Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-01-06 22:40:26 -05:00
Code Issues Activity

feat: improved config and token signature (#3658)

Browse source 
* chore: add signature module

* feat: improved config and token signature

feat: improved config and token signature

Update package.json

* chore: update deps

* types

* fix: logger missing options

* chore: update deps

* update dep

* Update e2e-jest-workflow.yml

* Update init.ts

* Update config-path.ts

* fix logger

* Update init.ts
This commit is contained in:
Juan Picado 2023-03-03 21:32:10 +01:00 committed by GitHub
parent 8c8dafc8a0
commit e50d4d92a2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
43 changed files with 133 additions and 644 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
.github/workflows/e2e-jest-workflow.yml vendored
View file

@ -206,7 +206,7 @@ jobs:
echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
yarn jest module.test.js
pnpm7:
name: 'pnpm:next-7:jest example'
name: 'pnpm:7:jest example'
runs-on: ubuntu-latest
steps:
@ -217,12 +217,12 @@ jobs:
with:
node-version: 16.x
- name: 'install latest pnpm'
run: npm i -g pnpm@next-7
run: npm i -g pnpm@latest-7
- name: Install Dependencies
run: yarn install
- name: 'Run verdaccio in the background'
run: |
nohup yarn node ./scripts/run-verdaccio.js &
yarn node ./scripts/run-verdaccio.js &
- name: 'Ping to verdaccio'
run: |
pnpm ping --registry http://localhost:4873

