Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-04-01 02:42:23 -05:00
Code Issues Activity

feat: implement search v1 endpoint (#2256)

Browse source 
* feat: implement search v1 endpoint

* add allow_access

* chore: add types

* chore: format

* fix eslint prettier

* chore: add tests

* add tests

* chore: add npm search cli
This commit is contained in:
Juan Picado 2021-05-15 16:39:03 +02:00 committed by GitHub
parent 6be108917e
commit 251bd95373
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
37 changed files with 2944 additions and 496 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
.vscode/extensions.json vendored Normal file
View file

@ -0,0 +1,13 @@
{
// See http://go.microsoft.com/fwlink/?LinkId=827846 to learn about workspace recommendations.
// Extension identifier format: ${publisher}.${name}. Example: vscode.csharp
// List of extensions which should be recommended for users of this workspace.
"recommendations": [
"EditorConfig.EditorConfig",
"dbaeumer.vscode-eslint",
"arcanis.vscode-zipfs",
"esbenp.prettier-vscode"
],
// List of extensions recommended by VS Code that should not be recommended for users of this workspace.
"unwantedRecommendations": []
}

30
.vscode/settings.json vendored
View file

@ -1,10 +1,26 @@
// Place your settings in this file to overwrite default and user settings.
{
"files.exclude": {
"**/.idea": false,
"**/.nyc_output": true,
"**/build": true,
"**/coverage": true
},
"typescript.tsdk": "node_modules/typescript/lib"
"typescript.tsdk": ".yarn/sdks/typescript/lib",
"typescript.tsserver.watchOptions": {
"watchFile": "useFsEventsOnParentDirectory",
"watchDirectory": "useFsEvents"
},
"eslint.nodePath": ".yarn/sdks",
"eslint.validate": [
"javascript",
"typescript"
],
"files.exclude": {
"**/.idea": false,
"**/.nyc_output": true,
"**/build": true,
"**/coverage": true
},
"editor.formatOnSave": true,
"typescript.enablePromptUseWorkspaceTsdk": true,
"prettier.prettierPath": ".yarn/sdks/prettier/index.js",
"search.exclude": {
"**/.yarn": true,
"**/.pnp.*": true
}
}

8
.yarn/plugins/@yarnpkg/plugin-typescript.cjs vendored Normal file
View file

File diff suppressed because one or more lines are too long

20
.yarn/sdks/eslint/bin/eslint.js vendored Executable file
View file

@ -0,0 +1,20 @@
#!/usr/bin/env node
const {existsSync} = require(`fs`);
const {createRequire, createRequireFromPath} = require(`module`);
const {resolve} = require(`path`);
const relPnpApiPath = "../../../../.pnp.js";
const absPnpApiPath = resolve(__dirname, relPnpApiPath);
const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
if (existsSync(absPnpApiPath)) {
if (!process.versions.pnp) {
// Setup the environment to be able to require eslint/bin/eslint.js
require(absPnpApiPath).setup();
}
}
// Defer to the real eslint/bin/eslint.js your application uses
module.exports = absRequire(`eslint/bin/eslint.js`);

20
.yarn/sdks/eslint/lib/api.js vendored Normal file
View file

@ -0,0 +1,20 @@
#!/usr/bin/env node
const {existsSync} = require(`fs`);
const {createRequire, createRequireFromPath} = require(`module`);
const {resolve} = require(`path`);
const relPnpApiPath = "../../../../.pnp.js";
const absPnpApiPath = resolve(__dirname, relPnpApiPath);
const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
if (existsSync(absPnpApiPath)) {
if (!process.versions.pnp) {
// Setup the environment to be able to require eslint/lib/api.js
require(absPnpApiPath).setup();
}
}
// Defer to the real eslint/lib/api.js your application uses
module.exports = absRequire(`eslint/lib/api.js`);

6
.yarn/sdks/eslint/package.json vendored Normal file
View file

@ -0,0 +1,6 @@
{
"name": "eslint",
"version": "7.26.0-pnpify",
"main": "./lib/api.js",
"type": "commonjs"
}

5
.yarn/sdks/integrations.yml vendored Normal file
View file

@ -0,0 +1,5 @@
# This file is automatically generated by PnPify.
# Manual changes will be lost!
integrations:
- vscode

20
.yarn/sdks/prettier/index.js vendored Executable file
View file

@ -0,0 +1,20 @@
#!/usr/bin/env node
const {existsSync} = require(`fs`);
const {createRequire, createRequireFromPath} = require(`module`);
const {resolve} = require(`path`);
const relPnpApiPath = "../../../.pnp.js";
const absPnpApiPath = resolve(__dirname, relPnpApiPath);
const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
if (existsSync(absPnpApiPath)) {
if (!process.versions.pnp) {
// Setup the environment to be able to require prettier/index.js
require(absPnpApiPath).setup();
}
}
// Defer to the real prettier/index.js your application uses
module.exports = absRequire(`prettier/index.js`);

6
.yarn/sdks/prettier/package.json vendored Normal file
View file

@ -0,0 +1,6 @@
{
"name": "prettier",
"version": "2.2.1-pnpify",
"main": "./index.js",
"type": "commonjs"
}

20
.yarn/sdks/typescript/bin/tsc vendored Executable file
View file

@ -0,0 +1,20 @@
#!/usr/bin/env node
const {existsSync} = require(`fs`);
const {createRequire, createRequireFromPath} = require(`module`);
const {resolve} = require(`path`);
const relPnpApiPath = "../../../../.pnp.js";
const absPnpApiPath = resolve(__dirname, relPnpApiPath);
const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
if (existsSync(absPnpApiPath)) {
if (!process.versions.pnp) {
// Setup the environment to be able to require typescript/bin/tsc
require(absPnpApiPath).setup();
}
}
// Defer to the real typescript/bin/tsc your application uses
module.exports = absRequire(`typescript/bin/tsc`);

20
.yarn/sdks/typescript/bin/tsserver vendored Executable file
View file

@ -0,0 +1,20 @@
#!/usr/bin/env node
const {existsSync} = require(`fs`);
const {createRequire, createRequireFromPath} = require(`module`);
const {resolve} = require(`path`);
const relPnpApiPath = "../../../../.pnp.js";
const absPnpApiPath = resolve(__dirname, relPnpApiPath);
const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
if (existsSync(absPnpApiPath)) {
if (!process.versions.pnp) {
// Setup the environment to be able to require typescript/bin/tsserver
require(absPnpApiPath).setup();
}
}
// Defer to the real typescript/bin/tsserver your application uses
module.exports = absRequire(`typescript/bin/tsserver`);

20
.yarn/sdks/typescript/lib/tsc.js vendored Normal file
View file

@ -0,0 +1,20 @@
#!/usr/bin/env node
const {existsSync} = require(`fs`);
const {createRequire, createRequireFromPath} = require(`module`);
const {resolve} = require(`path`);
const relPnpApiPath = "../../../../.pnp.js";
const absPnpApiPath = resolve(__dirname, relPnpApiPath);
const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
if (existsSync(absPnpApiPath)) {
if (!process.versions.pnp) {
// Setup the environment to be able to require typescript/lib/tsc.js
require(absPnpApiPath).setup();
}
}
// Defer to the real typescript/lib/tsc.js your application uses
module.exports = absRequire(`typescript/lib/tsc.js`);

125
.yarn/sdks/typescript/lib/tsserver.js vendored Normal file
View file

@ -0,0 +1,125 @@
#!/usr/bin/env node
const {existsSync} = require(`fs`);
const {createRequire, createRequireFromPath} = require(`module`);
const {resolve} = require(`path`);
const relPnpApiPath = "../../../../.pnp.js";
const absPnpApiPath = resolve(__dirname, relPnpApiPath);
const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
const moduleWrapper = tsserver => {
const {isAbsolute} = require(`path`);
const pnpApi = require(`pnpapi`);
const dependencyTreeRoots = new Set(pnpApi.getDependencyTreeRoots().map(locator => {
return `${locator.name}@${locator.reference}`;
}));
// VSCode sends the zip paths to TS using the "zip://" prefix, that TS
// doesn't understand. This layer makes sure to remove the protocol
// before forwarding it to TS, and to add it back on all returned paths.
function toEditorPath(str) {
// We add the `zip:` prefix to both `.zip/` paths and virtual paths
if (isAbsolute(str) && !str.match(/^\^zip:/) && (str.match(/\.zip\//) || str.match(/\/(\$\$virtual|__virtual__)\//))) {
// We also take the opportunity to turn virtual paths into physical ones;
// this makes is much easier to work with workspaces that list peer
// dependencies, since otherwise Ctrl+Click would bring us to the virtual
// file instances instead of the real ones.
//
// We only do this to modules owned by the the dependency tree roots.
// This avoids breaking the resolution when jumping inside a vendor
// with peer dep (otherwise jumping into react-dom would show resolution
// errors on react).
//
const resolved = pnpApi.resolveVirtual(str);
if (resolved) {
const locator = pnpApi.findPackageLocator(resolved);
if (locator && dependencyTreeRoots.has(`${locator.name}@${locator.reference}`)) {
str = resolved;
}
}
str = str.replace(/\\/g, `/`)
str = str.replace(/^\/?/, `/`);
// Absolute VSCode `Uri.fsPath`s need to start with a slash.
// VSCode only adds it automatically for supported schemes,
// so we have to do it manually for the `zip` scheme.
// The path needs to start with a caret otherwise VSCode doesn't handle the protocol
//
// Ref: https://github.com/microsoft/vscode/issues/105014#issuecomment-686760910
//
if (str.match(/\.zip\//)) {
str = `${isVSCode ? `^` : ``}zip:${str}`;
}
}
return str;
}
function fromEditorPath(str) {
return process.platform === `win32`
? str.replace(/^\^?zip:\//, ``)
: str.replace(/^\^?zip:/, ``);
}
// Force enable 'allowLocalPluginLoads'
// TypeScript tries to resolve plugins using a path relative to itself
// which doesn't work when using the global cache
// https://github.com/microsoft/TypeScript/blob/1b57a0395e0bff191581c9606aab92832001de62/src/server/project.ts#L2238
// VSCode doesn't want to enable 'allowLocalPluginLoads' due to security concerns but
// TypeScript already does local loads and if this code is running the user trusts the workspace
// https://github.com/microsoft/vscode/issues/45856
const ConfiguredProject = tsserver.server.ConfiguredProject;
const {enablePluginsWithOptions: originalEnablePluginsWithOptions} = ConfiguredProject.prototype;
ConfiguredProject.prototype.enablePluginsWithOptions = function() {
this.projectService.allowLocalPluginLoads = true;
return originalEnablePluginsWithOptions.apply(this, arguments);
};
// And here is the point where we hijack the VSCode <-> TS communications
// by adding ourselves in the middle. We locate everything that looks
// like an absolute path of ours and normalize it.
const Session = tsserver.server.Session;
const {onMessage: originalOnMessage, send: originalSend} = Session.prototype;
let isVSCode = false;
return Object.assign(Session.prototype, {
onMessage(/** @type {string} */ message) {
const parsedMessage = JSON.parse(message)
if (
parsedMessage != null &&
typeof parsedMessage === `object` &&
parsedMessage.arguments &&
parsedMessage.arguments.hostInfo === `vscode`
) {
isVSCode = true;
}
return originalOnMessage.call(this, JSON.stringify(parsedMessage, (key, value) => {
return typeof value === `string` ? fromEditorPath(value) : value;
}));
},
send(/** @type {any} */ msg) {
return originalSend.call(this, JSON.parse(JSON.stringify(msg, (key, value) => {
return typeof value === `string` ? toEditorPath(value) : value;
})));
}
});
};
if (existsSync(absPnpApiPath)) {
if (!process.versions.pnp) {
// Setup the environment to be able to require typescript/lib/tsserver.js
require(absPnpApiPath).setup();
}
}
// Defer to the real typescript/lib/tsserver.js your application uses
module.exports = moduleWrapper(absRequire(`typescript/lib/tsserver.js`));

