npm-pkg-lint 3.2.2 → 3.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -2
- package/dist/index.js +23 -4
- package/dist/index.js.map +3 -3
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -18,9 +18,10 @@ Core principles:
|
|
|
18
18
|
> npx npm-pkg-lint [--tarball my-pkg-1.2.3.tgz} [--pkgfile package.json]
|
|
19
19
|
|
|
20
20
|
```
|
|
21
|
-
usage:
|
|
21
|
+
usage: index.js [-h] [-v] [-t TARBALL] [-p PKGFILE] [--cache CACHE]
|
|
22
|
+
[--allow-types-dependencies] [--ignore-missing-fields]
|
|
22
23
|
|
|
23
|
-
|
|
24
|
+
Opiniated linter for NPM package tarball and package.json metadata
|
|
24
25
|
|
|
25
26
|
optional arguments:
|
|
26
27
|
-h, --help show this help message and exit
|
|
@@ -29,6 +30,7 @@ optional arguments:
|
|
|
29
30
|
specify tarball location
|
|
30
31
|
-p PKGFILE, --pkgfile PKGFILE
|
|
31
32
|
specify package.json location
|
|
33
|
+
--cache CACHE specify cache directory
|
|
32
34
|
--allow-types-dependencies
|
|
33
35
|
allow dependencies to `@types/*`
|
|
34
36
|
--ignore-missing-fields
|
package/dist/index.js
CHANGED
|
@@ -9013,6 +9013,7 @@ var require_unpack = __commonJS({
|
|
|
9013
9013
|
var getFlag = require_get_write_flag();
|
|
9014
9014
|
var platform = process.env.TESTING_TAR_FAKE_PLATFORM || process.platform;
|
|
9015
9015
|
var isWindows = platform === "win32";
|
|
9016
|
+
var DEFAULT_MAX_DEPTH = 1024;
|
|
9016
9017
|
var unlinkFile = (path9, cb) => {
|
|
9017
9018
|
if (!isWindows) {
|
|
9018
9019
|
return fs5.unlink(path9, cb);
|
|
@@ -9091,6 +9092,7 @@ var require_unpack = __commonJS({
|
|
|
9091
9092
|
}
|
|
9092
9093
|
this.processUid = (this.preserveOwner || this.setOwner) && process.getuid ? process.getuid() : null;
|
|
9093
9094
|
this.processGid = (this.preserveOwner || this.setOwner) && process.getgid ? process.getgid() : null;
|
|
9095
|
+
this.maxDepth = typeof opt.maxDepth === "number" ? opt.maxDepth : DEFAULT_MAX_DEPTH;
|
|
9094
9096
|
this.forceChown = opt.forceChown === true;
|
|
9095
9097
|
this.win32 = !!opt.win32 || isWindows;
|
|
9096
9098
|
this.newer = !!opt.newer;
|
|
@@ -9123,12 +9125,12 @@ var require_unpack = __commonJS({
|
|
|
9123
9125
|
}
|
|
9124
9126
|
}
|
|
9125
9127
|
[CHECKPATH](entry) {
|
|
9128
|
+
const p = normPath(entry.path);
|
|
9129
|
+
const parts = p.split("/");
|
|
9126
9130
|
if (this.strip) {
|
|
9127
|
-
const parts = normPath(entry.path).split("/");
|
|
9128
9131
|
if (parts.length < this.strip) {
|
|
9129
9132
|
return false;
|
|
9130
9133
|
}
|
|
9131
|
-
entry.path = parts.slice(this.strip).join("/");
|
|
9132
9134
|
if (entry.type === "Link") {
|
|
9133
9135
|
const linkparts = normPath(entry.linkpath).split("/");
|
|
9134
9136
|
if (linkparts.length >= this.strip) {
|
|
@@ -9137,10 +9139,19 @@ var require_unpack = __commonJS({
|
|
|
9137
9139
|
return false;
|
|
9138
9140
|
}
|
|
9139
9141
|
}
|
|
9142
|
+
parts.splice(0, this.strip);
|
|
9143
|
+
entry.path = parts.join("/");
|
|
9144
|
+
}
|
|
9145
|
+
if (isFinite(this.maxDepth) && parts.length > this.maxDepth) {
|
|
9146
|
+
this.warn("TAR_ENTRY_ERROR", "path excessively deep", {
|
|
9147
|
+
entry,
|
|
9148
|
+
path: p,
|
|
9149
|
+
depth: parts.length,
|
|
9150
|
+
maxDepth: this.maxDepth
|
|
9151
|
+
});
|
|
9152
|
+
return false;
|
|
9140
9153
|
}
|
|
9141
9154
|
if (!this.preservePaths) {
|
|
9142
|
-
const p = normPath(entry.path);
|
|
9143
|
-
const parts = p.split("/");
|
|
9144
9155
|
if (parts.includes("..") || isWindows && /^[a-z]:\.\.$/i.test(parts[0])) {
|
|
9145
9156
|
this.warn("TAR_ENTRY_ERROR", `path contains '..'`, {
|
|
9146
9157
|
entry,
|
|
@@ -14975,6 +14986,10 @@ function getFilePath(key) {
|
|
|
14975
14986
|
const filename2 = `${hash.slice(0, 2)}/${hash.slice(2)}.json`;
|
|
14976
14987
|
return path5.join(cacheDir, filename2);
|
|
14977
14988
|
}
|
|
14989
|
+
async function setCacheDirecory(directory2) {
|
|
14990
|
+
await fs3.mkdir(directory2, { recursive: true });
|
|
14991
|
+
cacheDir = directory2;
|
|
14992
|
+
}
|
|
14978
14993
|
async function persistentCacheGet(key) {
|
|
14979
14994
|
if (!enabled) {
|
|
14980
14995
|
return null;
|
|
@@ -15612,6 +15627,7 @@ async function run() {
|
|
|
15612
15627
|
parser.add_argument("-v", "--version", { action: "version", version });
|
|
15613
15628
|
parser.add_argument("-t", "--tarball", { help: "specify tarball location" });
|
|
15614
15629
|
parser.add_argument("-p", "--pkgfile", { help: "specify package.json location" });
|
|
15630
|
+
parser.add_argument("--cache", { help: "specify cache directory" });
|
|
15615
15631
|
parser.add_argument("--allow-types-dependencies", {
|
|
15616
15632
|
action: "store_true",
|
|
15617
15633
|
help: "allow dependencies to `@types/*`"
|
|
@@ -15621,6 +15637,9 @@ async function run() {
|
|
|
15621
15637
|
help: "ignore errors for missing fields (but still checks for empty and valid)"
|
|
15622
15638
|
});
|
|
15623
15639
|
const args = parser.parse_args();
|
|
15640
|
+
if (args.cache) {
|
|
15641
|
+
await setCacheDirecory(args.cache);
|
|
15642
|
+
}
|
|
15624
15643
|
let regenerateReportName = false;
|
|
15625
15644
|
if (args.tarball === "-") {
|
|
15626
15645
|
args.tarball = await preloadStdin();
|