@pnpm/store.connection-manager 1100.3.5 → 1100.3.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +13 -0
- package/lib/createNewStoreController.d.ts +21 -1
- package/lib/createNewStoreController.js +25 -2
- package/lib/index.d.ts +2 -2
- package/lib/index.js +2 -2
- package/package.json +11 -9
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,18 @@
|
|
|
1
1
|
# @pnpm/store-connection-manager
|
|
2
2
|
|
|
3
|
+
## 1100.3.6
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- `pnpm add -g`, `pnpm update -g`, `pnpm setup`, and the self-updater no longer fail with `ERR_PNPM_MISSING_TIME` when `trustPolicy: no-downgrade` or `resolutionMode: time-based` is set in the global config [#12883](https://github.com/pnpm/pnpm/issues/12883). The decision to fetch full registry metadata now lives in one place, and the `no-downgrade` trust policy always requests full metadata (matching the self-updater), since the trust evidence it checks is missing from abbreviated metadata even on registries that include the `time` field.
|
|
8
|
+
|
|
9
|
+
- Updated dependencies:
|
|
10
|
+
- @pnpm/cli.meta@1100.0.9
|
|
11
|
+
- @pnpm/config.reader@1101.12.0
|
|
12
|
+
- @pnpm/installing.client@1100.2.14
|
|
13
|
+
- @pnpm/resolving.resolver-base@1100.5.2
|
|
14
|
+
- @pnpm/store.controller@1102.0.5
|
|
15
|
+
|
|
3
16
|
## 1100.3.5
|
|
4
17
|
|
|
5
18
|
### Patch Changes
|
|
@@ -3,7 +3,7 @@ import { type ClientOptions } from '@pnpm/installing.client';
|
|
|
3
3
|
import type { ResolutionVerifier } from '@pnpm/resolving.resolver-base';
|
|
4
4
|
import { type CafsLocker, type StoreController } from '@pnpm/store.controller';
|
|
5
5
|
type CreateResolverOptions = Pick<Config, 'fetchRetries' | 'fetchRetryFactor' | 'fetchRetryMaxtimeout' | 'fetchRetryMintimeout' | 'offline' | 'configByUri' | 'verifyStoreIntegrity'> & Required<Pick<Config, 'cacheDir' | 'storeDir'>>;
|
|
6
|
-
export type CreateNewStoreControllerOptions = CreateResolverOptions & Pick<Config, 'ca' | 'cert' | 'engineStrict' | 'force' | 'frozenStore' | 'nodeDownloadMirrors' | 'nodeVersion' | 'fetchTimeout' | 'fetchWarnTimeoutMs' | 'fetchMinSpeedKiBps' | 'gitShallowHosts' | 'ignoreScripts' | 'httpProxy' | 'httpsProxy' | 'key' | 'localAddress' | 'maxSockets' | 'minimumReleaseAge' | 'minimumReleaseAgeExclude' | 'minimumReleaseAgeIgnoreMissingTime' | 'minimumReleaseAgeStrict' | 'networkConcurrency' | 'noProxy' | 'offline' | 'packageImportMethod' | 'preferOffline' | 'preserveAbsolutePaths' | 'registries' | 'namedRegistries' | 'registrySupportsTimeField' | 'resolutionMode' | 'saveWorkspaceProtocol' | 'strictSsl' | 'trustPolicy' | 'trustPolicyExclude' | 'trustPolicyIgnoreAfter' | 'unsafePerm' | 'userAgent' | 'verifyStoreIntegrity' | 'virtualStoreDirMaxLength'> & Pick<ConfigContext, 'hooks'> & {
|
|
6
|
+
export type CreateNewStoreControllerOptions = CreateResolverOptions & Pick<Config, 'ca' | 'cert' | 'engineStrict' | 'force' | 'frozenStore' | 'nodeDownloadMirrors' | 'nodeVersion' | 'fetchTimeout' | 'fetchWarnTimeoutMs' | 'fetchMinSpeedKiBps' | 'gitShallowHosts' | 'ignoreScripts' | 'httpProxy' | 'httpsProxy' | 'key' | 'localAddress' | 'maxSockets' | 'minimumReleaseAge' | 'minimumReleaseAgeExclude' | 'minimumReleaseAgeIgnoreMissingTime' | 'minimumReleaseAgeStrict' | 'networkConcurrency' | 'noProxy' | 'offline' | 'packageImportMethod' | 'preferOffline' | 'preserveAbsolutePaths' | 'registries' | 'namedRegistries' | 'registrySupportsTimeField' | 'resolutionMode' | 'saveWorkspaceProtocol' | 'strictSsl' | 'supportedArchitectures' | 'trustPolicy' | 'trustPolicyExclude' | 'trustPolicyIgnoreAfter' | 'unsafePerm' | 'userAgent' | 'verifyStoreIntegrity' | 'virtualStoreDirMaxLength'> & Pick<ConfigContext, 'hooks'> & {
|
|
7
7
|
cafsLocker?: CafsLocker;
|
|
8
8
|
ignoreFile?: (filename: string) => boolean;
|
|
9
9
|
fetchFullMetadata?: boolean;
|
|
@@ -13,4 +13,24 @@ export declare function createNewStoreController(opts: CreateNewStoreControllerO
|
|
|
13
13
|
dir: string;
|
|
14
14
|
resolutionVerifiers: ResolutionVerifier[];
|
|
15
15
|
}>;
|
|
16
|
+
/**
|
|
17
|
+
* Whether the resolver should request full registry metadata instead of the
|
|
18
|
+
* abbreviated document.
