@pnpm/pnpr.client 1.2.2 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,6 +1,5 @@
1
1
  import type { LockfileFile, LockfileObject } from '@pnpm/lockfile.types';
2
2
  import type { ResponseMetadata } from './protocol.js';
3
- export type AuthHeadersByScope = Record<string, Record<string, string>>;
4
3
  export interface PnprProject {
5
4
  /** Relative dir within the workspace (e.g. "." or "packages/foo") */
6
5
  dir: string;
@@ -26,16 +25,11 @@ export interface ResolveViaPnprServerOptions {
26
25
  registry?: string;
27
26
  /** The client's named-registry aliases (`namedRegistries`). */
28
27
  namedRegistries?: Record<string, string>;
29
- /**
30
- * The caller's forwarded upstream credentials, keyed by nerf-darted
31
- * registry URI and package scope, so the server resolves private
32
- * content as the caller. The `@` scope stores registry-wide auth.
33
- * Distinct from `authorization` (pnpr identity).
34
- */
35
- authHeaders?: AuthHeadersByScope;
36
28
  /**
37
29
  * `Authorization` for the pnpr server's own URL (`undefined` if none):
38
- * identifies the caller to pnpr's gate.
30
+ * identifies the caller to pnpr's gate. The client never forwards its
31
+ * own upstream registry credentials — pnpr selects upstream credentials
32
+ * from its route policy, so none are placed in the request body.
39
33
  */
40
34
  authorization?: string;
41
35
  /** Overrides */
@@ -59,7 +53,7 @@ export interface ResolveViaPnprServerResult {
59
53
  * Resolve a project against a pnpr server and return the resolved
60
54
  * lockfile.
61
55
  *
62
- * `POST /v1/resolve` answers with an `application/x-ndjson` stream: one
56
+ * `POST /-/pnpr/v0/resolve` answers with an `application/x-ndjson` stream: one
63
57
  * `package` frame per resolved tarball as the server's tree walk yields
64
58
  * it, then exactly one terminal frame — `done` (full lockfile + stats),
65
59
  * `error`, or `violations`. pnpr serves no file content — the caller
@@ -7,7 +7,7 @@ import { convertToLockfileObject } from '@pnpm/lockfile.fs';
7
7
  * Resolve a project against a pnpr server and return the resolved
8
8
  * lockfile.
9
9
  *
10
- * `POST /v1/resolve` answers with an `application/x-ndjson` stream: one
10
+ * `POST /-/pnpr/v0/resolve` answers with an `application/x-ndjson` stream: one
11
11
  * `package` frame per resolved tarball as the server's tree walk yields
12
12
  * it, then exactly one terminal frame — `done` (full lockfile + stats),
13
13
  * `error`, or `violations`. pnpr serves no file content — the caller
@@ -25,7 +25,6 @@ export async function resolveViaPnprServer(opts) {
25
25
  projects,
26
26
  registry: opts.registry,
27
27
  namedRegistries: opts.namedRegistries,
28
- authHeaders: opts.authHeaders,
29
28
  overrides: opts.overrides,
30
29
  nodeVersion: opts.nodeVersion ?? process.version.slice(1),
31
30
  os: process.platform,
@@ -55,7 +54,7 @@ export async function resolveViaPnprServer(opts) {
55
54
  };
56
55
  }
57
56
  /**
58
- * Parse the NDJSON `/v1/resolve` body and return its single terminal
57
+ * Parse the NDJSON `/-/pnpr/v0/resolve` body and return its single terminal
59
58
  * frame. `package` frames are skipped — this client fetches tarballs the
60
59
  * normal way after resolution rather than overlapping fetch with the
61
60
  * stream. Throws on an unknown frame type (so a protocol mismatch fails
@@ -72,13 +71,13 @@ function parseTerminalFrame(body) {
72
71
  if (frame.type === 'done' || frame.type === 'error' || frame.type === 'violations') {
73
72
  return frame;
74
73
  }
75
- throw new Error(`pnpr server /v1/resolve stream emitted an unknown frame type: ${String(frame.type)}`);
74
+ throw new Error(`pnpr server /-/pnpr/v0/resolve stream emitted an unknown frame type: ${String(frame.type)}`);
76
75
  }
77
- throw new Error('pnpr server /v1/resolve stream ended without a terminal frame');
76
+ throw new Error('pnpr server /-/pnpr/v0/resolve stream ended without a terminal frame');
78
77
  }
79
78
  const REQUEST_TIMEOUT = 600_000; // 10 minutes — server-side resolution can be slow on first run
80
79
  /**
81
- * `POST /v1/resolve` and return the full response body, decompressed.
80
+ * `POST /-/pnpr/v0/resolve` and return the full response body, decompressed.
82
81
  *
83
82
  * `urlPath` resolution normalizes the base to end with "/" so a path
84
83
  * prefix configured on the pnpr server URL (e.g. https://host/pnpr/) is
@@ -86,7 +85,7 @@ const REQUEST_TIMEOUT = 600_000; // 10 minutes — server-side resolution can be
86
85
  */
87
86
  async function postResolve(registryUrl, body, authorization) {
88
87
  const base = registryUrl.endsWith('/') ? registryUrl : `${registryUrl}/`;
89
- const url = new URL('v1/resolve', base);
88
+ const url = new URL('-/pnpr/v0/resolve', base);
90
89
  const requestFn = url.protocol === 'https:' ? https.request : http.request;
91
90
  const headers = {
92
91
  'Content-Type': 'application/json',
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pnpm/pnpr.client",
3
- "version": "1.2.2",
3
+ "version": "1.3.0",
4
4
  "description": "Client for the pnpr server — resolves a project server-side and receives the resolved lockfile",
5
5
  "keywords": [
6
6
  "pnpm",
@@ -27,11 +27,11 @@
27
27
  "!*.map"
28
28
  ],
29
29
  "dependencies": {
30
- "@pnpm/lockfile.types": "1100.0.11",
31
- "@pnpm/lockfile.fs": "1100.1.6"
30
+ "@pnpm/lockfile.fs": "1100.1.8",
31
+ "@pnpm/lockfile.types": "1100.0.13"
32
32
  },
33
33
  "devDependencies": {
34
- "@pnpm/pnpr.client": "1.2.2",
34
+ "@pnpm/pnpr.client": "1.3.0",
35
35
  "@pnpm/types": "1101.3.2"
36
36
  },
37
37
  "engines": {