.swc binary
*.swf binary
*.webm binary
# Archives
*.7z binary
*.gz binary
*.jar binary
*.rar binary
*.tar binary
*.zip binary
# Fonts
*.ttf binary
*.eot binary
*.otf binary
*.woff binary
*.woff2 binary
# Executables
*.exe binary
*.pyc binary
# RC files (like .babelrc or .eslintrc)
*.*rc text eol=lf
# Ignore files (like .npmignore or .gitignore)
*.*ignore text eol=lf

15
.github/ISSUE_TEMPLATE/bug_report.md vendored
View file

@ -7,9 +7,11 @@ assignees: ''
---
**Describe the bug**
<!-- A clear and concise description of what the bug is. -->
**To Reproduce**
<!-- IMPORTANT:
- How to reproduce the issue
- Steps to reproduce the issue
@ -18,9 +20,11 @@ Be aware, the lack of reproducible steps the issue might cause your ticket to be
-->
**Expected behavior**
<!-- A clear and concise description of what you expected to happen. -->
**Screenshots**
<!-- If applicable, add screenshots to help explain your problem. -->
**Configuration File (cat ~/.config/verdaccio/config.yaml)**
@ -28,16 +32,17 @@ Be aware, the lack of reproducible steps the issue might cause your ticket to be
<!-- Please be careful do not leak any sensitive information, remove tokens -->
**Environment information**
<!-- Please paste the results of running `verdaccio --info` -->
**Debugging output**
- `$ NODE_DEBUG=request verdaccio` display request calls (verdaccio <--> uplinks)
- `$ DEBUG=express:* verdaccio` enable extreme verdaccio debug mode (verdaccio api)
- `$ npm -ddd` prints:
- `$ npm config get registry` prints:
- `$ NODE_DEBUG=request verdaccio` display request calls (verdaccio <--> uplinks)
- `$ DEBUG=express:* verdaccio` enable extreme verdaccio debug mode (verdaccio api)
- `$ npm -ddd` prints:
- `$ npm config get registry` prints:
<!--
IMPORTANT: please do not attach external files, all content should be visible from any device.
-->

3
.github/ISSUE_TEMPLATE/feature.md vendored
View file

@ -1,10 +1,9 @@
---
name: "Feature Request \U0001F52E"
name: 'Feature Request 🔮'
about: You want a feature request.
title: ''
labels: 'topic: feature request'
assignees: ''
---
<!--

24
.github/dependabot.yml vendored
View file

@ -5,23 +5,21 @@
version: 2
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
- package-ecosystem: 'github-actions'
directory: '/'
schedule:
interval: "weekly"
interval: 'weekly'
# Maintain dependencies for npm
- package-ecosystem: "npm"
directory: "/"
- package-ecosystem: 'npm'
directory: '/'
schedule:
interval: "daily"
allow:
- dependency-name: "@verdaccio/*"
- dependency-name: "verdaccio-*"
interval: 'daily'
allow:
- dependency-name: '@verdaccio/*'
- dependency-name: 'verdaccio-*'
assignees:
- "verdacciobot"
- 'verdacciobot'
labels:
- "bot: dependencies"
- 'bot: dependencies'

131
.github/disabled/e2e-angular-cli-workflow.yml vendored Normal file
View file

@ -0,0 +1,131 @@
on:
schedule:
- cron: '0 3 * * 5'
pull_request:
branches:
- '**'
name: 'E2E Angular CLI with verdaccio'
jobs:
# todo: fix yarn global issue, cannot find ng
# yarn:
# strategy:
# fail-fast: false
# matrix:
# os: [ubuntu-latest, windows-latest]
#
# name: '${{ matrix.os }} / yarn:angular example'
# runs-on: ${{ matrix.os }}
#
# steps:
# - uses: actions/checkout@v2.3.1
#
# - name: 'Use Node.js 10.x'
# uses: actions/setup-node@v2.1.1
# with:
# node-version: 10.x
# - name: Install Dependencies
# run: yarn install --pure-lockfile
# - name: 'Run verdaccio in the background'
# run: |
# nohup node ./scripts/run-verdaccio.js &
# - name: 'Ping to verdaccio'
# run: |
# npm ping --registry http://localhost:4873
# - name: 'Running the integration test'
# run: |
# source scripts/e2e-setup-ci.sh
# yarn init --yes
#
# yarn global add @angular/cli
# which nodemon
# ng new verdaccio-angular --interactive=false
#
# cd verdaccio-angular
# echo "registry=http://localhost:4873" > ~/.npmrc
# yarn add @angular-devkit/core@next @babel/preset-env @babel/core -D
#
# ng build --aot
npm:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest]
name: '${{ matrix.os }} / npm:angular example'
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v2.3.1
- name: 'Use Node.js 10.x'
uses: actions/setup-node@v2.1.1
with:
node-version: 10.x
- name: 'install latest npm'
run: npm i -g npm
- name: Install Dependencies
run: yarn install --pure-lockfile
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js &
- name: 'Ping to verdaccio'
run: |
npm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
echo "registry=http://localhost:4873" > ~/.npmrc
npm config set loglevel="http"
npm config set fetch-retries="5"
npm config set fetch-retry-factor="50"
npm config set fetch-retry-mintimeout="20000"
npm config set fetch-retry-maxtimeout="80000"
npm install -g @angular/cli
ng new verdaccio-angular --interactive=false
cd verdaccio-angular
npm install @angular-devkit/core@next @babel/preset-env @babel/core -D
npm run ng build --aot
# pnpm throws errors worth to check why
# pnpm:
# strategy:
# fail-fast: false
# matrix:
# os: [ubuntu-latest, windows-latest]
#
# name: '${{ matrix.os }} / pnpm:angular example'
# runs-on: ${{ matrix.os }}
#
# steps:
# - uses: actions/checkout@v2.3.1
#
# - name: 'Use Node.js 10.x'
# uses: actions/setup-node@v2.1.1
# with:
# node-version: 10.x
# - name: 'install latest pnpm'
# run: npm i -g pnpm
# - name: Install Dependencies
# run: yarn install --pure-lockfile
# - name: 'Run verdaccio in the background'
# run: |
# nohup node ./scripts/run-verdaccio.js &
# - name: 'Ping to verdaccio'
# run: |
# pnpm ping --registry http://localhost:4873
# - name: 'Running the integration test'
# run: |
# source scripts/e2e-setup-ci.sh
# pnpm init --force
#
# pnpm install -g @angular/cli
# ng new verdaccio-angular --interactive=false
#
# cd verdaccio-angular
# echo "registry=http://localhost:4873" > ~/.npmrc
# pnpm install @angular-devkit/core@next @babel/preset-env @babel/core -D
#
# pnpm run ng build --aot

9
.github/workflows/e2e-gatsbyjs-cli-workflow.yml → .github/disabled/e2e-gatsbyjs-cli-workflow.yml vendored
View file

@ -8,8 +8,13 @@ on:
name: 'E2E Gatsby.js CLI with verdaccio'
jobs:
npm:
name: 'npm:gatsby example'
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest]
name: '${{ matrix.os }} / npm:gatsby example'
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v2.3.3

121
.github/disabled/e2e-jest-workflow.yml vendored Normal file
View file

@ -0,0 +1,121 @@
on:
schedule:
- cron: '0 3 * * 5'
pull_request:
branches:
- '**'
name: 'E2E Jest with verdaccio'
jobs:
yarn:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest]
name: '${{ matrix.os }} / yarn:jest example'
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v2.3.1
- name: 'Use Node.js 10.x'
uses: actions/setup-node@v2.1.1
with:
node-version: 10.x
- name: Install Dependencies
run: yarn install --pure-lockfile
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js &
- name: 'Ping to verdaccio'
run: |
npm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
yarn init --yes
yarn add jest --registry http://localhost:4873
echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
yarn jest pass.test.js
yarn add left-pad --registry http://localhost:4873 --verbose
echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
yarn jest module.test.js
npm:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest]
name: '${{ matrix.os }} / npm:jest example'
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v2.3.1
- name: 'Use Node.js 10.x'
uses: actions/setup-node@v2.1.1
with:
node-version: 10.x
- name: 'install latest npm'
run: npm i -g npm
- name: Install Dependencies
run: yarn install --pure-lockfile
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js &
- name: 'Ping to verdaccio'
run: |
npm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
npm init --force
npm install jest --registry http://localhost:4873
echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
yarn jest pass.test.js
yarn add left-pad --registry http://localhost:4873 --verbose
echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
yarn jest module.test.js
pnpm:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest]
name: '${{ matrix.os }} / pnpm:jest example'
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v2.3.1
- name: 'Use Node.js 10.x'
uses: actions/setup-node@v2.1.1
with:
node-version: 10.x
- name: 'install latest pnpm'
run: npm i -g pnpm
- name: Install Dependencies
run: yarn install --pure-lockfile
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js &
- name: 'Ping to verdaccio'
run: |
pnpm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
pnpm init --force
pnpm install jest --registry http://localhost:4873
echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
yarn jest pass.test.js
yarn add left-pad --registry http://localhost:4873 --verbose
echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
yarn jest module.test.js

4
.github/workflows/registry.yml → .github/disabled/registry.yml vendored
View file

@ -2,7 +2,7 @@ name: Test local registry for js vulnerabilities
on:
schedule:
- cron: '0 */4 1 * *'
- cron: '0 4 * * 4'
jobs:
security:
runs-on: ubuntu-latest
@ -10,4 +10,4 @@ jobs:
- name: Test for public javascript library vulnerabilities
uses: lirantal/is-website-vulnerable@1.15.10
with:
scan-url: "https://registry.verdaccio.org"
scan-url: 'https://registry.verdaccio.org'

35
.github/disabled/release-canary.yml vendored Normal file
View file

@ -0,0 +1,35 @@
name: Canary Release to Verdaccio
on:
pull_request:
paths:
- .github/workflows/release-canary.yml
- 'packages/**'
- 'package.json'
- 'lerna.json'
jobs:
release:
name: Release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Use Node (latest)
uses: actions/setup-node@v1
with:
node_version: 13
- name: Install
run: yarn --frozen-lockfile
- name: Clean
run: yarn clean
- name: Lint
run: yarn lint
- name: Build
run: yarn build
- name: Test
run: yarn test
- name: Publish
run: |
echo "//registry.verdaccio.org/:_authToken=${{ secrets.VERDACCIO_TOKEN }}" > .npmrc
git update-index --assume-unchanged .npmrc
yarn publish:canary

