cnpmcore 3.12.0 → 3.12.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1,8 +1,12 @@
|
|
|
1
1
|
import { EggContext } from '@eggjs/tegg';
|
|
2
2
|
import { AbstractController } from '../AbstractController';
|
|
3
3
|
export declare class RemovePackageVersionController extends AbstractController {
|
|
4
|
+
#private;
|
|
4
5
|
private packageManagerService;
|
|
5
|
-
|
|
6
|
+
removeByTarballUrl(ctx: EggContext, fullname: string, filenameWithVersion: string): Promise<{
|
|
7
|
+
ok: boolean;
|
|
8
|
+
}>;
|
|
9
|
+
removeByPkgUri(ctx: EggContext, fullname: string): Promise<{
|
|
6
10
|
ok: boolean;
|
|
7
11
|
}>;
|
|
8
12
|
}
|
|
@@ -11,6 +11,12 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
11
11
|
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
12
|
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
13
|
};
|
|
14
|
+
var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
|
|
15
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
|
|
16
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
|
|
17
|
+
return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
|
|
18
|
+
};
|
|
19
|
+
var _RemovePackageVersionController_instances, _RemovePackageVersionController_removePackageVersion;
|
|
14
20
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
21
|
exports.RemovePackageVersionController = void 0;
|
|
16
22
|
const egg_errors_1 = require("egg-errors");
|
|
@@ -19,9 +25,18 @@ const AbstractController_1 = require("../AbstractController");
|
|
|
19
25
|
const PackageUtil_1 = require("../../../common/PackageUtil");
|
|
20
26
|
const PackageManagerService_1 = require("../../../core/service/PackageManagerService");
|
|
21
27
|
let RemovePackageVersionController = class RemovePackageVersionController extends AbstractController_1.AbstractController {
|
|
28
|
+
constructor() {
|
|
29
|
+
super(...arguments);
|
|
30
|
+
_RemovePackageVersionController_instances.add(this);
|
|
31
|
+
}
|
|
22
32
|
// https://github.com/npm/cli/blob/latest/lib/commands/unpublish.js#L101
|
|
23
|
-
// https://github.com/npm/libnpmpublish/blob/main/unpublish.js#
|
|
24
|
-
|
|
33
|
+
// https://github.com/npm/libnpmpublish/blob/main/unpublish.js#L84
|
|
34
|
+
// await npmFetch(`${tarballUrl}/-rev/${_rev}`, {
|
|
35
|
+
// ...opts,
|
|
36
|
+
// method: 'DELETE',
|
|
37
|
+
// ignoreBody: true,
|
|
38
|
+
// })
|
|
39
|
+
async removeByTarballUrl(ctx, fullname, filenameWithVersion) {
|
|
25
40
|
const npmCommand = ctx.get('npm-command');
|
|
26
41
|
if (npmCommand !== 'unpublish') {
|
|
27
42
|
throw new egg_errors_1.BadRequestError('Only allow "unpublish" npm-command');
|
|
@@ -30,16 +45,48 @@ let RemovePackageVersionController = class RemovePackageVersionController extend
|
|
|
30
45
|
const pkg = ensureRes.pkg;
|
|
31
46
|
const version = this.getAndCheckVersionFromFilename(ctx, fullname, filenameWithVersion);
|
|
32
47
|
