@pnpm/git-fetcher 1006.0.7 → 1006.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/lib/index.js +6 -0
  2. package/lib/index.js.map +1 -1
  3. package/package.json +8 -8
package/lib/index.js CHANGED
@@ -19,6 +19,9 @@ function createGitFetcher(createOpts) {
19
19
  const allowedHosts = new Set(createOpts?.gitShallowHosts ?? []);
20
20
  const ignoreScripts = createOpts.ignoreScripts ?? false;
21
21
  const gitFetcher = async (cafs, resolution, opts) => {
22
+ if (!isValidCommitHash(resolution.commit)) {
23
+ throw new error_1.PnpmError('INVALID_GIT_COMMIT', `Invalid git commit hash "${resolution.commit}" for repository "${resolution.repo}". Expected a 40-character hexadecimal SHA.`);
24
+ }
22
25
  const tempLocation = await cafs.tempDir();
23
26
  if (allowedHosts.size > 0 && shouldUseShallow(resolution.repo, allowedHosts)) {
24
27
  await execGit(['init'], { cwd: tempLocation });
@@ -70,6 +73,9 @@ function createGitFetcher(createOpts) {
70
73
  git: gitFetcher,
71
74
  };
72
75
  }
76
+ function isValidCommitHash(commit) {
77
+ return /^[0-9a-f]{40}$/i.test(commit);
78
+ }
73
79
  function shouldUseShallow(repoUrl, allowedHosts) {
74
80
  try {
75
81
  const { host } = new url_1.URL(repoUrl);
package/lib/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;AAoBA,4CAsDC;AA1ED,oDAA2B;AAC3B,gDAAuB;AACvB,gDAAuB;AAEvB,mDAA4C;AAC5C,yCAAyC;AACzC,2DAAsD;AACtD,yCAA8C;AAC9C,uCAAuC;AACvC,6DAAoC;AACpC,kDAAyB;AACzB,6BAAyB;AASzB,SAAgB,gBAAgB,CAAE,UAAmC;IACnE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,UAAU,EAAE,eAAe,IAAI,EAAE,CAAC,CAAA;IAC/D,MAAM,aAAa,GAAG,UAAU,CAAC,aAAa,IAAI,KAAK,CAAA;IAEvD,MAAM,UAAU,GAAe,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE;QAC9D,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAA;QACzC,IAAI,YAAY,CAAC,IAAI,GAAG,CAAC,IAAI,gBAAgB,CAAC,UAAU,CAAC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;YAC7E,MAAM,OAAO,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;YAC9C,MAAM,OAAO,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;YAClF,MAAM,OAAO,CAAC,CAAC,OAAO,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;QAC9F,CAAC;aAAM,CAAC;YACN,MAAM,OAAO,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC,CAAA;QACzD,CAAC;QACD,MAAM,OAAO,CAAC,CAAC,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;QACrE,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,CAAC,WAAW,EAAE,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;QAClF,IAAI,cAAc,CAAC,IAAI,EAAE,KAAK,UAAU,CAAC,MAAM,EAAE,CAAC;YAChD,MAAM,IAAI,iBAAS,CAAC,qBAAqB,EAAE,mBAAmB,cAAc,CAAC,IAAI,EAAE,kCAAkC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAA;QAC3I,CAAC;QACD,IAAI,MAAc,CAAA;QAClB,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAA,gCAAc,EAAC;gBACzC,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,aAAa,EAAE,UAAU,CAAC,aAAa;gBACvC,SAAS,EAAE,UAAU,CAAC,SAAS;gBAC/B,UAAU,EAAE,UAAU,CAAC,UAAU;aAClC,EAAE,YAAY,EAAE,UAAU,CAAC,IAAI,IAAI,EAAE,CAAC,CAAA;YACvC,MAAM,GAAG,aAAa,CAAC,MAAM,CAAA;YAC7B,IAAI,aAAa,IAAI,aAAa,CAAC,aAAa,EAAE,CAAC;gBACjD,IAAA,mBAAU,EAAC,wCAAwC