0
crowdin.yaml → .github/disabled/release.yml vendored
View file

14
.github/lock.yml vendored
View file

@ -13,10 +13,10 @@ lockLabel: false
lockComment: >
🤖This thread has been automatically locked 🔒 since there has not been
any recent activity after it was closed.
We lock tickets after 90 days with the idea to encourage you to open a ticket with new fresh data
and to provide you better feedback 🤝and better visibility 👀.
If you consider, you can attach this ticket 📨 to the new one as a reference for better context.
Thanks for being a part of the Verdaccio community! 💘
@ -26,10 +26,10 @@ lockComment: >
# Optionally, specify configuration settings just for `issues` or `pulls`
issues:
exemptLabels:
- help-wanted
lockLabel: outdated
exemptLabels:
- help-wanted
lockLabel: outdated
pulls:
daysUntilLock: 90
lockLabel: outdated
daysUntilLock: 90
lockLabel: outdated

14
.github/stale.yml vendored
View file

@ -10,17 +10,17 @@ exemptLabels:
- issue: bug
- dev: discuss
# Label to use when marking an issue as stale
staleLabel: issue: wontfix
staleLabel: 'issue: wontfix'
# Comment to post when marking an issue as stale. Set to `false` to disable
markComment: >
Hi pal 👋🏼!
Hi pal 👋🏼!
This issue has gone quiet 😶.
This issue has gone quiet 😶.
We get a lot of issues, so we currently close issues after 25 days of inactivity. Its been at least 15 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add/suggest the label "discuss" to keep this issue open!
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request. Check out [https://github.com/verdaccio/contributing](https://github.com/verdaccio/contributing) for more information about opening PRs, triaging issues, and contributing!
We get a lot of issues, so we currently close issues after 25 days of inactivity. Its been at least 15 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add/suggest the label "discuss" to keep this issue open!
As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request. Check out [https://github.com/verdaccio/contributing](https://github.com/verdaccio/contributing) for more information about opening PRs, triaging issues, and contributing!
Thanks for being a part of the Verdaccio community! 💘
Thanks for being a part of the Verdaccio community! 💘
# Comment to post when closing a stale issue. Set to `false` to disable
closeComment: false

63
.github/workflows/changesets.yml vendored Normal file
View file

@ -0,0 +1,63 @@
name: Changesets
on:
schedule:
- cron: '0 0 * * *'
push:
branches:
- 6.x
env:
CI: true
PNPM_CACHE_FOLDER: .pnpm-store
jobs:
# Update package versions from changesets.
version:
timeout-minutes: 14
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/6.x' && github.repository == 'verdaccio/verdaccio'
steps:
- name: checkout code repository
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: setup node.js
uses: actions/setup-node@v2
with:
node-version: 14
registry-url: 'https://registry.verdaccio.org'
env:
NODE_AUTH_TOKEN: ${{ secrets.VERDACCIO_TOKEN }}
- name: install pnpm
run: npm i pnpm@latest -g
env:
NODE_AUTH_TOKEN: ${{ secrets.VERDACCIO_TOKEN }}
- name: setup pnpm config
run: pnpm config set store-dir $PNPM_CACHE_FOLDER
- name: setup pnpm config registry
run: pnpm config set registry https://registry.verdaccio.org
- name: install dependencies
run: pnpm install
env:
NODE_AUTH_TOKEN: ${{ secrets.VERDACCIO_TOKEN }}
- name: build
run: pnpm build
- name: create versions
uses: changesets/action@master
with:
version: pnpm ci:version
commit: 'chore: update versions'
title: 'chore: update versions'
publish: pnpm ci:publish
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.VERDACCIO_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.VERDACCIO_TOKEN }}

28
.github/workflows/ci-e2e-ui.yml vendored
View file

@ -1,6 +1,18 @@
name: E2E UI
on: [pull_request]
on:
push:
branches:
- 6.x
- 'changeset-release/6.x'
pull_request:
paths:
- .github/workflows/ci.yml
- 'packages/**'
- 'jest/**'
- 'package.json'
- 'pnpm-workspace.yaml'
- 'test/**'
jobs:
ci:
@ -16,12 +28,18 @@ jobs:
steps:
- uses: actions/checkout@v2.3.1
- name: Use Node ${{ matrix.node_version }}
uses: actions/setup-node@v2.1.5
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node_version }}
- name: Install pnpm
run: npm i -g pnpm@latest
- name: Install
run: yarn install --immutable
run: pnpm recursive install
- name: Clean
run: pnpm clean
- name: Build
run: yarn code:build
run: pnpm build
- name: Test UI
run: yarn run test:e2e
run: pnpm test:e2e:ui
env:
DEBUG: verdaccio:e2e*

28
.github/workflows/ci-e2e.yml vendored
View file

@ -1,6 +1,18 @@
name: E2E CLI
on: [pull_request]
on:
push:
branches:
- 5.x
- 'changeset-release/6.x'
pull_request:
paths:
- .github/workflows/ci.yml
- 'packages/**'
- 'jest/**'
- 'package.json'
- 'pnpm-workspace.yaml'
- 'test/**'
jobs:
ci:
@ -16,12 +28,18 @@ jobs:
steps:
- uses: actions/checkout@v2.3.1
- name: Use Node ${{ matrix.node_version }}
uses: actions/setup-node@v2.1.5
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node_version }}
- name: Install pnpm
run: npm i -g pnpm@latest
- name: Install
run: yarn install
run: pnpm recursive install
- name: Clean
run: pnpm clean
- name: Build
run: yarn code:build
run: pnpm build
- name: Test CLI
run: yarn test:e2e:cli
run: pnpm test:e2e:cli
env:
DEBUG: verdaccio:e2e*

49
.github/workflows/ci-pnpm-dev.yml vendored Normal file
View file

@ -0,0 +1,49 @@
name: CI with pnpm 6
on:
push:
branches:
- 5.x
- 'changeset-release/6.x'
pull_request:
paths:
- .changeset/**
- .github/workflows/ci.yml
- 'packages/**'
- 'jest/**'
- 'package.json'
- 'pnpm-workspace.yaml'
jobs:
ci:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest]
node_version: [12, 15]
name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v2.3.1
- name: Use Node ${{ matrix.node_version }}
uses: actions/setup-node@v2
with:
node_version: ${{ matrix.node_version }}
- name: Install pnpm
run: sudo npm i pnpm@dev -g
- name: Install
run: pnpm recursive install
- name: Format
run: pnpm format:check
- name: Lint
run: pnpm lint
- name: Clean
run: pnpm clean
- name: Build
run: pnpm build
- name: Test
run: pnpm test
env:
DEBUG: verdaccio:web:*

39
.github/workflows/ci-website.yml vendored Normal file
View file

@ -0,0 +1,39 @@
name: CI Website
on:
push:
branches:
- master
pull_request:
paths:
- .github/workflows/ci-website.yml
- 'website/**'
jobs:
ci:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest]
node_version: [14]
name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v1
- name: Use Node ${{ matrix.node_version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node_version }}
- name: Install pnpm
run: curl -f https://get.pnpm.io/v6.js | node - add --global pnpm
- name: Install
run: pnpm recursive install
- name: Format
run: pnpm format:check
- name: Lint
run: pnpm lint
- name: Build website
run: |
cd website
pnpm build

56
.github/workflows/ci.yml vendored
View file

@ -1,29 +1,49 @@
name: CI
on: [push, pull_request]
on:
push:
branches:
- 6.x
- 'changeset-release/6.x'
pull_request:
paths:
- .changeset/**
- .github/workflows/ci.yml
- 'packages/**'
- 'jest/**'
- 'package.json'
- 'pnpm-workspace.yaml'
jobs:
ci:
name: Node ${{ matrix.node_version }}
strategy:
fail-fast: false
matrix:
node_version: [12, 14, 15]
os: [ubuntu-latest, windows-latest]
node_version: [12, 14]
runs-on: ubuntu-latest
name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v2.3.3
- name: Use Node ${{ matrix.node_version }}
uses: actions/setup-node@v2.1.5
with:
node-version: ${{ matrix.node_version }}
- name: Install
run: yarn install --immutable
- name: Build
run: yarn code:build
- name: Lint
run: yarn lint
- name: Test
run: yarn test
- uses: actions/checkout@v2.3.1
- name: Use Node ${{ matrix.node_version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node_version }}
- name: Install pnpm
run: npm i pnpm@latest -g
- name: Install
run: pnpm recursive install
- name: Format
run: pnpm format:check
- name: Lint
run: pnpm lint
- name: Clean
run: pnpm clean
- name: Build
run: pnpm build
- name: Test
run: pnpm test
env:
DEBUG: verdaccio:web:*

69
.github/workflows/codeql-analysis.yml vendored
View file

@ -1,52 +1,57 @@
name: "Code scanning - action"
name: 'Code scanning - action'
on:
push:
branches-ignore:
- 5.x
- 'changeset-release/6.x'
- 'dev/**'
pull_request:
paths:
- .github/workflows/ci.yml
- 'packages/**'
schedule:
- cron: '0 2 * * 4'
jobs:
CodeQL-Build:
# CodeQL runs on ubuntu-latest and windows-latest
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2.3.3
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
- name: Checkout repository
uses: actions/checkout@v2.3.1
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
# If this run was triggered by a pull request event, then checkout
# the head of the pull request instead of the merge commit.
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
# If this run was triggered by a pull request event, then checkout
# the head of the pull request instead of the merge commit.
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
# Override language selection by uncommenting this and choosing your languages
# with:
# languages: go, javascript, csharp, python, cpp, java
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
#- run: |
# make bootstrap
# make release
#- run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1

38
.github/workflows/docker-publish-pre-check.yml vendored
View file

@ -1,24 +1,30 @@
name: Docker & Publish Pre-check
on: [push, pull_request]
on:
pull_request:
paths:
- .github/workflows/docker-publish-pre-check.yml
- 'packages/**'
- 'docker-bin/**'
- 'package.json'
- 'lerna.json'
jobs:
testDocker:
name: Test Docker Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: Build
run: docker build .
env:
VERDACCIO_BUILD_REGISTRY: https://registry.verdaccio.org
testVerdaccio:
name: Test Verdaccio Publish
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: Publish
uses: verdaccio/github-actions/publish@v0.4.0
with:
args: -d
- uses: actions/checkout@v2.3.1
- name: Build
run: npm run docker
env:
VERDACCIO_BUILD_REGISTRY: https://registry.verdaccio.org
# testVerdaccio:
# name: Test Verdaccio Publish
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v1
# - name: Publish
# uses: verdaccio/github-actions/publish@v0.4.0
# with:
# args: -d