210
.pnp.cjs generated
View file

@ -68,17 +68,18 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
["@typescript-eslint/eslint-plugin", "virtual:7f7b3df50ee4b7b1719ad19fad11505dc2788f3227a7e5cc9ca19f71d8cb309c9d33b532ea2b2b60ab65abf6cc12153df4643c5e6e17d01ea0ae0492723bb4b4#npm:5.49.0"],\
["@typescript-eslint/parser", "virtual:7f7b3df50ee4b7b1719ad19fad11505dc2788f3227a7e5cc9ca19f71d8cb309c9d33b532ea2b2b60ab65abf6cc12153df4643c5e6e17d01ea0ae0492723bb4b4#npm:5.49.0"],\
["@verdaccio-scope/verdaccio-auth-foo", "npm:0.0.2"],\
["@verdaccio/config", "npm:6.0.0-6-next.62"],\
["@verdaccio/core", "npm:6.0.0-6-next.62"],\
["@verdaccio/config", "npm:6.0.0-6-next.63"],\
["@verdaccio/core", "npm:6.0.0-6-next.63"],\
["@verdaccio/local-storage", "npm:10.3.1"],\
["@verdaccio/logger-7", "npm:6.0.0-6-next.7"],\
["@verdaccio/middleware", "npm:6.0.0-6-next.41"],\
["@verdaccio/logger-7", "npm:6.0.0-6-next.8"],\
["@verdaccio/middleware", "npm:6.0.0-6-next.42"],\
["@verdaccio/signature", "npm:6.0.0-6-next.2"],\
["@verdaccio/streams", "npm:10.2.0"],\
["@verdaccio/tarball", "npm:11.0.0-6-next.31"],\
["@verdaccio/types", "npm:10.7.0"],\
["@verdaccio/ui-theme", "npm:6.0.0-6-next.62"],\
["@verdaccio/url", "npm:11.0.0-6-next.28"],\
["@verdaccio/utils", "npm:6.0.0-6-next.30"],\
["@verdaccio/tarball", "npm:11.0.0-6-next.32"],\
["@verdaccio/types", "npm:10.7.1"],\
["@verdaccio/ui-theme", "npm:6.0.0-6-next.63"],\
["@verdaccio/url", "npm:11.0.0-6-next.29"],\
["@verdaccio/utils", "npm:6.0.0-6-next.31"],\
["JSONStream", "npm:1.3.5"],\
["async", "npm:3.2.4"],\
["babel-eslint", "virtual:7f7b3df50ee4b7b1719ad19fad11505dc2788f3227a7e5cc9ca19f71d8cb309c9d33b532ea2b2b60ab65abf6cc12153df4643c5e6e17d01ea0ae0492723bb4b4#npm:10.1.0"],\
@ -138,7 +139,7 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
["ts-node", "virtual:7f7b3df50ee4b7b1719ad19fad11505dc2788f3227a7e5cc9ca19f71d8cb309c9d33b532ea2b2b60ab65abf6cc12153df4643c5e6e17d01ea0ae0492723bb4b4#npm:10.9.1"],\
["typescript", "patch:typescript@npm%3A4.1.3#~builtin<compat/typescript>::version=4.1.3&hash=4a8eb8"],\
["validator", "npm:13.9.0"],\
["verdaccio-audit", "npm:11.0.0-6-next.23"],\
["verdaccio-audit", "npm:11.0.0-6-next.26"],\
["verdaccio-auth-memory", "npm:10.2.0"],\
["verdaccio-htpasswd", "npm:10.5.2"],\
["verdaccio-memory", "npm:10.3.0"]\
@ -5021,26 +5022,12 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
}]\
]],\
["@verdaccio/config", [\
["npm:6.0.0-6-next.60", {\
"packageLocation": "./.yarn/cache/@verdaccio-config-npm-6.0.0-6-next.60-f4e4316ecc-93e7e22a65.zip/node_modules/@verdaccio/config/",\
["npm:6.0.0-6-next.63", {\
"packageLocation": "./.yarn/cache/@verdaccio-config-npm-6.0.0-6-next.63-d9081a2c96-e570992530.zip/node_modules/@verdaccio/config/",\
"packageDependencies": [\
["@verdaccio/config", "npm:6.0.0-6-next.60"],\
["@verdaccio/core", "npm:6.0.0-6-next.60"],\
["@verdaccio/utils", "npm:6.0.0-6-next.28"],\
["debug", "virtual:29474417206615456729b7a578bf418b358d5457cdcef4bbfee11068b4718e28ceca45b525022e3820e15bd79419301ec7f358c2f28eae1e78ba4bae24d15383#npm:4.3.4"],\
["lodash", "npm:4.17.21"],\
["minimatch", "npm:3.1.2"],\
["yaml", "npm:2.2.0"],\
["yup", "npm:0.32.11"]\
],\
"linkType": "HARD"\
}],\
["npm:6.0.0-6-next.62", {\
"packageLocation": "./.yarn/cache/@verdaccio-config-npm-6.0.0-6-next.62-fc647d6480-a1ec4bbe51.zip/node_modules/@verdaccio/config/",\
"packageDependencies": [\
["@verdaccio/config", "npm:6.0.0-6-next.62"],\
["@verdaccio/core", "npm:6.0.0-6-next.62"],\
["@verdaccio/utils", "npm:6.0.0-6-next.30"],\
["@verdaccio/config", "npm:6.0.0-6-next.63"],\
["@verdaccio/core", "npm:6.0.0-6-next.63"],\
["@verdaccio/utils", "npm:6.0.0-6-next.31"],\
["debug", "virtual:29474417206615456729b7a578bf418b358d5457cdcef4bbfee11068b4718e28ceca45b525022e3820e15bd79419301ec7f358c2f28eae1e78ba4bae24d15383#npm:4.3.4"],\
["js-yaml", "npm:4.1.0"],\
["lodash", "npm:4.17.21"],\
@ -5051,23 +5038,10 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
}]\
]],\
["@verdaccio/core", [\
["npm:6.0.0-6-next.60", {\
"packageLocation": "./.yarn/cache/@verdaccio-core-npm-6.0.0-6-next.60-2d2b64aa8a-059d6e906c.zip/node_modules/@verdaccio/core/",\
["npm:6.0.0-6-next.63", {\
"packageLocation": "./.yarn/cache/@verdaccio-core-npm-6.0.0-6-next.63-2e4bd5002d-5482de0363.zip/node_modules/@verdaccio/core/",\
"packageDependencies": [\
["@verdaccio/core", "npm:6.0.0-6-next.60"],\
["ajv", "npm:8.11.2"],\
["core-js", "npm:3.27.0"],\
["http-errors", "npm:1.8.1"],\
["http-status-codes", "npm:2.2.0"],\
["process-warning", "npm:1.0.0"],\
["semver", "npm:7.3.8"]\
],\
"linkType": "HARD"\
}],\
["npm:6.0.0-6-next.62", {\
"packageLocation": "./.yarn/cache/@verdaccio-core-npm-6.0.0-6-next.62-8bb88ecdeb-628c35522e.zip/node_modules/@verdaccio/core/",\
"packageDependencies": [\
["@verdaccio/core", "npm:6.0.0-6-next.62"],\
["@verdaccio/core", "npm:6.0.0-6-next.63"],\
["ajv", "npm:8.11.2"],\
["core-js", "npm:3.28.0"],\
["http-errors", "npm:1.8.1"],\
@ -5106,22 +5080,22 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
}]\
]],\
["@verdaccio/logger-7", [\
["npm:6.0.0-6-next.7", {\
"packageLocation": "./.yarn/cache/@verdaccio-logger-7-npm-6.0.0-6-next.7-dc72fe3cd6-9fea77a8af.zip/node_modules/@verdaccio/logger-7/",\
["npm:6.0.0-6-next.8", {\
"packageLocation": "./.yarn/cache/@verdaccio-logger-7-npm-6.0.0-6-next.8-e3eb29a637-dad4916287.zip/node_modules/@verdaccio/logger-7/",\
"packageDependencies": [\
["@verdaccio/logger-7", "npm:6.0.0-6-next.7"],\
["@verdaccio/logger-commons", "npm:6.0.0-6-next.30"],\
["@verdaccio/logger-7", "npm:6.0.0-6-next.8"],\
["@verdaccio/logger-commons", "npm:6.0.0-6-next.31"],\
["pino", "npm:7.11.0"]\
],\
"linkType": "HARD"\
}]\
]],\
["@verdaccio/logger-commons", [\
["npm:6.0.0-6-next.30", {\
"packageLocation": "./.yarn/cache/@verdaccio-logger-commons-npm-6.0.0-6-next.30-a6fa1d55b3-b8593c1807.zip/node_modules/@verdaccio/logger-commons/",\
["npm:6.0.0-6-next.31", {\
"packageLocation": "./.yarn/cache/@verdaccio-logger-commons-npm-6.0.0-6-next.31-d40fe77eab-e2a9276d7f.zip/node_modules/@verdaccio/logger-commons/",\
"packageDependencies": [\
["@verdaccio/logger-commons", "npm:6.0.0-6-next.30"],\
["@verdaccio/core", "npm:6.0.0-6-next.62"],\
["@verdaccio/logger-commons", "npm:6.0.0-6-next.31"],\
["@verdaccio/core", "npm:6.0.0-6-next.63"],\
["@verdaccio/logger-prettify", "npm:6.0.0-6-next.9"],\
["colorette", "npm:2.0.19"],\
["debug", "virtual:29474417206615456729b7a578bf418b358d5457cdcef4bbfee11068b4718e28ceca45b525022e3820e15bd79419301ec7f358c2f28eae1e78ba4bae24d15383#npm:4.3.4"]\
@ -5144,14 +5118,14 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
}]\
]],\
["@verdaccio/middleware", [\
["npm:6.0.0-6-next.41", {\
"packageLocation": "./.yarn/cache/@verdaccio-middleware-npm-6.0.0-6-next.41-12c04e10d7-ea2b10eba5.zip/node_modules/@verdaccio/middleware/",\
["npm:6.0.0-6-next.42", {\
"packageLocation": "./.yarn/cache/@verdaccio-middleware-npm-6.0.0-6-next.42-b919b3b771-6ee70fa2bb.zip/node_modules/@verdaccio/middleware/",\
"packageDependencies": [\
["@verdaccio/middleware", "npm:6.0.0-6-next.41"],\
["@verdaccio/config", "npm:6.0.0-6-next.62"],\
["@verdaccio/core", "npm:6.0.0-6-next.62"],\
["@verdaccio/url", "npm:11.0.0-6-next.28"],\
["@verdaccio/utils", "npm:6.0.0-6-next.30"],\
["@verdaccio/middleware", "npm:6.0.0-6-next.42"],\
["@verdaccio/config", "npm:6.0.0-6-next.63"],\
["@verdaccio/core", "npm:6.0.0-6-next.63"],\
["@verdaccio/url", "npm:11.0.0-6-next.29"],\
["@verdaccio/utils", "npm:6.0.0-6-next.31"],\
["debug", "virtual:29474417206615456729b7a578bf418b358d5457cdcef4bbfee11068b4718e28ceca45b525022e3820e15bd79419301ec7f358c2f28eae1e78ba4bae24d15383#npm:4.3.4"],\
["express", "npm:4.18.2"],\
["express-rate-limit", "npm:5.5.1"],\
@ -5162,6 +5136,18 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
"linkType": "HARD"\
}]\
]],\
["@verdaccio/signature", [\
["npm:6.0.0-6-next.2", {\
"packageLocation": "./.yarn/cache/@verdaccio-signature-npm-6.0.0-6-next.2-84876e53f2-6e5331ee23.zip/node_modules/@verdaccio/signature/",\
"packageDependencies": [\
["@verdaccio/signature", "npm:6.0.0-6-next.2"],\
["debug", "virtual:29474417206615456729b7a578bf418b358d5457cdcef4bbfee11068b4718e28ceca45b525022e3820e15bd79419301ec7f358c2f28eae1e78ba4bae24d15383#npm:4.3.4"],\
["jsonwebtoken", "npm:9.0.0"],\
["lodash", "npm:4.17.21"]\
],\
"linkType": "HARD"\
}]\
]],\
["@verdaccio/streams", [\
["npm:10.2.0", {\
"packageLocation": "./.yarn/cache/@verdaccio-streams-npm-10.2.0-81db112291-2c5fd4953f.zip/node_modules/@verdaccio/streams/",\
@ -5172,13 +5158,13 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
}]\
]],\
["@verdaccio/tarball", [\
["npm:11.0.0-6-next.31", {\
"packageLocation": "./.yarn/cache/@verdaccio-tarball-npm-11.0.0-6-next.31-a5745d9f4d-f4f8006c6a.zip/node_modules/@verdaccio/tarball/",\
["npm:11.0.0-6-next.32", {\
"packageLocation": "./.yarn/cache/@verdaccio-tarball-npm-11.0.0-6-next.32-0e4e9c55a3-6d99a03e8e.zip/node_modules/@verdaccio/tarball/",\