,UAAU,CAAC,IAAI,uDAAuD,CAAC,CAAA;YAC5H,CAAC;QACH,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,IAAA,gBAAM,EAAC,cAAI,CAAC,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;YACrC,GAAG,CAAC,OAAO,GAAG,sDAAsD,UAAU,CAAC,IAAI,MAAM,GAAG,CAAC,OAAO,EAAE,CAAA;YACtG,MAAM,GAAG,CAAA;QACX,CAAC;QACD,gEAAgE;QAChE,MAAM,IAAA,gBAAM,EAAC,cAAI,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,CAAA;QAC7C,MAAM,KAAK,GAAG,MAAM,IAAA,sBAAQ,EAAC,MAAM,CAAC,CAAA;QACpC,+DAA+D;QAC/D,gDAAgD;QAChD,oDAAoD;QACpD,OAAO,IAAA,wBAAe,EAAC;YACrB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,GAAG,EAAE,MAAM;YACX,KAAK;YACL,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,GAAG,EAAE,IAAI,CAAC,GAAG;SACd,CAAC,CAAA;IACJ,CAAC,CAAA;IAED,OAAO;QACL,GAAG,EAAE,UAAU;KAChB,CAAA;AACH,CAAC;AAED,SAAS,gBAAgB,CAAE,OAAe,EAAE,YAAyB;IACnE,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,SAAG,CAAC,OAAO,CAAC,CAAA;QACjC,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,yBAAyB;IAC3B,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC;AAED,SAAS,aAAa;IACpB,OAAO,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;AAC1E,CAAC;AAED,KAAK,UAAU,OAAO,CAAE,IAAc,EAAE,IAAa;IACnD,MAAM,QAAQ,GAAG,aAAa,EAAE,CAAC,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC,CAAA;IACnD,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,eAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAA;IACrD,OAAO,MAAM,CAAA;AACf,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;AAoBA,4CAyDC;AA7ED,oDAA2B;AAC3B,gDAAuB;AACvB,gDAAuB;AAEvB,mDAA4C;AAC5C,yCAAyC;AACzC,2DAAsD;AACtD,yCAA8C;AAC9C,uCAAuC;AACvC,6DAAoC;AACpC,kDAAyB;AACzB,6BAAyB;AASzB,SAAgB,gBAAgB,CAAE,UAAmC;IACnE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,UAAU,EAAE,eAAe,IAAI,EAAE,CAAC,CAAA;IAC/D,MAAM,aAAa,GAAG,UAAU,CAAC,aAAa,IAAI,KAAK,CAAA;IAEvD,MAAM,UAAU,GAAe,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE;QAC9D,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,iBAAS,CAAC,oBAAoB,EAAE,4BAA4B,UAAU,CAAC,MAAM,qBAAqB,UAAU,CAAC,IAAI,6CAA6C,CAAC,CAAA;QAC3K,CAAC;QACD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAA;QACzC,IAAI,YAAY,CAAC,IAAI,GAAG,CAAC,IAAI,gBAAgB,CAAC,UAAU,CAAC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;YAC7E,MAAM,OAAO,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;YAC9C,MAAM,OAAO,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;YAClF,MAAM,OAAO,CAAC,CAAC,OAAO,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;QAC9F,CAAC;aAAM,CAAC;YACN,MAAM,OAAO,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC,CAAA;QACzD,CAAC;QACD,MAAM,OAAO,CAAC,CAAC,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;QACrE,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,CAAC,WAAW,EAAE,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;QAClF,IAAI,cAAc,CAAC,IAAI,EAAE,KAAK,UAAU,CAAC,MAAM,EAAE,CAAC;YAChD,MAAM,IAAI,iBAAS,CAAC,qBAAqB,EAAE,mBAAmB,cAAc,CAAC,IAAI,EAAE,kCAAkC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAA;QAC3I,CAAC;QACD,IAAI,MAAc,CAAA;QAClB,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,IAAA,gCAAc,EAAC;gBACzC,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,aAAa,EAAE,UAAU,CAAC,aAAa;gBACvC,SAAS,EAAE,UAAU,CAAC,SAAS;gBAC/B,UAAU,EAAE,UAAU,CAAC,UAAU;aAClC,EAAE,YAAY,EAAE,UAAU,CAAC,IAAI,IAAI,EAAE,CAAC,CAAA;YACvC,MAAM,GAAG,aAAa,CAAC,MAAM,CAAA;YAC7B,IAAI,aAAa,IAAI,aAAa,CAAC,aAAa,EAAE,CAAC;gBACjD,IAAA,mBAAU,EAAC,wCAAwC,UAAU,CAAC,IAAI,uDAAuD,CAAC,CAAA;YAC5H,CAAC;QACH,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,IAAA,gBAAM,EAAC,cAAI,CAAC,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;YACrC,GAAG,CAAC,OAAO,GAAG,sDAAsD,UAAU,CAAC,IAAI,MAAM,GAAG,CAAC,OAAO,EAAE,CAAA;YACtG,MAAM,GAAG,CAAA;QACX,CAAC;QACD,gEAAgE;QAChE,MAAM,IAAA,gBAAM,EAAC,cAAI,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,CAAA;QAC7C,MAAM,KAAK,GAAG,MAAM,IAAA,sBAAQ,EAAC,MAAM,CAAC,CAAA;QACpC,+DAA+D;QAC/D,gDAAgD;QAChD,oDAAoD;QACpD,OAAO,IAAA,wBAAe,EAAC;YACrB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,GAAG,EAAE,MAAM;YACX,KAAK;YACL,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,GAAG,EAAE,IAAI,CAAC,GAAG;SACd,CAAC,CAAA;IACJ,CAAC,CAAA;IAED,OAAO;QACL,GAAG,EAAE,UAAU;KAChB,CAAA;AACH,CAAC;AAED,SAAS,iBAAiB,CAAE,MAAc;IACxC,OAAO,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;AACvC,CAAC;AAED,SAAS,gBAAgB,CAAE,OAAe,EAAE,YAAyB;IACnE,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,SAAG,CAAC,OAAO,CAAC,CAAA;QACjC,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,yBAAyB;IAC3B,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC;AAED,SAAS,aAAa;IACpB,OAAO,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;AAC1E,CAAC;AAED,KAAK,UAAU,OAAO,CAAE,IAAc,EAAE,IAAa;IACnD,MAAM,QAAQ,GAAG,aAAa,EAAE,CAAC,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC,CAAA;IACnD,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,eAAK,EAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAA;IACrD,OAAO,MAAM,CAAA;AACf,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pnpm/git-fetcher",
3
- "version": "1006.0.7",
3
+ "version": "1006.0.8",
4
4
  "description": "A fetcher for git-hosted packages",
5
5
  "keywords": [
6
6
  "pnpm",
@@ -27,23 +27,23 @@
27
27
  "dependencies": {
28
28
  "@zkochan/rimraf": "^3.0.2",
29
29
  "execa": "npm:safe-execa@0.1.2",
30
- "@pnpm/fs.packlist": "1000.0.0",
31
30
  "@pnpm/fetcher-base": "1001.2.3",
32
- "@pnpm/prepare-package": "1001.0.8",
33
- "@pnpm/error": "1000.1.0"
31
+ "@pnpm/error": "1000.1.0",
32
+ "@pnpm/fs.packlist": "1000.0.0",
33
+ "@pnpm/prepare-package": "1001.0.8"
34
34
  },
35
35
  "peerDependencies": {
36
36
  "@pnpm/logger": "^1001.0.1",
37
- "@pnpm/worker": "^1000.6.8"
37
+ "@pnpm/worker": "^1000.6.9"
38
38
  },
39
39
  "devDependencies": {
40
40
  "@jest/globals": "29.7.0",
41
41
  "tempy": "^1.0.1",
42
+ "@pnpm/git-fetcher": "1006.0.8",
42
43
  "@pnpm/create-cafs-store": "1000.0.34",
43
- "@pnpm/git-fetcher": "1006.0.7",
44
- "@pnpm/logger": "1001.0.1",
44
+ "@pnpm/store.cafs": "1000.1.5",
45
45
  "@pnpm/types": "1001.3.0",
46
- "@pnpm/store.cafs": "1000.1.5"
46
+ "@pnpm/logger": "1001.0.1"
47
47
  },
48
48
  "engines": {
49
49
  "node": ">=18.12"