|
|
19
|
+
*
|
|
20
|
+
* An explicit `fetchFullMetadata` wins over every derived reason below: `true`
|
|
21
|
+
* always fetches full metadata and `false` always suppresses it. When it is
|
|
22
|
+
* unset, the reasons below apply, and the default (no reason present) is
|
|
23
|
+
* `false` (abbreviated metadata).
|
|
24
|
+
*
|
|
25
|
+
* Full metadata is needed when:
|
|
26
|
+
* - `supportedArchitectures.libc` is set, because the npm registry's
|
|
27
|
+
* abbreviated metadata currently does not contain `libc`
|
|
28
|
+
* (see <https://github.com/pnpm/pnpm/issues/7362#issuecomment-1971964689>);
|
|
29
|
+
* - the trust policy is `no-downgrade`, because the trust checks read trust
|
|
30
|
+
* evidence (`_npmUser`) that abbreviated metadata never carries, regardless
|
|
31
|
+
* of `registrySupportsTimeField`;
|
|
32
|
+
* - the resolution mode is time-based and the registry does not include the
|
|
33
|
+
* `time` field in abbreviated metadata.
|
|
34
|
+
*/
|
|
35
|
+
export declare function shouldFetchFullMetadata(opts: Pick<CreateNewStoreControllerOptions, 'fetchFullMetadata' | 'registrySupportsTimeField' | 'resolutionMode' | 'supportedArchitectures' | 'trustPolicy'>): boolean;
|
|
16
36
|
export {};
|
|
@@ -4,8 +4,7 @@ import { createClient } from '@pnpm/installing.client';
|
|
|
4
4
|
import { createPackageStore } from '@pnpm/store.controller';
|
|
5
5
|
import { ReadOnlyStoreIndex, StoreIndex } from '@pnpm/store.index';
|
|
6
6
|
export async function createNewStoreController(opts) {
|
|
7
|
-
const fullMetadata =
|
|
8
|
-
opts.trustPolicy === 'no-downgrade') && !opts.registrySupportsTimeField);
|
|
7
|
+
const fullMetadata = shouldFetchFullMetadata(opts);
|
|
9
8
|
if (!opts.frozenStore) {
|
|
10
9
|
await fs.mkdir(opts.storeDir, { recursive: true });
|
|
11
10
|
}
|
|
@@ -88,4 +87,28 @@ export async function createNewStoreController(opts) {
|
|
|
88
87
|
resolutionVerifiers,
|
|
89
88
|
};
|
|
90
89
|
}
|
|
90
|
+
/**
|
|
91
|
+
* Whether the resolver should request full registry metadata instead of the
|
|
92
|
+
* abbreviated document.
|
|
93
|
+
*
|
|
94
|
+
* An explicit `fetchFullMetadata` wins over every derived reason below: `true`
|
|
95
|
+
* always fetches full metadata and `false` always suppresses it. When it is
|
|
96
|
+
* unset, the reasons below apply, and the default (no reason present) is
|
|
97
|
+
* `false` (abbreviated metadata).
|
|
98
|
+
*
|
|
99
|
+
* Full metadata is needed when:
|
|
100
|
+
* - `supportedArchitectures.libc` is set, because the npm registry's
|
|
101
|
+
* abbreviated metadata currently does not contain `libc`
|
|
102
|
+
* (see <https://github.com/pnpm/pnpm/issues/7362#issuecomment-1971964689>);
|
|
103
|
+
* - the trust policy is `no-downgrade`, because the trust checks read trust
|
|
104
|
+
* evidence (`_npmUser`) that abbreviated metadata never carries, regardless
|
|
105
|
+
* of `registrySupportsTimeField`;
|
|
106
|
+
* - the resolution mode is time-based and the registry does not include the
|
|
107
|
+
* `time` field in abbreviated metadata.