"packageDependencies": [\
["@verdaccio/tarball", "npm:11.0.0-6-next.31"],\
["@verdaccio/core", "npm:6.0.0-6-next.62"],\
["@verdaccio/url", "npm:11.0.0-6-next.28"],\
["@verdaccio/utils", "npm:6.0.0-6-next.30"],\
["@verdaccio/tarball", "npm:11.0.0-6-next.32"],\
["@verdaccio/core", "npm:6.0.0-6-next.63"],\
["@verdaccio/url", "npm:11.0.0-6-next.29"],\
["@verdaccio/utils", "npm:6.0.0-6-next.31"],\
["debug", "virtual:29474417206615456729b7a578bf418b358d5457cdcef4bbfee11068b4718e28ceca45b525022e3820e15bd79419301ec7f358c2f28eae1e78ba4bae24d15383#npm:4.3.4"],\
["lodash", "npm:4.17.21"]\
],\
@ -5186,29 +5172,29 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
}]\
]],\
["@verdaccio/types", [\
["npm:10.7.0", {\
"packageLocation": "./.yarn/cache/@verdaccio-types-npm-10.7.0-28c6045ab8-1439a0f6df.zip/node_modules/@verdaccio/types/",\
["npm:10.7.1", {\
"packageLocation": "./.yarn/cache/@verdaccio-types-npm-10.7.1-3c42d169da-086ef79ef1.zip/node_modules/@verdaccio/types/",\
"packageDependencies": [\
["@verdaccio/types", "npm:10.7.0"]\
["@verdaccio/types", "npm:10.7.1"]\
],\
"linkType": "HARD"\
}]\
]],\
["@verdaccio/ui-theme", [\
["npm:6.0.0-6-next.62", {\
"packageLocation": "./.yarn/cache/@verdaccio-ui-theme-npm-6.0.0-6-next.62-99b4445697-1a404d0f1d.zip/node_modules/@verdaccio/ui-theme/",\
["npm:6.0.0-6-next.63", {\
"packageLocation": "./.yarn/cache/@verdaccio-ui-theme-npm-6.0.0-6-next.63-0be4db2b6b-f22d063917.zip/node_modules/@verdaccio/ui-theme/",\
"packageDependencies": [\
["@verdaccio/ui-theme", "npm:6.0.0-6-next.62"]\
["@verdaccio/ui-theme", "npm:6.0.0-6-next.63"]\
],\
"linkType": "HARD"\
}]\
]],\
["@verdaccio/url", [\
["npm:11.0.0-6-next.28", {\
"packageLocation": "./.yarn/cache/@verdaccio-url-npm-11.0.0-6-next.28-da47c91476-0d36abf9ec.zip/node_modules/@verdaccio/url/",\
["npm:11.0.0-6-next.29", {\
"packageLocation": "./.yarn/cache/@verdaccio-url-npm-11.0.0-6-next.29-aec2138405-9a8e33a242.zip/node_modules/@verdaccio/url/",\
"packageDependencies": [\
["@verdaccio/url", "npm:11.0.0-6-next.28"],\
["@verdaccio/core", "npm:6.0.0-6-next.62"],\
["@verdaccio/url", "npm:11.0.0-6-next.29"],\
["@verdaccio/core", "npm:6.0.0-6-next.63"],\
["debug", "virtual:29474417206615456729b7a578bf418b358d5457cdcef4bbfee11068b4718e28ceca45b525022e3820e15bd79419301ec7f358c2f28eae1e78ba4bae24d15383#npm:4.3.4"],\
["lodash", "npm:4.17.21"],\
["validator", "npm:13.9.0"]\
@ -5217,22 +5203,11 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
}]\
]],\
["@verdaccio/utils", [\
["npm:6.0.0-6-next.28", {\
"packageLocation": "./.yarn/cache/@verdaccio-utils-npm-6.0.0-6-next.28-c868bd3942-cea635e77c.zip/node_modules/@verdaccio/utils/",\
["npm:6.0.0-6-next.31", {\
"packageLocation": "./.yarn/cache/@verdaccio-utils-npm-6.0.0-6-next.31-999a173ba7-d6c849c845.zip/node_modules/@verdaccio/utils/",\
"packageDependencies": [\
["@verdaccio/utils", "npm:6.0.0-6-next.28"],\
["@verdaccio/core", "npm:6.0.0-6-next.60"],\
["lodash", "npm:4.17.21"],\
["minimatch", "npm:3.1.2"],\
["semver", "npm:7.3.8"]\
],\
"linkType": "HARD"\
}],\
["npm:6.0.0-6-next.30", {\
"packageLocation": "./.yarn/cache/@verdaccio-utils-npm-6.0.0-6-next.30-aa2bec63b0-aebc1d581b.zip/node_modules/@verdaccio/utils/",\
"packageDependencies": [\
["@verdaccio/utils", "npm:6.0.0-6-next.30"],\
["@verdaccio/core", "npm:6.0.0-6-next.62"],\
["@verdaccio/utils", "npm:6.0.0-6-next.31"],\
["@verdaccio/core", "npm:6.0.0-6-next.63"],\
["lodash", "npm:4.17.21"],\
["minimatch", "npm:3.1.2"],\
["semver", "npm:7.3.8"]\
@ -6951,13 +6926,6 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
],\
"linkType": "HARD"\
}],\
["npm:3.27.0", {\
"packageLocation": "./.yarn/unplugged/core-js-npm-3.27.0-a4e072d590/node_modules/core-js/",\
"packageDependencies": [\
["core-js", "npm:3.27.0"]\
],\
"linkType": "HARD"\
}],\
["npm:3.27.2", {\
"packageLocation": "./.yarn/unplugged/core-js-npm-3.27.2-99146711a6/node_modules/core-js/",\
"packageDependencies": [\
@ -11499,10 +11467,10 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
],\
"linkType": "HARD"\
}],\
["virtual:3db624596952c54d0f43797faed029b18df0dd118eb6a3a2066ab16f59a3ad611e6d68074f022a94e833bcb6b0bb398b6cfd64ea470afea866b835f8060967c3#npm:2.6.7", {\
"packageLocation": "./.yarn/__virtual__/node-fetch-virtual-c106191fe7/0/cache/node-fetch-npm-2.6.7-777aa2a6df-8d816ffd1e.zip/node_modules/node-fetch/",\
["virtual:ba5481a20e14b5defa2f3db22489403a4de9f5b4645871e0be81fb7e8290e7bf5d80c3d6f6435f950cd1eeae681924df27f429454447130d590f84ee64a21788#npm:2.6.7", {\
"packageLocation": "./.yarn/__virtual__/node-fetch-virtual-53e851eaf1/0/cache/node-fetch-npm-2.6.7-777aa2a6df-8d816ffd1e.zip/node_modules/node-fetch/",\
"packageDependencies": [\
["node-fetch", "virtual:3db624596952c54d0f43797faed029b18df0dd118eb6a3a2066ab16f59a3ad611e6d68074f022a94e833bcb6b0bb398b6cfd64ea470afea866b835f8060967c3#npm:2.6.7"],\
["node-fetch", "virtual:ba5481a20e14b5defa2f3db22489403a4de9f5b4645871e0be81fb7e8290e7bf5d80c3d6f6435f950cd1eeae681924df27f429454447130d590f84ee64a21788#npm:2.6.7"],\
["@types/encoding", null],\
["encoding", null],\
["whatwg-url", "npm:5.0.0"]\
@ -14262,17 +14230,18 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
["@typescript-eslint/eslint-plugin", "virtual:7f7b3df50ee4b7b1719ad19fad11505dc2788f3227a7e5cc9ca19f71d8cb309c9d33b532ea2b2b60ab65abf6cc12153df4643c5e6e17d01ea0ae0492723bb4b4#npm:5.49.0"],\
["@typescript-eslint/parser", "virtual:7f7b3df50ee4b7b1719ad19fad11505dc2788f3227a7e5cc9ca19f71d8cb309c9d33b532ea2b2b60ab65abf6cc12153df4643c5e6e17d01ea0ae0492723bb4b4#npm:5.49.0"],\
["@verdaccio-scope/verdaccio-auth-foo", "npm:0.0.2"],\
["@verdaccio/config", "npm:6.0.0-6-next.62"],\
["@verdaccio/core", "npm:6.0.0-6-next.62"],\
["@verdaccio/config", "npm:6.0.0-6-next.63"],\
["@verdaccio/core", "npm:6.0.0-6-next.63"],\
["@verdaccio/local-storage", "npm:10.3.1"],\
["@verdaccio/logger-7", "npm:6.0.0-6-next.7"],\
["@verdaccio/middleware", "npm:6.0.0-6-next.41"],\
["@verdaccio/logger-7", "npm:6.0.0-6-next.8"],\
["@verdaccio/middleware", "npm:6.0.0-6-next.42"],\
["@verdaccio/signature", "npm:6.0.0-6-next.2"],\
["@verdaccio/streams", "npm:10.2.0"],\
["@verdaccio/tarball", "npm:11.0.0-6-next.31"],\
["@verdaccio/types", "npm:10.7.0"],\
["@verdaccio/ui-theme", "npm:6.0.0-6-next.62"],\
["@verdaccio/url", "npm:11.0.0-6-next.28"],\
["@verdaccio/utils", "npm:6.0.0-6-next.30"],\
["@verdaccio/tarball", "npm:11.0.0-6-next.32"],\
["@verdaccio/types", "npm:10.7.1"],\
["@verdaccio/ui-theme", "npm:6.0.0-6-next.63"],\
["@verdaccio/url", "npm:11.0.0-6-next.29"],\
["@verdaccio/utils", "npm:6.0.0-6-next.31"],\
["JSONStream", "npm:1.3.5"],\
["async", "npm:3.2.4"],\
["babel-eslint", "virtual:7f7b3df50ee4b7b1719ad19fad11505dc2788f3227a7e5cc9ca19f71d8cb309c9d33b532ea2b2b60ab65abf6cc12153df4643c5e6e17d01ea0ae0492723bb4b4#npm:10.1.0"],\
@ -14332,7 +14301,7 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
["ts-node", "virtual:7f7b3df50ee4b7b1719ad19fad11505dc2788f3227a7e5cc9ca19f71d8cb309c9d33b532ea2b2b60ab65abf6cc12153df4643c5e6e17d01ea0ae0492723bb4b4#npm:10.9.1"],\
["typescript", "patch:typescript@npm%3A4.1.3#~builtin<compat/typescript>::version=4.1.3&hash=4a8eb8"],\
["validator", "npm:13.9.0"],\
["verdaccio-audit", "npm:11.0.0-6-next.23"],\
["verdaccio-audit", "npm:11.0.0-6-next.26"],\
["verdaccio-auth-memory", "npm:10.2.0"],\
["verdaccio-htpasswd", "npm:10.5.2"],\
["verdaccio-memory", "npm:10.3.0"]\
@ -14341,15 +14310,15 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
}]\
]],\
["verdaccio-audit", [\
["npm:11.0.0-6-next.23", {\
"packageLocation": "./.yarn/cache/verdaccio-audit-npm-11.0.0-6-next.23-3db6245969-3c07ee4aaf.zip/node_modules/verdaccio-audit/",\
["npm:11.0.0-6-next.26", {\
"packageLocation": "./.yarn/cache/verdaccio-audit-npm-11.0.0-6-next.26-ba5481a20e-426067a7a7.zip/node_modules/verdaccio-audit/",\
"packageDependencies": [\
["verdaccio-audit", "npm:11.0.0-6-next.23"],\
["@verdaccio/config", "npm:6.0.0-6-next.60"],\
["@verdaccio/core", "npm:6.0.0-6-next.60"],\
["verdaccio-audit", "npm:11.0.0-6-next.26"],\
["@verdaccio/config", "npm:6.0.0-6-next.63"],\
["@verdaccio/core", "npm:6.0.0-6-next.63"],\
["express", "npm:4.18.2"],\
["https-proxy-agent", "npm:5.0.1"],\
["node-fetch", "virtual:3db624596952c54d0f43797faed029b18df0dd118eb6a3a2066ab16f59a3ad611e6d68074f022a94e833bcb6b0bb398b6cfd64ea470afea866b835f8060967c3#npm:2.6.7"]\
["node-fetch", "virtual:ba5481a20e14b5defa2f3db22489403a4de9f5b4645871e0be81fb7e8290e7bf5d80c3d6f6435f950cd1eeae681924df27f429454447130d590f84ee64a21788#npm:2.6.7"]\
],\
"linkType": "HARD"\
}]\
@ -14608,13 +14577,6 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
["yaml", "npm:1.10.2"]\
],\
"linkType": "HARD"\
}],\
["npm:2.2.0", {\
"packageLocation": "./.yarn/cache/yaml-npm-2.2.0-98687baef3-6c89da40c3.zip/node_modules/yaml/",\
"packageDependencies": [\
["yaml", "npm:2.2.0"]\
],\
"linkType": "HARD"\
}]\
]],\
["yargs", [\