21
.github/workflows/docker-publish.yml vendored
View file

@ -4,18 +4,17 @@ on:
push:
paths:
- .github/workflows/docker-publish.yml
- 'src/**'
- 'conf/**'
- 'types/**'
- .github/workflows/docker-publish.yml
- 'packages/**'
- 'docker-bin/**'
- 'bin/**'
- 'package.json'
- 'yarn.lock'
- 'pnpm-*.yaml'
- 'Dockerfile'
- '.dockerignore'
branches:
- '**'
- '6.x'
tags:
- 'v*'
- 'v*'
jobs:
docker:
runs-on: ubuntu-latest
@ -35,8 +34,8 @@ jobs:
uses: crazy-max/ghaction-docker-meta@v1
with:
images: ${{ github.repository }}
tag-custom: 5.x-next
tag-custom-only: ${{ github.ref == 'refs/heads/master' }}
tag-custom: 6.x-next
tag-custom-only: ${{ github.ref == 'refs/heads/6.x' }}
tag-semver: |
{{version}}
{{major}}
@ -46,7 +45,7 @@ jobs:
with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
platforms: linux/amd64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}

153
.github/workflows/e2e-angular-cli-workflow.yml vendored
View file

@ -1,153 +0,0 @@
on:
schedule:
- cron: '0 3 * * 5'
pull_request:
branches:
- '**'
name: 'E2E Angular CLI with verdaccio'
jobs:
# todo: fix yarn global issue, cannot find ng
# yarn:
# name: 'yarn:angular example'
# runs-on: ubuntu-latest
#
# steps:
# - uses: actions/checkout@v2.3.3
#
# - name: 'Use Node.js 10.x'
# uses: actions/setup-node@v2.1.5
# with:
# node-version: 10.x
# - name: Install Dependencies
# run: yarn install --pure-lockfile
# - name: 'Run verdaccio in the background'
# run: |
# nohup node ./scripts/run-verdaccio.js &
# - name: 'Ping to verdaccio'
# run: |
# npm ping --registry http://localhost:4873
# - name: 'Running the integration test'
# run: |
# source scripts/e2e-setup-ci.sh
# yarn init --yes
#
# yarn global add @angular/cli
# which nodemon
# ng new verdaccio-angular --interactive=false
#
# cd verdaccio-angular
# echo "registry=http://localhost:4873" > ~/.npmrc
# yarn add @angular-devkit/core@next @babel/preset-env @babel/core -D
#
# ng build --aot
npm:
name: 'npm:angular example'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: 'Use Node.js 14.x'
uses: actions/setup-node@v2.1.5
with:
node-version: 14.x
- name: 'install latest npm'
run: npm i -g npm@latest-6
- name: Install Dependencies
run: yarn install
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js --config ./scripts/e2e-config.yaml &
- name: 'Ping to verdaccio'
run: |
npm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
echo "registry=http://localhost:4873" > ~/.npmrc
npm config set loglevel="http"
npm config set fetch-retries="5"
npm config set fetch-retry-factor="50"
npm config set fetch-retry-mintimeout="20000"
npm config set fetch-retry-maxtimeout="80000"
npm install -g @angular/cli
ng new verdaccio-angular --interactive=false
cd verdaccio-angular
npm install @angular-devkit/core@next @babel/preset-env @babel/core -D
npm run ng build --aot
npm7:
name: 'npm7:angular example'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: 'Use Node.js 14.x'
uses: actions/setup-node@v2.1.5
with:
node-version: 14.x
- name: 'install latest npm'
run: npm i -g npm@next-7
- name: Install Dependencies
run: yarn install
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js --config ./scripts/e2e-config.yaml &
- name: 'Ping to verdaccio'
run: |
npm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
echo "registry=http://localhost:4873" > ~/.npmrc
npm config set loglevel="silent"
npm config set fetch-retries="5"
npm config set fetch-retry-factor="50"
npm config set fetch-retry-mintimeout="20000"
npm config set fetch-retry-maxtimeout="80000"
npm install -g @angular/cli
ng new verdaccio-angular --interactive=false
cd verdaccio-angular
npm install @angular-devkit/core@next @babel/preset-env @babel/core -D
npm run ng build --aot
# pnpm throws errors worth to check why
# pnpm:
# name: 'pnpm:angular example'
# runs-on: ubuntu-latest
#
# steps:
# - uses: actions/checkout@v2.3.3
#
# - name: 'Use Node.js 10.x'
# uses: actions/setup-node@v2.1.1
# with:
# node-version: 10.x
# - name: 'install latest pnpm'
# run: npm i -g pnpm
# - name: Install Dependencies
# run: yarn install --pure-lockfile
# - name: 'Run verdaccio in the background'
# run: |
# nohup node ./scripts/run-verdaccio.js &
# - name: 'Ping to verdaccio'
# run: |
# pnpm ping --registry http://localhost:4873
# - name: 'Running the integration test'
# run: |
# source scripts/e2e-setup-ci.sh
# pnpm init --force
#
# pnpm install -g @angular/cli
# ng new verdaccio-angular --interactive=false
#
# cd verdaccio-angular
# echo "registry=http://localhost:4873" > ~/.npmrc
# pnpm install @angular-devkit/core@next @babel/preset-env @babel/core -D
#
# pnpm run ng build --aot

209
.github/workflows/e2e-jest-workflow.yml vendored
View file

@ -1,209 +0,0 @@
on:
schedule:
- cron: '0 3 * * 5'
pull_request:
branches:
- '**'
name: 'E2E Jest with verdaccio'
jobs:
yarn:
name: 'yarn:jest example'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: 'Use Node.js 12.x'
uses: actions/setup-node@v2.1.5
with:
node-version: 12.x
- name: Install Dependencies
run: yarn install
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js --config ./scripts/e2e-config.yaml &
- name: 'Ping to verdaccio'
run: |
npm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
yarn init --yes
yarn add jest --registry http://localhost:4873
echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
yarn jest pass.test.js
yarn add left-pad --registry http://localhost:4873 --verbose
echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
yarn jest module.test.js
yarn2:
name: 'yarn2:jest example'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: 'Use Node.js 12.x'
uses: actions/setup-node@v2.1.5
with:
node-version: 12.x
- name: Install Dependencies
run: yarn install
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js --config ./scripts/e2e-config.yaml &
- name: 'Ping to verdaccio'
run: |
npm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
yarn init --yes
yarn set version berry
yarn config set npmRegistryServer "http://localhost:4873"
yarn config set unsafeHttpWhitelist --json '["localhost"]'
yarn add jest@26.0.0
echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
yarn jest pass.test.js
yarn add left-pad
echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
yarn jest module.test.js
npm:
name: 'npm:jest example'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: 'Use Node.js 12.x'
uses: actions/setup-node@v2.1.5
with:
node-version: 12.x
- name: 'install latest npm'
run: npm i -g npm@latest-6
- name: Install Dependencies
run: yarn install
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js --config ./scripts/e2e-config.yaml &
- name: 'Ping to verdaccio'
run: |
npm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
npm init --force
npm install jest --registry http://localhost:4873
echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
yarn jest pass.test.js
yarn add left-pad --registry http://localhost:4873 --verbose
echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
yarn jest module.test.js
npm7:
name: 'npm7:jest example'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: 'Use Node.js 12.x'
uses: actions/setup-node@v2.1.5
with:
node-version: 12.x
- name: 'install latest npm'
run: npm i -g npm
- name: Install Dependencies
run: yarn install
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js --config ./scripts/e2e-config.yaml &
- name: 'Ping to verdaccio'
run: |
npm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
npm init --force
npm install jest --registry http://localhost:4873
echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
yarn jest pass.test.js
yarn add left-pad --registry http://localhost:4873 --verbose
echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
yarn jest module.test.js
pnpm:
name: 'pnpm:jest example'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: 'Use Node.js 12.x'
uses: actions/setup-node@v2.1.5
with:
node-version: 12.x
- name: 'install latest pnpm'
run: npm i -g pnpm
- name: Install Dependencies
run: yarn install
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js &
- name: 'Ping to verdaccio'
run: |
pnpm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
pnpm init --force
pnpm install jest --registry http://localhost:4873
echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
yarn jest pass.test.js
yarn add left-pad --registry http://localhost:4873 --verbose
echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
yarn jest module.test.js
pnpm6:
name: 'pnpm6:jest example'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: 'Use Node.js 12.x'
uses: actions/setup-node@v2.1.5
with:
node-version: 12.x
- name: 'install latest pnpm'
run: sudo npm i pnpm@dev -g
- name: Install Dependencies
run: yarn install
- name: 'Run verdaccio in the background'
run: |
nohup node ./scripts/run-verdaccio.js &
- name: 'Ping to verdaccio'
run: |
pnpm ping --registry http://localhost:4873
- name: 'Running the integration test'
run: |
source scripts/e2e-setup-ci.sh
pnpm init --force
pnpm install jest --registry http://localhost:4873
echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
yarn jest pass.test.js
yarn add left-pad --registry http://localhost:4873 --verbose
echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
yarn jest module.test.js

32
.github/workflows/release.yml vendored
View file

@ -1,32 +0,0 @@
name: Release
on:
push:
tags:
- '*'
jobs:
release:
name: Release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: Use Node (latest)
uses: actions/setup-node@v2.1.5
with:
node-version: 14
- name: Install
run: yarn install
- name: Build
run: yarn code:build
- name: Lint
run: yarn lint
- name: Publish
run: sh scripts/publish.sh
env:
REGISTRY_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
REGISTRY_URL: registry.npmjs.org
- name: Create release notes
run: sh scripts/github-release.sh
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