20
.yarn/sdks/typescript/lib/typescript.js vendored Normal file
View file

@ -0,0 +1,20 @@
#!/usr/bin/env node
const {existsSync} = require(`fs`);
const {createRequire, createRequireFromPath} = require(`module`);
const {resolve} = require(`path`);
const relPnpApiPath = "../../../../.pnp.js";
const absPnpApiPath = resolve(__dirname, relPnpApiPath);
const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
if (existsSync(absPnpApiPath)) {
if (!process.versions.pnp) {
// Setup the environment to be able to require typescript/lib/typescript.js
require(absPnpApiPath).setup();
}
}
// Defer to the real typescript/lib/typescript.js your application uses
module.exports = absRequire(`typescript/lib/typescript.js`);

6
.yarn/sdks/typescript/package.json vendored Normal file
View file

@ -0,0 +1,6 @@
{
"name": "typescript",
"version": "4.1.3-pnpify",
"main": "./lib/typescript.js",
"type": "commonjs"
}

8
.yarnrc.yml
View file

@ -1,7 +1,11 @@
defaultSemverRangePrefix: ""
enableGlobalCache: false
enableTelemetry: true
httpRetry: 10
httpTimeout: 100000
npmRegistryServer: "https://registry.verdaccio.org"
@ -11,6 +15,8 @@ plugins:
spec: "@yarnpkg/plugin-workspace-tools"
- path: .yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
spec: "@yarnpkg/plugin-interactive-tools"
- ./yarn-plugins/plugin-postinstall.js
- ./yarn-plugins/plugin-postinstall.js
- path: .yarn/plugins/@yarnpkg/plugin-typescript.cjs
spec: "@yarnpkg/plugin-typescript"
yarnPath: .yarn/releases/yarn-2.4.1.cjs

24
README.md
View file

@ -156,27 +156,27 @@ Verdaccio aims to support all features of a standard npm client that make sense
### Basic features
- Installing packages (npm install, npm upgrade, etc.) - **supported**
- Publishing packages (npm publish) - **supported**
- Installing packages (`npm install`, `npm upgrade`, etc.) - **supported**
- Publishing packages (`npm publish`) - **supported**
### Advanced package control
- Unpublishing packages (npm unpublish) - **supported**
- Tagging (npm tag) - **supported**
- Deprecation (npm deprecate) - **supported**
- Unpublishing packages (`npm unpublish`) - **supported**
- Tagging (`npm tag`) - **supported**
- Deprecation (`npm deprecate`) - **supported**
### User management
- Registering new users (npm adduser {newuser}) - **supported**
- Change password (npm profile set password) - **supported**
- Transferring ownership (npm owner add {user} {pkg}) - not supported, _PR-welcome_
- Token (npm token) - **supported**
- Registering new users (`npm adduser {newuser}`) - **supported**
- Change password (`npm profile set password`) - **supported**
- Transferring ownership (`npm owner add {user} {pkg}`) - not supported, _PR-welcome_
- Token (`npm token`) - **supported** (under flag)
### Miscellany
- Searching (npm search) - **supported** (cli / browser)
- Ping (npm ping) - **supported**
- Starring (npm star, npm unstar, npm stars) - **supported**
- Search (`npm search`) - **supported** (cli (`/-/all` and `v1`) / browser)
- Ping (`npm ping`) - **supported**
- Starring (`npm star`, `npm unstar`, `npm stars`) - **supported**
### Security

2
conf/default.yaml
View file

@ -79,8 +79,6 @@ logs: { type: stdout, format: pretty, level: http }
#experiments:
# # support for npm token command
# token: false
# # support for the new v1 search endpoint, functional by incomplete read more on ticket 1732
# search: false
# # disable writing body size to logs, read more on ticket 1912
# bytesin_off: false
# # enable tarball URL redirect for hosting tarball with a different server, the tarball_url_redirect can be a template string

2
conf/docker.yaml
View file

@ -84,8 +84,6 @@ logs: { type: stdout, format: pretty, level: http }
#experiments:
# # support for npm token command
# token: false
# # support for the new v1 search endpoint, functional by incomplete read more on ticket 1732
# search: false
# # enable tarball URL redirect for hosting tarball with a different server, the tarball_url_redirect can be a template string
# tarball_url_redirect: 'https://mycdn.com/verdaccio/${packageName}/${filename}'
# # the tarball_url_redirect can be a function, takes packageName and filename and returns the url, when working with a js configuration file

2
package.json
View file

@ -170,7 +170,7 @@
"lint": "yarn run type-check && yarn run lint:ts",
"lint:ts": "eslint \"**/*.{js,jsx,ts,tsx}\" -c ./eslintrc.js",
"lint:lockfile": "lockfile-lint --path yarn.lock --type yarn --validate-https --allowed-hosts verdaccio npm yarn",
"start": "yarn babel-node --extensions \".ts,.tsx\" src/lib/cli",
"start": "yarn babel-node --extensions \".ts,.tsx\" src/lib/cli --inspect",
"start:debug": "yarn node debug/bootstrap.js",
"code:build": "yarn babel src/ --out-dir build/ --copy-files --extensions \".ts,.tsx\" --source-maps inline",
"code:docker-build": "yarn babel src/ --out-dir build/ --copy-files --extensions \".ts,.tsx\"",

18
src/api/endpoint/api/search.ts
View file

@ -1,17 +1,15 @@
import { HEADERS } from '../../../lib/constants';
/**
* @prettier
*/
import { API_ERROR, HEADERS } from '../../../lib/constants';
import { logger } from '../../../lib/logger';
import { ErrorCode } from '../../../lib/utils';
export default function (route, auth, storage): void {
// searching packages
route.get('/-/all(/since)?', function (req, res) {
route.get('/-/all(/since)?', function (req, res, next) {
let received_end = false;
let response_finished = false;
let processing_pkgs = 0;
let firstPackage = true;
logger.warn('/-/all search endpoint is deprecated, might be removed in the next major release');
res.status(200);
res.set(HEADERS.CONTENT_TYPE, HEADERS.JSON_CHARSET);
@ -94,8 +92,10 @@ export default function (route, auth, storage): void {
});
});
stream.on('error', function () {
res.socket.destroy();
stream.on('error', function (err) {
logger.error('search `/-/all endpoint has failed @{err}', err);
received_end = true;
check_finish();
});
stream.on('end', function () {