BIN
.yarn/cache/@verdaccio-config-npm-6.0.0-6-next.60-f4e4316ecc-93e7e22a65.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-config-npm-6.0.0-6-next.62-fc647d6480-a1ec4bbe51.zip → .yarn/cache/@verdaccio-config-npm-6.0.0-6-next.63-d9081a2c96-e570992530.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-core-npm-6.0.0-6-next.60-2d2b64aa8a-059d6e906c.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-core-npm-6.0.0-6-next.62-8bb88ecdeb-628c35522e.zip → .yarn/cache/@verdaccio-core-npm-6.0.0-6-next.63-2e4bd5002d-5482de0363.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-logger-7-npm-6.0.0-6-next.7-dc72fe3cd6-9fea77a8af.zip → .yarn/cache/@verdaccio-logger-7-npm-6.0.0-6-next.8-e3eb29a637-dad4916287.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-logger-commons-npm-6.0.0-6-next.30-a6fa1d55b3-b8593c1807.zip → .yarn/cache/@verdaccio-logger-commons-npm-6.0.0-6-next.31-d40fe77eab-e2a9276d7f.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-middleware-npm-6.0.0-6-next.41-12c04e10d7-ea2b10eba5.zip → .yarn/cache/@verdaccio-middleware-npm-6.0.0-6-next.42-b919b3b771-6ee70fa2bb.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-signature-npm-6.0.0-6-next.2-84876e53f2-6e5331ee23.zip vendored Normal file
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-tarball-npm-11.0.0-6-next.31-a5745d9f4d-f4f8006c6a.zip → .yarn/cache/@verdaccio-tarball-npm-11.0.0-6-next.32-0e4e9c55a3-6d99a03e8e.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-types-npm-10.7.0-28c6045ab8-1439a0f6df.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-types-npm-10.7.1-3c42d169da-086ef79ef1.zip vendored Normal file
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-ui-theme-npm-6.0.0-6-next.62-99b4445697-1a404d0f1d.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-ui-theme-npm-6.0.0-6-next.63-0be4db2b6b-f22d063917.zip vendored Normal file
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-url-npm-11.0.0-6-next.28-da47c91476-0d36abf9ec.zip → .yarn/cache/@verdaccio-url-npm-11.0.0-6-next.29-aec2138405-9a8e33a242.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-utils-npm-6.0.0-6-next.28-c868bd3942-cea635e77c.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/@verdaccio-utils-npm-6.0.0-6-next.30-aa2bec63b0-aebc1d581b.zip → .yarn/cache/@verdaccio-utils-npm-6.0.0-6-next.31-999a173ba7-d6c849c845.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/core-js-npm-3.27.0-a4e072d590-14bf6772e1.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/verdaccio-audit-npm-11.0.0-6-next.23-3db6245969-3c07ee4aaf.zip → .yarn/cache/verdaccio-audit-npm-11.0.0-6-next.26-ba5481a20e-426067a7a7.zip vendored
View file

