@vantaloom/runtime-darwin-arm64 0.3.1 → 0.3.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli/package.json +1 -1
- package/cli/src/cli.mjs +69 -13
- package/package.json +1 -1
package/cli/package.json
CHANGED
package/cli/src/cli.mjs
CHANGED
|
@@ -24,10 +24,35 @@ const fallbackNpmRegistries = [
|
|
|
24
24
|
"https://registry.npmmirror.com",
|
|
25
25
|
]
|
|
26
26
|
|
|
27
|
+
// Inherit strict-ssl=false from npm/npx config, or respect NODE_TLS_REJECT_UNAUTHORIZED.
|
|
28
|
+
// When npm runs us via npx with strict-ssl disabled, it sets npm_config_strict_ssl="false".
|
|
29
|
+
// Also check user .npmrc for strict-ssl=false (common in China behind proxies).
|
|
30
|
+
function shouldDisableTLS() {
|
|
31
|
+
if (process.env.NODE_TLS_REJECT_UNAUTHORIZED === "0") return true
|
|
32
|
+
if (process.env.npm_config_strict_ssl === "false") return true
|
|
33
|
+
if (process.env.npm_config_strict_ssl === "") return true
|
|
34
|
+
try {
|
|
35
|
+
const npmrcPath = path.join(os.homedir(), ".npmrc")
|
|
36
|
+
if (existsSync(npmrcPath)) {
|
|
37
|
+
const content = readFileSync(npmrcPath, "utf8")
|
|
38
|
+
if (/^\s*strict-ssl\s*=\s*false/m.test(content)) return true
|
|
39
|
+
}
|
|
40
|
+
} catch {}
|
|
41
|
+
return false
|
|
42
|
+
}
|
|
43
|
+
if (shouldDisableTLS()) {
|
|
44
|
+
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"
|
|
45
|
+
}
|
|
46
|
+
|
|
27
47
|
export async function main(argv) {
|
|
28
48
|
const command = argv[0] ?? "help"
|
|
29
49
|
const options = parseOptions(argv.slice(1))
|
|
30
50
|
|
|
51
|
+
// --no-strict-ssl flag disables TLS certificate verification for fetch calls
|
|
52
|
+
if (options.noStrictSsl) {
|
|
53
|
+
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"
|
|
54
|
+
}
|
|
55
|
+
|
|
31
56
|
switch (command) {
|
|
32
57
|
case "install":
|
|
33
58
|
if (options.package) {
|
|
@@ -202,6 +227,15 @@ async function applyPackage(packageRoot, prefix, options) {
|
|
|
202
227
|
})
|
|
203
228
|
}
|
|
204
229
|
|
|
230
|
+
// Ensure binaries are executable on Unix (cross-compiled from Windows they lose +x)
|
|
231
|
+
if (process.platform !== "win32") {
|
|
232
|
+
const binDir = path.join(prefix, "bin")
|
|
233
|
+
for (const entry of readdirSync(binDir)) {
|
|
234
|
+
const binPath = path.join(binDir, entry)
|
|
235
|
+
try { chmodSync(binPath, 0o755) } catch {}
|
|
236
|
+
}
|
|
237
|
+
}
|
|
238
|
+
|
|
205
239
|
await writeLauncher(prefix)
|
|
206
240
|
await writeText(path.join(prefix, "cli", "config.json"), `${JSON.stringify(mergedConfig, null, 2)}\n`)
|
|
207
241
|
await writeText(path.join(prefix, "VERSION"), `${version}\n`)
|
|
@@ -402,28 +436,46 @@ async function resolveNpmPackageWithFallback({ registries, name, version }) {
|
|
|
402
436
|
const result = await resolveNpmPackage({ registry, name, version })
|
|
403
437
|
return { ...result, registry }
|
|
404
438
|
} catch (error) {
|
|
405
|
-
const
|
|
406
|
-
|
|
407
|
-
||
|
|
408
|
-
||
|
|
409
|
-
||
|
|
439
|
+
const causeCode = error?.cause?.code || ""
|
|
440
|
+
const isNetworkError = causeCode === "ECONNREFUSED"