272
src/api/endpoint/api/v1/search.ts
View file

@ -1,104 +1,228 @@
import semver from 'semver';
import _ from 'lodash';
import { Package } from '@verdaccio/types';
import { logger } from '../../../../lib/logger';
import { HTTP_STATUS } from '../../../../lib/constants';
function compileTextSearch(textSearch: string): (pkg: Package) => boolean {
const personMatch = (person, search) => {
if (typeof person === 'string') {
return person.includes(search);
}
type PublisherMaintainer = {
username: string;
email: string;
};
if (typeof person === 'object') {
for (const field of Object.values(person)) {
if (typeof field === 'string' && field.includes(search)) {
return true;
}
}
}
return false;
type PackageResults = {
name: string;
scope: string;
version: string;
description: string;
date: string;
links: {
npm: string;
homepage?: string;
repository?: string;
bugs?: string;
};
const matcher = function (q) {
const match = q.match(/author:(.*)/);
if (match !== null) {
return (pkg) => personMatch(pkg.author, match[1]);
}
author: { name: string };
publisher: PublisherMaintainer;
maintainer: PublisherMaintainer;
};
// TODO: maintainer, keywords, not/is unstable insecure, boost-exact
// TODO implement some scoring system for freetext
return (pkg) => {
return ['name', 'displayName', 'description']
.map((k) => pkg[k])
.filter((x) => x !== undefined)
.some((txt) => txt.includes(q));
type SearchResult = {
package: PackageResults;
flags?: { unstable: boolean | void };
local?: boolean;
score: {
final: number;
detail: {
quality: number;
popularity: number;
maintenance: number;
};
};
searchScore: number;
};
type SearchResults = {
objects: SearchResult[];
total: number;
time: string;
};
const personMatch = (person, search) => {
if (typeof person === 'string') {
return person.includes(search);
}
if (typeof person === 'object') {
for (const field of Object.values(person)) {
if (typeof field === 'string' && field.includes(search)) {
return true;
}
}
}
return false;
};
const matcher = function (query) {
const match = query.match(/author:(.*)/);
if (match !== null) {
return function (pkg) {
return personMatch(pkg.author, match[1]);
};
}
// TODO: maintainer, keywords, boost-exact
// TODO implement some scoring system for freetext
return (pkg) => {
return ['name', 'displayName', 'description']
.map((k) => {
return pkg[k];
})
.filter((x) => {
return x !== undefined;
})
.some((txt) => {
return txt.includes(query);
});
};
};
function compileTextSearch(textSearch: string): (pkg: PackageResults) => boolean {
const textMatchers = (textSearch || '').split(' ').map(matcher);
return (pkg) => textMatchers.every((m) => m(pkg));
}
function removeDuplicates(results) {
const pkgNames: any[] = [];
return results.filter((pkg) => {
if (pkgNames.includes(pkg?.package?.name)) {
return false;
}
pkgNames.push(pkg?.package?.name);
return true;
});
}
function checkAccess(pkg: any, auth: any, remoteUser): Promise<Package | null> {
return new Promise((resolve, reject) => {
auth.allow_access({ packageName: pkg?.package?.name }, remoteUser, function (err, allowed) {
if (err) {
if (err.status && String(err.status).match(/^4\d\d$/)) {
// auth plugin returns 4xx user error,
// that's equivalent of !allowed basically
allowed = false;
return resolve(null);
} else {
reject(err);
}
} else {
return resolve(allowed ? pkg : null);
}
});
});
}
async function sendResponse(resultBuf, resultStream, auth, req, from: number, size: number): Promise<SearchResults> {
resultStream.destroy();
const resultsCollection = resultBuf.map((pkg): SearchResult => {
if (pkg?.name) {
return {
package: pkg,
// not sure if flags is need it
flags: {
unstable: Object.keys(pkg.versions).some((v) => semver.satisfies(v, '^1.0.0')) ? undefined : true,
},
local: true,
score: {
final: 1,
detail: {
quality: 1,
popularity: 1,
maintenance: 0,
},
},
searchScore: 100000,
};
} else {
return pkg;
}
});
const checkAccessPromises: SearchResult[] = await Promise.all(
removeDuplicates(resultsCollection).map((pkgItem) => {
return checkAccess(pkgItem, auth, req.remote_user);
})
);
const final: SearchResult[] = checkAccessPromises.filter((i) => !_.isNull(i)).slice(from, size);
logger.debug(`search results ${final?.length}`);
const response: SearchResults = {
objects: final,
total: final.length,
time: new Date().toUTCString(),
};
logger.debug(`total response ${final.length}`);
return response;
}
/**
* Endpoint for npm search v1
* req: 'GET /-/v1/search?text=react&size=20&from=0&quality=0.65&popularity=0.98&maintenance=0.5'
*/
export default function (route, auth, storage): void {
route.get('/-/v1/search', (req, res) => {
route.get('/-/v1/search', async (req, res, next) => {
// TODO: implement proper result scoring weighted by quality, popularity and maintenance query parameters
let [text, size, from /* , quality, popularity, maintenance */] = [
'text',
'size',
'from' /* , 'quality', 'popularity', 'maintenance' */
].map((k) => req.query[k]);
let [text, size, from /* , quality, popularity, maintenance */] = ['text', 'size', 'from' /* , 'quality', 'popularity', 'maintenance' */].map((k) => req.query[k]);
size = parseInt(size) || 20;
from = parseInt(from) || 0;
const isInteresting = compileTextSearch(text);
const resultStream = storage.search(0, { req: { query: { local: true } } });
const resultBuf = [] as any;
const resultStream = storage.search(0, { req });
let resultBuf = [] as any;
let completed = false;
const sendResponse = (): void => {
completed = true;
resultStream.destroy();
const final = resultBuf.slice(from, size).map((pkg) => {
return {
package: pkg,
flags: {
unstable: Object.keys(pkg.versions).some((v) => semver.satisfies(v, '^1.0.0'))
? undefined
: true
},
score: {
final: 1,
detail: {
quality: 1,
popularity: 1,
maintenance: 0
resultStream.on('data', (pkg: SearchResult[] | PackageResults) => {
// packages from the upstreams
if (_.isArray(pkg)) {
resultBuf = resultBuf.concat(
(pkg as SearchResult[]).filter((pkgItem) => {
if (!isInteresting(pkgItem?.package)) {
return;
}
},
searchScore: 100000
};
});
const response = {
objects: final,
total: final.length,
time: new Date().toUTCString()
};
res.status(200).json(response);
};
resultStream.on('data', (pkg) => {
if (!isInteresting(pkg)) {
return;
}
resultBuf.push(pkg);
if (!completed && resultBuf.length >= size + from) {
sendResponse();
logger.debug(`[remote] pkg name ${pkgItem?.package?.name}`);
return true;
})
);
} else {
// packages from local
// due compability with `/-/all` we cannot refactor storage.search();
if (!isInteresting(pkg)) {
return;
}
logger.debug(`[local] pkg name ${(pkg as PackageResults)?.name}`);
resultBuf.push(pkg);
}
});
resultStream.on('end', () => {
resultStream.on('error', function () {
logger.error('search endpoint has failed');
res.socket.destroy();
});
resultStream.on('end', async () => {
if (!completed) {
sendResponse();
completed = true;
try {
const response = await sendResponse(resultBuf, resultStream, auth, req, from, size);
logger.info('search endpoint ok results @{total}', { total: response.total });
res.status(HTTP_STATUS.OK).json(response);
} catch (err) {
logger.error('search endpoint has failed @{err}', { err });
next(err);
}
}
});
});

11
src/api/endpoint/index.ts
View file

@ -1,6 +1,5 @@
import { Config } from '@verdaccio/types';
import _ from 'lodash';
import express from 'express';
import bodyParser from 'body-parser';
import { IAuth, IStorageHandler } from '../../../types';
@ -14,7 +13,6 @@ import pkg from './api/package';
import stars from './api/stars';
import profile from './api/v1/profile';
import token from './api/v1/token';
import v1Search from './api/v1/search';
const {
@ -29,12 +27,9 @@ export default function (config: Config, auth: IAuth, storage: IStorageHandler)
/* eslint new-cap:off */
const app = express.Router();
/* eslint new-cap:off */
// validate all of these params as a package name
// this might be too harsh, so ask if it causes trouble
// $FlowFixMe
app.param('package', validatePackage);
// $FlowFixMe
app.param('filename', validateName);
app.param('tag', validateName);
app.param('version', validateName);
@ -62,11 +57,7 @@ export default function (config: Config, auth: IAuth, storage: IStorageHandler)
publish(app, auth, storage, config);
ping(app);
stars(app, storage);
if (_.get(config, 'experiments.search') === true) {
v1Search(app, auth, storage);
}
v1Search(app, auth, storage);
if (_.get(config, 'experiments.token') === true) {
token(app, auth, storage, config);
}

81
src/api/web/endpoint/user.ts
View file

@ -16,55 +16,48 @@ function addUserAuthApi(route: Router, auth: IAuth, config: Config): void {
route.post('/login', function (req: Request, res: Response, next: $NextFunctionVer): void {
const { username, password } = req.body;
auth.authenticate(
username,
password,
async (err, user: RemoteUser): Promise<void> => {
if (err) {
const errorCode = err.message ? HTTP_STATUS.UNAUTHORIZED : HTTP_STATUS.INTERNAL_ERROR;
next(ErrorCode.getCode(errorCode, err.message));
} else {
req.remote_user = user;
const jWTSignOptions: JWTSignOptions = getSecurity(config).web.sign;
auth.authenticate(username, password, async (err, user: RemoteUser): Promise<void> => {
if (err) {
const errorCode = err.message ? HTTP_STATUS.UNAUTHORIZED : HTTP_STATUS.INTERNAL_ERROR;
next(ErrorCode.getCode(errorCode, err.message));
} else {
req.remote_user = user;
const jWTSignOptions: JWTSignOptions = getSecurity(config).web.sign;
next({
token: await auth.jwtEncrypt(user, jWTSignOptions),
username: req.remote_user.name
});
}
next({
token: await auth.jwtEncrypt(user, jWTSignOptions),
username: req.remote_user.name,
});
}
);
});
});
route.put(
'/reset_password',
function (req: Request, res: Response, next: $NextFunctionVer): void {
if (_.isNil(req.remote_user.name)) {
res.status(HTTP_STATUS.UNAUTHORIZED);
return next({
// FUTURE: update to a more meaningful message
message: API_ERROR.MUST_BE_LOGGED
});
}
const { password } = req.body;
const { name } = req.remote_user;
if (validatePassword(password.new) === false) {
auth.changePassword(name as string, password.old, password.new, (err, isUpdated): void => {
if (_.isNil(err) && isUpdated) {
next({
ok: true
});
} else {
return next(ErrorCode.getInternalError(API_ERROR.INTERNAL_SERVER_ERROR));
}
});
} else {
return next(ErrorCode.getCode(HTTP_STATUS.BAD_REQUEST, APP_ERROR.PASSWORD_VALIDATION));
}
route.put('/reset_password', function (req: Request, res: Response, next: $NextFunctionVer): void {
if (_.isNil(req.remote_user.name)) {
res.status(HTTP_STATUS.UNAUTHORIZED);
return next({
// FUTURE: update to a more meaningful message
message: API_ERROR.MUST_BE_LOGGED,
});
}
);
const { password } = req.body;
const { name } = req.remote_user;
if (validatePassword(password.new) === false) {
auth.changePassword(name as string, password.old, password.new, (err, isUpdated): void => {
if (_.isNil(err) && isUpdated) {
next({
ok: true,
});
} else {
return next(ErrorCode.getInternalError(API_ERROR.INTERNAL_SERVER_ERROR));
}
});
} else {
return next(ErrorCode.getCode(HTTP_STATUS.BAD_REQUEST, APP_ERROR.PASSWORD_VALIDATION));
}
});
}
export default addUserAuthApi;