Binary file not shown.

BIN
.yarn/cache/yaml-npm-2.2.0-98687baef3-6c89da40c3.zip vendored
View file

Binary file not shown.

28
package.json
View file

@ -19,16 +19,17 @@
"url": "https://opencollective.com/verdaccio"
},
"dependencies": {
"@verdaccio/config": "6.0.0-6-next.62",
"@verdaccio/core": "6.0.0-6-next.62",
"@verdaccio/config": "6.0.0-6-next.63",
"@verdaccio/core": "6.0.0-6-next.63",
"@verdaccio/local-storage": "10.3.1",
"@verdaccio/logger-7": "6.0.0-6-next.7",
"@verdaccio/middleware": "6.0.0-6-next.41",
"@verdaccio/logger-7": "6.0.0-6-next.8",
"@verdaccio/middleware": "6.0.0-6-next.42",
"@verdaccio/signature": "6.0.0-6-next.2",
"@verdaccio/streams": "10.2.0",
"@verdaccio/tarball": "11.0.0-6-next.31",
"@verdaccio/ui-theme": "6.0.0-6-next.62",
"@verdaccio/url": "11.0.0-6-next.28",
"@verdaccio/utils": "6.0.0-6-next.30",
"@verdaccio/tarball": "11.0.0-6-next.32",
"@verdaccio/ui-theme": "6.0.0-6-next.63",
"@verdaccio/url": "11.0.0-6-next.29",
"@verdaccio/utils": "6.0.0-6-next.31",
"JSONStream": "1.3.5",
"async": "3.2.4",
"body-parser": "1.20.2",
@ -55,7 +56,7 @@
"request": "2.88.2",
"semver": "7.3.8",
"validator": "13.9.0",
"verdaccio-audit": "11.0.0-6-next.23",
"verdaccio-audit": "11.0.0-6-next.26",
"verdaccio-htpasswd": "10.5.2"
},
"devDependencies": {
@ -99,7 +100,7 @@
"@typescript-eslint/eslint-plugin": "5.49.0",
"@typescript-eslint/parser": "5.49.0",
"@verdaccio-scope/verdaccio-auth-foo": "0.0.2",
"@verdaccio/types": "10.7.0",
"@verdaccio/types": "10.7.1",
"babel-eslint": "10.1.0",
"babel-jest": "29.4.1",
"babel-plugin-dynamic-import-node": "2.3.3",
@ -191,5 +192,10 @@
"url": "https://opencollective.com/verdaccio",
"logo": "https://opencollective.com/verdaccio/logo.txt"
},
"packageManager": "yarn@3.3.1"
"packageManager": "yarn@3.3.1",
"dependenciesMeta": {
"@verdaccio/logger-7@6.0.0-6-next.7": {
"unplugged": true
}
}
}

2
src/api/web/api/package.ts
View file

@ -136,8 +136,6 @@ function addPackageWebApi(storage: IStorageHandler, auth: IAuth, config: Config)
}
res.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.TEXT_PLAIN);
const referer = req.get('Referer');
const pathname = referer ? new URL(referer).pathname : undefined;
next(parseReadme(info.name, info.readme));
},
});

8
src/lib/auth-utils.ts
View file

@ -1,6 +1,7 @@
import buildDebug from 'debug';
import _ from 'lodash';
import { aesDecryptDeprecated as aesDecrypt, verifyPayload } from '@verdaccio/signature';
import {
APITokenOptions,
Callback,
@ -29,7 +30,6 @@ import {
TOKEN_BASIC,
TOKEN_BEARER,
} from './constants';
import { aesDecrypt, verifyPayload } from './crypto-utils';
import { logger } from './logger';
import { ErrorCode, convertPayloadToBase64 } from './utils';
@ -156,12 +156,6 @@ const defaultApiTokenConf: APITokenOptions = {
legacy: true,
};
// we limit max 1000 request per 15 minutes on user endpoints
export const defaultUserRateLimiting = {
windowMs: 15 * 60 * 1000, // 15 minutes
max: 1000,
};
export const defaultSecurity: Security = {
web: defaultWebTokenOptions,
api: defaultApiTokenConf,

2
src/lib/auth.ts
View file

@ -2,6 +2,7 @@ import buildDebug from 'debug';
import { NextFunction } from 'express';
import _ from 'lodash';
import { aesEncryptDeprecated as aesEncrypt, signPayload } from '@verdaccio/signature';
import {
AllowAccess,
AuthPluginPackage,
@ -31,7 +32,6 @@ import {
verifyJWTPayload,
} from './auth-utils';
import { API_ERROR, SUPPORT_ERRORS, TOKEN_BASIC, TOKEN_BEARER } from './constants';
import { aesEncrypt, signPayload } from './crypto-utils';
import { logger } from './logger';
import { ErrorCode, convertPayloadToBase64 } from './utils';

3
src/lib/cli.ts
View file

@ -9,12 +9,11 @@ if (process.getuid && process.getuid() === 0) {
// eslint-disable-next-line import/order
const logger = require('./logger');
logger.setup(null, { logStart: false }); // default setup
require('./cli/cli');
process.on('uncaughtException', function (err) {
logger.logger.fatal(
logger?.logger?.fatal(
{
err: err,
},

10
src/lib/cli/commands/init.ts
View file

@ -53,7 +53,7 @@ export class InitCommand extends Command {
let configPathLocation;
try {
configPathLocation = findConfigFile(this.config as string);
const verdaccioConfiguration = parseConfigFile(configPathLocation);
const verdaccioConfiguration: ReturnType<any> = parseConfigFile(configPathLocation);
if (!verdaccioConfiguration.self_path) {
verdaccioConfiguration.self_path = path.resolve(configPathLocation);
}
@ -61,7 +61,6 @@ export class InitCommand extends Command {
verdaccioConfiguration.https = { enable: false };
}
logger.logger.warn({ file: configPathLocation }, 'config file - @{file}');
process.title =
(verdaccioConfiguration.web && verdaccioConfiguration.web.title) || 'verdaccio';
@ -73,11 +72,10 @@ export class InitCommand extends Command {
pkgName,
listenDefaultCallback
);
logger.logger.info({ file: configPathLocation }, 'config file - @{file}');
} catch (err) {
logger.logger.fatal(
{ file: configPathLocation, err: err },
'cannot open config file @{file}: @{!err.message}'
);
// eslint-disable-next-line no-console
console.error(`cannot open config file ${configPathLocation}: ${!err.message}`);
process.exit(1);
}
}

2
src/lib/config-path.ts
View file

@ -4,7 +4,6 @@ import _ from 'lodash';
import mkdirp from 'mkdirp';
import Path from 'path';
import { logger } from './logger';
import { fileExists, folderExists } from './utils';
const debug = buildDebug('verdaccio:config');
@ -63,7 +62,6 @@ function readDefaultConfig(): string {
function createConfigFolder(configLocation): void {
mkdirp.sync(Path.dirname(configLocation.path));
logger.info({ file: configLocation.path }, 'Creating default config file in @{file}');
}
function updateStorageLinks(configLocation, defaultConfig): string {