const packageVersion = await this.getPackageVersionEntity(pkg, version);
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
48
|
+
await __classPrivateFieldGet(this, _RemovePackageVersionController_instances, "m", _RemovePackageVersionController_removePackageVersion).call(this, pkg, packageVersion);
|
|
49
|
+
return { ok: true };
|
|
50
|
+
}
|
|
51
|
+
// https://github.com/npm/libnpmpublish/blob/main/unpublish.js#L43
|
|
52
|
+
// npm http fetch DELETE 404 http://localhost:62649/@cnpm%2ffoo/-rev/1-642f6e8b52d7b8eb03aef23f
|
|
53
|
+
// await npmFetch(`${pkgUri}/-rev/${pkg._rev}`, {
|
|
54
|
+
// ...opts,
|
|
55
|
+
// method: 'DELETE',
|
|
56
|
+
// ignoreBody: true,
|
|
57
|
+
// })
|
|
58
|
+
async removeByPkgUri(ctx, fullname) {
|
|
59
|
+
const npmCommand = ctx.get('npm-command');
|
|
60
|
+
if (npmCommand !== 'unpublish') {
|
|
61
|
+
throw new egg_errors_1.BadRequestError('Only allow "unpublish" npm-command');
|
|
62
|
+
}
|
|
63
|
+
const ensureRes = await this.ensurePublishAccess(ctx, fullname, true);
|
|
64
|
+
const pkg = ensureRes.pkg;
|
|
65
|
+
// try to remove the latest version first
|
|
66
|
+
const packageTag = await this.packageRepository.findPackageTag(pkg.packageId, 'latest');
|
|
67
|
+
let packageVersion = null;
|
|
68
|
+
if (packageTag) {
|
|
69
|
+
packageVersion = await this.packageRepository.findPackageVersion(pkg.packageId, packageTag.version);
|
|
70
|
+
}
|
|
71
|
+
if (packageVersion) {
|
|
72
|
+
await __classPrivateFieldGet(this, _RemovePackageVersionController_instances, "m", _RemovePackageVersionController_removePackageVersion).call(this, pkg, packageVersion);
|
|
73
|
+
}
|
|
74
|
+
else {
|
|
75
|
+
this.logger.info('[PackageController:unpublishPackage] %s, packageId: %s', pkg.fullname, pkg.packageId);
|
|
76
|
+
await this.packageManagerService.unpublishPackage(pkg);
|
|
37
77
|
}
|
|
38
|
-
ctx.logger.info('[PackageController:removeVersion] %s@%s, packageVersionId: %s', pkg.fullname, version, packageVersion.packageVersionId);
|
|
39
|
-
await this.packageManagerService.removePackageVersion(pkg, packageVersion);
|
|
40
78
|
return { ok: true };
|
|
41
79
|
}
|
|
42
80
|
};
|
|
81
|
+
_RemovePackageVersionController_instances = new WeakSet(), _RemovePackageVersionController_removePackageVersion = async function _RemovePackageVersionController_removePackageVersion(pkg, packageVersion) {
|
|
82
|
+
// https://docs.npmjs.com/policies/unpublish
|
|
83
|
+
// can unpublish anytime within the first 72 hours after publishing
|
|
84
|
+
if (pkg.isPrivate && Date.now() - packageVersion.publishTime.getTime() >= 3600000 * 72) {
|
|
85
|
+
throw new egg_errors_1.ForbiddenError(`${pkg.fullname}@${packageVersion.version} unpublish is not allowed after 72 hours of released`);
|
|
86
|
+
}
|
|
87
|
+
this.logger.info('[PackageController:removeVersion] %s@%s, packageVersionId: %s', pkg.fullname, packageVersion.version, packageVersion.packageVersionId);