233
src/lib/storage.ts
View file

@ -3,43 +3,16 @@ import Stream from 'stream';
import _ from 'lodash';
import async, { AsyncResultArrayCallback } from 'async';
import { ReadTarball } from '@verdaccio/streams';
import {
IReadTarball,
IUploadTarball,
Versions,
Package,
Config,
MergeTags,
Version,
DistFile,
Callback,
Logger
} from '@verdaccio/types';
import { IReadTarball, IUploadTarball, Versions, Package, Config, MergeTags, Version, DistFile, Callback, Logger } from '@verdaccio/types';
import { GenericBody, TokenFilter, Token } from '@verdaccio/types';
import { VerdaccioError } from '@verdaccio/commons-api';
import {
IStorage,
IProxy,
IStorageHandler,
ProxyList,
StringValue,
IGetPackageOptions,
ISyncUplinks,
IPluginFilters
} from '../../types';
import { IStorage, IProxy, IStorageHandler, ProxyList, StringValue, IGetPackageOptions, ISyncUplinks, IPluginFilters } from '../../types';
import { logger } from '../lib/logger';
import ProxyStorage from './up-storage';
import Search from './search';
import { API_ERROR, HTTP_STATUS, DIST_TAGS } from './constants';
import LocalStorage from './local-storage';
import {
checkPackageLocal,
publishPackage,
checkPackageRemote,
cleanUpLinksRef,
mergeUplinkTimeIntoLocal,
generatePackageTemplate
} from './storage-utils';
import { checkPackageLocal, publishPackage, checkPackageRemote, cleanUpLinksRef, mergeUplinkTimeIntoLocal, generatePackageTemplate } from './storage-utils';
import { setupUpLinks, updateVersionsHiddenUpLink } from './uplink-util';
import { mergeVersions } from './metadata-utils';
import { ErrorCode, normalizeDistTags, validateMetadata, isObject } from './utils';
@ -77,11 +50,7 @@ class Storage implements IStorageHandler {
public async addPackage(name: string, metadata: any, callback: Function): Promise<void> {
try {
await checkPackageLocal(name, this.localStorage);
await checkPackageRemote(
name,
this._isAllowPublishOffline(),
this._syncUplinksMetadata.bind(this)
);
await checkPackageRemote(name, this._isAllowPublishOffline(), this._syncUplinksMetadata.bind(this));
await publishPackage(name, metadata, this.localStorage as IStorage);
callback();
} catch (err) {
@ -90,11 +59,7 @@ class Storage implements IStorageHandler {
}
private _isAllowPublishOffline(): boolean {
return (
typeof this.config.publish !== 'undefined' &&
_.isBoolean(this.config.publish.allow_offline) &&
this.config.publish.allow_offline
);
return typeof this.config.publish !== 'undefined' && _.isBoolean(this.config.publish.allow_offline) && this.config.publish.allow_offline;
}
public readTokens(filter: TokenFilter): Promise<Token[]> {
@ -113,13 +78,7 @@ class Storage implements IStorageHandler {
* Add a new version of package {name} to a system
Used storages: local (write)
*/
public addVersion(
name: string,
version: string,
metadata: Version,
tag: StringValue,
callback: Callback
): void {
public addVersion(name: string, version: string, metadata: Version, tag: StringValue, callback: Callback): void {
this.localStorage.addVersion(name, version, metadata, tag, callback);
}
@ -136,12 +95,7 @@ class Storage implements IStorageHandler {
Function changes a package info from local storage and all uplinks with write access./
Used storages: local (write)
*/
public changePackage(
name: string,
metadata: Package,
revision: string,
callback: Callback
): void {
public changePackage(name: string, metadata: Package, revision: string, callback: Callback): void {
this.localStorage.changePackage(name, metadata, revision, callback);
}
@ -181,21 +135,18 @@ class Storage implements IStorageHandler {
return new Promise<boolean>((resolve, reject): void => {
let localStream: any = self.localStorage.getTarball(name, filename);
let isOpen = false;
localStream.on(
'error',
(err): any => {
if (isOpen || err.status !== HTTP_STATUS.NOT_FOUND) {
reject(err);
}
// local reported 404 or request was aborted already
if (localStream) {
localStream.abort();
localStream = null;
}
resolve(false);
localStream.on('error', (err): any => {
if (isOpen || err.status !== HTTP_STATUS.NOT_FOUND) {
reject(err);
}
);
localStream.on('open', function(): void {
// local reported 404 or request was aborted already
if (localStream) {
localStream.abort();
localStream = null;
}
resolve(false);
});
localStream.on('open', function (): void {
isOpen = true;
localStream.abort();
localStream = null;
@ -278,7 +229,7 @@ class Storage implements IStorageHandler {
{
url: file.url,
cache: true,
_autogenerated: true
_autogenerated: true,
},
self.config
);
@ -324,10 +275,7 @@ class Storage implements IStorageHandler {
});
savestream.on('error', function (err): void {
self.logger.warn(
{ err: err, fileName: file },
'error saving file @{fileName}: @{err.message}\n@{err.stack}'
);
self.logger.warn({ err: err, fileName: file }, 'error saving file @{fileName}: @{err.message}\n@{err.stack}');
if (savestream) {
savestream.abort();
}
@ -394,54 +342,56 @@ class Storage implements IStorageHandler {
*/
public search(startkey: string, options: any): IReadTarball {
const self = this;
// stream to write a tarball
const stream: any = new Stream.PassThrough({ objectMode: true });
const searchStream: any = new Stream.PassThrough({ objectMode: true });
async.eachSeries(
Object.keys(this.uplinks),
function (up_name, cb): void {
// shortcut: if `local=1` is supplied, don't call uplinks
if (options.req.query.local !== undefined) {
if (options.req?.query?.local !== undefined) {
return cb();
}
logger.info(`search for uplink ${up_name}`);
// search by keyword for each uplink
const lstream: IUploadTarball = self.uplinks[up_name].search(options);
// join streams
lstream.pipe(stream, { end: false });
lstream.on('error', function (err): void {
const uplinkStream: IUploadTarball = self.uplinks[up_name].search(options);
// join uplink stream with streams PassThrough
uplinkStream.pipe(searchStream, { end: false });
uplinkStream.on('error', function (err): void {
self.logger.error({ err: err }, 'uplink error: @{err.message}');
cb();
// to avoid call callback more than once
cb = function (): void {};
});
lstream.on('end', function (): void {
uplinkStream.on('end', function (): void {
cb();
// to avoid call callback more than once
cb = function (): void {};
});
stream.abort = function (): void {
if (lstream.abort) {
lstream.abort();
searchStream.abort = function (): void {
if (uplinkStream.abort) {
uplinkStream.abort();
}
cb();
// to avoid call callback more than once
cb = function (): void {};
};
},
// executed after all series
function (): void {
// attach a local search results
const lstream: IReadTarball = self.localStorage.search(startkey, options);
stream.abort = function (): void {
lstream.abort();
const localSearchStream: IReadTarball = self.localStorage.search(startkey, options);
searchStream.abort = function (): void {
localSearchStream.abort();
};
lstream.pipe(stream, { end: true });
lstream.on('error', function (err: VerdaccioError): void {
localSearchStream.pipe(searchStream, { end: true });
localSearchStream.on('error', function (err: VerdaccioError): void {
self.logger.error({ err: err }, 'search error: @{err.message}');
stream.end();
searchStream.end();
});
}
);
return stream;
return searchStream;
}
/**
@ -457,38 +407,32 @@ class Storage implements IStorageHandler {
const packages: Version[] = [];
const getPackage = function (itemPkg): void {
self.localStorage.getPackageMetadata(
locals[itemPkg],
function (err, pkgMetadata: Package): void {
if (_.isNil(err)) {
const latest = pkgMetadata[DIST_TAGS].latest;
if (latest && pkgMetadata.versions[latest]) {
const version: Version = pkgMetadata.versions[latest];
const timeList = pkgMetadata.time as GenericBody;
const time = timeList[latest];
// @ts-ignore
version.time = time;
self.localStorage.getPackageMetadata(locals[itemPkg], function (err, pkgMetadata: Package): void {
if (_.isNil(err)) {
const latest = pkgMetadata[DIST_TAGS].latest;
if (latest && pkgMetadata.versions[latest]) {
const version: Version = pkgMetadata.versions[latest];
const timeList = pkgMetadata.time as GenericBody;
const time = timeList[latest];
// @ts-ignore
version.time = time;
// Add for stars api
// @ts-ignore
version.users = pkgMetadata.users;
// Add for stars api
// @ts-ignore
version.users = pkgMetadata.users;
packages.push(version);
} else {
self.logger.warn(
{ package: locals[itemPkg] },
'package @{package} does not have a "latest" tag?'
);
}
}
if (itemPkg >= locals.length - 1) {
callback(null, packages);
packages.push(version);
} else {
getPackage(itemPkg + 1);
self.logger.warn({ package: locals[itemPkg] }, 'package @{package} does not have a "latest" tag?');
}
}
);
if (itemPkg >= locals.length - 1) {
callback(null, packages);
} else {
getPackage(itemPkg + 1);
}
});
};
if (locals.length) {
@ -504,12 +448,7 @@ class Storage implements IStorageHandler {
if package is available locally, it MUST be provided in pkginfo
returns callback(err, result, uplink_errors)
*/
public _syncUplinksMetadata(
name: string,
packageInfo: Package,
options: ISyncUplinks,
callback: Callback
): void {
public _syncUplinksMetadata(name: string, packageInfo: Package, options: ISyncUplinks, callback: Callback): void {
let found = true;
const self = this;
const upLinks: IProxy[] = [];
@ -557,7 +496,7 @@ class Storage implements IStorageHandler {
self.logger.error(
{
sub: 'out',
err: err
err: err,
},
'package.json validating error @{!err.message}\n@{err.stack}'
);
@ -566,7 +505,7 @@ class Storage implements IStorageHandler {
packageInfo._uplinks[upLink.upname] = {
etag: eTag,
fetched: Date.now()
fetched: Date.now(),
};
packageInfo.time = mergeUplinkTimeIntoLocal(packageInfo, upLinkResponse);
@ -579,7 +518,7 @@ class Storage implements IStorageHandler {
self.logger.error(
{
sub: 'out',
err: err
err: err,
},
'package.json parsing error @{!err.message}\n@{err.stack}'
);
@ -624,29 +563,25 @@ class Storage implements IStorageHandler {
return callback(null, packageInfo);
}
self.localStorage.updateVersions(
name,
packageInfo,
async (err, packageJsonLocal: Package): Promise<any> => {
if (err) {
return callback(err);
}
// Any error here will cause a 404, like an uplink error. This is likely the right thing to do
// as a broken filter is a security risk.
const filterErrors: Error[] = [];
// This MUST be done serially and not in parallel as they modify packageJsonLocal
for (const filter of self.filters) {
try {
// These filters can assume it's save to modify packageJsonLocal and return it directly for
// performance (i.e. need not be pure)
packageJsonLocal = await filter.filter_metadata(packageJsonLocal);
} catch (err) {
filterErrors.push(err);
}
}
callback(null, packageJsonLocal, _.concat(upLinksErrors, filterErrors));
self.localStorage.updateVersions(name, packageInfo, async (err, packageJsonLocal: Package): Promise<any> => {
if (err) {
return callback(err);
}
);
// Any error here will cause a 404, like an uplink error. This is likely the right thing to do
// as a broken filter is a security risk.
const filterErrors: Error[] = [];
// This MUST be done serially and not in parallel as they modify packageJsonLocal
for (const filter of self.filters) {
try {
// These filters can assume it's save to modify packageJsonLocal and return it directly for
// performance (i.e. need not be pure)
packageJsonLocal = await filter.filter_metadata(packageJsonLocal);
} catch (err) {
filterErrors.push(err);
}
}
callback(null, packageJsonLocal, _.concat(upLinksErrors, filterErrors));
});
}
);
}

