mirror of
https://github.com/verdaccio/verdaccio.git
synced 2024-12-16 21:56:25 -05:00
feat: allows package.json as package name (#1149)
This commit is contained in:
parent
9d3b7ba32c
commit
6554973e2b
5 changed files with 7 additions and 12 deletions
|
@ -409,7 +409,7 @@ class LocalStorage implements IStorage {
|
|||
_transform.apply(uploadStream, arguments);
|
||||
};
|
||||
|
||||
if (name === pkgFileName || name === '__proto__') {
|
||||
if (name === '__proto__') {
|
||||
process.nextTick(() => {
|
||||
uploadStream.emit('error', ErrorCode.getForbidden());
|
||||
});
|
||||
|
|
|
@ -75,7 +75,6 @@ function validateName(name: string): boolean {
|
|||
name.charAt(0) === '-' || // "-" is reserved by couchdb
|
||||
name === 'node_modules' ||
|
||||
name === '__proto__' ||
|
||||
name === 'package.json' ||
|
||||
name === 'favicon.ico'
|
||||
);
|
||||
}
|
||||
|
|
|
@ -9,7 +9,7 @@ export default function(server) {
|
|||
});
|
||||
|
||||
test('should fails on fetch bad pkg #1', () => {
|
||||
return server.getPackage('package.json')
|
||||
return server.getPackage('__proto__')
|
||||
.status(HTTP_STATUS.FORBIDDEN)
|
||||
.body_error(/invalid package/);
|
||||
});
|
||||
|
@ -31,8 +31,8 @@ export default function(server) {
|
|||
});
|
||||
});
|
||||
|
||||
test('should fails and do not return package.json as an attachment', () => {
|
||||
return server.request({uri: '/testpkg-sec/-/package.json'})
|
||||
test('should fails and do not return __proto__ as an attachment', () => {
|
||||
return server.request({uri: '/testpkg-sec/-/__proto__'})
|
||||
.status(HTTP_STATUS.FORBIDDEN)
|
||||
.body_error(/invalid filename/);
|
||||
});
|
||||
|
@ -49,7 +49,7 @@ export default function(server) {
|
|||
});
|
||||
|
||||
test('should fails on fetch silly things - writing #1', () => {
|
||||
return server.putTarball('testpkg-sec', 'package.json', '{}')
|
||||
return server.putTarball('testpkg-sec', '__proto__', '{}')
|
||||
.status(HTTP_STATUS.FORBIDDEN)
|
||||
.body_error(/invalid filename/);
|
||||
});
|
||||
|
|
|
@ -385,7 +385,7 @@ describe('LocalStorage', () => {
|
|||
});
|
||||
|
||||
test('should fails on abort on add a new tarball', (done) => {
|
||||
const stream = storage.addTarball('package.json', `${pkgName}-fails-add-tarball-1.0.4.tgz`);
|
||||
const stream = storage.addTarball('__proto__', `${pkgName}-fails-add-tarball-1.0.4.tgz`);
|
||||
stream.abort();
|
||||
stream.on('error', function(err) {
|
||||
expect(err).not.toBeNull();
|
||||
|
|
|
@ -59,10 +59,6 @@ describe('Utilities', () => {
|
|||
assert(validate('JSONStream'));
|
||||
});
|
||||
|
||||
test('no package.json', () => {
|
||||
assert(!validate('package.json'));
|
||||
});
|
||||
|
||||
test('no path seps', () => {
|
||||
assert(!validate('some/thing'));
|
||||
assert(!validate('some\\thing'));
|
||||
|
|
Loading…
Reference in a new issue