0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-16 21:56:25 -05:00
verdaccio/lib/utils.js
2017-06-10 20:29:35 +02:00

290 lines
7.2 KiB
JavaScript

'use strict';
const assert = require('assert');
const semver = require('semver');
const URL = require('url');
const _ = require('lodash');
const Logger = require('./logger');
/**
* Validate a package.
* @param {*} name
* @return {Boolean} whether the package is valid or not
*/
function validate_package(name) {
name = name.split('/', 2);
if (name.length === 1) {
// normal package
return module.exports.validate_name(name[0]);
} else {
// scoped package
return name[0][0] === '@'
&& module.exports.validate_name(name[0].slice(1))
&& module.exports.validate_name(name[1]);
}
}
/**
* From normalize-package-data/lib/fixer.js
* @param {*} name the package name
* @return {Boolean} whether is valid or not
*/
function validate_name(name) {
if (_.isString(name) === false) {
return false;
}
name = name.toLowerCase();
// all URL-safe characters and "@" for issue #75
if (!name.match(/^[-a-zA-Z0-9_.!~*'()@]+$/)
|| name.charAt(0) === '.' // ".bin", etc.
|| name.charAt(0) === '-' // "-" is reserved by couchdb
|| name === 'node_modules'
|| name === '__proto__'
|| name === 'package.json'
|| name === 'favicon.ico'
) {
return false;
} else {
return true;
}
}
/**
* Check whether an element is an Object
* @param {*} obj the element
* @return {Boolean}
*/
function isObject(obj) {
return _.isObject(obj) && _.isNull(obj) === false && _.isArray(obj) === false;
}
/**
* Validate the package metadata, add additional properties whether are missing within
* the metadata properties.
* @param {*} object
* @param {*} name
* @return {Object} the object with additional properties as dist-tags ad versions
*/
function validate_metadata(object, name) {
assert(isObject(object), 'not a json object');
assert.equal(object.name, name);
if (!isObject(object['dist-tags'])) {
object['dist-tags'] = {};
}
if (!isObject(object['versions'])) {
object['versions'] = {};
}
return object;
}
/**
* Create base url for registry.
* @param {String} protocol
* @param {String} host
* @param {String} prefix
* @return {String} base registry url
*/
function combineBaseUrl(protocol, host, prefix) {
let result = `${protocol}://${host}`;
if (prefix) {
prefix = prefix.replace(/\/$/, '');
result = (prefix.indexOf('/') === 0)
? `${result}${prefix}`
: prefix;
}
return result;
}
/**
* Iterate a packages's versions and filter each original tarbal url.
* @param {*} pkg
* @param {*} req
* @param {*} config
* @return {String} a filtered package
*/
function filter_tarball_urls(pkg, req, config) {
/**
* Filter a tarball url.
* @param {*} _url
* @return {String} a parsed url
*/
const filter = function(_url) {
if (!req.headers.host) {
return _url;
}
const filename = URL.parse(_url).pathname.replace(/^.*\//, '');
const base = combineBaseUrl(req.protocol, req.headers.host, config.url_prefix);
return `${base}/${pkg.name.replace(/\//g, '%2f')}/-/${filename}`;
};
for (let ver in pkg.versions) {
if (Object.prototype.hasOwnProperty.call(pkg.versions, ver)) {
const dist = pkg.versions[ver].dist;
if (_.isNull(dist) === false && _.isNull(dist.tarball) === false) {
dist.tarball = filter(dist.tarball);
}
}
}
return pkg;
}
/**
* Create a tag for a package
* @param {*} data
* @param {*} version
* @param {*} tag
* @return {Boolean} whether a package has been tagged
*/
function tag_version(data, version, tag) {
if (tag) {
if (data['dist-tags'][tag] !== version) {
if (semver.parse(version, true)) {
// valid version - store
data['dist-tags'][tag] = version;
return true;
}
}
Logger.logger.warn({ver: version, tag: tag}, 'ignoring bad version @{ver} in @{tag}');
if (tag && data['dist-tags'][tag]) {
delete data['dist-tags'][tag];
}
}
return false;
}
/**
* Gets version from a package object taking into account semver weirdness.
* @param {*} object
* @param {*} version
* @return {String} return the semantic version of a package
*/
function get_version(object, version) {
// this condition must allow cast
if (object.versions[version] != null) {
return object.versions[version];
}
try {
version = semver.parse(version, true);
for (let k in object.versions) {
if (version.compare(semver.parse(k, true)) === 0) {
return object.versions[k];
}
}
} catch (err) {
return undefined;
}
}
/**
* Parse an internet address
* Allow:
- https:localhost:1234 - protocol + host + port
- localhost:1234 - host + port
- 1234 - port
- http::1234 - protocol + port
- https://localhost:443/ - full url + https
- http://[::1]:443/ - ipv6
- unix:/tmp/http.sock - unix sockets
- https://unix:/tmp/http.sock - unix sockets (https)
* @param {*} urlAddress the internet address definition
* @return {Object|Null} literal object that represent the address parsed
*/
function parse_address(urlAddress) {
//
// TODO: refactor it to something more reasonable?
//
// protocol : // ( host )|( ipv6 ): port /
let urlPattern = /^((https?):(\/\/)?)?((([^\/:]*)|\[([^\[\]]+)\]):)?(\d+)\/?$/.exec(urlAddress);
if (urlPattern) {
return {
proto: urlPattern[2] || 'http',
host: urlPattern[6] || urlPattern[7] || 'localhost',
port: urlPattern[8] || '4873',
};
}
urlPattern = /^((https?):(\/\/)?)?unix:(.*)$/.exec(urlAddress);
if (urlPattern) {
return {
proto: urlPattern[2] || 'http',
path: urlPattern[4],
};
}
return null;
}
/**
* Function filters out bad semver versions and sorts the array.
* @param {*} array
* @return {Array} sorted Array
*/
function semverSort(array) {
return array
.filter(function(x) {
if (!semver.parse(x, true)) {
Logger.logger.warn( {ver: x}, 'ignoring bad version @{ver}' );
return false;
}
return true;
})
.sort(semver.compareLoose)
.map(String);
}
/**
* Flatten arrays of tags.
* @param {*} data
*/
function normalize_dist_tags(data) {
let sorted;
if (!data['dist-tags'].latest) {
// overwrite latest with highest known version based on semver sort
sorted = semverSort(Object.keys(data.versions));
if (sorted && sorted.length) {
data['dist-tags'].latest = sorted.pop();
}
}
for (let tag in data['dist-tags']) {
if (_.isArray(data['dist-tags'][tag])) {
if (data['dist-tags'][tag].length) {
// sort array
sorted = semverSort(data['dist-tags'][tag]);
if (sorted.length) {
// use highest version based on semver sort
data['dist-tags'][tag] = sorted.pop();
}
} else {
delete data['dist-tags'][tag];
}
} else if (_.isString(data['dist-tags'][tag] )) {
if (!semver.parse(data['dist-tags'][tag], true)) {
// if the version is invalid, delete the dist-tag entry
delete data['dist-tags'][tag];
}
}
}
}
module.exports.semver_sort = semverSort;
module.exports.parse_address = parse_address;
module.exports.get_version = get_version;
module.exports.normalize_dist_tags = normalize_dist_tags;
module.exports.tag_version = tag_version;
module.exports.combineBaseUrl = combineBaseUrl;
module.exports.filter_tarball_urls = filter_tarball_urls;
module.exports.validate_metadata = validate_metadata;
module.exports.is_object = isObject;
module.exports.validate_name = validate_name;
module.exports.validate_package = validate_package;