cnpmcore/dist/app/common/PackageUtil.js

npm core

"use strict";
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    var desc = Object.getOwnPropertyDescriptor(m, k);
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
    Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
    o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
    if (mod && mod.__esModule) return mod;
    var result = {};
    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
    __setModuleDefault(result, mod);
    return result;
};
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.extractPackageJSON = exports.formatAuthor = exports.hasShrinkWrapInTgz = exports.detectInstallScript = exports.formatTarball = exports.calculateIntegrity = exports.getPrefixedName = exports.cleanUserPrefix = exports.getFullname = exports.getScopeAndName = exports.FULLNAME_REG_STRING = void 0;
const node_fs_1 = require("node:fs");
const node_stream_1 = require("node:stream");
const promises_1 = require("node:stream/promises");
const ssri = __importStar(require("ssri"));
const tar_1 = __importDefault(require("@fengmk2/tar"));
// /@cnpm%2ffoo
// /@cnpm%2Ffoo
// /@cnpm/foo
// /foo
// name max length is 214 chars
// https://www.npmjs.com/package/path-to-regexp#custom-matching-parameters
exports.FULLNAME_REG_STRING = '@[^/]{1,220}\/[^/]{1,220}|@[^%]+\%2[fF][^/]{1,220}|[^@/]{1,220}';
function getScopeAndName(fullname) {
    if (fullname.startsWith('@')) {
        return fullname.split('/', 2);
    }
    return ['', fullname];
}
exports.getScopeAndName = getScopeAndName;
function getFullname(scope, name) {
    return scope ? `${scope}/${name}` : name;
}
exports.getFullname = getFullname;
function cleanUserPrefix(username) {
    return username.replace(/^.*:/, '');
}
exports.cleanUserPrefix = cleanUserPrefix;
function getPrefixedName(prefix, username) {
    return prefix ? `${prefix}${username}` : username;
}
exports.getPrefixedName = getPrefixedName;
async function calculateIntegrity(contentOrFile) {
    let integrityObj;
    if (typeof contentOrFile === 'string') {
        integrityObj = await ssri.fromStream((0, node_fs_1.createReadStream)(contentOrFile), {
            algorithms: ['sha512', 'sha1'],
        });
    }
    else {
        integrityObj = ssri.fromData(contentOrFile, {
            algorithms: ['sha512', 'sha1'],
        });
    }
    const integrity = integrityObj.sha512[0].toString();
    const shasum = integrityObj.sha1[0].hexDigest();
    return { integrity, shasum };
}
exports.calculateIntegrity = calculateIntegrity;
function formatTarball(registry, scope, name, version) {
    const fullname = getFullname(scope, name);
    return `${registry}/${fullname}/-/${name}-${version}.tgz`;
}
exports.formatTarball = formatTarball;