|
|
88
|
+
await this.packageManagerService.removePackageVersion(pkg, packageVersion);
|
|
89
|
+
};
|
|
43
90
|
__decorate([
|
|
44
91
|
(0, tegg_1.Inject)(),
|
|
45
92
|
__metadata("design:type", PackageManagerService_1.PackageManagerService)
|
|
@@ -57,9 +104,22 @@ __decorate([
|
|
|
57
104
|
__metadata("design:type", Function),
|
|
58
105
|
__metadata("design:paramtypes", [Object, String, String]),
|
|
59
106
|
__metadata("design:returntype", Promise)
|
|
60
|
-
], RemovePackageVersionController.prototype, "
|
|
107
|
+
], RemovePackageVersionController.prototype, "removeByTarballUrl", null);
|
|
108
|
+
__decorate([
|
|
109
|
+
(0, tegg_1.HTTPMethod)({
|
|
110
|
+
// DELETE /@cnpm/foo/-rev/61af62d6295fcbd9f8f1c08f
|
|
111
|
+
// DELETE /:fullname/-rev/:rev
|
|
112
|
+
path: `/:fullname(${PackageUtil_1.FULLNAME_REG_STRING})/-rev/:rev`,
|
|
113
|
+
method: tegg_1.HTTPMethodEnum.DELETE,
|
|
114
|
+
}),
|
|
115
|
+
__param(0, (0, tegg_1.Context)()),
|
|
116
|
+
__param(1, (0, tegg_1.HTTPParam)()),
|
|
117
|
+
__metadata("design:type", Function),
|
|
118
|
+
__metadata("design:paramtypes", [Object, String]),
|
|
119
|
+
__metadata("design:returntype", Promise)
|
|
120
|
+
], RemovePackageVersionController.prototype, "removeByPkgUri", null);
|
|
61
121
|
RemovePackageVersionController = __decorate([
|
|
62
122
|
(0, tegg_1.HTTPController)()
|
|
63
123
|
], RemovePackageVersionController);
|
|
64
124
|
exports.RemovePackageVersionController = RemovePackageVersionController;
|
|
65
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
125
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiUmVtb3ZlUGFja2FnZVZlcnNpb25Db250cm9sbGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vYXBwL3BvcnQvY29udHJvbGxlci9wYWNrYWdlL1JlbW92ZVBhY2thZ2VWZXJzaW9uQ29udHJvbGxlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSwyQ0FHb0I7QUFDcEIsc0NBUXFCO0FBQ3JCLDhEQUEyRDtBQUMzRCw2REFBa0U7QUFDbEUsdUZBQW9GO0FBSzdFLElBQU0sOEJBQThCLEdBQXBDLE1BQU0sOEJBQStCLFNBQVEsdUNBQWtCO0lBQS9EOzs7SUE0RVAsQ0FBQztJQXhFQyx3RUFBd0U7SUFDeEUsa0VBQWtFO0lBQ2xFLGlEQUFpRDtJQUNqRCxhQUFhO0lBQ2Isc0JBQXNCO0lBQ3RCLHNCQUFzQjtJQUN0QixLQUFLO0lBT0MsQUFBTixLQUFLLENBQUMsa0JBQWtCLENBQVksR0FBZSxFQUFlLFFBQWdCLEVBQWUsbUJBQTJCO1FBQzFILE1BQU0sVUFBVSxHQUFHLEdBQUcsQ0FBQyxHQUFHLENBQUMsYUFBYSxDQUFDLENBQUM7UUFDMUMsSUFBSSxVQUFVLEtBQUssV0FBVyxFQUFFO1lBQzlCLE1BQU0sSUFBSSw0QkFBZSxDQUFDLG9DQUFvQyxDQUFDLENBQUM7U0FDakU7UUFDRCxNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxHQUFHLEVBQUUsUUFBUSxFQUFFLElBQUksQ0FBQyxDQUFDO1FBQ3RFLE1BQU0sR0FBRyxHQUFHLFNBQVMsQ0FBQyxHQUFJLENBQUM7UUFDM0IsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLDhCQUE4QixDQUFDLEdBQUcsRUFBRSxRQUFRLEVBQUUsbUJBQW1CLENBQUMsQ0FBQztRQUN4RixNQUFNLGNBQWMsR0FBRyxNQUFNLElBQUksQ0FBQyx1QkFBdUIsQ0FBQyxHQUFHLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDeEUsTUFBTSx1QkFBQSxJQUFJLHVHQUFzQixNQUExQixJQUFJLEVBQXVCLEdBQUcsRUFBRSxjQUFjLENBQUMsQ0FBQztRQUN0RCxPQUFPLEVBQUUsRUFBRSxFQUFFLElBQUksRUFBRSxDQUFDO0lBQ3RCLENBQUM7SUFFRCxrRUFBa0U7SUFDbEUsK0ZBQStGO0lBQy9GLGlEQUFpRDtJQUNqRCxhQUFhO0lBQ2Isc0JBQXNCO0lBQ3RCLHNCQUFzQjtJQUN0QixLQUFLO0lBT0MsQUFBTixLQUFLLENBQUMsY0FBYyxDQUFZLEdBQWUsRUFBZSxRQUFnQjtRQUM1RSxNQUFNLFVBQVUsR0FBRyxHQUFHLENBQUMsR0FBRyxDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBQzFDLElBQUksVUFBVSxLQUFLLFdBQVcsRUFBRTtZQUM5QixNQUFNLElBQUksNEJBQWUsQ0FBQyxvQ0FBb0MsQ0FBQyxDQUFDO1NBQ2pFO1FBQ0QsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsbUJBQW1CLENBQUMsR0FBRyxFQUFFLFFBQVEsRUFBRSxJQUFJLENBQUMsQ0FBQztRQUN0RSxNQUFNLEdBQUcsR0FBRyxTQUFTLENBQUMsR0FBSSxDQUFDO1FBQzNCLHlDQUF5QztRQUN6QyxNQUFNLFVBQVUsR0FBRyxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxjQUFjLENBQUMsR0FBRyxDQUFDLFNBQVMsRUFBRSxRQUFRLENBQUMsQ0FBQztRQUN4RixJQUFJLGNBQWMsR0FBMEIsSUFBSSxDQUFDO1FBQ2pELElBQUksVUFBVSxFQUFFO1lBQ2QsY0FBYyxHQUFHLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGtCQUFrQixDQUFDLEdBQUcsQ0FBQyxTQUFTLEVBQUUsVUFBVSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1NBQ3JHO1FBQ0QsSUFBSSxjQUFjLEVBQUU7WUFDbEIsTUFBTSx1QkFBQSxJQUFJLHVHQUFzQixNQUExQixJQUFJLEVBQXVCLEdBQUcsRUFBRSxjQUFjLENBQUMsQ0FBQztTQUN2RDthQUFNO1lBQ0wsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsd0RBQXdELEVBQ3ZFLEdBQUcsQ0FBQyxRQUFRLEVBQUUsR0FBRyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBQy9CLE1BQU0sSUFBSSxDQUFDLHFCQUFxQixDQUFDLGdCQUFnQixDQUFDLEdBQUcsQ0FBQyxDQUFDO1NBQ3hEO1FBQ0QsT0FBTyxFQUFFLEVBQUUsRUFBRSxJQUFJLEVBQUUsQ0FBQztJQUN0QixDQUFDO0NBWUYsQ0FBQTtrSEFWQyxLQUFLLCtEQUF1QixHQUFZLEVBQUUsY0FBOEI7SUFDdEUsNENBQTRDO0lBQzVDLG1FQUFtRTtJQUNuRSxJQUFJLEdBQUcsQ0FBQyxTQUFTLElBQUksSUFBSSxDQUFDLEdBQUcsRUFBRSxHQUFHLGNBQWMsQ0FBQyxXQUFXLENBQUMsT0FBTyxFQUFFLElBQUksT0FBTyxHQUFHLEVBQUUsRUFBRTtRQUN0RixNQUFNLElBQUksMkJBQWMsQ0FBQyxHQUFHLEdBQUcsQ0FBQyxRQUFRLElBQUksY0FBYyxDQUFDLE9BQU8sc0RBQXNELENBQUMsQ0FBQztLQUMzSDtJQUNELElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLCtEQUErRCxFQUM5RSxHQUFHLENBQUMsUUFBUSxFQUFFLGNBQWMsQ0FBQyxPQUFPLEVBQUUsY0FBYyxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDekUsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQUMsb0JBQW9CLENBQUMsR0FBRyxFQUFFLGNBQWMsQ0FBQyxDQUFDO0FBQzdFLENBQUM7QUExRUQ7SUFBQyxJQUFBLGFBQU0sR0FBRTs4QkFDc0IsNkNBQXFCOzZFQUFDO0FBZS9DO0lBTkwsSUFBQSxpQkFBVSxFQUFDO1FBQ1Ysa0VBQWtFO1FBQ2xFLHlEQUF5RDtRQUN6RCxJQUFJLEVBQUUsY0FBYyxpQ0FBbUIsd0NBQXdDO1FBQy9FLE1BQU0sRUFBRSxxQkFBYyxDQUFDLE1BQU07S0FDOUIsQ0FBQztJQUN3QixXQUFBLElBQUEsY0FBTyxHQUFFLENBQUE7SUFBbUIsV0FBQSxJQUFBLGdCQUFTLEdBQUUsQ0FBQTtJQUFvQixXQUFBLElBQUEsZ0JBQVMsR0FBRSxDQUFBOzs7O3dFQVcvRjtBQWVLO0lBTkwsSUFBQSxpQkFBVSxFQUFDO1FBQ1Ysa0RBQWtEO1FBQ2xELDhCQUE4QjtRQUM5QixJQUFJLEVBQUUsY0FBYyxpQ0FBbUIsYUFBYTtRQUNwRCxNQUFNLEVBQUUscUJBQWMsQ0FBQyxNQUFNO0tBQzlCLENBQUM7SUFDb0IsV0FBQSxJQUFBLGNBQU8sR0FBRSxDQUFBO0lBQW1CLFdBQUEsSUFBQSxnQkFBUyxHQUFFLENBQUE7Ozs7b0VBcUI1RDtBQWhFVSw4QkFBOEI7SUFEMUMsSUFBQSxxQkFBYyxHQUFFO0dBQ0osOEJBQThCLENBNEUxQztBQTVFWSx3RUFBOEIifQ==
|