@npmcli/config 4.0.2 → 4.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/lib/index.js +26 -14
  2. package/package.json +4 -4
package/lib/index.js CHANGED
@@ -296,6 +296,7 @@ class Config {
296
296
  // might be a security hazard, which was the intention.
297
297
  try {
298
298
  this.setCredentialsByURI(reg, creds)
299
+ // eslint-disable-next-line no-empty
299
300
  } catch (_) {}
300
301
  process.emit('timeEnd', 'config:load:credentials')
301
302
 
@@ -366,9 +367,11 @@ class Config {
366
367
  if (!/^npm_config_/i.test(envKey) || envVal === '') {
367
368
  continue
368
369
  }
369
- const key = envKey.slice('npm_config_'.length)
370
- .replace(/(?!^)_/g, '-') // don't replace _ at the start of the key
371
- .toLowerCase()
370
+ let key = envKey.slice('npm_config_'.length)
371
+ if (!key.startsWith('//')) { // don't normalize nerf-darted keys
372
+ key = key.replace(/(?!^)_/g, '-') // don't replace _ at the start of the key
373
+ .toLowerCase()
374
+ }
372
375
  conf[key] = envVal
373
376
  }
374
377
  this[_loadObject](conf, 'env', 'environment')
@@ -506,10 +509,9 @@ class Config {
506
509
  }
507
510
 
508
511
  [_checkDeprecated] (key, where, obj, kv) {
509
- // XXX a future npm version will make this a warning.
510
- // An even more future npm version will make this an error.
512
+ // XXX(npm9+) make this throw an error
511
513
  if (this.deprecated[key]) {
512
- log.verbose('config', key, this.deprecated[key])
514
+ log.warn('config', key, this.deprecated[key])
513
515
  }
514
516
  }
515
517
 
@@ -655,6 +657,7 @@ class Config {
655
657
  // saved back to the .npmrc file, so we're good.
656
658
  try {
657
659
  this.setCredentialsByURI(reg, creds)
660
+ // eslint-disable-next-line no-empty
658
661
  } catch (_) {}
659
662
  }
660
663
 
@@ -692,16 +695,16 @@ class Config {
692
695
  this.delete(`_password`, 'user')
693
696
  this.delete(`username`, 'user')
694
697
  }
695
- this.delete(`${nerfed}:-authtoken`, 'user')
696
- this.delete(`${nerfed}:_authtoken`, 'user')
697
698
  this.delete(`${nerfed}:_authToken`, 'user')
698
699
  this.delete(`${nerfed}:_auth`, 'user')
699
700
  this.delete(`${nerfed}:_password`, 'user')
700
701
  this.delete(`${nerfed}:username`, 'user')
701
702
  this.delete(`${nerfed}:email`, 'user')
703
+ this.delete(`${nerfed}:certfile`, 'user')
704
+ this.delete(`${nerfed}:keyfile`, 'user')
702
705
  }
703
706
 
704
- setCredentialsByURI (uri, { token, username, password, email }) {
707
+ setCredentialsByURI (uri, { token, username, password, email, certfile, keyfile }) {
705
708
  const nerfed = nerfDart(uri)
706
709
  const def = nerfDart(this.get('registry'))
707
710
 
@@ -731,9 +734,12 @@ class Config {
731
734
  // send auth if we have it, only to the URIs under the nerf dart.
732
735
  this.delete(`${nerfed}:always-auth`, 'user')
733
736
 
734
- this.delete(`${nerfed}:-authtoken`, 'user')
735
- this.delete(`${nerfed}:_authtoken`, 'user')
736
737
  this.delete(`${nerfed}:email`, 'user')
738
+ if (certfile && keyfile) {
739
+ this.set(`${nerfed}:certfile`, certfile, 'user')
740
+ this.set(`${nerfed}:keyfile`, keyfile, 'user')
741
+ // cert/key may be used in conjunction with other credentials, thus no `else`
742
+ }
737
743
  if (token) {
738
744
  this.set(`${nerfed}:_authToken`, token, 'user')
739
745
  this.delete(`${nerfed}:_password`, 'user')
@@ -751,7 +757,7 @@ class Config {
751
757
  // protects against shoulder-hacks if password is memorable, I guess?
752
758
  const encoded = Buffer.from(password, 'utf8').toString('base64')
753
759
  this.set(`${nerfed}:_password`, encoded, 'user')
754
- } else {
760
+ } else if (!certfile || !keyfile) {
755
761
  throw new Error('No credentials to set.')
756
762
  }
757
763
  }
@@ -766,9 +772,15 @@ class Config {
766
772
  creds.email = email
767
773
  }
768
774
 
775
+ const certfileReg = this.get(`${nerfed}:certfile`)
776
+ const keyfileReg = this.get(`${nerfed}:keyfile`)
777
+ if (certfileReg && keyfileReg) {
778
+ creds.certfile = certfileReg
779
+ creds.keyfile = keyfileReg
780
+ // cert/key may be used in conjunction with other credentials, thus no `return`
781
+ }
782
+
769
783
  const tokenReg = this.get(`${nerfed}:_authToken`) ||
770
- this.get(`${nerfed}:_authtoken`) ||
771
- this.get(`${nerfed}:-authtoken`) ||
772
784
  nerfed === nerfDart(this.get('registry')) && this.get('_authToken')
773
785
 
774
786
  if (tokenReg) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@npmcli/config",
3
- "version": "4.0.2",
3
+ "version": "4.2.1",
4
4
  "files": [
5
5
  "bin/",
6
6
  "lib/"
@@ -31,14 +31,14 @@
31
31
  },
32
32
  "devDependencies": {
33
33
  "@npmcli/eslint-config": "^3.0.1",
34
- "@npmcli/template-oss": "3.2.2",
34
+ "@npmcli/template-oss": "3.5.0",
35
35
  "tap": "^16.0.1"
36
36
  },
37
37
  "dependencies": {
38
38
  "@npmcli/map-workspaces": "^2.0.2",
39
39
  "ini": "^3.0.0",
40
40
  "mkdirp-infer-owner": "^2.0.0",
41
- "nopt": "^5.0.0",
41
+ "nopt": "^6.0.0",
42
42
  "proc-log": "^2.0.0",
43
43
  "read-package-json-fast": "^2.0.3",
44
44
  "semver": "^7.3.5",
@@ -49,6 +49,6 @@
49
49
  },
50
50
  "templateOSS": {
51
51
  "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
52
- "version": "3.2.2"
52
+ "version": "3.5.0"
53
53
  }
54
54
  }