5
src/lib/up-storage.ts
View file

@ -8,7 +8,7 @@ import request from 'request';
import { ReadTarball } from '@verdaccio/streams';
import { Config, Callback, Headers, Logger, Package } from '@verdaccio/types';
import { IProxy, UpLinkConfLocal } from '../../types';
import { parseInterval, isObject, ErrorCode, buildToken } from './utils';
import { parseInterval, isObject, ErrorCode, buildToken, isObjectOrArray } from './utils';
import { logger } from './logger';
import { ERROR_CODE, TOKEN_BASIC, TOKEN_BEARER, HEADERS, HTTP_STATUS, API_ERROR, HEADER_TYPE, CHARACTER_ENCODING } from './constants';
@ -296,7 +296,6 @@ class ProxyStorage implements IProxy {
return headers;
}
// $FlowFixMe
if (_.isObject(auth) === false && _.isObject(auth.token) === false) {
this._throwErrorAuth('Auth invalid');
}
@ -515,7 +514,7 @@ class ProxyStorage implements IProxy {
});
const parsePackage = (pkg: Package): void => {
if (isObject(pkg)) {
if (isObjectOrArray(pkg)) {
transformStream.emit('data', pkg);
}
};

4
src/lib/utils.ts
View file

@ -93,6 +93,10 @@ export function isObject(obj: any): boolean {
return _.isObject(obj) && _.isNull(obj) === false && _.isArray(obj) === false;
}
export function isObjectOrArray(obj: any): boolean {
return _.isObject(obj) && _.isNull(obj) === false;
}
/**
* Validate the package metadata, add additional properties whether are missing within
* the metadata properties.

2
test/e2e-cli/config/_bootstrap_verdaccio.yaml
View file

@ -11,7 +11,7 @@ web:
uplinks:
npmjs:
url: https://registry.verdaccio.org/
url: https://registry.npmjs.org/
logs: { type: stdout, format: json, level: http }

47
test/e2e-cli/test/search/search.spec.ts Normal file
View file

@ -0,0 +1,47 @@
import path from 'path';
import fs from 'fs';
import * as __global from '../../utils/global';
import { spawnRegistry } from '../../utils/registry';
import { execAndWaitForOutputToMatch } from '../../utils/process';
import { installVerdaccio } from '../__partials/npm_commands';
import { expectFileToExist } from '../../utils/expect';
describe('npm search', () => {
jest.setTimeout(90000);
const port = '9012';
// @ts-ignore
const tempRootFolder = global.__namespace.getItem('dir-root');
const verdaccioInstall = path.join(tempRootFolder, 'verdaccio-root-install');
let registryProcess;
beforeAll(async () => {
await installVerdaccio(verdaccioInstall);
const configPath = path.join(tempRootFolder, 'verdaccio.yaml');
fs.copyFileSync(path.join(__dirname, '../../config/default.yaml'), configPath);
// @ts-ignore
global.__namespace = __global;
const pathVerdaccioModule = require.resolve('verdaccio/bin/verdaccio', {
paths: [verdaccioInstall],
});
registryProcess = await spawnRegistry(pathVerdaccioModule, ['-c', configPath, '-l', port], {
cwd: verdaccioInstall,
silent: true,
});
});
test('should match on npm search verdaccio', async () => {
const output = await execAndWaitForOutputToMatch(
'npm',
['search', 'verdaccio', '--registry', `http://localhost:${port}`],
/private package repository registry enterprise modules pro/
);
expect(output.ok).toBeTruthy();
});
afterAll(async () => {
registryProcess.kill();
});
});

