From 9d4c76153d75c0d81f30fd0e00e4f5a706fde774 Mon Sep 17 00:00:00 2001 From: "Juan Picado @jotadeveloper" Date: Tue, 27 Nov 2018 14:43:29 +0100 Subject: [PATCH 1/7] chore: add info where the new docs are (#1138) --- docs/where-are-docs.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 docs/where-are-docs.md diff --git a/docs/where-are-docs.md b/docs/where-are-docs.md new file mode 100644 index 000000000..c30bbe410 --- /dev/null +++ b/docs/where-are-docs.md @@ -0,0 +1,5 @@ +## Where are the docs now? + +The documentation was relocated to the following website: + +https://github.com/verdaccio/website From 9b52b1d39638459d41121982e824a147f71c1eb5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Bachelier?= Date: Mon, 3 Dec 2018 06:41:25 +0100 Subject: [PATCH 2/7] feat: display package peer deps (#1144) * feat: enable overriding Dependencies title * feat: add PeerDependencies component * test: add PeerDependencies unit tests * test: add unit test about Dependencies title overriding * feat: display peer dependencies in package sidebar --- src/webui/components/PackageSidebar/index.jsx | 3 + .../modules/Dependencies/index.jsx | 7 +- .../modules/PeerDependencies/index.jsx | 18 ++++++ .../__snapshots__/dependencies.spec.js.snap | 2 + .../peerDependencies.spec.js.snap | 5 ++ .../PackageSidebar/dependencies.spec.js | 9 ++- .../PackageSidebar/peerDependencies.spec.js | 64 +++++++++++++++++++ 7 files changed, 104 insertions(+), 4 deletions(-) create mode 100644 src/webui/components/PackageSidebar/modules/PeerDependencies/index.jsx create mode 100644 test/unit/webui/components/PackageSidebar/__snapshots__/peerDependencies.spec.js.snap create mode 100644 test/unit/webui/components/PackageSidebar/peerDependencies.spec.js diff --git a/src/webui/components/PackageSidebar/index.jsx b/src/webui/components/PackageSidebar/index.jsx index 833cd3b4c..8abcfc9d8 100644 --- a/src/webui/components/PackageSidebar/index.jsx +++ b/src/webui/components/PackageSidebar/index.jsx @@ -4,6 +4,7 @@ import get from 'lodash/get'; import LastSync from './modules/LastSync'; import Maintainers from './modules/Maintainers'; import Dependencies from './modules/Dependencies'; +import PeerDependencies from './modules/PeerDependencies'; import Infos from './modules/Infos'; import { @@ -65,6 +66,7 @@ export default class PackageSidebar extends React.Component { // Dependencies component const dependencies = get(packageMeta, 'latest.dependencies', {}); + const peerDependencies = get(packageMeta, 'latest.peerDependencies', {}); // Maintainers component return ( @@ -83,6 +85,7 @@ export default class PackageSidebar extends React.Component { {/* TODO: Refacor later, when we decide to show only maintainers/authors */} + {/* Package management module? Help us implement it! */} ); diff --git a/src/webui/components/PackageSidebar/modules/Dependencies/index.jsx b/src/webui/components/PackageSidebar/modules/Dependencies/index.jsx index c107e424d..8bd95efb9 100644 --- a/src/webui/components/PackageSidebar/modules/Dependencies/index.jsx +++ b/src/webui/components/PackageSidebar/modules/Dependencies/index.jsx @@ -29,10 +29,10 @@ const renderDependenciesList = (dependencies, dependenciesList) => { ); }; -const Dependencies = ({dependencies = {}}) => { +const Dependencies = ({dependencies = {}, title = 'Dependencies'}) => { const dependenciesList = Object.keys(dependencies); return ( - + {dependenciesList.length > 0 ? ( renderDependenciesList(dependencies, dependenciesList) ) : ( @@ -43,7 +43,8 @@ const Dependencies = ({dependencies = {}}) => { }; Dependencies.propTypes = { - dependencies: PropTypes.object + dependencies: PropTypes.object, + title: PropTypes.string }; export default Dependencies; diff --git a/src/webui/components/PackageSidebar/modules/PeerDependencies/index.jsx b/src/webui/components/PackageSidebar/modules/PeerDependencies/index.jsx new file mode 100644 index 000000000..d68a4671f --- /dev/null +++ b/src/webui/components/PackageSidebar/modules/PeerDependencies/index.jsx @@ -0,0 +1,18 @@ +import React from 'react'; +import PropTypes from 'prop-types'; +import Dependencies from '../Dependencies'; + +export const TITLE = 'Peer Dependencies' + +const PeerDependencies = ({dependencies = {}, title = TITLE}) => { + return ( + + ); +}; + +PeerDependencies.propTypes = { + dependencies: PropTypes.object, + title: PropTypes.string +}; + +export default PeerDependencies; diff --git a/test/unit/webui/components/PackageSidebar/__snapshots__/dependencies.spec.js.snap b/test/unit/webui/components/PackageSidebar/__snapshots__/dependencies.spec.js.snap index e749b614b..6964cfc53 100644 --- a/test/unit/webui/components/PackageSidebar/__snapshots__/dependencies.spec.js.snap +++ b/test/unit/webui/components/PackageSidebar/__snapshots__/dependencies.spec.js.snap @@ -3,3 +3,5 @@ exports[` : should load dependencies 1`] = `""`; exports[` : should load the package without dependencies 1`] = `"

