-
-
Notifications
You must be signed in to change notification settings - Fork 8
/
npm.js
125 lines (111 loc) · 3.41 KB
/
npm.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
'use strict';
const { promisify } = require('util');
const execFile = promisify(require('child_process').execFile);
const npa = require('npm-package-arg');
const semver = require('semver');
const validateNpmPackageName = require('validate-npm-package-name');
// Remove npm env vars from the commands, this
// is so it respects the directory it is run in,
// otherwise this overrides things in .npmrc
const env = Object.keys(process.env).reduce((e, key) => {
if (key.startsWith('npm_')) {
return e;
}
e[key] = process.env[key];
return e;
}, {});
module.exports.install = install;
function install (deps = [], opts = {}) {
if (!deps || !deps.length) {
return Promise.resolve();
}
let args = ['i'];
if (opts.save === false) {
args.push('--no-save');
} else {
args.push(`--save-${opts.save || 'prod'}`);
if (opts.exact) {
args.push('--save-exact');
}
if (opts.bundle) {
args.push('--save-bundle');
}
}
args = args.concat(deps);
return execFile('npm', args, {
env,
cwd: opts.directory || process.cwd()
});
}
const packageTypes = ['tag', 'git', 'version', 'range', 'file', 'directory', 'remote'];
module.exports.normalizePackageName = normalizePackageName;
function normalizePackageName (name, opts = {}) {
const allowedTypes = opts.allowedTypes || packageTypes;
const pkg = npa(name);
if (!allowedTypes.includes(pkg.type)) {
// First try to validate the name incase npa miss categorized as a file/dir
throw new Error(`Invalid package type specifier (${pkg.type} - ${pkg.raw})`);
}
if (
typeof pkg.rawSpec !== 'string' || (
pkg.rawSpec.length > 0 && (
semver.coerce(pkg.rawSpec, { loose: true }) == null && (
pkg.rawSpec === '*' || pkg.rawSpec.startsWith('<=') || pkg.rawSpec.startsWith('>=')
) === false)
)
) {
throw new Error(`Invalid package semver specifier (${pkg.rawSpec} - ${pkg.raw})`);
}
switch (pkg.type) {
// Directory checkes for package.json and
// hosted means it looks like a remote repo or tarball
case 'directory':
case 'file':
case 'remote':
case 'git':
// @TODO validate that it exists?
break;
case 'tag':
case 'version':
case 'range':
validateName(pkg);
break;
}
return pkg;
}
function validateName (pkg) {
// Manual check because the validate package just says "name cannot be null"
if (!pkg.name) {
throw new Error(`Invalid package name (${pkg.raw} - name cannot be empty)`);
}
const v = validateNpmPackageName(pkg.name);
if (v.errors || v.warnings) {
const msg = (v.errors && v.errors[0]) || (v.warnings || v.warnings[0]);
throw new Error(`Invalid package name (${pkg.raw}${msg ? ` - ${msg}` : ''})`);
}
}
module.exports.validatePackageSpec = validatePackageSpec;
function validatePackageSpec (name, opts = {}) {
const names = Array.isArray(name) ? name : [name];
for (let i = 0; i < names.length; i++) {
try {
validatePackageName(names[i]);
} catch (e) {
return e;
}
}
return true;
}
module.exports.validatePackageName = validatePackageName;
function validatePackageName (name) {
try {
normalizePackageName(name, {
allowedTypes: ['tag', 'range', 'version']
});
} catch (e) {
return new Error(`${e.message}
>> This most likely indicates an invalid package name. See here:
>> https://www.npmjs.com/package/validate-npm-package-name#naming-rules`);
}
return true;
}