44
.gitignore vendored
View file

@ -1,45 +1,47 @@
npm-debug.log
*.log*
verdaccio-*.tgz
.DS_Store
build/
.eslintcache
./dist
### Test
test/unit/partials/store/test-*-storage/*
test/unit/partials/store/*-storage/*
test/unit/partials/store/storage_default_storage/*
.verdaccio-db.json
.sinopia-db.json
###
!bin/verdaccio
test-storage*
access-storage*
.verdaccio_test_env
node_modules
package-lock.json
npm_test-fails-add-tarball*
yarn-error.log
yarn.lock
# Istanbul
# docker examples
docker-examples/v5/reverse_proxy/nginx/relative_path/storage/*
docker-examples/v5/**/storage/*
# jest
reports/
coverage/
.nyc*
## IDE
.idea/
# React
bundle.js
bundle.js.map
__tests__
# Compiled script
static/*
packages/partials
tsconfig.tsbuildinfo
# This is the Yarn build state; it's local to each clone
/.yarn/build-state.yml
## bundle files
packages/standalone/dist/
## ui
packages/plugins/ui-theme/static
# This is the Yarn install state cache, it can be rebuilt anytime
/.yarn/install-state.gz
.history
# website
website/public
website/.cache
# CI Pnpm cache
.pnpm-store/

4
.npmrc
View file

@ -1,2 +1,4 @@
always-auth = true
fetch-retries="10"
recursive-install = true
registry = https://registry.verdaccio.org
loglevel=warn

2
.nvmrc
View file

@ -1 +1 @@
13
14

21
.prettierignore
View file

@ -14,19 +14,12 @@ CHANGELOG.md
CONTRIBUTORS.md
node_modules/
**/coverage/**
**/static/*.js
**/build/*.js
test/unit/partials/*
build/*
.github/
.vscode/
wiki/
.yarnrc.yml
yarn-error.log
.yarn/
test/functional/store/*
storage_default_storage/*
packages/core/local-storage/_storage/**
packages/standalone/dist/bundle.js
docker-examples/v5/reverse_proxy/nginx/relative_path/storage/*
docker-examples/
.prettierignore
.npmignore
.gitignore
*.ico
build/
.vscode/
.github/

2
.prettierrc.json
View file

@ -1,7 +1,7 @@
{
"endOfLine": "lf",
"useTabs": false,
"printWidth": 180,
"printWidth": 100,
"tabWidth": 2,
"singleQuote": true,
"bracketSpacing": true,

1
.sonarcloud.properties
View file

@ -1 +0,0 @@

156
.vscode/launch.json vendored
View file

@ -1,79 +1,81 @@
{
// Use IntelliSense to learn about possible Node.js debug attributes.
// Hover to view descriptions of existing attributes.
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
"version": "0.2.0",
"configurations": [
{
"type": "node",
"request": "launch",
"name": "CLI Babel Registry",
"stopOnEntry": false,
"program": "${workspaceFolder}/debug/bootstrap.js",
"args": ["-l", "0.0.0.0:4873"],
"env": {
"BABEL_ENV": "registry"
},
"preLaunchTask": "npm: build:webui",
"console": "integratedTerminal"
},
{
"name": "Unit Tests",
"type": "node",
"request": "launch",
"program": "${workspaceRoot}/node_modules/jest-cli/bin/jest.js",
"stopOnEntry": false,
"args": [
"--debug=true" ],
"cwd": "${workspaceRoot}",
"preLaunchTask": "pre-test",
"runtimeExecutable": null,
"runtimeArgs": [
"--nolazy"
],
"env": {
"NODE_ENV": "test",
"TZ": "UTC"
},
"console": "integratedTerminal"
},
{
"name": "Functional Tests",
"type": "node",
"request": "launch",
"program": "${workspaceRoot}/node_modules/.bin/jest",
"stopOnEntry": false,
"args": [
"--config",
"./test/jest.config.functional.js",
"--testPathPattern",
"./test/functional/index*",
"--debug=false",
"--verbose",
"--useStderr",
"--detectOpenHandles"],
"cwd": "${workspaceRoot}",
"env": {
"BABEL_ENV": "testOldEnv",
"VERDACCIO_DEBUG": "true",
"VERDACCIO_DEBUG_INJECT": "true",
"NODE_DEBUG": "TO_DEBUG_REQUEST_REMOVE_THIS_request"
},
"preLaunchTask": "pre-test",
"console": "integratedTerminal",
"runtimeExecutable": null,
"runtimeArgs": [
"--nolazy"
],
},
{
"type": "node",
"request": "launch",
"name": "Verdaccio Compiled",
"preLaunchTask": "npm: code:build",
"program": "${workspaceRoot}/bin/verdaccio",
"args": ["-l", "0.0.0.0:4873"],
"console": "integratedTerminal"
}
]
// Use IntelliSense to learn about possible Node.js debug attributes.
// Hover to view descriptions of existing attributes.
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
"version": "0.2.0",
"configurations": [
{
"name": "Verdaccio Debug",
"port": 9229,
"request": "attach",
"skipFiles": ["<node_internals>/**"],
"type": "pwa-node"
},
{
"type": "node",
"request": "launch",
"name": "CLI Babel Registry",
"stopOnEntry": false,
"program": "${workspaceFolder}/debug/bootstrap.js",
"args": ["-l", "0.0.0.0:4873"],
"env": {
"BABEL_ENV": "registry"
},
"preLaunchTask": "npm: build:webui",
"console": "integratedTerminal"
},
{
"name": "Unit Tests",
"type": "node",
"request": "launch",
"program": "${workspaceRoot}/node_modules/bin/jest",
"stopOnEntry": false,
"args": ["--debug=true"],
"cwd": "${workspaceRoot}",
"runtimeExecutable": null,
"runtimeArgs": ["--nolazy"],
"env": {
"NODE_ENV": "test",
"TZ": "UTC"
},
"console": "integratedTerminal"
},
{
"name": "Functional Tests",
"type": "node",
"request": "launch",
"program": "${workspaceRoot}/node_modules/.bin/jest",
"stopOnEntry": false,
"args": [
"--config",
"./test/jest.config.functional.js",
"--testPathPattern",
"./test/functional/index*",
"--debug=false",
"--verbose",
"--useStderr",
"--detectOpenHandles"
],
"cwd": "${workspaceRoot}",
"env": {
"BABEL_ENV": "testOldEnv",
"VERDACCIO_DEBUG": "true",
"VERDACCIO_DEBUG_INJECT": "true",
"NODE_DEBUG": "TO_DEBUG_REQUEST_REMOVE_THIS_request"
},
"preLaunchTask": "pre-test",
"console": "integratedTerminal",
"runtimeExecutable": null,
"runtimeArgs": ["--nolazy"]
},
{
"type": "node",
"request": "launch",
"name": "Verdaccio Compiled",
"preLaunchTask": "npm: code:build",
"program": "${workspaceRoot}/bin/verdaccio",
"args": ["-l", "0.0.0.0:4873"],
"console": "integratedTerminal"
}
]
}

16
.vscode/settings.json vendored
View file

@ -1,10 +1,12 @@
// Place your settings in this file to overwrite default and user settings.
{
"files.exclude": {
"**/.idea": false,
"**/.nyc_output": true,
"**/build": true,
"**/coverage": true
},
"typescript.tsdk": "node_modules/typescript/lib"
"files.exclude": {
"**/.nyc_output": true,
"**/build": false,
"**/coverage": true,
".idea": true,
"storage_default_storage": true,
".yarn": true
},
"typescript.tsdk": "node_modules/typescript/lib"
}

43
.vscode/tasks.json vendored
View file

@ -1,24 +1,21 @@
{
// See https://go.microsoft.com/fwlink/?LinkId=733558
// for the documentation about the tasks.json format
"version": "2.0.0",
"tasks": [
{
"type": "npm",
"script": "build:webui",
"problemMatcher": []
},
{
"type": "npm",
"script": "code:build",
"problemMatcher": []
},
{
"label": "pre-test",
"dependsOn": [
"npm: code:build",
"npm: test:clean"
]
}
]
}
// See https://go.microsoft.com/fwlink/?LinkId=733558
// for the documentation about the tasks.json format
"version": "2.0.0",
"tasks": [
{
"type": "npm",
"script": "build:webui",
"problemMatcher": []
},
{
"type": "npm",
"script": "code:build",
"problemMatcher": []
},
{
"label": "pre-test",
"dependsOn": ["npm: code:build", "npm: test:clean"]
}
]
}

38
.yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs vendored
View file

File diff suppressed because one or more lines are too long

29
.yarn/plugins/@yarnpkg/plugin-workspace-tools.cjs vendored
View file

File diff suppressed because one or more lines are too long

55
.yarn/releases/yarn-berry.cjs vendored
View file

File diff suppressed because one or more lines are too long

21
.yarnrc.yml
View file

@ -1,21 +0,0 @@
defaultSemverRangePrefix: ""
enableGlobalCache: true
enableTelemetry: false
httpRetry: 10
httpTimeout: 100000
nodeLinker: node-modules
npmRegistryServer: "https://registry.verdaccio.org"
plugins:
- path: .yarn/plugins/@yarnpkg/plugin-workspace-tools.cjs
spec: "@yarnpkg/plugin-workspace-tools"
- path: .yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
spec: "@yarnpkg/plugin-interactive-tools"
yarnPath: .yarn/releases/yarn-berry.cjs

20
CODE_OF_CONDUCT.md
View file

@ -8,19 +8,19 @@ In the interest of fostering an open and welcoming environment, we as contributo
Examples of behavior that contributes to creating a positive environment include:
* Using welcoming and inclusive language
* Being respectful of differing viewpoints and experiences
* Gracefully accepting constructive criticism
* Focusing on what is best for the community
* Showing empathy towards other community members
- Using welcoming and inclusive language
- Being respectful of differing viewpoints and experiences
- Gracefully accepting constructive criticism
- Focusing on what is best for the community
- Showing empathy towards other community members
Examples of unacceptable behavior by participants include:
* The use of sexualized language or imagery and unwelcome sexual attention or advances
* Trolling, insulting/derogatory comments, and personal or political attacks
* Public or private harassment
* Publishing others' private information, such as a physical or electronic address, without explicit permission
* Other conduct which could reasonably be considered inappropriate in a professional setting
- The use of sexualized language or imagery and unwelcome sexual attention or advances
- Trolling, insulting/derogatory comments, and personal or political attacks
- Public or private harassment
- Publishing others' private information, such as a physical or electronic address, without explicit permission
- Other conduct which could reasonably be considered inappropriate in a professional setting
## Our Responsibilities