33
src/lib/config-utils.ts
View file

@ -42,25 +42,6 @@ export function normalizeUserList(oldFormat: any, newFormat: any): any {
return _.flatten(result);
}
export function uplinkSanityCheck(
uplinks: UpLinksConfList,
users: any = BLACKLIST
): UpLinksConfList {
const newUplinks = _.clone(uplinks);
let newUsers = _.clone(users);
for (const uplink in newUplinks) {
if (Object.prototype.hasOwnProperty.call(newUplinks, uplink)) {
if (_.isNil(newUplinks[uplink].cache)) {
newUplinks[uplink].cache = true;
}
newUsers = sanityCheckNames(uplink, newUsers);
}
}
return newUplinks;
}
export function sanityCheckNames(item: string, users: any): any {
assert(
item !== 'all' &&
@ -77,20 +58,6 @@ export function sanityCheckNames(item: string, users: any): any {
return users;
}
export function sanityCheckUplinksProps(configUpLinks: UpLinksConfList): UpLinksConfList {
const uplinks = _.clone(configUpLinks);
for (const uplink in uplinks) {
if (Object.prototype.hasOwnProperty.call(uplinks, uplink)) {
assert(uplinks[uplink].url, 'CONFIG: no url for uplink: ' + uplink);
assert(_.isString(uplinks[uplink].url), 'CONFIG: wrong url format for uplink: ' + uplink);
uplinks[uplink].url = uplinks[uplink].url.replace(/\/$/, '');
}
}
return uplinks;
}
/**
* Check whether an uplink can proxy
*/

113
src/lib/config.ts
View file

@ -1,113 +1,12 @@
import assert from 'assert';
// import assert from 'assert';
import _ from 'lodash';
import { getUserAgent } from '@verdaccio/config';
import { Config as AppConfig, Logger, PackageList, RateLimit, Security } from '@verdaccio/types';
import { generateRandomHexString, getMatchedPackagesSpec } from '@verdaccio/utils';
import { Config as ConfigCore } from '@verdaccio/config';
import { MatchedPackage, StartUpConfig } from '../types';
import { defaultUserRateLimiting } from './auth-utils';
import { normalisePackageAccess, sanityCheckUplinksProps, uplinkSanityCheck } from './config-utils';
import { APP_ERROR } from './constants';
import { isObject } from './utils';
const LoggerApi = require('./logger');
const strategicConfigProps = ['uplinks', 'packages'];
const allowedEnvConfig = ['http_proxy', 'https_proxy', 'no_proxy'];
/**
* Coordinates the application configuration
*/
class Config implements AppConfig {
public logger: Logger;
// @ts-ignore
public user_agent: boolean | string;
// @ts-ignore
public secret: string;
public uplinks: any;
public packages: PackageList;
public users: any;
public userRateLimit: RateLimit;
public server_id: string;
public self_path: string;
public storage: string | void;
public plugins: string | void;
// @ts-ignore
public security: Security;
public constructor(config: StartUpConfig) {
const self = this;
this.logger = LoggerApi.logger;
this.self_path = config.self_path;
this.storage = process.env.VERDACCIO_STORAGE_PATH || config.storage;
this.plugins = config.plugins;
for (const configProp in config) {
if (self[configProp] == null) {
self[configProp] = config[configProp];
}
}
if (config?.user_agent) {
this.user_agent = getUserAgent(config?.user_agent);
}
this.userRateLimit = { ...defaultUserRateLimiting, ...config?.userRateLimit };
// some weird shell scripts are valid yaml files parsed as string
assert(_.isObject(config), APP_ERROR.CONFIG_NOT_VALID);
// sanity check for strategic config properties
strategicConfigProps.forEach(function (x): void {
if (self[x] == null) {
self[x] = {};
}
assert(isObject(self[x]), `CONFIG: bad "${x}" value (object expected)`);
});
this.uplinks = sanityCheckUplinksProps(uplinkSanityCheck(this.uplinks));
if (_.isNil(this.users) === false) {
this.logger.warn(`[users]: property on configuration file
is not longer supported, property being ignored`);
}
this.packages = normalisePackageAccess(self.packages);
// loading these from ENV if aren't in config
allowedEnvConfig.forEach((envConf): void => {
if (!(envConf in self)) {
self[envConf] = process.env[envConf] || process.env[envConf.toUpperCase()];
}
});
// unique identifier of self server (or a cluster), used to avoid loops
// @ts-ignore
if (!this.server_id) {
this.server_id = generateRandomHexString(6);
}
}
/**
* Check for package spec
*/
public getMatchedPackagesSpec(pkgName: string): MatchedPackage {
return getMatchedPackagesSpec(pkgName, this.packages);
}
/**
* Store or create whether receive a secret key
*/
public checkSecretKey(secret: string): string {
if (_.isString(secret) && _.isEmpty(secret) === false) {
this.secret = secret;
return secret;
}
// it generates a secret key
// FUTURE: this might be an external secret key, perhaps within config file?
this.secret = generateRandomHexString(32);
return this.secret;
class Config extends ConfigCore {
public constructor(config: any) {
config.configPath = config.self_path;
super(config, { forceEnhancedLegacySignature: false });
}
}

53
src/lib/crypto-utils.ts
View file

@ -1,53 +0,0 @@
import { Hash, createCipher, createDecipher, createHash, pseudoRandomBytes } from 'crypto';
import jwt from 'jsonwebtoken';
import { JWTSignOptions, RemoteUser } from '@verdaccio/types';
export const defaultAlgorithm = 'aes192';
export const defaultTarballHashAlgorithm = 'sha1';
export function aesEncrypt(buf: Buffer, secret: string): Buffer {
// deprecated (it will be migrated in Verdaccio 5), it is a breaking change
// https://nodejs.org/api/crypto.html#crypto_crypto_createcipher_algorithm_password_options
// https://www.grainger.xyz/changing-from-cipher-to-cipheriv/
const c = createCipher(defaultAlgorithm, secret);
const b1 = c.update(buf);
const b2 = c.final();
return Buffer.concat([b1, b2]);
}
export function aesDecrypt(buf: Buffer, secret: string): Buffer {
try {
// deprecated (it will be migrated in Verdaccio 5), it is a breaking change
// https://nodejs.org/api/crypto.html#crypto_crypto_createdecipher_algorithm_password_options
// https://www.grainger.xyz/changing-from-cipher-to-cipheriv/
const c = createDecipher(defaultAlgorithm, secret);
const b1 = c.update(buf);
const b2 = c.final();
return Buffer.concat([b1, b2]);
} catch (_) {
return Buffer.alloc(0);
}
}
export async function signPayload(
payload: RemoteUser,
secretOrPrivateKey: string,
options: JWTSignOptions
): Promise<string> {
return new Promise(function (resolve, reject): Promise<string> {
return jwt.sign(
payload,
secretOrPrivateKey,
{
notBefore: '1', // Make sure the time will not rollback :)
...options,
},
(error, token) => (error ? reject(error) : resolve(token))
);
});
}
export function verifyPayload(token: string, secretOrPrivateKey: string): RemoteUser {
return jwt.verify(token, secretOrPrivateKey);
}

4
src/lib/run-server.ts
View file

@ -52,10 +52,10 @@ export function displayExperimentsInfoBox(flags) {
* @param config
*/
export async function runServer(config?: string): Promise<any> {
let configurationParsed: ConfigRuntime;
let configurationParsed: ReturnType<any>;
if (config === undefined || typeof config === 'string') {
const configPathLocation = findConfigFile(config);
configurationParsed = parseConfigFile(configPathLocation) as ConfigRuntime;
configurationParsed = parseConfigFile(configPathLocation);
if (!configurationParsed.self_path) {
configurationParsed.self_path = path.resolve(configPathLocation);
}

