@npmcli/config 2.1.0 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/index.js +53 -39
- package/package.json +2 -2
package/lib/index.js
CHANGED
|
@@ -197,11 +197,6 @@ class Config {
|
|
|
197
197
|
throw new Error('call config.load() before setting values')
|
|
198
198
|
if (!confTypes.has(where))
|
|
199
199
|
throw new Error('invalid config location param: ' + where)
|
|
200
|
-
if (key === '_auth') {
|
|
201
|
-
const { email } = this.getCredentialsByURI(this.get('registry'))
|
|
202
|
-
if (!email)
|
|
203
|
-
throw new Error('Cannot set _auth without first setting email')
|
|
204
|
-
}
|
|
205
200
|
this[_checkDeprecated](key)
|
|
206
201
|
const { data } = this.data.get(where)
|
|
207
202
|
data[key] = val
|
|
@@ -282,6 +277,14 @@ class Config {
|
|
|
282
277
|
// symbols, as that module also does a bunch of get operations
|
|
283
278
|
this[_loaded] = true
|
|
284
279
|
|
|
280
|
+
process.emit('time', 'config:load:credentials')
|
|
281
|
+
const reg = this.get('registry')
|
|
282
|
+
const creds = this.getCredentialsByURI(reg)
|
|
283
|
+
// ignore this error because a failed set will strip out anything that
|
|
284
|
+
// might be a security hazard, which was the intention.
|
|
285
|
+
try { this.setCredentialsByURI(reg, creds) } catch (_) {}
|
|
286
|
+
process.emit('timeEnd', 'config:load:credentials')
|
|
287
|
+
|
|
285
288
|
// set proper globalPrefix now that everything is loaded
|
|
286
289
|
this.globalPrefix = this.get('prefix')
|
|
287
290
|
|
|
@@ -588,14 +591,17 @@ class Config {
|
|
|
588
591
|
const nerfed = nerfDart(uri)
|
|
589
592
|
const def = nerfDart(this.get('registry'))
|
|
590
593
|
if (def === nerfed) {
|
|
594
|
+
// do not delete email, that shouldn't be nerfed any more.
|
|
595
|
+
// just delete the nerfed copy, if one exists.
|
|
591
596
|
this.delete(`-authtoken`, 'user')
|
|
592
597
|
this.delete(`_authToken`, 'user')
|
|
598
|
+
this.delete(`_authtoken`, 'user')
|
|
593
599
|
this.delete(`_auth`, 'user')
|
|
594
600
|
this.delete(`_password`, 'user')
|
|
595
601
|
this.delete(`username`, 'user')
|
|
596
|
-
this.delete(`email`, 'user')
|
|
597
602
|
}
|
|
598
603
|
this.delete(`${nerfed}:-authtoken`, 'user')
|
|
604
|
+
this.delete(`${nerfed}:_authtoken`, 'user')
|
|
599
605
|
this.delete(`${nerfed}:_authToken`, 'user')
|
|
600
606
|
this.delete(`${nerfed}:_auth`, 'user')
|
|
601
607
|
this.delete(`${nerfed}:_password`, 'user')
|
|
@@ -603,7 +609,7 @@ class Config {
|
|
|
603
609
|
this.delete(`${nerfed}:email`, 'user')
|
|
604
610
|
}
|
|
605
611
|
|
|
606
|
-
setCredentialsByURI (uri, { token, username, password, email
|
|
612
|
+
setCredentialsByURI (uri, { token, username, password, email }) {
|
|
607
613
|
const nerfed = nerfDart(uri)
|
|
608
614
|
const def = nerfDart(this.get('registry'))
|
|
609
615
|
|
|
@@ -611,41 +617,45 @@ class Config {
|
|
|
611
617
|
// remove old style auth info not limited to a single registry
|
|
612
618
|
this.delete('_password', 'user')
|
|
613
619
|
this.delete('username', 'user')
|
|
614
|
-
this.delete('email', 'user')
|
|
615
620
|
this.delete('_auth', 'user')
|
|
616
621
|
this.delete('_authtoken', 'user')
|
|
622
|
+
this.delete('-authtoken', 'user')
|
|
617
623
|
this.delete('_authToken', 'user')
|
|
618
624
|
}
|
|
619
625
|
|
|
620
|
-
|
|
626
|
+
// email used to be nerfed always. if we're using the default
|
|
627
|
+
// registry, de-nerf it.
|
|
628
|
+
if (nerfed === def) {
|
|
629
|
+
email = email ||
|
|
630
|
+
this.get('email', 'user') ||
|
|
631
|
+
this.get(`${nerfed}:email`, 'user')
|
|
632
|
+
if (email)
|
|
633
|
+
this.set('email', email, 'user')
|
|
634
|
+
}
|
|
635
|
+
|
|
636
|
+
// field that hasn't been used as documented for a LONG time,
|
|
637
|
+
// and as of npm 7.10.0, isn't used at all. We just always
|
|
638
|
+
// send auth if we have it, only to the URIs under the nerf dart.