function detectInstallScript(manifest) {
    // https://github.com/npm/registry/blob/master/docs/responses/package-metadata.md#abbreviated-version-object
    let hasInstallScript = false;
    const scripts = manifest.scripts;
    if (scripts) {
        // https://www.npmjs.com/package/fix-has-install-script
        if (scripts.install || scripts.preinstall || scripts.postinstall) {
            hasInstallScript = true;
        }
    }
    return hasInstallScript;
}
exports.detectInstallScript = detectInstallScript;
/** 判断一个版本压缩包中是否包含 npm-shrinkwrap.json */
async function hasShrinkWrapInTgz(contentOrFile) {
    let readable;
    if (typeof contentOrFile === 'string') {
        readable = (0, node_fs_1.createReadStream)(contentOrFile);
    }
    else {
        readable = new node_stream_1.Readable({
            read() {
                this.push(contentOrFile);
                this.push(null);
            },
        });
    }
    let hasShrinkWrap = false;
    const abortController = new AbortController();
    const parser = tar_1.default.t({
        // options.strict 默认为 false，会忽略 Recoverable errors，例如 tar 解析失败
        // 详见 https://github.com/isaacs/node-tar#warnings-and-errors
        onentry(entry) {
            if (entry.path === 'package/npm-shrinkwrap.json') {
                hasShrinkWrap = true;
                abortController.abort();
            }
        },
    });
    try {
        await (0, promises_1.pipeline)(readable, parser, { signal: abortController.signal });
        return hasShrinkWrap;
    }
    catch (e) {
        if (e.code === 'ABORT_ERR') {
            return hasShrinkWrap;
        }
        throw Object.assign(new Error('[hasShrinkWrapInTgz] Fail to parse input file'), { cause: e });
    }
}
exports.hasShrinkWrapInTgz = hasShrinkWrapInTgz;
/** 写入 ES 时，格式化 author */
function formatAuthor(author) {
    if (author === undefined) {
        return author;
    }
    if (typeof author === 'string') {
        return { name: author };
    }
    return author;
}
exports.formatAuthor = formatAuthor;
async function extractPackageJSON(tarballBytes) {
    return new Promise((resolve, reject) => {
        node_stream_1.Readable.from(tarballBytes)
            .pipe(tar_1.default.t({
            filter: name => name === 'package/package.json',
            onentry: async (entry) => {
                const chunks = [];
                for await (const chunk of entry) {
                    chunks.push(chunk);
                }
                try {
                    const data = Buffer.concat(chunks);
                    return resolve(JSON.parse(data.toString()));
                }
                catch (err) {
                    reject(new Error('Error parsing package.json'));