305
CONTRIBUTING.md
View file

@ -1,86 +1,175 @@
# Contributing to Verdaccio
# Contributing
> ⚠️ If you intend to file a PR with a new feature, please use the 5.x branch for it 🥰 . master branch is available only for **bug fixing** and dependencies updates.
> Any change matters, whatever the size, just do it.
We are happy that you wish to contribute to this project. For that reason, we
present you with this guide.
We are happy that you are willing to contribute. For that reason, we
have prepared these guidelines for you:
Additional information is available on the
[wiki](https://github.com/verdaccio/verdaccio/wiki).
**Table of Contents**
## Contents
- [Contents](#contents)
- [How Do I Contribute?](#how-do-i-contribute)
- [Development](#development)
- [Reporting Bugs](#reporting-bugs)
- [Contributing](#contributing)
- [How Do I Contribute?](#how-do-i-contribute)
- [Development Setup](#development-setup)
- [Building the project](#building-the-project)
- [Running test](#running-test)
- [Running and debugging](#running-and-debugging)
- [Debugging compiled code](#debugging-compiled-code)
- [Reporting Bugs](#reporting-bugs)
- [Read the documentation](#read-the-documentation)
- [What's is not considered a bug?](#whats-is-not-considered-a-bug)
- [Issue Search](#issue-search)
- [Check Website For Solution](#check-website-for-solution)
- [Chat](#chat)
- [Check If It's Been Fixed](#check-if-its-been-fixed)
- [Request Features](#request-features)
- [Request Features](#request-features)
- [Contributing Guidelines](#contributing-guidelines)
- [Submitting a Pull Request](#submitting-a-pull-request)
- [Make Changes and Commit](#make-changes-and-commit)
- [Update Tests](#update-tests)
- [Develop Plugins](#develop-plugins)
- [Caveats](#caveats)
- [Before Commit](#before-commit)
- [Commit Guidelines](#commit-guidelines)
- [Adding a changeset](#adding-a-changeset)
- [Update Tests](#update-tests)
- [Develop Plugins](#develop-plugins)
## How Do I Contribute?
There are different ways to contribute, each with a different level
of involvement and technical knowledge required, such as:
There are different ways to contribute, each comes with a different levels
of tasks, such as:
* [Reporting Bugs](#reporting-bugs)
* [Request Features](#request-features)
* [Develop Plugins](#develop-plugins)
* [Improve Documentation](http://www.verdaccio.org/docs/en/installation.html)
- Report a bug.
- Request a feature you think would be great for verdaccio.
- Fix bugs.
- Test and triage reported bugs by others.
- Work on requested/approved features.
- Improve the codebase (lint, naming, comments, test descriptions, etc...)
**Please read this document carefully. It will help maintainers and readers
in solving your issue(s), evaluating your feature request, etc.**
Verdaccio has several areas of involvement, which might fit you better, eg:
## Development
- **Core**: The [core](https://github.com/verdaccio/verdaccio) is the main repository, built with **Node.js**.
- **Website**: we uses **Gatsby.js** for the **website** and if you are familiar with this technology, you might become the official webmaster.
- **User Interface**: The [user Interface](https://github.com/verdaccio/ui) is based in **react** and **material-ui** and looking for front-end contributors.
- **Kubernetes and Helm**: Ts the official repository for the [**Helm chart**](https://github.com/verdaccio/charts).
Development guides can be found on the [wiki](https://github.com/verdaccio/verdaccio/wiki):
> There are other areas to contribute, like documentation, translation which are not hosted on this repo but check the last section of this notes for further information.
* [Building the project](https://github.com/verdaccio/verdaccio/wiki/Build-Source-Code)
* [Running, debugging, and testing](https://github.com/verdaccio/verdaccio/wiki/Running-and-Debugging-tests)
## Development Setup
Verdaccio uses [_pnpm_](https://pnpm.js.org/) as package manager for development in this repository. Please install the latest one:
```
npm i -g pnpm
```
First step is installing all dependencies:
```
pnpm install
```
### Building the project
To build the project run
```
pnpm build
```
### Running test
```
pnpm test
```
Verdaccio is a mono repository, for running an specific test or package go the specific package eg:
```
cd packages/store
pnpm test
```
or an specific test in that package
```
pnpm test test/merge.dist.tags.spec.ts
```
or a single test unit
```
pnpm test test/merge.dist.tags.spec.ts -- -t 'simple'
```
The coverage is enabled by default, to speed up test running
```
pnpm test test/merge.dist.tags.spec.ts -- -t 'simple' --coverage=false
```
To increase debug output, we use `debug`, to enable it in your test just add
```
DEBUG=verdaccio* pnpm test
```
More details in the debug section
### Running and debugging
We uses [`debug`](https://www.npmjs.com/package/debug) for debug outcome. Each package has it owns namespace.
### Debugging compiled code
Currently you can only run in debug mode pre-compiled packages, to enable debug while running add the `verdaccio` namespace using the `DEBUG` environment variable, like this:
```
DEBUG=verdaccio:* node packages/verdaccio/debug/bootstrap.js
```
On this way can be reviewed every package, but if you need to filter out and display more specific output, increase the name space filter.
```
DEBUG=verdaccio:plugin:* node packages/verdaccio/debug/bootstrap.js
```
The debug code is intended to analyze what is happening under the hood and none of the output is gathered with the logger module.
## Reporting Bugs
We welcome clear, detailed bug reports.
**Bugs are considered features that are not working as described in documentation.**
**Bugs are considered features that are not working as described in
documentation.**
If you've found a bug in Verdaccio **that isn't a security risk**, please file
If you've found a bug in Verdaccio **that isn't a security risk**, please file
a report in our [issue tracker](https://github.com/verdaccio/verdaccio/issues).
**NOTE: Verdaccio still does not support all npm commands. Some were not
considered important and others have not been requested yet.**
> **NOTE: Verdaccio still does not support all npm commands. Some were not
> considered important and others have not been requested yet.**
### Read the documentation
Check whether you are using the software in the way is documented [documentation](http://www.verdaccio.org/docs/en/installation.html).
### What's is not considered a bug?
- _Third party integrations_: proxies integrations, external plugins.
- _Package managers_: If a package manager does not support a specific command or cannot be reproduced with another package manager.
- _Features clearly flagged as not supported_.
- _Node.js issues installation in any platform_: If you cannot install the global package ( this is considered external issue)
- Any ticket which has the flagged as [external issue](https://github.com/verdaccio/verdaccio/labels/external-issue).
If you intent to report a **security** issue, please follow our [Security policy guidelines](https://github.com/verdaccio/verdaccio/security/policy).
### Issue Search
Search to see if it has already been reported via
the issue search.
Before consider report a bug, please follow this steps before:
Additionally, we have labelled questions for easy follow-up as [questions](https://github.com/verdaccio/verdaccio/labels/question).
- Search if has already been reported via the issue search.
- Look for the **question** label: we have labelled questions for easy follow-up as [questions](https://github.com/verdaccio/verdaccio/labels/question).
If so, up-vote it (using GitHub reactions) or add additional helpful details to
the existing issue to show that it's affecting multiple people.
### Check Website For Solution
Some of the most popular topics can be found in our website(http://www.verdaccio.org/docs/en/installation.html)
In case any of those match with your search, up-vote it (using GitHub reactions) or add additional helpful details to the existing issue to show that it's affecting multiple people.
### Chat
Questions can be asked via [Discord](http://chat.verdaccio.org/)
**Please use the `#questions#` and `#development` channels.**
### Check If It's Been Fixed
Check if the issue has been fixed — try to reproduce it using the latest
`master` or development branch in the repository.
**Please use the `#help` channel.**
## Request Features
@ -89,10 +178,16 @@ the project. Then, detail your request, ensuring context and use case is provide
**Please provide:**
* A detailed description the advantages of your request
* Whether or not it's compatible with `npm` and `yarn`
* A potential implementation or design
* Whatever else you have in your mind 🤓
- A detailed description the advantages of your request
- Whether or not it's compatible with `npm`, `pnpm` and [_yarn classic_](https://github.com/yarnpkg/yarn) or [_yarn berry_](https://github.com/yarnpkg/berry).
- A potential implementation or design
- Whatever else you have in your mind 🤓
## Contributing Guidelines
This is the most exciting part, when you became a Verdaccio contributor 🙌🏼, to ensure a fast code review and merge, please follow the next guidelines:
> Any contribution gives you the right to be part of this organization as _collaborator_.
### Submitting a Pull Request
@ -116,29 +211,34 @@ information on [rebasing](https://git-scm.com/book/en/v2/Git-Branching-Rebasing)
### Make Changes and Commit
#### Caveats
Feel free to commit as much times you want in your branch, but keep on mind on this repository we `git squash` on merge by default, any other way is forbidden since we intent to have a clean git history.
#### Before Commit
Before committing, **you must ensure there are no linting errors and
all tests pass.**
To do this, run all tests (including e2e):
To do this, run these commands before create the PR:
```bash
yarn test:all
pnpm lint
pnpm format
pnpm build
pnpm test
```
Then, and only then, you can create your pull request.
> note: eslint and formatting are running separately, keep code formatting before push.
All good? perfect, then you should create the pull request.
#### Commit Guidelines
We follow the [conventional commit messages](https://conventionalcommits.org/)
convention in order to automate CHANGELOG generation and to automate
semantic versioning.
For example:
* `feat: A new feature`
* `fix: A bug fix`
- `feat: A new feature`
- `fix: A bug fix`
A commit of the type feat introduces a new feature to the codebase
(this correlates with MINOR in semantic versioning).
@ -154,7 +254,7 @@ A commit of the type fix patches a bug in your codebase (this correlates with PA
e.g.:
```
fix: xxxxxxxxxx
fix: xxxxxxxxxxx
```
Commits types such as as `docs:`,`style:`,`refactor:`,`perf:`,`test:`
@ -162,9 +262,68 @@ and `chore:` are valid but have no effect on versioning. **It would be great if
All commits message are going to be validated when they are created using husky hooks.
> Please, try to provide one single commit to help a clean and easy merge process.
### Adding a changeset
We use [changesets](https://github.com/atlassian/changesets) in order to generate a detailed Changelog as possible.
Add a changeset with your Pull Request is essential if you want your contribution get merged. To create a changeset please run:
```
pnpm changeset
```
Then select the packages you want to include in your changeset navigating through them and press the spacebar to check it, on finish press enter to move to the next step.
```
🦋 Which packages would you like to include? …
✔ changed packages
changed packages
@verdaccio/api
@verdaccio/auth
@verdaccio/cli
@verdaccio/config
@verdaccio/commons-api
```
The next question would be if you want a _major bump_, this is not the usual scenario, most likely would be a patch, in that case press enter 2 times (to skip minor)
```
🦋 Which packages should have a major bump? …
✔ all packages
@verdaccio/config@5.0.0-alpha.0
```
Once the desired bump you need, the CLI will ask for a summary, here you have fully freedom what to include.
```
🦋 Which packages would you like to include? · @verdaccio/config
🦋 Which packages should have a major bump? · No items were selected
🦋 Which packages should have a minor bump? · No items were selected
🦋 The following packages will be patch bumped:
🦋 @verdaccio/config@5.0.0-alpha.0
🦋 Please enter a summary for this change (this will be in the changelogs). Submit empty line to open external editor
🦋 Summary
```
The last step is confirm your changeset or abort the operation.
```
🦋 Is this your desired changeset? (Y/n) · true
🦋 Changeset added! - you can now commit it
🦋
🦋 If you want to modify or expand on the changeset summary, you can find it here
🦋 info /Users/user/verdaccio.clone/.changeset/light-scissors-smell.md
```
Once the changeset is added (all will have an unique name) you can freely edit using markdown, adding additional information, code snippets or what you consider is relevant.
All that information will be part of the **changelog**, be concise but informative. It is considered a good option to add your nickname and GitHub link to your profile.
**PRs that do not follow the commit message guidelines will not be merged.**
## Update Tests
### Update Tests
**Any change in source code must include test updates**.
@ -173,14 +332,6 @@ If you need help with how testing works, please [refer to the following guide](h
**If you are introducing new features, you MUST include new tests. PRs for
features without tests will not be merged.**
Things excluded from tests:
* Documentation
* Website
* Build
* Deployment
* Assets
* Flow types
## Develop Plugins
Plugins are add-ons that extend the functionality of the application.
@ -188,7 +339,7 @@ Plugins are add-ons that extend the functionality of the application.
If you want to develop your own plugin:
1. Check whether there is a legacy Sinopia plugin for the feature that you need
via [npmjs](https://www.npmjs.com/search?q=sinopia)
via [npmjs](https://www.npmjs.com/search?q=sinopia)
2. Keep in mind the [life-cycle to load a plugin](https://verdaccio.org/docs/en/dev-plugins)
3. You are free to host your plugin in your repository or ours (just ask)
4. Provide a detailed description of your plugin to help users understand it
3. You are free to host your plugin in your repository
4. Provide a detailed description of your plugin to help users understand how to use it.