|
|
441
|
+
|| causeCode === "ENOTFOUND"
|
|
442
|
+
|| causeCode === "ETIMEDOUT"
|
|
443
|
+
|| causeCode === "ECONNRESET"
|
|
444
|
+
|| causeCode === "UND_ERR_CONNECT_TIMEOUT"
|
|
410
445
|
|| (error instanceof TypeError && error.message === "fetch failed")
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
446
|
+
const isSslError = causeCode === "UNABLE_TO_GET_ISSUER_CERT_LOCALLY"
|
|
447
|
+
|| causeCode === "CERT_HAS_EXPIRED"
|
|
448
|
+
|| causeCode === "DEPTH_ZERO_SELF_SIGNED_CERT"
|
|
449
|
+
|| causeCode === "SELF_SIGNED_CERT_IN_CHAIN"
|
|
450
|
+
|| causeCode === "ERR_TLS_CERT_ALTNAME_INVALID"
|
|
451
|
+
const isRetryable = isNetworkError || isSslError
|
|
452
|
+
errors.push({ registry, error, isRetryable, isSslError })
|
|
453
|
+
|
|
454
|
+
if (isRetryable && registries.length > 1) {
|
|
455
|
+
const hint = isSslError ? " (SSL certificate error)" : ""
|
|
456
|
+
console.error(`vantaloom: ${registry} unreachable${hint}, trying next registry...`)
|
|
415
457
|
continue
|
|
416
458
|
}
|
|
459
|
+
if (isSslError) {
|
|
460
|
+
throw new Error(
|
|
461
|
+
`SSL certificate error connecting to ${registry}: ${causeCode}\n` +
|
|
462
|
+
` Fix: run with --no-strict-ssl, or set npm config: npm config set strict-ssl false`
|
|
463
|
+
)
|
|
464
|
+
}
|
|
417
465
|
// Non-network error (404, parse error, etc.) — don't try fallbacks
|
|
418
466
|
throw error
|
|
419
467
|
}
|
|
420
468
|
}
|
|
421
469
|
|
|
422
|
-
// All registries failed
|
|
470
|
+
// All registries failed
|
|
471
|
+
const hasSslError = errors.some((e) => e.isSslError)
|
|
423
472
|
const tried = errors.map((e) => e.registry).join(", ")
|
|
473
|
+
const sslHint = hasSslError
|
|
474
|
+
? `\n SSL fix: run with --no-strict-ssl, or set npm config: npm config set strict-ssl false`
|
|
475
|
+
: ""
|
|
424
476
|
throw new Error(
|
|
425
477
|
`all registries unreachable (tried: ${tried}). ` +
|
|
426
|
-
`Check your network or specify --npm-registry <url
|
|
478
|
+
`Check your network or specify --npm-registry <url>${sslHint}`
|
|
427
479
|
)
|
|
428
480
|
}
|
|
429
481
|
|
|
@@ -440,9 +492,10 @@ async function resolveNpmPackage({ registry, name, version }) {
|
|
|
440
492
|
})
|
|
441
493
|
} catch (error) {
|
|
442
494
|
if (error instanceof TypeError && error.message === "fetch failed") {
|
|
443
|
-
const
|
|
495
|
+
const causeCode = error.cause?.code || ""
|
|
496
|
+
const causeMsg = causeCode || error.cause?.message || String(error.cause || "")
|
|
444
497
|
throw Object.assign(
|
|
445
|
-
new Error(`cannot reach registry ${registry}${
|
|
498
|
+
new Error(`cannot reach registry ${registry} (${causeMsg})`),
|
|
446
499
|
{ cause: error.cause }
|
|
447
500
|
)
|
|
448
501
|
}
|
|
@@ -870,6 +923,9 @@ function parseOptions(args) {
|
|
|
870
923
|
case "local":
|
|
871
924
|
options.local = true
|
|
872
925
|
break
|
|
926
|
+
case "no-strict-ssl":
|
|
927
|
+
options.noStrictSsl = true
|
|
928
|
+
break
|
|
873
929
|
default:
|
|
874
930
|
throw new Error(`unknown option --${key}`)
|
|
875
931
|
}
|