195
test/unit/modules/api/api.search.spec.ts Normal file
View file

@ -0,0 +1,195 @@
import path from 'path';
import { Readable } from 'stream';
import request from 'supertest';
import _ from 'lodash';
import rimraf from 'rimraf';
import nock from 'nock';
import configDefault from '../../partials/config';
import publishMetadata from '../../partials/publish-api';
import endPointAPI from '../../../../src/api';
import { HEADERS, API_ERROR, HTTP_STATUS, HEADER_TYPE, API_MESSAGE, TOKEN_BEARER } from '../../../../src/lib/constants';
import { mockServer } from '../../__helper/mock';
import { DOMAIN_SERVERS } from '../../../functional/config.functional';
import { buildToken, encodeScopedUri } from '../../../../src/lib/utils';
import { getNewToken, getPackage, putPackage, verifyPackageVersionDoesExist, generateUnPublishURI } from '../../__helper/api';
import { generatePackageMetadata, generatePackageUnpublish, generateStarMedatada, generateDeprecateMetadata, generateVersion } from '../../__helper/utils';
const sleep = (delay) => {
return new Promise((resolve) => {
setTimeout(resolve, delay);
});
};
require('../../../../src/lib/logger').setup([{ type: 'stdout', format: 'pretty', level: 'debug' }]);
const credentials = { name: 'jota', password: 'secretPass' };
const putVersion = (app, name, publishMetadata) => {
return request(app)
.put(name)
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
.send(JSON.stringify(publishMetadata))
.expect(HTTP_STATUS.CREATED)
.set('accept', 'gzip')
.set('accept-encoding', HEADERS.JSON)
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON);
};
describe('endpoint unit test', () => {
let app;
const mockServerPort = 55549;
let mockRegistry;
beforeAll(function (done) {
const store = path.join(__dirname, '../../partials/store/test-storage-api-spec');
rimraf(store, async () => {
const configForTest = configDefault(
{
auth: {
htpasswd: {
file: './test-storage-api-spec/.htpasswd',
},
},
filters: {
'../../modules/api/partials/plugin/filter': {
pkg: 'npm_test',
version: '2.0.0',
},
},
storage: store,
self_path: store,
uplinks: {
npmjs: {
url: `http://${DOMAIN_SERVERS}:${mockServerPort}`,
},
socketTimeout: {
url: `http://some.registry.timeout.com`,
max_fails: 2,
timeout: '1s',
fail_timeout: '1s',
},
},
logs: [{ type: 'stdout', format: 'pretty', level: 'warn' }],
},
'api.search.spec.yaml'
);
app = await endPointAPI(configForTest);
mockRegistry = await mockServer(mockServerPort).init();
done();
});
});
afterAll(function (done) {
mockRegistry[0].stop();
done();
});
afterEach(() => {
nock.cleanAll();
});
describe('should test search api', () => {
test('should perform a search with results', (done) => {
const searchAllResponse = require(path.join(__dirname, 'partials', 'search-all.json'));
const query = '/-/all/since?stale=update_after&startkey=111';
nock('http://0.0.0.0:55549').get(query).reply(200, searchAllResponse);
request(app)
.get('/-/all/since?stale=update_after&startkey=111')
.set('accept-encoding', HEADERS.JSON)
// this is important, is how the query for all endpoint works
.set('referer', 'verdaccio')
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
.expect(HEADERS.CONTENT_TYPE, HEADERS.JSON_CHARSET)
.expect(HTTP_STATUS.OK)
.end(function (err, res) {
if (err) {
expect(err).toBeNull();
return done(err);
}
expect(res.body).toHaveLength(37);
done();
});
});
test('should perform a search v1 emtpy results', (done) => {
const searchV1 = require(path.join(__dirname, 'partials', 'search-v1-empty.json'));
const query = '/-/v1/search?text=verdaccio&size=3&quality=0.65&popularity=0.98&maintenance=0.5';
jest.spyOn(Date.prototype, 'toUTCString').mockReturnValue('Fri, 14 May 2021 21:29:10 GMT');
nock('http://0.0.0.0:55549').get(query).reply(200, searchV1);
request(app)
.get(query)
.set('accept-encoding', HEADERS.JSON)
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
.expect(HEADERS.CONTENT_TYPE, HEADERS.JSON_CHARSET)
.expect(HTTP_STATUS.OK)
.end(function (err, res) {
if (err) {
expect(err).toBeNull();
return done(err);
}
expect(res.body).toStrictEqual({ objects: [], total: 0, time: 'Fri, 14 May 2021 21:29:10 GMT' });
done();
});
});
test('should perform a search v1 with results', (done) => {
const searchV1 = require(path.join(__dirname, 'partials', 'search-v1.json'));
const query = '/-/v1/search?text=verdaccio&size=3&quality=0.65&popularity=0.98&maintenance=0.5';
jest.spyOn(Date.prototype, 'toUTCString').mockReturnValue('Fri, 14 May 2021 21:29:10 GMT');
nock('http://0.0.0.0:55549').get(query).reply(200, searchV1);
request(app)
.get(query)
.set('accept-encoding', HEADERS.JSON)
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
.expect(HEADERS.CONTENT_TYPE, HEADERS.JSON_CHARSET)
.expect(HTTP_STATUS.OK)
.end(function (err, res) {
if (err) {
expect(err).toBeNull();
return done(err);
}
expect(res.body.objects).toBeDefined();
expect(res.body.time).toBeDefined();
expect(res.body.total).toEqual(3);
done();
});
});
test('should perform a search v1 with react forbidden access', (done) => {
const searchV1 = require(path.join(__dirname, 'partials', 'search-v1-forbidden.json'));
const query = '/-/v1/search?text=verdaccio&size=3&quality=0.65&popularity=0.98&maintenance=0.5';
jest.spyOn(Date.prototype, 'toUTCString').mockReturnValue('Fri, 14 May 2021 21:29:10 GMT');
nock('http://0.0.0.0:55549').get(query).reply(200, searchV1);
request(app)
.get(query)
.set('accept-encoding', HEADERS.JSON)
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
.expect(HEADERS.CONTENT_TYPE, HEADERS.JSON_CHARSET)
.expect(HTTP_STATUS.OK)
.end(function (err, res) {
if (err) {
expect(err).toBeNull();
return done(err);
}
expect(res.body.objects).toBeDefined();
expect(res.body.time).toBeDefined();
expect(res.body.total).toEqual(0);
done();
});
});
test('should perform a search v1 with error', () => {
const query = '/-/v1/search?text=verdaccio&size=3&quality=0.65&popularity=0.98&maintenance=0.5';
nock('http://0.0.0.0:55549').get(query).reply(500);
return request(app)
.get(query)
.set('accept-encoding', HEADERS.JSON)
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
.expect(HEADERS.CONTENT_TYPE, HEADERS.JSON_CHARSET)
.expect(HTTP_STATUS.OK);
});
});
});