|
|
639
|
+
this.delete(`${nerfed}:always-auth`, 'user')
|
|
640
|
+
|
|
641
|
+
this.delete(`${nerfed}:-authtoken`, 'user')
|
|
642
|
+
this.delete(`${nerfed}:_authtoken`, 'user')
|
|
643
|
+
this.delete(`${nerfed}:email`, 'user')
|
|
621
644
|
if (token) {
|
|
622
645
|
this.set(`${nerfed}:_authToken`, token, 'user')
|
|
623
646
|
this.delete(`${nerfed}:_password`, 'user')
|
|
624
647
|
this.delete(`${nerfed}:username`, 'user')
|
|
625
|
-
|
|
626
|
-
|
|
627
|
-
|
|
628
|
-
if (
|
|
629
|
-
|
|
630
|
-
throw new Error('must include username')
|
|
631
|
-
if (!password)
|
|
632
|
-
throw new Error('must include password')
|
|
633
|
-
}
|
|
634
|
-
if (!email)
|
|
635
|
-
throw new Error('must include email')
|
|
648
|
+
} else if (username || password) {
|
|
649
|
+
if (!username)
|
|
650
|
+
throw new Error('must include username')
|
|
651
|
+
if (!password)
|
|
652
|
+
throw new Error('must include password')
|
|
636
653
|
this.delete(`${nerfed}:_authToken`, 'user')
|
|
637
|
-
|
|
638
|
-
|
|
639
|
-
|
|
640
|
-
|
|
641
|
-
|
|
642
|
-
this.set(`${nerfed}:_password`, encoded, 'user')
|
|
643
|
-
}
|
|
644
|
-
this.set(`${nerfed}:email`, email, 'user')
|
|
645
|
-
if (alwaysAuth !== undefined)
|
|
646
|
-
this.set(`${nerfed}:always-auth`, alwaysAuth, 'user')
|
|
647
|
-
else
|
|
648
|
-
this.delete(`${nerfed}:always-auth`, 'user')
|
|
654
|
+
this.set(`${nerfed}:username`, username, 'user')
|
|
655
|
+
// note: not encrypted, no idea why we bothered to do this, but oh well
|
|
656
|
+
// protects against shoulder-hacks if password is memorable, I guess?
|
|
657
|
+
const encoded = Buffer.from(password, 'utf8').toString('base64')
|
|
658
|
+
this.set(`${nerfed}:_password`, encoded, 'user')
|
|
649
659
|
} else {
|
|
650
660
|
throw new Error('No credentials to set.')
|
|
651
661
|
}
|
|
@@ -656,18 +666,12 @@ class Config {
|
|
|
656
666
|
const nerfed = nerfDart(uri)
|
|
657
667
|
const creds = {}
|
|
658
668
|
|
|
659
|
-
// you can set always-auth for a single registry, or as a default
|
|
660
|
-
const alwaysAuthReg = this.get(`${nerfed}:always-auth`)
|
|
661
|
-
if (alwaysAuthReg !== undefined)
|
|
662
|
-
creds.alwaysAuth = !!alwaysAuthReg
|
|
663
|
-
else
|
|
664
|
-
creds.alwaysAuth = this.get('always-auth')
|
|
665
|
-
|
|
666
669
|
const email = this.get(`${nerfed}:email`) || this.get('email')
|
|
667
670
|
if (email)
|
|
668
671
|
creds.email = email
|
|
669
672
|
|
|
670
673
|
const tokenReg = this.get(`${nerfed}:_authToken`) ||
|
|
674
|
+
this.get(`${nerfed}:_authtoken`) ||
|
|
671
675
|
this.get(`${nerfed}:-authtoken`) ||
|
|
672
676
|
nerfed === nerfDart(this.get('registry')) && this.get('_authToken')
|
|
673
677
|
|
|
@@ -686,6 +690,16 @@ class Config {
|
|
|
686
690
|
return creds
|
|
687
691
|
}
|
|
688
692
|
|
|
693
|
+
const authReg = this.get(`${nerfed}:_auth`)
|
|
694
|
+
if (authReg) {
|
|
695
|
+
const authDecode = Buffer.from(authReg, 'base64').toString('utf8')
|
|
696
|
+
const authSplit = authDecode.split(':')
|
|
697
|
+
creds.username = authSplit.shift()
|
|
698
|
+
creds.password = authSplit.join(':')
|
|
699
|
+
creds.auth = authReg
|
|
700
|
+
return creds
|
|
701
|
+
}
|
|
702
|
+
|
|
689
703
|
// at this point, we can only use the values if the URI is the
|
|
690
704
|
// default registry.
|
|
691
705
|
const defaultNerf = nerfDart(this.get('registry'))
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@npmcli/config",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.2.0",
|
|
4
4
|
"files": [
|
|
5
5
|
"lib"
|
|
6
6
|
],
|
|
@@ -24,7 +24,7 @@
|
|
|
24
24
|
"coverage-map": "map.js"
|
|
25
25
|
},
|
|
26
26
|
"devDependencies": {
|
|
27
|
-
"tap": "^
|
|
27
|
+
"tap": "^15.0.4"
|
|
28
28
|
},
|
|
29
29
|
"dependencies": {
|
|
30
30
|
"ini": "^2.0.0",
|