Dependencies

Zero Dependencies!

"`; + +exports[` : should permit overriding title 1`] = `"

Package dependencies

Zero Dependencies!

"`; diff --git a/test/unit/webui/components/PackageSidebar/__snapshots__/peerDependencies.spec.js.snap b/test/unit/webui/components/PackageSidebar/__snapshots__/peerDependencies.spec.js.snap new file mode 100644 index 000000000..461fdf349 --- /dev/null +++ b/test/unit/webui/components/PackageSidebar/__snapshots__/peerDependencies.spec.js.snap @@ -0,0 +1,5 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[` : should load dependencies 1`] = `""`; + +exports[` : should load the package without dependencies 1`] = `"

Peer Dependencies

Zero Dependencies!

"`; diff --git a/test/unit/webui/components/PackageSidebar/dependencies.spec.js b/test/unit/webui/components/PackageSidebar/dependencies.spec.js index 498cf0564..43a645c3c 100644 --- a/test/unit/webui/components/PackageSidebar/dependencies.spec.js +++ b/test/unit/webui/components/PackageSidebar/dependencies.spec.js @@ -3,7 +3,7 @@ */ import React from 'react'; -import { shallow } from 'enzyme'; +import { mount, shallow } from 'enzyme'; import Dependencies, { NO_DEPENDENCIES, DEP_ITEM_CLASS @@ -57,4 +57,11 @@ describe(' : ', () => { expect(wrapper.find(ModuleContentPlaceholder).props().text).toBe(NO_DEPENDENCIES); expect(wrapper.html()).toMatchSnapshot(); }); + + test('should permit overriding title', () => { + const wrapper = mount(); + + expect(wrapper.find('h2').text()).toEqual('Package dependencies'); + expect(wrapper.html()).toMatchSnapshot(); + }); }); diff --git a/test/unit/webui/components/PackageSidebar/peerDependencies.spec.js b/test/unit/webui/components/PackageSidebar/peerDependencies.spec.js new file mode 100644 index 000000000..0ba1a3717 --- /dev/null +++ b/test/unit/webui/components/PackageSidebar/peerDependencies.spec.js @@ -0,0 +1,64 @@ +/** + * Dependencies component + */ + +import React from 'react'; +import { mount } from 'enzyme'; +import { + NO_DEPENDENCIES, + DEP_ITEM_CLASS +} from '../../../../../src/webui/components/PackageSidebar/modules/Dependencies/index'; +import PeerDependencies, { + TITLE +} from '../../../../../src/webui/components/PackageSidebar/modules/PeerDependencies/index'; +import ModuleContentPlaceholder from '../../../../../src/webui/components/PackageSidebar/ModuleContentPlaceholder'; + + +describe(' : ', () => { + test('should load dependencies', () => { + const peerDependencies = { + '@verdaccio/file-locking': '0.0.3', + '@verdaccio/streams': '0.0.2', + JSONStream: '^1.1.1', + 'apache-md5': '^1.1.2', + async: '^2.0.1', + 'body-parser': '^1.15.0', + bunyan: '^1.8.0', + chalk: '^2.0.1', + commander: '^2.11.0', + compression: '1.6.2', + cookies: '^0.7.0', + cors: '^2.8.3', + express: '4.15.3', + global: '^4.3.2', + handlebars: '4.0.5', + 'http-errors': '^1.4.0', + 'js-string-escape': '1.0.1', + 'js-yaml': '^3.6.0', + jsonwebtoken: '^7.4.1', + lockfile: '^1.0.1', + lodash: '4.17.4', + lunr: '^0.7.0', + marked: '0.3.6', + mime: '^1.3.6', + minimatch: '^3.0.2', + mkdirp: '^0.5.1', + pkginfo: '^0.4.0', + request: '^2.72.0', + semver: '^5.1.0', + 'unix-crypt-td-js': '^1.0.0' + }; + const wrapper = mount(); + + expect(wrapper.find('h2').text()).toEqual(TITLE); + expect(wrapper.find(`.