245
test/unit/modules/api/api.spec.ts
View file

@ -9,31 +9,12 @@ import configDefault from '../../partials/config';
import publishMetadata from '../../partials/publish-api';
import endPointAPI from '../../../../src/api';
import {
HEADERS,
API_ERROR,
HTTP_STATUS,
HEADER_TYPE,
API_MESSAGE,
TOKEN_BEARER
} from '../../../../src/lib/constants';
import { HEADERS, API_ERROR, HTTP_STATUS, HEADER_TYPE, API_MESSAGE, TOKEN_BEARER } from '../../../../src/lib/constants';
import { mockServer } from '../../__helper/mock';
import { DOMAIN_SERVERS } from '../../../functional/config.functional';
import { buildToken, encodeScopedUri } from '../../../../src/lib/utils';
import {
getNewToken,
getPackage,
putPackage,
verifyPackageVersionDoesExist,
generateUnPublishURI
} from '../../__helper/api';
import {
generatePackageMetadata,
generatePackageUnpublish,
generateStarMedatada,
generateDeprecateMetadata,
generateVersion
} from '../../__helper/utils';
import { getNewToken, getPackage, putPackage, verifyPackageVersionDoesExist, generateUnPublishURI } from '../../__helper/api';
import { generatePackageMetadata, generatePackageUnpublish, generateStarMedatada, generateDeprecateMetadata, generateVersion } from '../../__helper/utils';
const sleep = (delay) => {
return new Promise((resolve) => {
@ -68,29 +49,29 @@ describe('endpoint unit test', () => {
{
auth: {
htpasswd: {
file: './test-storage-api-spec/.htpasswd'
}
file: './test-storage-api-spec/.htpasswd',
},
},
filters: {
'../../modules/api/partials/plugin/filter': {
pkg: 'npm_test',
version: '2.0.0'
}
version: '2.0.0',
},
},
storage: store,
self_path: store,
uplinks: {
npmjs: {
url: `http://${DOMAIN_SERVERS}:${mockServerPort}`
url: `http://${DOMAIN_SERVERS}:${mockServerPort}`,
},
socketTimeout: {
url: `http://some.registry.timeout.com`,
max_fails: 2,
timeout: '1s',
fail_timeout: '1s'
}
fail_timeout: '1s',
},
},
logs: [{ type: 'stdout', format: 'pretty', level: 'warn' }]
logs: [{ type: 'stdout', format: 'pretty', level: 'warn' }],
},
'api.spec.yaml'
);
@ -172,9 +153,7 @@ describe('endpoint unit test', () => {
.expect(HTTP_STATUS.FORBIDDEN)
.end(function (err, res) {
expect(res.body.error).toBeDefined();
expect(res.body.error).toMatch(
/authorization required to access package auth-package/
);
expect(res.body.error).toMatch(/authorization required to access package auth-package/);
done();
});
});
@ -187,9 +166,7 @@ describe('endpoint unit test', () => {
.expect(HTTP_STATUS.FORBIDDEN)
.end(function (err, res) {
expect(res.body.error).toBeDefined();
expect(res.body.error).toMatch(
/authorization required to access package auth-package/
);
expect(res.body.error).toMatch(/authorization required to access package auth-package/);
done();
});
});
@ -202,9 +179,7 @@ describe('endpoint unit test', () => {
.expect(HTTP_STATUS.FORBIDDEN)
.end(function (err, res) {
expect(res.body.error).toBeDefined();
expect(res.body.error).toMatch(
/authorization required to access package auth-package/
);
expect(res.body.error).toMatch(/authorization required to access package auth-package/);
done();
});
});
@ -368,32 +343,18 @@ describe('endpoint unit test', () => {
const timeOutPkg = generatePackageMetadata('timeout', '1.5.1');
const responseText = 'fooooooooooooooooo';
const readable = Readable.from([responseText]);
timeOutPkg.versions['1.5.1'].dist.tarball =
'http://some.registry.timeout.com/timeout/-/timeout-1.5.1.tgz';
timeOutPkg.versions['1.5.1'].dist.tarball = 'http://some.registry.timeout.com/timeout/-/timeout-1.5.1.tgz';
nock('http://some.registry.timeout.com').get('/timeout').reply(200, timeOutPkg);
nock('http://some.registry.timeout.com')
.get('/timeout/-/timeout-1.5.1.tgz')
.twice()
.socketDelay(50000)
.reply(200);
nock('http://some.registry.timeout.com').get('/timeout/-/timeout-1.5.1.tgz').twice().socketDelay(50000).reply(200);
nock('http://some.registry.timeout.com')
.get('/timeout/-/timeout-1.5.1.tgz')
.reply(200, () => readable);
const agent = request.agent(app);
await agent
.get('/timeout/-/timeout-1.5.1.tgz')
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.OCTET_STREAM)
.expect(HTTP_STATUS.INTERNAL_ERROR);
await agent
.get('/timeout/-/timeout-1.5.1.tgz')
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.OCTET_STREAM)
.expect(HTTP_STATUS.INTERNAL_ERROR);
await agent.get('/timeout/-/timeout-1.5.1.tgz').expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.OCTET_STREAM).expect(HTTP_STATUS.INTERNAL_ERROR);
await agent.get('/timeout/-/timeout-1.5.1.tgz').expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.OCTET_STREAM).expect(HTTP_STATUS.INTERNAL_ERROR);
await sleep(2000);
// await agent
await agent
.get('/timeout/-/timeout-1.5.1.tgz')
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.OCTET_STREAM)
.expect(HTTP_STATUS.OK);
await agent.get('/timeout/-/timeout-1.5.1.tgz').expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.OCTET_STREAM).expect(HTTP_STATUS.OK);
}, 10000);
test('should fetch jquery specific version package from remote uplink', (done) => {
@ -555,7 +516,7 @@ describe('endpoint unit test', () => {
const jqueryVersion = '2.1.2';
const jqueryUpdatedVersion = {
beta: '3.0.0',
jota: '1.6.3'
jota: '1.6.3',
};
test('should set a new tag on jquery', (done) => {
@ -647,28 +608,6 @@ describe('endpoint unit test', () => {
});
});
describe('should test search api', () => {
test('should perform a search', (done) => {
const now = Date.now();
const cacheTime = now - 6000000;
request(app)
.get('/-/all/since?stale=update_after&startkey=' + cacheTime)
// .set('accept-encoding', HEADERS.JSON)
// .set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
.expect(HEADERS.CONTENT_TYPE, HEADERS.JSON_CHARSET)
.expect(HTTP_STATUS.OK)
.end(function (err) {
if (err) {
expect(err).toBeNull();
return done(err);
}
// TODO: we have to catch the stream check whether it returns something
// we should not spend much time on this api since is deprecated somehow.
done();
});
});
});
describe('should test publish/unpublish api', () => {
/**
* It publish 2 versions and unpublish the latest one, then verifies
@ -685,24 +624,14 @@ describe('endpoint unit test', () => {
}
const newVersion = '2.0.1';
const [newErr] = await putPackage(
request(app),
`/${encodeScopedUri(pkgName)}`,
generatePackageMetadata(pkgName, newVersion),
token
);
const [newErr] = await putPackage(request(app), `/${encodeScopedUri(pkgName)}`, generatePackageMetadata(pkgName, newVersion), token);
if (newErr) {
expect(newErr).toBeNull();
return done(newErr);
}
const deletePayload = generatePackageUnpublish(pkgName, ['2.0.0']);
const [err2, res2] = await putPackage(
request(app),
generateUnPublishURI(pkgName),
deletePayload,
token
);
const [err2, res2] = await putPackage(request(app), generateUnPublishURI(pkgName), deletePayload, token);
expect(err2).toBeNull();
expect(res2.body.ok).toMatch(API_MESSAGE.PKG_CHANGED);
@ -751,29 +680,17 @@ describe('endpoint unit test', () => {
const newVersion = '1.0.0';
const token = await getNewToken(request(app), credentials);
const [newErr] = await putPackage(
request(app),
`/${encodeScopedUri(pkgName)}`,
generatePackageMetadata(pkgName, newVersion),
token
);
const [newErr] = await putPackage(request(app), `/${encodeScopedUri(pkgName)}`, generatePackageMetadata(pkgName, newVersion), token);
if (newErr) {
expect(newErr).toBeNull();
return done(newErr);
}
const deletePayload = generatePackageUnpublish(pkgName, ['2.0.0']);
const [err2, res2] = await putPackage(
request(app),
generateUnPublishURI(pkgName),
deletePayload,
token
);
const [err2, res2] = await putPackage(request(app), generateUnPublishURI(pkgName), deletePayload, token);
expect(err2).not.toBeNull();
expect(res2.body.error).toMatch(
/user jota_unpublish_fail is not allowed to unpublish package non-unpublish/
);
expect(res2.body.error).toMatch(/user jota_unpublish_fail is not allowed to unpublish package non-unpublish/);
done();
});
@ -799,17 +716,10 @@ describe('endpoint unit test', () => {
const newVersion = '1.0.0';
const token = await getNewToken(request(app), credentials);
const [newErr, resp] = await putPackage(
request(app),
`/${encodeScopedUri(pkgName)}`,
generatePackageMetadata(pkgName, newVersion),
token
);
const [newErr, resp] = await putPackage(request(app), `/${encodeScopedUri(pkgName)}`, generatePackageMetadata(pkgName, newVersion), token);
expect(newErr).not.toBeNull();
expect(resp.body.error).toMatch(
/user jota_only_unpublish_fail is not allowed to publish package only-unpublish/
);
expect(resp.body.error).toMatch(/user jota_only_unpublish_fail is not allowed to publish package only-unpublish/);
done();
});
});
@ -824,7 +734,7 @@ describe('endpoint unit test', () => {
.send(
JSON.stringify(
_.assign({}, publishMetadata, {
name: 'super-admin-can-unpublish'
name: 'super-admin-can-unpublish',
})
)
)
@ -862,7 +772,7 @@ describe('endpoint unit test', () => {
.send(
JSON.stringify(
_.assign({}, publishMetadata, {
name: 'all-can-unpublish'
name: 'all-can-unpublish',
})
)
)
@ -909,7 +819,7 @@ describe('endpoint unit test', () => {
.send(
JSON.stringify(
generateStarMedatada(pkgName, {
[credentials.name]: true
[credentials.name]: true,
})
)
)
@ -961,7 +871,7 @@ describe('endpoint unit test', () => {
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
.send(
JSON.stringify({
key: [credentials.name]
key: [credentials.name],
})
)
.expect(HTTP_STATUS.OK)
@ -984,29 +894,30 @@ describe('endpoint unit test', () => {
const tarballUrlRedirectCredentials = { name: 'tarball_tester', password: 'secretPass' };
const store = path.join(__dirname, '../../partials/store/test-storage-api-spec');
const mockServerPort = 55549;
const baseTestConfig = configDefault({
auth: {
htpasswd: {
file: './test-storage-api-spec/.htpasswd'
}
const baseTestConfig = configDefault(
{
auth: {
htpasswd: {
file: './test-storage-api-spec/.htpasswd',
},
},
filters: {
'../../modules/api/partials/plugin/filter': {
pkg: 'npm_test',
version: '2.0.0',
},
},
storage: store,
self_path: store,
uplinks: {
npmjs: {
url: `http://${DOMAIN_SERVERS}:${mockServerPort}`,
},
},
logs: [{ type: 'stdout', format: 'pretty', level: 'warn' }],
},
filters: {
'../../modules/api/partials/plugin/filter': {
pkg: 'npm_test',
version: '2.0.0'
}
},
storage: store,
self_path: store,
uplinks: {
npmjs: {
url: `http://${DOMAIN_SERVERS}:${mockServerPort}`
}
},
logs: [
{ type: 'stdout', format: 'pretty', level: 'warn' }
],
}, 'api.spec.yaml');
'api.spec.yaml'
);
let token;
beforeAll(async (done) => {
token = await getNewToken(request(app), tarballUrlRedirectCredentials);
@ -1021,8 +932,8 @@ describe('endpoint unit test', () => {
app2 = await endPointAPI({
...baseTestConfig,
experiments: {
tarball_url_redirect: 'https://myapp.sfo1.mycdn.com/verdaccio/${packageName}/${filename}'
}
tarball_url_redirect: 'https://myapp.sfo1.mycdn.com/verdaccio/${packageName}/${filename}',
},
});
done();
});
@ -1061,9 +972,9 @@ describe('endpoint unit test', () => {
...baseTestConfig,
experiments: {
tarball_url_redirect(context) {
return `https://myapp.sfo1.mycdn.com/verdaccio/${context.packageName}/${context.filename}`
}
}
return `https://myapp.sfo1.mycdn.com/verdaccio/${context.packageName}/${context.filename}`;
},
},
});
done();
});
@ -1103,12 +1014,7 @@ describe('endpoint unit test', () => {
let token = '';
beforeAll(async (done) => {
token = await getNewToken(request(app), credentials);
await putPackage(
request(app),
`/${pkgName}`,
generatePackageMetadata(pkgName, version),
token
);
await putPackage(request(app), `/${pkgName}`, generatePackageMetadata(pkgName, version), token);
done();
});
@ -1142,43 +1048,24 @@ describe('endpoint unit test', () => {
let credentials = { name: 'only_publish', password: 'secretPass' };
let token = await getNewToken(request(app), credentials);
const pkg = generateDeprecateMetadata(pkgName, version, 'get deprecated');
const [err, res] = await putPackage(
request(app),
`/${encodeScopedUri(pkgName)}`,
pkg,
token
);
const [err, res] = await putPackage(request(app), `/${encodeScopedUri(pkgName)}`, pkg, token);
expect(err).not.toBeNull();
expect(res.body.error).toBeDefined();
expect(res.body.error).toMatch(
/user only_publish is not allowed to unpublish package @scope\/deprecate/
);
expect(res.body.error).toMatch(/user only_publish is not allowed to unpublish package @scope\/deprecate/);
credentials = { name: 'only_unpublish', password: 'secretPass' };
token = await getNewToken(request(app), credentials);
const [err2, res2] = await putPackage(
request(app),
`/${encodeScopedUri(pkgName)}`,
pkg,
token
);
const [err2, res2] = await putPackage(request(app), `/${encodeScopedUri(pkgName)}`, pkg, token);
expect(err2).not.toBeNull();
expect(res2.body.error).toBeDefined();
expect(res2.body.error).toMatch(
/user only_unpublish is not allowed to publish package @scope\/deprecate/
);
expect(res2.body.error).toMatch(/user only_unpublish is not allowed to publish package @scope\/deprecate/);
});
test('should deprecate multiple packages', async (done) => {
await putPackage(
request(app),
`/${pkgName}`,
generatePackageMetadata(pkgName, '1.0.1'),
token
);
await putPackage(request(app), `/${pkgName}`, generatePackageMetadata(pkgName, '1.0.1'), token);
const pkg = generateDeprecateMetadata(pkgName, version, 'get deprecated');
pkg.versions['1.0.1'] = {
...generateVersion(pkgName, '1.0.1'),
deprecated: 'get deprecated'
deprecated: 'get deprecated',
};
await putPackage(request(app), `/${encodeScopedUri(pkgName)}`, pkg, token);
const [, res] = await getPackage(request(app), '', pkgName);

1539
test/unit/modules/api/partials/search-all.json Normal file
View file

File diff suppressed because it is too large Load diff

5
test/unit/modules/api/partials/search-v1-empty.json Normal file
View file

@ -0,0 +1,5 @@
{
"objects": [],
"total": 0,
"time": "Fri May 14 2021 21:51:36 GMT+0000 (UTC)"
}