2
CONTRIBUTORS.md
View file

@ -1,5 +1,4 @@
<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
<!-- prettier-ignore-start -->
<!-- markdownlint-disable -->
<table>
<tr>
@ -37,5 +36,4 @@
</table>
<!-- markdownlint-enable -->
<!-- prettier-ignore-end -->
<!-- ALL-CONTRIBUTORS-LIST:END -->

29
Dockerfile
View file

@ -1,6 +1,6 @@
FROM --platform=${BUILDPLATFORM:-linux/amd64} node:14.16.1-alpine as builder
FROM --platform=${BUILDPLATFORM:-linux/amd64} node:14.15.1-alpine as builder
ENV NODE_ENV=production \
ENV NODE_ENV=development \
VERDACCIO_BUILD_REGISTRY=https://registry.verdaccio.org
RUN apk --no-cache add openssl ca-certificates wget && \
@ -12,18 +12,14 @@ RUN apk --no-cache add openssl ca-certificates wget && \
WORKDIR /opt/verdaccio-build
COPY . .
RUN yarn config set npmRegistryServer $VERDACCIO_BUILD_REGISTRY && \
yarn config set enableProgressBars false && \
yarn config set enableTelemetry false && \
yarn install && \
yarn lint && \
yarn code:docker-build && \
yarn cache clean && \
yarn workspaces focus --production
RUN npm -g i pnpm@latest && \
pnpm config set registry $VERDACCIO_BUILD_REGISTRY && \
pnpm recursive install --frozen-lockfile --ignore-scripts && \
pnpm run build
# FIXME: need to remove devDependencies from the build
# RUN pnpm install --prod --ignore-scripts
FROM node:14.16.1-alpine
FROM node:14.15.1-alpine
LABEL maintainer="https://github.com/verdaccio/verdaccio"
ENV VERDACCIO_APPDIR=/opt/verdaccio \
@ -42,10 +38,11 @@ RUN mkdir -p /verdaccio/storage /verdaccio/plugins /verdaccio/conf
COPY --from=builder /opt/verdaccio-build .
ADD conf/docker.yaml /verdaccio/conf/config.yaml
RUN ls packages/config/src/conf
ADD packages/config/src/conf/docker.yaml /verdaccio/conf/config.yaml
RUN adduser -u $VERDACCIO_USER_UID -S -D -h $VERDACCIO_APPDIR -g "$VERDACCIO_USER_NAME user" -s /sbin/nologin $VERDACCIO_USER_NAME && \
chmod -R +x $VERDACCIO_APPDIR/bin $VERDACCIO_APPDIR/docker-bin && \
chmod -R +x $VERDACCIO_APPDIR/packages/verdaccio/bin $VERDACCIO_APPDIR/docker-bin && \
chown -R $VERDACCIO_USER_UID:root /verdaccio/storage && \
chmod -R g=u /verdaccio/storage /etc/passwd
@ -57,4 +54,4 @@ VOLUME /verdaccio/storage
ENTRYPOINT ["uid_entrypoint"]
CMD $VERDACCIO_APPDIR/bin/verdaccio --config /verdaccio/conf/config.yaml --listen $VERDACCIO_PROTOCOL://0.0.0.0:$VERDACCIO_PORT
CMD $VERDACCIO_APPDIR/packages/verdaccio/bin/verdaccio --config /verdaccio/conf/config.yaml --listen $VERDACCIO_PROTOCOL://0.0.0.0:$VERDACCIO_PORT

12
README.md
View file

@ -2,7 +2,9 @@
![verdaccio gif](https://cdn.verdaccio.dev/readme/readme-website.png)
# Version 5
# Version 6 (Development branch)
> Looking for Verdaccio 5? Check branch `5.x`.
[Verdaccio](https://verdaccio.org/) is a simple, **zero-config-required local private npm registry**.
No need for an entire database just to get started! Verdaccio comes out of the box with
@ -30,12 +32,10 @@ Google Cloud Storage** or create your own plugin.
Install with npm:
```bash
npm install --global verdaccio
npm install --global verdaccio@6-next --https://registry.verdaccio.org/
```
> Node.js v12 is required for Verdaccio 5
Are you still using **Verdaccio 4**?. Check the [migration guide](https://verdaccio.org/blog/2021/04/14/verdaccio-5-migration-guide).
> Published on a temporary registry while setup is ready to publish on npmjs
## Donations
@ -135,7 +135,7 @@ Below are the most commonly needed information,
every aspect of Docker and verdaccio is [documented separately](https://www.verdaccio.org/docs/en/docker.html)
```
docker pull verdaccio/verdaccio
docker pull verdaccio/verdaccio:6.x-next
```
Available as [tags](https://hub.docker.com/r/verdaccio/verdaccio/tags/).

12
SECURITY.md
View file

@ -6,11 +6,9 @@ The following table describes the versions of this project that are currently su
| Version | Supported |
| ------- | ------------------ |
| 2.x | :x: |
| 3.x | :x: |
| 4.x | :white_check_mark: (until 1st July 2021) |
| 5.x | :white_check_mark: |
| 2.x | :x: |
| 3.x | :x: |
| 4.x | :white_check_mark: |
## Responsible disclosure security policy
@ -28,11 +26,11 @@ At Verdaccio, we consider the security of our systems a top priority. But no mat
If you discover a security vulnerability, please use one of the following means of communications to report it to us:
* Report the security issue to the Node.js Security WG through the [HackerOne program](https://hackerone.com/nodejs-ecosystem) for ecosystem modules on npm, or to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix.
- Report the security issue to the Node.js Security WG through the [HackerOne program](https://hackerone.com/nodejs-ecosystem) for ecosystem modules on npm, or to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix.
Note that time-frame and processes are subject to each programs own policy.
* Report the security issue to the project maintainers directly at verdaccio@pm.me. If the report contains highly sensitive information, please be advised to encrypt your findings using our [PGP key](https://verdaccio.nyc3.digitaloceanspaces.com/gpg/publickey.verdaccio@pm.me.asc) which is also available in this document.
- Report the security issue to the project maintainers directly at verdaccio@pm.me. If the report contains highly sensitive information, please be advised to encrypt your findings using our [PGP key](https://verdaccio.nyc3.digitaloceanspaces.com/gpg/publickey.verdaccio@pm.me.asc) which is also available in this document.
Your efforts to responsibly disclose your findings are sincerely appreciated and will be taken into account to acknowledge your contributions.

22
babel.config.js
View file

@ -1,22 +0,0 @@
module.exports = {
presets: [
[
'@babel/env',
{
targets: {
node: '12',
},
},
],
'@babel/typescript',
],
plugins: [
'babel-plugin-dynamic-import-node',
'@babel/proposal-class-properties',
'@babel/proposal-object-rest-spread',
'@babel/plugin-proposal-optional-chaining',
'@babel/plugin-proposal-nullish-coalescing-operator',
'@babel/syntax-dynamic-import',
],
ignore: ['**/*.d.ts'],
};

3
bin/verdaccio
View file

@ -1,3 +0,0 @@
#!/usr/bin/env node
require('../build/lib/cli');

6
codecov.yml
View file

@ -4,7 +4,7 @@ codecov:
coverage:
precision: 2
round: down
range: "80...85"
range: '80...85'
status:
project:
@ -24,6 +24,6 @@ parsers:
macro: no
comment:
layout: "diff,flags,tree"
layout: 'diff,flags,tree'
behavior: default
require_changes: no
require_changes: no

9
conf/README.md
View file

@ -1,9 +0,0 @@
## Looking 👀 for Documentation?
This directory host the default configuration file, but you can find more here:
* [https://verdaccio.org/docs/en/installation](https://verdaccio.org/docs/en/installation)
* [Chat with us](http://chat.verdaccio.org) <- You need a Discord account
* [Follow us on Twitter](https://twitter.com/verdaccio_npm)
Enjoy Verdaccio !