${DEP_ITEM_CLASS}`)).toHaveLength(Object.keys(peerDependencies).length); + expect(wrapper.html()).toMatchSnapshot(); + }); + + test('should load the package without dependencies', () => { + const wrapper = mount(); + + expect(wrapper.find(ModuleContentPlaceholder).props().text).toBe(NO_DEPENDENCIES); + expect(wrapper.html()).toMatchSnapshot(); + }); +}); From 24e91216f71c5fb8b44e81a20cc0cfc9795ffffc Mon Sep 17 00:00:00 2001 From: "Juan Picado @jotadeveloper" Date: Tue, 4 Dec 2018 19:09:06 +0100 Subject: [PATCH 3/7] fix: update node within Dockerfile (#1139) https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/ --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d12da9951..5235e11cc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM node:10.7-alpine +FROM node:10.13-alpine LABEL maintainer="https://github.com/verdaccio/verdaccio" RUN apk --no-cache add wget openssl && \ From 9d3b7ba32ce931aa72340198bac42c305f927ac4 Mon Sep 17 00:00:00 2001 From: "Juan Picado @jotadeveloper" Date: Tue, 4 Dec 2018 19:13:53 +0100 Subject: [PATCH 4/7] chore(release): 3.9.0 --- CHANGELOG.md | 15 +++++++++++++++ package.json | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index aee195109..15806a60f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,21 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +# [3.9.0](https://github.com/verdaccio/verdaccio/compare/v3.8.6...v3.9.0) (2018-12-04) + + +### Bug Fixes + +* update node within Dockerfile ([#1139](https://github.com/verdaccio/verdaccio/issues/1139)) ([24e9121](https://github.com/verdaccio/verdaccio/commit/24e9121)) + + +### Features + +* display package peer deps ([#1144](https://github.com/verdaccio/verdaccio/issues/1144)) ([9b52b1d](https://github.com/verdaccio/verdaccio/commit/9b52b1d)) + + + ## [3.8.6](https://github.com/verdaccio/verdaccio/compare/v3.8.5...v3.8.6) (2018-11-15) diff --git a/package.json b/package.json index 30685ce1e..0bcba859c 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "verdaccio", - "version": "3.8.6", + "version": "3.9.0", "description": "Private npm repository server", "author": { "name": "Alex Kocharin", From 6554973e2b9f9d966a7d4be07121b3d504b6c411 Mon Sep 17 00:00:00 2001 From: "Juan Picado @jotadeveloper" Date: Thu, 6 Dec 2018 08:34:42 +0100 Subject: [PATCH 5/7] feat: allows package.json as package name (#1149) --- src/lib/local-storage.js | 2 +- src/lib/utils.js | 1 - test/functional/sanity/security.js | 8 ++++---- test/unit/api/local-storage.spec.js | 4 ++-- test/unit/api/utils.spec.js | 4 ---- 5 files changed, 7 insertions(+), 12 deletions(-) diff --git a/src/lib/local-storage.js b/src/lib/local-storage.js index ac5bf45f9..323b93bdd 100644 --- a/src/lib/local-storage.js +++ b/src/lib/local-storage.js @@ -409,7 +409,7 @@ class LocalStorage implements IStorage { _transform.apply(uploadStream, arguments); }; - if (name === pkgFileName || name === '__proto__') { + if (name === '__proto__') { process.nextTick(() => { uploadStream.emit('error', ErrorCode.getForbidden()); }); diff --git a/src/lib/utils.js b/src/lib/utils.js index 81fb58f0d..d3e655c1a 100644 --- a/src/lib/utils.js +++ b/src/lib/utils.js @@ -75,7 +75,6 @@ function validateName(name: string): boolean { name.charAt(0) === '-' || // "-" is reserved by couchdb name === 'node_modules' || name === '__proto__' || - name === 'package.json' || name === 'favicon.ico' ); } diff --git a/test/functional/sanity/security.js b/test/functional/sanity/security.js index 4afa1e891..c366a655d 100644 --- a/test/functional/sanity/security.js +++ b/test/functional/sanity/security.js @@ -9,7 +9,7 @@ export default function(server) { }); test('should fails on fetch bad pkg #1', () => { - return server.getPackage('package.json') + return server.getPackage('__proto__') .status(HTTP_STATUS.FORBIDDEN) .body_error(/invalid package/); }); @@ -31,8 +31,8 @@ export default function(server) { }); }); - test('should fails and do not return package.json as an attachment', () => { - return server.request({uri: '/testpkg-sec/-/package.json'}) + test('should fails and do not return __proto__ as an attachment', () => { + return server.request({uri: '/testpkg-sec/-/__proto__'}) .status(HTTP_STATUS.FORBIDDEN) .body_error(/invalid filename/); }); @@ -49,7 +49,7 @@ export default function(server) { }); test('should fails on fetch silly things - writing #1', () => { - return server.putTarball('testpkg-sec', 'package.json', '{}') + return server.putTarball('testpkg-sec', '__proto__', '{}') .status(HTTP_STATUS.FORBIDDEN) .body_error(/invalid filename/); }); diff --git a/test/unit/api/local-storage.spec.js b/test/unit/api/local-storage.spec.js index 686bb17c8..2a081cae8 100644 --- a/test/unit/api/local-storage.spec.js +++ b/test/unit/api/local-storage.spec.js @@ -344,7 +344,7 @@ describe('LocalStorage', () => { stream.on('error', (err) => { expect(err).not.toBeNull(); expect(err.statusCode).toEqual(HTTP_STATUS.CONFLICT); - expect(err.message).toMatch(/this package is already present/); + expect(err.message).toMatch(/this package is already present/); }); stream.on('success', function(){ expect(spy).toHaveBeenCalled(); @@ -385,7 +385,7 @@ describe('LocalStorage', () => { }); test('should fails on abort on add a new tarball', (done) => { - const stream = storage.addTarball('package.json', `${pkgName}-fails-add-tarball-1.0.4.tgz`); + const stream = storage.addTarball('__proto__', `${pkgName}-fails-add-tarball-1.0.4.tgz`); stream.abort(); stream.on('error', function(err) { expect(err).not.toBeNull(); diff --git a/test/unit/api/utils.spec.js b/test/unit/api/utils.spec.js index d4a6667a7..5c252fd59 100644 --- a/test/unit/api/utils.spec.js +++ b/test/unit/api/utils.spec.js @@ -59,10 +59,6 @@ describe('Utilities', () => { assert(validate('JSONStream')); }); - test('no package.json', () => { - assert(!validate('package.json')); - }); - test('no path seps', () => { assert(!validate('some/thing')); assert(!validate('some\\thing')); From 68165ca7adae94ff9808048e9693f767c3177310 Mon Sep 17 00:00:00 2001 From: "Juan Picado @jotadeveloper" Date: Thu, 6 Dec 2018 08:34:54 +0100 Subject: [PATCH 6/7] fix: update docker node to 10.14.1 (#1148) --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 5235e11cc..9082a1997 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM node:10.13-alpine +FROM node:10.14.1-alpine LABEL maintainer="https://github.com/verdaccio/verdaccio" RUN apk --no-cache add wget openssl && \ From 0e252fc4d7eba11472560682ed313ac16948197f Mon Sep 17 00:00:00 2001 From: "Juan Picado @jotadeveloper" Date: Thu, 6 Dec 2018 08:38:25 +0100 Subject: [PATCH 7/7] chore(release): 3.10.0 --- CHANGELOG.md | 15 +++++++++++++++ package.json | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 15806a60f..52dce8f0c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,21 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +# [3.10.0](https://github.com/verdaccio/verdaccio/compare/v3.9.0...v3.10.0) (2018-12-06) + + +### Bug Fixes + +* update docker node to 10.14.1 ([#1148](https://github.com/verdaccio/verdaccio/issues/1148)) ([68165ca](https://github.com/verdaccio/verdaccio/commit/68165ca)) + + +### Features + +* allows package.json as package name ([#1149](https://github.com/verdaccio/verdaccio/issues/1149)) ([6554973](https://github.com/verdaccio/verdaccio/commit/6554973)) + + + # [3.9.0](https://github.com/verdaccio/verdaccio/compare/v3.8.6...v3.9.0) (2018-12-04) diff --git a/package.json b/package.json index 0bcba859c..237fee45a 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "verdaccio", - "version": "3.9.0", + "version": "3.10.0", "description": "Private npm repository server", "author": { "name": "Alex Kocharin",