195
test/unit/modules/api/partials/search-v1-forbidden.json Normal file
View file

@ -0,0 +1,195 @@
{
"objects": [
{
"package": {
"name": "react",
"scope": "unscoped",
"version": "17.0.2",
"description": "React is a JavaScript library for building user interfaces.",
"keywords": [
"react"
],
"date": "2021-03-22T21:56:19.536Z",
"links": {
"npm": "https://www.npmjs.com/package/react",
"homepage": "https://reactjs.org/",
"repository": "https://github.com/facebook/react",
"bugs": "https://github.com/facebook/react/issues"
},
"publisher": {
"username": "gaearon",
"email": "dan.abramov@gmail.com"
},
"maintainers": [
{
"username": "sebmarkbage",
"email": "sebastian@calyptus.eu"
},
{
"username": "gaearon",
"email": "dan.abramov@gmail.com"
},
{
"username": "acdlite",
"email": "npm@andrewclark.io"
},
{
"username": "brianvaughn",
"email": "briandavidvaughn@gmail.com"
},
{
"username": "fb",
"email": "opensource+npm@fb.com"
},
{
"username": "trueadm",
"email": "dg@domgan.com"
},
{
"username": "sophiebits",
"email": "npm@sophiebits.com"
},
{
"username": "lunaruan",
"email": "lunaris.ruan@gmail.com"
}
]
},
"score": {
"final": 0.5866871996642231,
"detail": {
"quality": 0.5243673868446629,
"popularity": 0.8934580484118788,
"maintenance": 0.3333333333333333
}
},
"searchScore": 100000.65
},
{
"package": {
"name": "rxjs",
"scope": "unscoped",
"version": "7.0.1",
"description": "Reactive Extensions for modern JavaScript",
"keywords": [
"Rx",
"RxJS",
"ReactiveX",
"ReactiveExtensions",
"Streams",
"Observables",
"Observable",
"Stream",
"ES6",
"ES2015"
],
"date": "2021-05-12T02:26:13.432Z",
"links": {
"npm": "https://www.npmjs.com/package/rxjs",
"homepage": "https://rxjs.dev",
"repository": "https://github.com/reactivex/rxjs",
"bugs": "https://github.com/ReactiveX/RxJS/issues"
},
"author": {
"name": "Ben Lesh",
"email": "ben@benlesh.com",
"username": "blesh"
},
"publisher": {
"username": "blesh",
"email": "ben@benlesh.com"
},
"maintainers": [
{
"username": "blesh",
"email": "ben@benlesh.com"
},
{
"username": "jeffbcross",
"email": "middlefloor@gmail.com"
}
]
},
"score": {
"final": 0.6836223477625805,
"detail": {
"quality": 0.9291959177173365,
"popularity": 0.8234197308020366,
"maintenance": 0.3333333333333333
}
},
"searchScore": 0.4475699
},
{
"package": {
"name": "react-dom",
"scope": "unscoped",
"version": "17.0.2",
"description": "React package for working with the DOM.",
"keywords": [
"react"
],
"date": "2021-03-22T21:56:33.089Z",
"links": {
"npm": "https://www.npmjs.com/package/react-dom",
"homepage": "https://reactjs.org/",
"repository": "https://github.com/facebook/react",
"bugs": "https://github.com/facebook/react/issues"
},
"publisher": {
"username": "gaearon",
"email": "dan.abramov@gmail.com"
},
"maintainers": [
{
"username": "sebmarkbage",
"email": "sebastian@calyptus.eu"
},
{
"username": "gaearon",
"email": "dan.abramov@gmail.com"
},
{
"username": "zpao",
"email": "paul@oshannessy.com"
},
{
"username": "acdlite",
"email": "npm@andrewclark.io"
},
{
"username": "brianvaughn",
"email": "briandavidvaughn@gmail.com"
},
{
"username": "fb",
"email": "opensource+npm@fb.com"
},
{
"username": "trueadm",
"email": "dg@domgan.com"
},
{
"username": "sophiebits",
"email": "npm@sophiebits.com"
},
{
"username": "lunaruan",
"email": "lunaris.ruan@gmail.com"
}
]
},
"score": {
"final": 0.5654772997237696,
"detail": {
"quality": 0.5243673868446629,
"popularity": 0.8328583342962974,
"maintenance": 0.3333333333333333
}
},
"searchScore": 0.27131972
}
],
"total": 159885,
"time": "Sat May 15 2021 07:32:48 GMT+0000 (UTC)"
}

172
test/unit/modules/api/partials/search-v1.json Normal file
View file

@ -0,0 +1,172 @@
{
"objects": [
{
"package": {
"name": "verdaccio",
"scope": "unscoped",
"version": "5.0.4",
"description": "A lightweight private npm proxy registry",
"keywords": [
"private",
"package",
"repository",
"registry",
"enterprise",
"modules",
"proxy",
"server",
"verdaccio"
],
"date": "2021-04-28T05:24:23.696Z",
"links": {
"npm": "https://www.npmjs.com/package/verdaccio",
"homepage": "https://verdaccio.org",
"repository": "https://github.com/verdaccio/verdaccio",
"bugs": "https://github.com/verdaccio/verdaccio/issues"
},
"author": {
"name": "Verdaccio Maintainers",
"email": "verdaccio.npm@gmail.com",
"username": "verdaccio.npm"
},
"publisher": {
"username": "verdaccio.npm",
"email": "verdaccio.npm@gmail.com"
},
"maintainers": [
{
"username": "jotadeveloper",
"email": "juanpicado19@gmail.com"
},
{
"username": "ayusharma",
"email": "ayush.aceit@gmail.com"
},
{
"username": "trentearl",
"email": "trent@trentearl.com"
},
{
"username": "jmwilkinson",
"email": "J.Wilkinson@f5.com"
},
{
"username": "sergiohgz",
"email": "sergio@sergiohgz.eu"
},
{
"username": "verdaccio.npm",
"email": "verdaccio.npm@gmail.com"
}
]
},
"score": {
"final": 0.3753957330043509,
"detail": {
"quality": 0.5818552769606854,
"popularity": 0.24049280928422478,
"maintenance": 0.3333333333333333
}
},
"searchScore": 100000.37
},
{
"package": {
"name": "verdaccio-bitbucket",
"scope": "unscoped",
"version": "3.0.1",
"description": "Verdaccio module to authenticate users via Bitbucket",
"keywords": [
"sinopia",
"verdaccio",
"bitbucket",
"atlassian",
"auth",
"node",
"nodejs",
"js",
"javascript"
],
"date": "2020-11-17T18:31:50.893Z",
"links": {
"npm": "https://www.npmjs.com/package/verdaccio-bitbucket"
},
"author": {
"name": "Idan Gozlan",
"email": "idangozlan@gmail.com",
"username": "idangozlan"
},
"publisher": {
"username": "idangozlan",
"email": "idangozlan@gmail.com"
},
"maintainers": [
{
"username": "idangozlan",
"email": "idangozlan@gmail.com"
}
]
},
"score": {
"final": 0.3976271898729222,
"detail": {
"quality": 0.933162858363102,
"popularity": 0.004198585559205135,
"maintenance": 0.3320252211950568
}
},
"searchScore": 0.0006275179
},
{
"package": {
"name": "verdaccio-auth-bitbucket",
"scope": "unscoped",
"version": "2.0.3",
"description": "Verdaccio module to authenticate users via Bitbucket",
"keywords": [
"sinopia",
"verdaccio",
"bitbucket",
"atlassian",
"auth",
"node",
"nodejs",
"js",
"javascript"
],
"date": "2020-11-12T16:44:32.807Z",
"links": {
"npm": "https://www.npmjs.com/package/verdaccio-auth-bitbucket",
"homepage": "https://github.com/tomamatics/verdaccio-bitbucket#readme",
"repository": "https://github.com/tomamatics/verdaccio-bitbucket",
"bugs": "https://github.com/tomamatics/verdaccio-bitbucket/issues"
},
"author": {
"name": "Tom Pachtner",
"email": "tompachtner@gmail.com"
},
"publisher": {
"username": "tomamatics",
"email": "tom@pachtner.net"
},
"maintainers": [
{
"username": "tomamatics",
"email": "tom@pachtner.net"
}
]
},
"score": {
"final": 0.3732625146140655,
"detail": {
"quality": 0.8526588061592506,
"popularity": 0.0026266847120729533,
"maintenance": 0.33298723747732817
}
},
"searchScore": 0.00021836061
}
],
"total": 213,
"time": "Fri May 14 2021 21:05:27 GMT+0000 (UTC)"
}

31
test/unit/partials/config/yaml/api.search.spec.yaml Normal file
View file

@ -0,0 +1,31 @@
storage: ./storage_default_storage
uplinks:
npmjs:
url: http://localhost:4873/
packages:
'all-can-unpublish':
access: $authenticated
publish: $all
unpublish: $all
'forbidden-place':
access: nobody
publish: $all
'vue':
access: $authenticated
publish: $authenticated
proxy: npmjs
'jquery':
access: $all
publish: $all
proxy: npmjs
# forbidden for search endpoint test package
'react*':
access: non_existing_user
publish: $all
proxy: npmjs
'*':
access: $all
publish: $all
unpublish: xxx
proxy: npmjs
logs: { type: stdout, format: pretty, level: trace }

8
test/unit/partials/config/yaml/api.spec.yaml
View file

@ -80,10 +80,14 @@ packages:
access: $all
publish: $all
proxy: npmjs
# forbidden for search endpoint test package
'react*':
access: non_existing_user
publish: $all
proxy: npmjs
'*':
access: $all
publish: $all
unpublish: xxx
proxy: npmjs
logs:
- { type: stdout, format: pretty, level: trace }
logs: { type: stdout, format: pretty, level: trace }