10
conf/full.yaml
View file

@ -1,10 +0,0 @@
## This file is deprecated and the content does not exist anymore
## we highly recommend either visit
## https://verdaccio.org/docs/en/configuration
## or read the local file
## https://github.com/verdaccio/website/tree/master/docs/config.md
## contribute with translations
## You can contribute translating documentation through the crowdin platform
## https://crowdin.com/project/verdaccio

4
docker-examples/README.md
View file

@ -10,6 +10,10 @@ For more information about the **Helm** Chart, please check it [owns repo](https
The following examples aim to be demonstrative and can be either improved or updated.
### Verdaccio 5
- [Docker + Nginx + Verdaccio](v5/reverse_proxy/nginx/README.md)
### Verdaccio 4
#### Proxies

1
docker-examples/v4/reverse_proxy/nginx/relative_path/storage/.verdaccio-db.json Normal file
View file

@ -0,0 +1 @@
{ "list": [], "secret": "3d060e6b367188975c49384ede8904bdc0c433e5858d8fdda36696a5d8729590" }

60
docker-examples/v5/reverse_proxy/nginx/README.md Executable file
View file

@ -0,0 +1,60 @@
# Verdaccio and Nginx
Running `verdaccio` via reverse proxy is a common practice. This configuration provides a quick way to run the application behind **nginx**.
This folder provides the following examples:
- root_path: Using reverse proxy with `/` as a path.
- relative_path: Using `/verdaccio/` as a subdirectory. It includes also SSL examples with reverse proxy.
To run the containers, run the following commands in this folder. The containers should start in detach mode.
```bash
docker-compose up -d
```
To recreate the nginx image you can force the build.
```bash
docker-compose up --build -d
```
To force recreate the images.
```bash
docker-compose up --build --force-recreate -d
```
To stop all containers
```bash
docker-compose stop
```
To display container logs
```bash
$> docker-compose logs
Attaching to nginxverdaccio_nginx_1, verdaccio
verdaccio | warn --- config file - /verdaccio/conf/config.yaml
verdaccio | warn --- http address - http://0.0.0.0:4873/ - verdaccio/2.1.7
verdaccio | http <-- 304, user: undefined, req: 'GET /', bytes: 0/0
verdaccio | http <-- 304, user: undefined, req: 'GET /-/static/jquery.min.js', bytes: 0/0
verdaccio | http <-- 304, user: undefined, req: 'GET /-/static/main.css', bytes: 0/0
verdaccio | http <-- 304, user: undefined, req: 'GET /-/static/main.js', bytes: 0/0
verdaccio | http <-- 304, user: undefined, req: 'GET /-/logo', bytes: 0/0
verdaccio | http <-- 304, user: undefined, req: 'GET /-/static/fontello.woff?10872183', bytes: 0/0
verdaccio | http <-- 200, user: undefined, req: 'GET /-/static/favicon.png', bytes: 0/315
```
### Display Information
To display the containers running
```bash
&> docker-compose ps
Name Command State Ports
----------------------------------------------------------------------------------------
nginxverdaccio_nginx_1 /usr/sbin/nginx Up 0.0.0.0:80->80/tcp
verdaccio /usr/src/app/bin/verdaccio ... Up 0.0.0.0:4873->4873/tcp
```

31
docker-examples/v5/reverse_proxy/nginx/relative_path/README.md Executable file
View file

@ -0,0 +1,31 @@
# Nginx Relative Path with Verdaccio 5
This example runs two verdaccio versions:
- Running `verdaccio:5.x` http://localhost/verdaccio/
Note: we should add more sort of configurations here.
**Nginx HTTP Example**
```bash
docker-compose up --build --force-recreate
```
open the browser
```
http://localhost/relative_path/
```
**Nginx SSL Example**
```bash
docker-compose -f docker-compose_ssl.yml up --build --force-recreate
```
open the browser
```
https://localhost/verdaccio/
```

49
docker-examples/v5/reverse_proxy/nginx/relative_path/conf/v5/config.yaml Executable file
View file

@ -0,0 +1,49 @@
storage: /verdaccio/storage
web:
enable: true
title: VerdaccioV5 Relative Path
primary_color: red
auth:
htpasswd:
file: /verdaccio/conf/htpasswd
security:
api:
jwt:
sign:
expiresIn: 60d
notBefore: 1
web:
sign:
expiresIn: 7d
## IMPORTANT
## This will configure verdaccio to rely on a relative path
url_prefix: /verdaccio
uplinks:
npmjs:
url: https://registry.npmjs.org/
packages:
'@jota/*':
access: $all
publish: $all
'@*/*':
# scoped packages
access: $all
publish: $all
proxy: npmjs
'**':
access: $all
publish: $all
proxy: npmjs
middlewares:
audit:
enabled: true
logs: { type: stdout, format: pretty, level: trace }

2
docker-examples/v5/reverse_proxy/nginx/relative_path/conf/v5/htpasswd Executable file
View file

@ -0,0 +1,2 @@
jpicado:$6vkdNgRX2npc:autocreated 2017-07-11T18:48:38.003Z
test:$6FrCaT/v0dwE:autocreated 2019-05-06T22:06:54.513Z

45
docker-examples/v5/reverse_proxy/nginx/relative_path/conf/v5_root/config.yaml Executable file
View file

@ -0,0 +1,45 @@
storage: /verdaccio/storage
web:
enable: true
title: VerdaccioV5 Root Path
primary_color: redF
auth:
htpasswd:
file: /verdaccio/conf/htpasswd
security:
api:
jwt:
sign:
expiresIn: 60d
notBefore: 1
web:
sign:
expiresIn: 7d
uplinks:
npmjs:
url: https://registry.npmjs.org/
packages:
'@jota/*':
access: $all
publish: $all
'@*/*':
# scoped packages
access: $all
publish: $all
proxy: npmjs
'**':
access: $all
publish: $all
proxy: npmjs
middlewares:
audit:
enabled: true
logs: { type: stdout, format: json, level: trace }

1
docker-examples/v5/reverse_proxy/nginx/relative_path/conf/v5_root/htpasswd Executable file
View file

@ -0,0 +1 @@
jpicado:$6vkdNgRX2npc:autocreated 2017-07-11T18:48:38.003Z

43
docker-examples/v5/reverse_proxy/nginx/relative_path/docker-compose.yml Executable file
View file

@ -0,0 +1,43 @@
version: '3.1'
services:
nginx:
build:
context: ''
dockerfile: nginx/Dockerfile
ports:
- '80:80'
networks:
- node-network
container_name: 'nginx'
depends_on:
- verdaccio
- verdaccio-root
verdaccio:
image: verdaccio/verdaccio:local
container_name: 'verdaccio_relative_path_v5'
networks:
- node-network
environment:
- VERDACCIO_PORT=4873
- DEBUG=verdaccio:*
ports:
- '4873:4873'
volumes:
- './storage:/verdaccio/storage'
- './conf/v5:/verdaccio/conf'
verdaccio-root:
image: verdaccio/verdaccio:local
container_name: 'verdaccio_relative_path_v5_root'
networks:
- node-network
environment:
- VERDACCIO_PORT=8000
ports:
- '8000:8000'
volumes:
- './storage:/verdaccio/storage'
- './conf/v5_root:/verdaccio/conf'
networks:
node-network:
driver: bridge

46
docker-examples/v5/reverse_proxy/nginx/relative_path/docker-compose_ssl.yml Executable file
View file

@ -0,0 +1,46 @@
version: '3.1'
services:
nginx:
build:
context: './nginx_ssl'
dockerfile: Dockerfile
ports:
- '443:443'
- '80:80'
environment:
- REMOTE_URL=http://verdaccio_relative_path_v5:4873/
networks:
- node-network
container_name: 'nginx_ssl'
depends_on:
- verdaccio
- verdaccio-root
verdaccio:
image: verdaccio/verdaccio:local
container_name: 'verdaccio_relative_path_v5'
networks:
- node-network
environment:
- VERDACCIO_PORT=4873
ports:
- '4873:4873'
volumes:
- './storage:/verdaccio/storage'
- './conf/v5:/verdaccio/conf'
verdaccio-root:
image: verdaccio/verdaccio:local
container_name: 'verdaccio_relative_path_v5_root'
networks:
- node-network
environment:
- VERDACCIO_PORT=8000
ports:
- '8000:8000'
volumes:
- './storage:/verdaccio/storage'
- './conf/v5_root:/verdaccio/conf'
networks:
node-network:
driver: bridge

2
docker-examples/v5/reverse_proxy/nginx/relative_path/nginx/Dockerfile Executable file
View file

@ -0,0 +1,2 @@
FROM nginx:1.14.2-alpine
COPY nginx/default.conf /etc/nginx/conf.d/default.conf

33
docker-examples/v5/reverse_proxy/nginx/relative_path/nginx/default.conf Executable file
View file

@ -0,0 +1,33 @@
upstream verdaccio_relative_v5 {
server verdaccio_relative_path_v5:4873;
keepalive 8;
}
upstream verdaccio_v5_root {
server verdaccio_relative_path_v5_root:8000;
keepalive 8;
}
server {
listen 80 default_server;
access_log /var/log/nginx/verdaccio.log;
charset utf-8;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://verdaccio_v5_root;
proxy_redirect off;
}
location ~ ^/verdaccio/(.*)$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://verdaccio_relative_v5/$1;
proxy_redirect off;
}
}

10
docker-examples/v5/reverse_proxy/nginx/relative_path/nginx_ssl/Dockerfile Executable file
View file

@ -0,0 +1,10 @@
FROM nginx
COPY cert.crt /etc/nginx/cert.crt
COPY cert.key /etc/nginx/cert.key
COPY nginx-default.conf /etc/nginx/conf.d/default.conf
COPY run.sh /run.sh
ENV REMOTE_URL="http://localhost:8080/"
CMD ["/run.sh"]

5
docker-examples/v5/reverse_proxy/nginx/relative_path/nginx_ssl/README.md Executable file
View file

@ -0,0 +1,5 @@
Example taken from:
[https://github.com/foxylion/docker-nginx-self-signed-https](https://github.com/foxylion/docker-nginx-self-signed-https)
by [@foxylion](https://github.com/foxylion)

22
docker-examples/v5/reverse_proxy/nginx/relative_path/nginx_ssl/cert.crt Executable file
View file

