@npmcli/config 4.0.1 → 4.2.0

package/lib/env-replace.js

@@ -7,8 +7,8 @@ module.exports = (f, env) => f.replace(envExpr, (orig, esc, name) => {
 
   // consume the escape chars that are relevant.
   if (esc.length % 2) {
-    return orig.substr((esc.length + 1) / 2)
+    return orig.slice((esc.length + 1) / 2)
   }
 
-  return (esc.substr(esc.length / 2)) + val
+  return (esc.slice(esc.length / 2)) + val
 })

package/lib/index.js

@@ -366,7 +366,7 @@ class Config {
       if (!/^npm_config_/i.test(envKey) || envVal === '') {
         continue
       }
-      const key = envKey.substr('npm_config_'.length)
+      const key = envKey.slice('npm_config_'.length)
         .replace(/(?!^)_/g, '-') // don't replace _ at the start of the key
         .toLowerCase()
       conf[key] = envVal
@@ -396,13 +396,13 @@ class Config {
   validate (where) {
     if (!where) {
       let valid = true
-      for (const [where] of this.data.entries()) {
+      for (const [entryWhere] of this.data.entries()) {
         // no need to validate our defaults, we know they're fine
         // cli was already validated when parsed the first time
-        if (where === 'default' || where === 'builtin' || where === 'cli') {
+        if (entryWhere === 'default' || entryWhere === 'builtin' || entryWhere === 'cli') {
           continue
         }
-        const ret = this.validate(where)
+        const ret = this.validate(entryWhere)
         valid = valid && ret
       }
       return valid
@@ -506,10 +506,9 @@ class Config {
   }
 
   [_checkDeprecated] (key, where, obj, kv) {
-    // XXX a future npm version will make this a warning.
-    // An even more future npm version will make this an error.
+    // XXX(npm9+) make this throw an error
     if (this.deprecated[key]) {
-      log.verbose('config', key, this.deprecated[key])
+      log.warn('config', key, this.deprecated[key])
     }
   }
 
@@ -699,9 +698,11 @@ class Config {
     this.delete(`${nerfed}:_password`, 'user')
     this.delete(`${nerfed}:username`, 'user')
     this.delete(`${nerfed}:email`, 'user')
+    this.delete(`${nerfed}:certfile`, 'user')
+    this.delete(`${nerfed}:keyfile`, 'user')
   }
 
-  setCredentialsByURI (uri, { token, username, password, email }) {
+  setCredentialsByURI (uri, { token, username, password, email, certfile, keyfile }) {
     const nerfed = nerfDart(uri)
     const def = nerfDart(this.get('registry'))
 
@@ -734,6 +735,11 @@ class Config {
     this.delete(`${nerfed}:-authtoken`, 'user')
     this.delete(`${nerfed}:_authtoken`, 'user')
     this.delete(`${nerfed}:email`, 'user')
+    if (certfile && keyfile) {
+      this.set(`${nerfed}:certfile`, certfile, 'user')
+      this.set(`${nerfed}:keyfile`, keyfile, 'user')
+      // cert/key may be used in conjunction with other credentials, thus no `else`
+    }
     if (token) {
       this.set(`${nerfed}:_authToken`, token, 'user')
       this.delete(`${nerfed}:_password`, 'user')
@@ -751,7 +757,7 @@ class Config {
       // protects against shoulder-hacks if password is memorable, I guess?
       const encoded = Buffer.from(password, 'utf8').toString('base64')
       this.set(`${nerfed}:_password`, encoded, 'user')
-    } else {
+    } else if (!certfile || !keyfile) {
       throw new Error('No credentials to set.')
     }
   }
@@ -766,6 +772,14 @@ class Config {
       creds.email = email
     }
 
+    const certfileReg = this.get(`${nerfed}:certfile`)
+    const keyfileReg = this.get(`${nerfed}:keyfile`)
+    if (certfileReg && keyfileReg) {
+      creds.certfile = certfileReg
+      creds.keyfile = keyfileReg
+      // cert/key may be used in conjunction with other credentials, thus no `return`
+    }
+
     const tokenReg = this.get(`${nerfed}:_authToken`) ||
       this.get(`${nerfed}:_authtoken`) ||
       this.get(`${nerfed}:-authtoken`) ||

package/lib/parse-field.js

@@ -56,7 +56,7 @@ const parseField = (f, key, opts, listElement = false) => {
   if (isPath) {
     const homePattern = platform === 'win32' ? /^~(\/|\\)/ : /^~\//
     if (homePattern.test(f) && home) {
-      f = resolve(home, f.substr(2))
+      f = resolve(home, f.slice(2))
     } else {
       f = resolve(f)
     }

package/package.json

@@ -1,15 +1,15 @@
 {
   "name": "@npmcli/config",
-  "version": "4.0.1",
+  "version": "4.2.0",
   "files": [
-    "bin",
-    "lib"
+    "bin/",
+    "lib/"
   ],
   "main": "lib/index.js",
   "description": "Configuration management for the npm cli",
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/npm/config"
+    "url": "https://github.com/npm/config.git"
   },
   "author": "GitHub Inc.",
   "license": "ISC",
@@ -19,23 +19,24 @@
     "preversion": "npm test",
     "postversion": "npm publish",
     "prepublishOnly": "git push origin --follow-tags",
-    "lint": "eslint '**/*.js'",
-    "postlint": "npm-template-check",
+    "lint": "eslint \"**/*.js\"",
+    "postlint": "template-oss-check",
     "lintfix": "npm run lint -- --fix",
     "posttest": "npm run lint",
-    "template-copy": "npm-template-copy --force"
+    "template-oss-apply": "template-oss-apply --force"
   },
   "tap": {
     "check-coverage": true,
     "coverage-map": "map.js"
   },
   "devDependencies": {
-    "@npmcli/template-oss": "^2.8.1",
-    "tap": "^15.1.6"
+    "@npmcli/eslint-config": "^3.0.1",
+    "@npmcli/template-oss": "3.5.0",
+    "tap": "^16.0.1"
   },
   "dependencies": {
-    "@npmcli/map-workspaces": "^2.0.1",
-    "ini": "^2.0.0",
+    "@npmcli/map-workspaces": "^2.0.2",
+    "ini": "^3.0.0",
     "mkdirp-infer-owner": "^2.0.0",
     "nopt": "^5.0.0",
     "proc-log": "^2.0.0",
@@ -44,9 +45,10 @@
     "walk-up-path": "^1.0.0"
   },
   "engines": {
-    "node": "^12.13.0 || ^14.15.0 || >=16"
+    "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
   },
   "templateOSS": {
-    "version": "2.8.1"
+    "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
+    "version": "3.5.0"
   }
 }