mirror of
https://github.com/verdaccio/verdaccio.git
synced 2024-12-16 21:56:25 -05:00
fix: allows pkg names that start with dash
Description
In sinopia 9f662a69e1 (diff-50e3aa130a4f97a42ee2cf111c7b1d9d)
a validation name for packages that start with dashs was added due this pattern is reserved by couchdb, but npmjs allows that now. I guess this is not a restriction anymore.
fix: https://github.com/verdaccio/verdaccio/issues/1400
This commit is contained in:
parent
54e62fbb53
commit
e319435d73
2 changed files with 14 additions and 3 deletions
|
@ -50,18 +50,27 @@ export function convertPayloadToBase64(payload: string): Buffer {
|
||||||
* @param {*} name the package name
|
* @param {*} name the package name
|
||||||
* @return {Boolean} whether is valid or not
|
* @return {Boolean} whether is valid or not
|
||||||
*/
|
*/
|
||||||
export function validateName(name: string): boolean {
|
export function validateName(name: string, isScoped: boolean = false): boolean {
|
||||||
if (_.isString(name) === false) {
|
if (_.isString(name) === false) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
const normalizedName: string = name.toLowerCase();
|
const normalizedName: string = name.toLowerCase();
|
||||||
|
|
||||||
// all URL-safe characters and "@" for issue #75
|
/**
|
||||||
|
* Some context about the first regex
|
||||||
|
* - npm used to have a different tarball naming system.
|
||||||
|
* eg: http://registry.npmjs.com/thirty-two
|
||||||
|
* https://registry.npmjs.org/thirty-two/-/thirty-two@0.0.1.tgz
|
||||||
|
* The file name thirty-two@0.0.1.tgz, the version and the pkg name was separated by an at (@)
|
||||||
|
* while nowadays the naming system is based in dashes
|
||||||
|
* https://registry.npmjs.org/verdaccio/-/verdaccio-1.4.0.tgz
|
||||||
|
*
|
||||||
|
* more info here: https://github.com/rlidwka/sinopia/issues/75
|
||||||
|
*/
|
||||||
return !(
|
return !(
|
||||||
!normalizedName.match(/^[-a-zA-Z0-9_.!~*'()@]+$/) ||
|
!normalizedName.match(/^[-a-zA-Z0-9_.!~*'()@]+$/) ||
|
||||||
normalizedName.charAt(0) === '.' || // ".bin", etc.
|
normalizedName.charAt(0) === '.' || // ".bin", etc.
|
||||||
normalizedName.charAt(0) === '-' || // "-" is reserved by couchdb
|
|
||||||
normalizedName === 'node_modules' ||
|
normalizedName === 'node_modules' ||
|
||||||
normalizedName === '__proto__' ||
|
normalizedName === '__proto__' ||
|
||||||
normalizedName === 'favicon.ico'
|
normalizedName === 'favicon.ico'
|
||||||
|
|
|
@ -246,6 +246,8 @@ describe('Utilities', () => {
|
||||||
expect(validateName('verdaccio')).toBeTruthy();
|
expect(validateName('verdaccio')).toBeTruthy();
|
||||||
expect(validateName('some.weird.package-zzz')).toBeTruthy();
|
expect(validateName('some.weird.package-zzz')).toBeTruthy();
|
||||||
expect(validateName('old-package@0.1.2.tgz')).toBeTruthy();
|
expect(validateName('old-package@0.1.2.tgz')).toBeTruthy();
|
||||||
|
// fix https://github.com/verdaccio/verdaccio/issues/1400
|
||||||
|
expect(validateName('-build-infra')).toBeTruthy();
|
||||||
});
|
});
|
||||||
|
|
||||||
test('should be valid using uppercase', () => {
|
test('should be valid using uppercase', () => {
|
||||||
|
|
Loading…
Reference in a new issue