@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDrzCCApegAwIBAgIJAPVnhyCGRxmMMA0GCSqGSIb3DQEBCwUAMG4xCzAJBgNV
BAYTAlhYMQswCQYDVQQIDAJYWDELMAkGA1UEBwwCWFgxCzAJBgNVBAoMAlhYMQsw
CQYDVQQLDAJYWDESMBAGA1UEAwwJbG9jYWxob3N0MRcwFQYJKoZIhvcNAQkBFghY
WEBYWC5YWDAeFw0xNzExMjQxNDI0MzVaFw0xODExMjQxNDI0MzVaMG4xCzAJBgNV
BAYTAlhYMQswCQYDVQQIDAJYWDELMAkGA1UEBwwCWFgxCzAJBgNVBAoMAlhYMQsw
CQYDVQQLDAJYWDESMBAGA1UEAwwJbG9jYWxob3N0MRcwFQYJKoZIhvcNAQkBFghY
WEBYWC5YWDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANTsFvryPfKK
4CSP58DEVJRDdlsurNz7Z3jbE9RwLmPbyhp+oVZ8gouufLrYxIFxKR0b+JrSbrSh
klvyAov1KcbKSl5W/k4uewgksLV5oWUIM2d6cII+esVNPeRGY6lG3T9nMrjBFC3/
r6HIQpsMiJbfZ0XkHhMFciJ0oVQ+/Y+IeJ2JyjBaXw+3CbCGmTO+4mNVxtHyzz4d
o6mHPASHn+utts+W2/+3/4bSYkJo+/KPxWeF2jyPasv6Kpif+/dJ44gOM+uecBPy
AJx6CCKfGUU9X5EGBynOroFqEY2m7Ndx1uWipfSuULWf9x/LSugC35DfNl+1hXGq
lLJHKI8h+c0CAwEAAaNQME4wHQYDVR0OBBYEFEOBWTm2wyyS3ETaI32FhbTDQ3Hc
MB8GA1UdIwQYMBaAFEOBWTm2wyyS3ETaI32FhbTDQ3HcMAwGA1UdEwQFMAMBAf8w
DQYJKoZIhvcNAQELBQADggEBAGva7AiwB2qSy+Mm1T6m3FkLzUabFStRwkj2TQsz
03E4P2G7j7s9rYdL6hz58kV9UwrWLYeceNioFTn7CxLdn12kHyYC21EO66fuLLaa
nb94GRVJ0IcZOVp+2WgihKM2/WW5WOqhD1NqZp+HUnJkiOCqdgrGj7lfzx1q45wG
NXGplOcGudxb1rLdA8U/kNmGZjCNQsNCdUxUdbqXjeb2piRBbtOnZqOXa2EN9h1/
C89RVuaQt8cQ/bK5QAIeDF/8eyY6B5j00wEa7DSgyRAwJtDU1X2LU6U+04LpU4Iw
sUDO17n2GlI9mPqg0j8EawbbQC70j8rgclDjUE9erf0K7m8=
-----END CERTIFICATE-----

28
docker-examples/v5/reverse_proxy/nginx/relative_path/nginx_ssl/cert.key Executable file
View file

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDU7Bb68j3yiuAk
j+fAxFSUQ3ZbLqzc+2d42xPUcC5j28oafqFWfIKLrny62MSBcSkdG/ia0m60oZJb
8gKL9SnGykpeVv5OLnsIJLC1eaFlCDNnenCCPnrFTT3kRmOpRt0/ZzK4wRQt/6+h
yEKbDIiW32dF5B4TBXIidKFUPv2PiHidicowWl8PtwmwhpkzvuJjVcbR8s8+HaOp
hzwEh5/rrbbPltv/t/+G0mJCaPvyj8Vnhdo8j2rL+iqYn/v3SeOIDjPrnnAT8gCc
egginxlFPV+RBgcpzq6BahGNpuzXcdbloqX0rlC1n/cfy0roAt+Q3zZftYVxqpSy
RyiPIfnNAgMBAAECggEANohVBmaeiQ0ahSK6N3vRMbvph0b4DQzynlh1xrYIm5jC
NXDzP2RaRw4kcfJsub5SylrMnFKC+g5bnuLn1hKvZXOQAoODVGDBL/+9pm0Fcgvc
pocMY78+0GONE3cXtVYp+kAjFICW+4T95ZCVxoI6RXHoUFUxgqulZL+8RghwBp90
r9X6OWb7e0cq4Msupm7qVTCh9u8X1jTBQ4gE/tny8oiTUW6YCvQlKld0NK1geB1x
BnF4osiOTRe8+6B++kTCf9mon9c6V0Bl1lN5y3znNN1eRMvvDSy554bPy1flo7vo
Z52xluItJwRxNn+brhvFUKqDuMl5D/YX9SGOOJ+PPQKBgQDt7usOECPcsc9Mc0F7
Ol4a3+KQHcp5M8Byc77b87k4gWxNROSOGhOobRRIBsgULkPC32EQ+XhoAcef+VjS
UKU0Rbor7oI5tnl2GuRMGocEzRvU5wa3IjU49ffnYAJty/6Y3wPzmA/sLj0m3Tzo
JTF761UjNQPZwi4wSRgp6jUIGwKBgQDlFv4eP+M4rovgMmUEU50iSkG0Sv8B6FAs
47V8UFSbWuOZ64vVDKNBa6KE3vNDKa0pQfaGyo18I0g2iK7RwkiNc7X8WBLcPEWZ
Vcb3FjjE38XckDA2QKy8cjGF6jwVU1K5OKD3Ujxid4fHuE1Zib04Uzp8Ss+oZlYY
rsTxtUN0NwKBgQCSRvdFjxCtJre+VYFlZA3k0c21Mkt/VhyzgItPKDiwD4lou7kT
z95UBrOYUGsDVSodjT1ctTKcJrP2mtJLgn7+cvuw9JIlLxTfUksWqpxljD/XFS1g
u2wjF70QB0uW+voMO9dvFAZ9+jNoSE2gnvUcLSMLYRV789B3qQhtBGsUDwKBgQCm
RU/fCKOUKitfZ3Ql9cHgd2DEyIHZEpHOYt8AARXHQ+pZdrogwXFkNAjawy5wGrmR
bkzNfAnAhaMN4Zpwp8Ac2lTFd+8IZb5mEfm8sCY3zeo/sW8skThN9du3xFAjcjxi
LpW1q7wkA3lLHZsWV4A8dzvFpk6dfNkURRSwEc2JdQKBgH1n8Io2gnrQd1Yhh5rH
pajY9Pdzp+mv9PW8G1Y7Z57RKxAorYfszmR5Qj2oZ3+0lqJ5+K7K4PffH3CkiCBz
i9HBnq/NczJggQ9BTifIdyznWkuAqZAjup5V+g7+CIhpa+XaeGzB4BpTsXrJFiy0
ZTYk/5J1N3d6rURRlybaoRGj
-----END PRIVATE KEY-----

40
docker-examples/v5/reverse_proxy/nginx/relative_path/nginx_ssl/nginx-default.conf Executable file
View file

@ -0,0 +1,40 @@
server {
listen 80;
return 302 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name localhost;
ssl_certificate /etc/nginx/cert.crt;
ssl_certificate_key /etc/nginx/cert.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass XX_REMOTE_URL_XX;
proxy_read_timeout 600;
proxy_redirect off;
}
location ~ ^/verdaccio/(.*)$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-NginX-Proxy true;
proxy_pass XX_REMOTE_URL_XX$1;
proxy_redirect off;
}
}

5
docker-examples/v5/reverse_proxy/nginx/relative_path/nginx_ssl/run.sh Executable file
View file

@ -0,0 +1,5 @@
#!/bin/bash
sed -i -e "s|XX_REMOTE_URL_XX|$REMOTE_URL|g" /etc/nginx/conf.d/default.conf
exec nginx -g "daemon off;"

3
docker-examples/v5/reverse_proxy/nginx/root_path/conf/nginx/Dockerfile Executable file
View file

@ -0,0 +1,3 @@
FROM tutum/nginx
RUN rm /etc/nginx/sites-enabled/default
ADD sites-enabled /etc/nginx/sites-enabled

14
docker-examples/v5/reverse_proxy/nginx/root_path/conf/nginx/sites-enabled/verdaccio-conf Executable file
View file

@ -0,0 +1,14 @@
server {
listen 80 default_server;
access_log /var/log/nginx/verdaccio.log;
charset utf-8;
location / {
proxy_pass http://verdaccio:4873/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_redirect off;
}
}

26
docker-examples/v5/reverse_proxy/nginx/root_path/docker-compose.yaml Executable file
View file

@ -0,0 +1,26 @@
version: '2'
services:
verdaccio:
image: verdaccio/verdaccio:local
container_name: verdaccio_root_path
ports:
- '4873:4873'
volumes:
- verdaccio:/verdaccio
nginx:
restart: always
build: conf/nginx
ports:
- '80:80'
volumes:
- /www/public
volumes_from:
- verdaccio
links:
- verdaccio:verdaccio
volumes:
verdaccio:
driver: local

31
docker-examples/v5/reverse_proxy/nginx_relative/README.md Executable file
View file

@ -0,0 +1,31 @@
# Nginx Relative Path with Verdaccio 5
This example runs two verdaccio versions:
- Running `verdaccio:5.x` http://localhost/verdaccio/
Note: we should add more sort of configurations here.
**Nginx HTTP Example**
```bash
docker-compose up --build --force-recreate
```
open the browser
```
http://localhost/relative_path/
```
**Nginx SSL Example**
```bash
docker-compose -f docker-compose_ssl.yml up --build --force-recreate
```
open the browser
```
https://localhost/verdaccio/
```

49
docker-examples/v5/reverse_proxy/nginx_relative/conf/v5/config.yaml Executable file
View file

@ -0,0 +1,49 @@
storage: /verdaccio/storage
web:
enable: true
title: VerdaccioV5 Relative Path
primary_color: red
auth:
htpasswd:
file: /verdaccio/conf/htpasswd
security:
api:
jwt:
sign:
expiresIn: 60d
notBefore: 1
web:
sign:
expiresIn: 7d
## IMPORTANT
## This will configure verdaccio to rely on a relative path
url_prefix: /verdaccio/
uplinks:
npmjs:
url: https://registry.npmjs.org/
packages:
'@jota/*':
access: $all
publish: $all
'@*/*':
# scoped packages
access: $all
publish: $all
proxy: npmjs
'**':
access: $all
publish: $all
proxy: npmjs
middlewares:
audit:
enabled: true
logs: { type: stdout, format: pretty, level: trace }

2
docker-examples/v5/reverse_proxy/nginx_relative/conf/v5/htpasswd Executable file
View file

@ -0,0 +1,2 @@
jpicado:$6vkdNgRX2npc:autocreated 2017-07-11T18:48:38.003Z
test:$6FrCaT/v0dwE:autocreated 2019-05-06T22:06:54.513Z

Some files were not shown because too many files have changed in this diff Show more