                }
            },
        }));
    });
}
exports.extractPackageJSON = extractPackageJSON;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiUGFja2FnZVV0aWwuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9hcHAvY29tbW9uL1BhY2thZ2VVdGlsLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEscUNBQTJDO0FBQzNDLDZDQUF1QztBQUN2QyxtREFBZ0Q7QUFDaEQsMkNBQTZCO0FBQzdCLHVEQUErQjtBQUkvQixlQUFlO0FBQ2YsZUFBZTtBQUNmLGFBQWE7QUFDYixPQUFPO0FBQ1AsK0JBQStCO0FBQy9CLDBFQUEwRTtBQUM3RCxRQUFBLG1CQUFtQixHQUFHLGlFQUFpRSxDQUFDO0FBRXJHLFNBQWdCLGVBQWUsQ0FBQyxRQUFnQjtJQUM5QyxJQUFJLFFBQVEsQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLEVBQUU7UUFDNUIsT0FBTyxRQUFRLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSxDQUFDLENBQUMsQ0FBQztLQUMvQjtJQUNELE9BQU8sQ0FBRSxFQUFFLEVBQUUsUUFBUSxDQUFFLENBQUM7QUFDMUIsQ0FBQztBQUxELDBDQUtDO0FBRUQsU0FBZ0IsV0FBVyxDQUFDLEtBQWEsRUFBRSxJQUFZO0lBQ3JELE9BQU8sS0FBSyxDQUFDLENBQUMsQ0FBQyxHQUFHLEtBQUssSUFBSSxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDO0FBQzNDLENBQUM7QUFGRCxrQ0FFQztBQUVELFNBQWdCLGVBQWUsQ0FBQyxRQUFnQjtJQUM5QyxPQUFPLFFBQVEsQ0FBQyxPQUFPLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxDQUFDO0FBQ3RDLENBQUM7QUFGRCwwQ0FFQztBQUVELFNBQWdCLGVBQWUsQ0FBQyxNQUFjLEVBQUUsUUFBZ0I7SUFDOUQsT0FBTyxNQUFNLENBQUMsQ0FBQyxDQUFDLEdBQUcsTUFBTSxHQUFHLFFBQVEsRUFBRSxDQUFDLENBQUMsQ0FBQyxRQUFRLENBQUM7QUFDcEQsQ0FBQztBQUZELDBDQUVDO0FBRU0sS0FBSyxVQUFVLGtCQUFrQixDQUFDLGFBQWtDO0lBQ3pFLElBQUksWUFBWSxDQUFDO0lBQ2pCLElBQUksT0FBTyxhQUFhLEtBQUssUUFBUSxFQUFFO1FBQ3JDLFlBQVksR0FBRyxNQUFNLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBQSwwQkFBZ0IsRUFBQyxhQUFhLENBQUMsRUFBRTtZQUNwRSxVQUFVLEVBQUUsQ0FBRSxRQUFRLEVBQUUsTUFBTSxDQUFFO1NBQ2pDLENBQUMsQ0FBQztLQUNKO1NBQU07UUFDTCxZQUFZLEdBQUcsSUFBSSxDQUFDLFFBQVEsQ0FBQyxhQUFhLEVBQUU7WUFDMUMsVUFBVSxFQUFFLENBQUUsUUFBUSxFQUFFLE1BQU0sQ0FBRTtTQUNqQyxDQUFDLENBQUM7S0FDSjtJQUNELE1BQU0sU0FBUyxHQUFHLFlBQVksQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUMsUUFBUSxFQUFZLENBQUM7SUFDOUQsTUFBTSxNQUFNLEdBQUcsWUFBWSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxTQUFTLEVBQVksQ0FBQztJQUMxRCxPQUFPLEVBQUUsU0FBUyxFQUFFLE1BQU0sRUFBRSxDQUFDO0FBQy9CLENBQUM7QUFkRCxnREFjQztBQUVELFNBQWdCLGFBQWEsQ0FBQyxRQUFnQixFQUFFLEtBQWEsRUFBRSxJQUFZLEVBQUUsT0FBZTtJQUMxRixNQUFNLFFBQVEsR0FBRyxXQUFXLENBQUMsS0FBSyxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQzFDLE9BQU8sR0FBRyxRQUFRLElBQUksUUFBUSxNQUFNLElBQUksSUFBSSxPQUFPLE1BQU0sQ0FBQztBQUM1RCxDQUFDO0FBSEQsc0NBR0M7QUFFRCxTQUFnQixtQkFBbUIsQ0FBQyxRQUFhO0lBQy9DLDRHQUE0RztJQUM1RyxJQUFJLGdCQUFnQixHQUFHLEtBQUssQ0FBQztJQUM3QixNQUFNLE9BQU8sR0FBRyxRQUFRLENBQUMsT0FBTyxDQUFDO0lBQ2pDLElBQUksT0FBTyxFQUFFO1FBQ1gsdURBQXVEO1FBQ3ZELElBQUksT0FBTyxDQUFDLE9BQU8sSUFBSSxPQUFPLENBQUMsVUFBVSxJQUFJLE9BQU8sQ0FBQyxXQUFXLEVBQUU7WUFDaEUsZ0JBQWdCLEdBQUcsSUFBSSxDQUFDO1NBQ3pCO0tBQ0Y7SUFDRCxPQUFPLGdCQUFnQixDQUFDO0FBQzFCLENBQUM7QUFYRCxrREFXQztBQUVELHlDQUF5QztBQUNsQyxLQUFLLFVBQVUsa0JBQWtCLENBQUMsYUFBa0M7SUFDekUsSUFBSSxRQUFrQixDQUFDO0lBQ3ZCLElBQUksT0FBTyxhQUFhLEtBQUssUUFBUSxFQUFFO1FBQ3JDLFFBQVEsR0FBRyxJQUFBLDBCQUFnQixFQUFDLGFBQWEsQ0FBQyxDQUFDO0tBQzVDO1NBQU07UUFDTCxRQUFRLEdBQUcsSUFBSSxzQkFBUSxDQUFDO1lBQ3RCLElBQUk7Z0JBQ0YsSUFBSSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztnQkFDekIsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUNsQixDQUFDO1NBQ0YsQ0FBQyxDQUFDO0tBQ0o7SUFFRCxJQUFJLGFBQWEsR0FBRyxLQUFLLENBQUM7SUFDMUIsTUFBTSxlQUFlLEdBQUcsSUFBSSxlQUFlLEVBQUUsQ0FBQztJQUM5QyxNQUFNLE1BQU0sR0FBRyxhQUFHLENBQUMsQ0FBQyxDQUFDO1FBQ25CLDhEQUE4RDtRQUM5RCw0REFBNEQ7UUFDNUQsT0FBTyxDQUFDLEtBQUs7WUFDWCxJQUFJLEtBQUssQ0FBQyxJQUFJLEtBQUssNkJBQTZCLEVBQUU7Z0JBQ2hELGFBQWEsR0FBRyxJQUFJLENBQUM7Z0JBQ3JCLGVBQWUsQ0FBQyxLQUFLLEVBQUUsQ0FBQzthQUN6QjtRQUNILENBQUM7S0FDRixDQUFDLENBQUM7SUFFSCxJQUFJO1FBQ0YsTUFBTSxJQUFBLG1CQUFRLEVBQUMsUUFBUSxFQUFFLE1BQU0sRUFBRSxFQUFFLE1BQU0sRUFBRSxlQUFlLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQztRQUNyRSxPQUFPLGFBQWEsQ0FBQztLQUN0QjtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsSUFBSSxDQUFDLENBQUMsSUFBSSxLQUFLLFdBQVcsRUFBRTtZQUMxQixPQUFPLGFBQWEsQ0FBQztTQUN0QjtRQUNELE1BQU0sTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLEtBQUssQ0FBQywrQ0FBK0MsQ0FBQyxFQUFFLEVBQUUsS0FBSyxFQUFFLENBQUMsRUFBRSxDQUFDLENBQUM7S0FDL0Y7QUFDSCxDQUFDO0FBbkNELGdEQW1DQztBQUVELHlCQUF5QjtBQUN6QixTQUFnQixZQUFZLENBQUMsTUFBdUM7SUFDbEUsSUFBSSxNQUFNLEtBQUssU0FBUyxFQUFFO1FBQ3hCLE9BQU8sTUFBTSxDQUFDO0tBQ2Y7SUFFRCxJQUFJLE9BQU8sTUFBTSxLQUFLLFFBQVEsRUFBRTtRQUM5QixPQUFPLEVBQUUsSUFBSSxFQUFFLE1BQU0sRUFBRSxDQUFDO0tBQ3pCO0lBRUQsT0FBTyxNQUFNLENBQUM7QUFDaEIsQ0FBQztBQVZELG9DQVVDO0FBRU0sS0FBSyxVQUFVLGtCQUFrQixDQUFDLFlBQW9CO0lBQzNELE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsTUFBTSxFQUFFLEVBQUU7UUFDckMsc0JBQVEsQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDO2FBQ3hCLElBQUksQ0FBQyxhQUFHLENBQUMsQ0FBQyxDQUFDO1lBQ1YsTUFBTSxFQUFFLElBQUksQ0FBQyxFQUFFLENBQUMsSUFBSSxLQUFLLHNCQUFzQjtZQUMvQyxPQUFPLEVBQUUsS0FBSyxFQUFDLEtBQUssRUFBQyxFQUFFO2dCQUNyQixNQUFNLE1BQU0sR0FBYSxFQUFFLENBQUM7Z0JBQzVCLElBQUksS0FBSyxFQUFFLE1BQU0sS0FBSyxJQUFJLEtBQUssRUFBRTtvQkFDL0IsTUFBTSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQztpQkFDcEI7Z0JBQ0QsSUFBSTtvQkFDRixNQUFNLElBQUksR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDO29CQUNuQyxPQUFPLE9BQU8sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDLENBQUM7aUJBQzdDO2dCQUFDLE9BQU8sR0FBRyxFQUFFO29CQUNaLE1BQU0sQ0FBQyxJQUFJLEtBQUssQ0FBQyw0QkFBNEIsQ0FBQyxDQUFDLENBQUM7aUJBQ2pEO1lBQ0gsQ0FBQztTQUNGLENBQUMsQ0FBQyxDQUFDO0lBQ1IsQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDO0FBbkJELGdEQW1CQyJ9