23
src/lib/utils.ts
View file

@ -7,6 +7,7 @@ import semver from 'semver';
import { URL } from 'url';
import validator from 'validator';
import { parseConfigFile } from '@verdaccio/config';
// eslint-disable-next-line max-len
import { errorUtils, validatioUtils } from '@verdaccio/core';
import { StringValue } from '@verdaccio/types';
@ -20,7 +21,6 @@ import {
import { AuthorAvatar } from '../types';
import {
APP_ERROR,
DEFAULT_DOMAIN,
DEFAULT_PORT,
DEFAULT_PROTOCOL,
@ -40,7 +40,6 @@ const {
getServiceUnavailable,
getUnauthorized,
} = errorUtils;
const debug = buildDebug('verdaccio');
const validProtocols = ['https', 'http'];
export function convertPayloadToBase64(payload: string): Buffer {
return Buffer.from(payload, 'base64');
@ -243,23 +242,6 @@ export const ErrorCode = {
getCode,
};
export function parseConfigFile(configPath: string): any {
try {
if (/\.ya?ml$/i.test(configPath)) {
return YAML.load(fs.readFileSync(configPath, 'utf-8'));
}
debug('yaml parsed');
return require(configPath);
} catch (e) {
debug('yaml parse failed');
if (e.code !== 'MODULE_NOT_FOUND') {
e.message = APP_ERROR.CONFIG_NOT_VALID;
}
throw new Error(e);
}
}
/**
* Check whether the path already exist.
* @param {String} path
@ -365,6 +347,7 @@ export function addGravatarSupport(pkgInfo: Package, online = true): AuthorAvata
* @return {String} converted html template
*/
// TODO: rename, does not parse anymore
export function parseReadme(packageName: string, readme: string): string | void {
if (_.isEmpty(readme) === false) {
return readme;
@ -492,4 +475,4 @@ export function hasLogin(config: Config) {
return _.isNil(config?.web?.login) || config?.web?.login === true;
}
export { buildTokenUtil as buildToken };
export { buildTokenUtil as buildToken, parseConfigFile };

8
src/types/index.ts
View file

@ -29,14 +29,6 @@ import {
export type StringValue = verdaccio$StringValue;
export interface StartUpConfig {
storage: string;
plugins?: string;
self_path: string;
user_agent?: boolean;
userRateLimit?: RateLimit;
}
// legacy should be removed in long term
export interface LegacyPackageList {

8
src/utils/string.ts
View file

@ -1,11 +1,3 @@
// @flow
export function spliceURL(...args: string[]): string {
return Array.from(args)
.reduce((lastResult, current) => lastResult + current)
.replace(/([^:])(\/)+(.)/g, `$1/$3`);
}
/**
* Quality values, or q-values and q-factors, are used to describe the order
* of priority of values in a comma-separated list.

2
test/unit/modules/auth/auth-utils.spec.ts
View file

@ -1,5 +1,6 @@
import _ from 'lodash';
import { aesDecryptDeprecated as aesDecrypt, verifyPayload } from '@verdaccio/signature';
import { Config, RemoteUser, Security } from '@verdaccio/types';
import { buildUserBuffer } from '@verdaccio/utils';
@ -13,7 +14,6 @@ import {
} from '../../../../src/lib/auth-utils';
import AppConfig from '../../../../src/lib/config';
import { CHARACTER_ENCODING, TOKEN_BEARER } from '../../../../src/lib/constants';
import { aesDecrypt, verifyPayload } from '../../../../src/lib/crypto-utils';
import { setup } from '../../../../src/lib/logger';
import { buildToken, convertPayloadToBase64, parseConfigFile } from '../../../../src/lib/utils';
import { IAuth } from '../../../types';

15
test/unit/modules/auth/crypto-utils.spec.ts
View file

@ -1,15 +0,0 @@
import { aesDecrypt, aesEncrypt } from '../../../../src/lib/crypto-utils';
import { convertPayloadToBase64 } from '../../../../src/lib/utils';
describe('test crypto utils', () => {
describe('default encryption', () => {
test('decrypt payload flow', () => {
const payload = 'juan';
const token = aesEncrypt(Buffer.from(payload), '12345').toString('base64');
const data = aesDecrypt(convertPayloadToBase64(token), '12345').toString('utf8');
expect(payload).toEqual(data);
});
});
});

2
test/unit/modules/bootstrap/run-server.spec.ts
View file

@ -43,7 +43,7 @@ describe('bootstrap modern', () => {
test('run server should fails with wrong path', async () => {
const configPath = join(__dirname, './this_does_not_exist.yaml');
await expect(runServer(configPath)).rejects.toThrow(
/Error: CONFIG: it does not look like a valid config file/
'config file does not exist or not reachable'
);
});
});

5
test/unit/modules/config/config.spec.ts
View file

@ -63,7 +63,10 @@ const checkDefaultConfPackages = (config) => {
expect(config.url_prefix).toBeUndefined();
expect(config.experiments).toBeUndefined();
expect(config.security).toBeUndefined();
expect(config.security).toEqual({
api: { legacy: true },
web: { sign: { expiresIn: '1h' }, verify: {} },
});
};
describe('Config file', () => {