|
|
108
|
+
*/
|
|
109
|
+
export function shouldFetchFullMetadata(opts) {
|
|
110
|
+
return opts.fetchFullMetadata ?? (opts.supportedArchitectures?.libc != null ||
|
|
111
|
+
opts.trustPolicy === 'no-downgrade' ||
|
|
112
|
+
(opts.resolutionMode === 'time-based' && !opts.registrySupportsTimeField));
|
|
113
|
+
}
|
|
91
114
|
//# sourceMappingURL=createNewStoreController.js.map
|
package/lib/index.d.ts
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
import type { Config } from '@pnpm/config.reader';
|
|
2
2
|
import type { ResolutionVerifier } from '@pnpm/resolving.resolver-base';
|
|
3
3
|
import type { StoreController } from '@pnpm/store.controller';
|
|
4
|
-
import { createNewStoreController, type CreateNewStoreControllerOptions } from './createNewStoreController.js';
|
|
5
|
-
export { createNewStoreController };
|
|
4
|
+
import { createNewStoreController, type CreateNewStoreControllerOptions, shouldFetchFullMetadata } from './createNewStoreController.js';
|
|
5
|
+
export { createNewStoreController, shouldFetchFullMetadata };
|
|
6
6
|
export type CreateStoreControllerOptions = Omit<CreateNewStoreControllerOptions, 'storeDir'> & Pick<Config, 'storeDir' | 'dir' | 'pnpmHomeDir' | 'workspaceDir'>;
|
|
7
7
|
export interface StoreControllerHandle {
|
|
8
8
|
ctrl: StoreController;
|
package/lib/index.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { getStorePath } from '@pnpm/store.path';
|
|
2
|
-
import { createNewStoreController } from './createNewStoreController.js';
|
|
3
|
-
export { createNewStoreController };
|
|
2
|
+
import { createNewStoreController, shouldFetchFullMetadata } from './createNewStoreController.js';
|
|
3
|
+
export { createNewStoreController, shouldFetchFullMetadata };
|
|
4
4
|
export async function createStoreControllerCached(storeControllerCache, opts) {
|
|
5
5
|
const storeDir = await getStorePath({
|
|
6
6
|
pkgRoot: opts.dir,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pnpm/store.connection-manager",
|
|
3
|
-
"version": "1100.3.
|
|
3
|
+
"version": "1100.3.6",
|
|
4
4
|
"description": "Create a pnpm store controller",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"pnpm",
|
|
@@ -27,11 +27,11 @@
|
|
|
27
27
|
"!*.map"
|
|
28
28
|
],
|
|
29
29
|
"dependencies": {
|
|
30
|
-
"@pnpm/cli.meta": "1100.0.
|
|
31
|
-
"@pnpm/config.reader": "1101.
|
|
32
|
-
"@pnpm/installing.client": "1100.2.
|
|
33
|
-
"@pnpm/resolving.resolver-base": "1100.5.
|
|
34
|
-
"@pnpm/store.controller": "1102.0.
|
|
30
|
+
"@pnpm/cli.meta": "1100.0.9",
|
|
31
|
+
"@pnpm/config.reader": "1101.12.0",
|
|
32
|
+
"@pnpm/installing.client": "1100.2.14",
|
|
33
|
+
"@pnpm/resolving.resolver-base": "1100.5.2",
|
|
34
|
+
"@pnpm/store.controller": "1102.0.5",
|
|
35
35
|
"@pnpm/store.index": "1100.2.1",
|
|
36
36
|
"@pnpm/store.path": "1100.0.2",
|
|
37
37
|
"dir-is-case-sensitive": "^3.0.0"
|
|
@@ -40,8 +40,9 @@
|
|
|
40
40
|
"@pnpm/logger": "^1100.0.0"
|
|
41
41
|
},
|
|
42
42
|
"devDependencies": {
|
|
43
|
+
"@jest/globals": "30.4.1",
|
|
43
44
|
"@pnpm/logger": "1100.0.0",
|
|
44
|
-
"@pnpm/store.connection-manager": "1100.3.
|
|
45
|
+
"@pnpm/store.connection-manager": "1100.3.6"
|
|
45
46
|
},
|
|
46
47
|
"engines": {
|
|
47
48
|
"node": ">=22.13"
|
|
@@ -50,9 +51,10 @@
|
|
|
50
51
|
"preset": "@pnpm/jest-config"
|
|
51
52
|
},
|
|
52
53
|
"scripts": {
|
|
53
|
-
"lint": "eslint \"src/**/*.ts\"",
|
|
54
|
+
"lint": "eslint \"src/**/*.ts\" \"test/**/*.ts\"",
|
|
54
55
|
"pretest": "rimraf node_modules/.bin/pnpm",
|
|
55
|
-
"test": "pn compile",
|
|
56
|
+
"test": "pn compile && pn .test",
|
|
57
|
+
".test": "pn pretest && cross-env NODE_OPTIONS=\"$NODE_OPTIONS --experimental-vm-modules --disable-warning=ExperimentalWarning --disable-warning=DEP0169\" jest",
|
|
56
58
|
"compile": "tsgo --build && pn lint --fix"
|
|
57
59
|
}
|
|
58
60
|
}
|