224
test/unit/modules/utils/config-utils.spec.ts
View file

@ -1,15 +1,8 @@
import _ from 'lodash';
import path from 'path';
import {
hasProxyTo,
normalisePackageAccess,
sanityCheckUplinksProps,
uplinkSanityCheck,
} from '../../../../src/lib/config-utils';
import { PACKAGE_ACCESS, ROLES } from '../../../../src/lib/constants';
import { hasProxyTo, normalisePackageAccess } from '../../../../src/lib/config-utils';
import { parseConfigFile } from '../../../../src/lib/utils';
import { spliceURL } from '../../../../src/utils/string';
describe('Config Utilities', () => {
const parseConfigurationFile = (conf) => {
@ -19,167 +12,6 @@ describe('Config Utilities', () => {
return path.join(__dirname, `../../partials/config/${format}/${name}.${format}`);
};
describe('uplinkSanityCheck', () => {
test('should test basic conversion', () => {
const uplinks = uplinkSanityCheck(
parseConfigFile(parseConfigurationFile('uplink-basic')).uplinks
);
expect(Object.keys(uplinks)).toContain('server1');
expect(Object.keys(uplinks)).toContain('server2');
});
test('should throw error on blacklisted uplink name', () => {
const { uplinks } = parseConfigFile(parseConfigurationFile('uplink-wrong'));
expect(() => {
uplinkSanityCheck(uplinks);
}).toThrow('CONFIG: reserved uplink name: anonymous');
});
});
describe('sanityCheckUplinksProps', () => {
test('should fails if url prop is missing', () => {
const { uplinks } = parseConfigFile(parseConfigurationFile('uplink-wrong'));
expect(() => {
sanityCheckUplinksProps(uplinks);
}).toThrow('CONFIG: no url for uplink: none-url');
});
test('should bypass an empty uplink list', () => {
// @ts-ignore
expect(sanityCheckUplinksProps([])).toHaveLength(0);
});
});
describe('normalisePackageAccess', () => {
test('should test basic conversion', () => {
const { packages } = parseConfigFile(parseConfigurationFile('pkgs-basic'));
const access = normalisePackageAccess(packages);
expect(access).toBeDefined();
const scoped = access[`${PACKAGE_ACCESS.SCOPE}`];
const all = access[`${PACKAGE_ACCESS.ALL}`];
expect(scoped).toBeDefined();
expect(all).toBeDefined();
});
test('should define an empty publish array even if is not defined in packages', () => {
const { packages } = parseConfigFile(parseConfigurationFile('pkgs-basic-no-publish'));
const access = normalisePackageAccess(packages);
const scoped = access[`${PACKAGE_ACCESS.SCOPE}`];
const all = access[`${PACKAGE_ACCESS.ALL}`];
// publish must defined
expect(scoped.publish).toBeDefined();
expect(scoped.publish).toHaveLength(0);
expect(all.publish).toBeDefined();
expect(all.publish).toHaveLength(0);
});
test('should define an empty access array even if is not defined in packages', () => {
const { packages } = parseConfigFile(parseConfigurationFile('pkgs-basic-no-access'));
const access = normalisePackageAccess(packages);
const scoped = access[`${PACKAGE_ACCESS.SCOPE}`];
const all = access[`${PACKAGE_ACCESS.ALL}`];
// publish must defined
expect(scoped.access).toBeDefined();
expect(scoped.access).toHaveLength(0);
expect(all.access).toBeDefined();
expect(all.access).toHaveLength(0);
});
test('should define an empty proxy array even if is not defined in package', () => {
const { packages } = parseConfigFile(parseConfigurationFile('pkgs-basic-no-proxy'));
const access = normalisePackageAccess(packages);
const scoped = access[`${PACKAGE_ACCESS.SCOPE}`];
const all = access[`${PACKAGE_ACCESS.ALL}`];
// publish must defined
expect(scoped.proxy).toBeDefined();
expect(scoped.proxy).toHaveLength(0);
expect(all.proxy).toBeDefined();
expect(all.proxy).toHaveLength(0);
});
test('should test multi user group definition', () => {
const { packages } = parseConfigFile(parseConfigurationFile('pkgs-multi-group'));
const access = normalisePackageAccess(packages);
expect(access).toBeDefined();
const scoped = access[`${PACKAGE_ACCESS.SCOPE}`];
const all = access[`${PACKAGE_ACCESS.ALL}`];
expect(scoped).toBeDefined();
expect(scoped.access).toContain('$all');
expect(scoped.publish).toHaveLength(2);
expect(scoped.publish).toContain('admin');
expect(scoped.publish).toContain('superadmin');
expect(all).toBeDefined();
expect(all.access).toHaveLength(3);
expect(all.access).toContain('$all');
expect(all.publish).toHaveLength(1);
expect(all.publish).toContain('admin');
});
test('should normalize deprecated packages into the new ones (backward props compatible)', () => {
const { packages } = parseConfigFile(parseConfigurationFile('deprecated-pkgs-basic'));
const access = normalisePackageAccess(packages);
expect(access).toBeDefined();
const scoped = access[`${PACKAGE_ACCESS.SCOPE}`];
const all = access[`${PACKAGE_ACCESS.ALL}`];
const react = access['react-*'];
expect(react).toBeDefined();
expect(react.access).toBeDefined();
// Intended checks, Typescript should catch this, we test the runtime part
// @ts-ignore
expect(react.access[0]).toBe(ROLES.$ALL);
expect(react.publish).toBeDefined();
// @ts-ignore
expect(react.publish[0]).toBe('admin');
expect(react.proxy).toBeDefined();
// @ts-ignore
expect(react.proxy[0]).toBe('uplink2');
expect(react.storage).toBeDefined();
expect(react.storage).toBe('react-storage');
expect(scoped).toBeDefined();
expect(scoped.storage).not.toBeDefined();
expect(all).toBeDefined();
expect(all.access).toBeDefined();
expect(all.storage).not.toBeDefined();
expect(all.publish).toBeDefined();
expect(all.proxy).toBeDefined();
expect(all.allow_access).toBeUndefined();
expect(all.allow_publish).toBeUndefined();
expect(all.proxy_access).toBeUndefined();
});
test('should check not default packages access', () => {
const { packages } = parseConfigFile(parseConfigurationFile('pkgs-empty'));
const access = normalisePackageAccess(packages);
expect(access).toBeDefined();
const scoped = access[`${PACKAGE_ACCESS.SCOPE}`];
expect(scoped).toBeUndefined();
// ** should be added by default **
const all = access[`${PACKAGE_ACCESS.ALL}`];
expect(all).toBeDefined();
expect(all.access).toBeDefined();
expect(_.isArray(all.access)).toBeTruthy();
expect(all.publish).toBeDefined();
expect(_.isArray(all.publish)).toBeTruthy();
});
});
describe('hasProxyTo', () => {
test('should test basic config', () => {
const packages = normalisePackageAccess(
@ -234,58 +66,4 @@ describe('Config Utilities', () => {
expect(hasProxyTo('private', 'fake', packages)).toBeFalsy();
});
});
describe('spliceURL', () => {
test('should splice two strings and generate a url', () => {
const url: string = spliceURL('http://domain.com', '/-/static/logo.png');
expect(url).toMatch('http://domain.com/-/static/logo.png');
});
test('should splice a empty strings and generate a url', () => {
const url: string = spliceURL('', '/-/static/logo.png');
expect(url).toMatch('/-/static/logo.png');
});
});
describe('JSON', () => {
test('parse default.json', () => {
const config = parseConfigFile(parseConfigurationFile('default.json'));
expect(config.storage).toBeDefined();
});
test('parse invalid.json', () => {
expect(function () {
parseConfigFile(parseConfigurationFile('invalid.json'));
}).toThrow(/Error/);
});
test('parse not-exists.json', () => {
expect(function () {
parseConfigFile(parseConfigurationFile('not-exists.json'));
}).toThrow(/Error/);
});
});
describe('JavaScript', () => {
test('parse default.js', () => {
const config = parseConfigFile(parseConfigurationFile('default.js'));
expect(config.storage).toBeDefined();
});
test('parse invalid.js', () => {
expect(function () {
parseConfigFile(parseConfigurationFile('invalid.js'));
}).toThrow(/Error/);
});
test('parse not-exists.js', () => {
expect(function () {
parseConfigFile(parseConfigurationFile('not-exists.js'));
}).toThrow(/Error/);
});
});
});

14
test/unit/modules/utils/utils.spec.ts
View file

@ -10,7 +10,7 @@ import {
parseReadme,
sortByName,
} from '../../../../src/lib/utils';
import { getByQualityPriorityValue, spliceURL } from '../../../../src/utils/string';
import { getByQualityPriorityValue } from '../../../../src/utils/string';
setup([]);
@ -137,18 +137,6 @@ describe('Utilities', () => {
});
describe('String utilities', () => {
test('should splice two strings and generate a url', () => {
const url: string = spliceURL('http://domain.com', '/-/static/logo.png');
expect(url).toMatch('http://domain.com/-/static/logo.png');
});
test('should splice a empty strings and generate a url', () => {
const url: string = spliceURL('', '/-/static/logo.png');
expect(url).toMatch('/-/static/logo.png');
});
test('getByQualityPriorityValue', () => {
expect(getByQualityPriorityValue('')).toEqual('');
expect(getByQualityPriorityValue(null)).toEqual('');

2
test/unit/partials/config/index.js
View file

@ -2,7 +2,7 @@
import _ from 'lodash';
import path from 'path';
import {parseConfigFile} from '../../../../src/lib/utils';
import {parseConfigFile} from '@verdaccio/config';
/**
* Override the default.yaml configuration file with any new config provided.

BIN
yarn.lock
View file

Binary file not shown.