npq 3.8.0 → 3.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -196,7 +196,7 @@ describe('Provenance test suites', () => {
196
196
  // We assert that the validate method didn't throw an error,
197
197
  // because the keys match the signature
198
198
  await expect(testMarshall.validate(pkg)).rejects.toThrow(
199
- 'the package was published without any attestations.'
199
+ 'Unable to verify provenance: the package was published without any attestations.'
200
200
  )
201
201
 
202
202
  // Assert that the fetch method is called with the correct URL
@@ -37,7 +37,7 @@ describe('Repo test suites', () => {
37
37
 
38
38
  test('throws the right error when there is no pkg data available', async () => {
39
39
  await expect(testMarshall.validate({ packageName: {} })).rejects.toThrow(
40
- 'the package has no associated repository or homepage.'
40
+ 'The package has no associated repository or homepage.'
41
41
  )
42
42
  })
43
43
 
@@ -54,7 +54,7 @@ describe('Repo test suites', () => {
54
54
  }
55
55
 
56
56
  await expect(testMarshall.validate(pkgData)).rejects.toThrow(
57
- 'the package has no associated repository or homepage.'
57
+ 'The package has no associated repository or homepage.'
58
58
  )
59
59
  })
60
60
 
@@ -73,7 +73,7 @@ describe('Repo test suites', () => {
73
73
  }
74
74
 
75
75
  await expect(testMarshall.validate(pkgData)).rejects.toThrow(
76
- 'the package has no associated repository or homepage.'
76
+ 'The package has no associated repository or homepage.'
77
77
  )
78
78
  })
79
79
 
@@ -81,7 +81,7 @@ describe('Repo test suites', () => {
81
81
  global.fetch = jest.fn().mockImplementationOnce(() => Promise.reject(new Error('error')))
82
82
 
83
83
  await expect(testMarshall.validate(fullPkgData)).rejects.toThrow(
84
- 'no valid repository is associated with the package'
84
+ 'No valid repository is associated with the package'
85
85
  )
86
86
  })
87
87
 
@@ -91,7 +91,7 @@ describe('Repo test suites', () => {
91
91
  fullPkgData.packageName.versions['1.0.0'].repository.url =
92
92
  'https://dsfsdfsdfs.abcdeugwecwekjasda.com/'
93
93
  await expect(testMarshall.validate(fullPkgData)).rejects.toThrow(
94
- 'the repository associated with the package (https://dsfsdfsdfs.abcdeugwecwekjasda.com/) does not exist or is unreachable at the moment.'
94
+ 'The repository associated with the package (https://dsfsdfsdfs.abcdeugwecwekjasda.com/) does not exist or is unreachable at the moment.'
95
95
  )
96
96
  })
97
97
 
@@ -113,7 +113,7 @@ describe('Repo test suites', () => {
113
113
  }
114
114
 
115
115
  await expect(testMarshall.validate(pkgData)).rejects.toThrow(
116
- 'the homepage associated with the package (homepage-url) does not exist or is unreachable at the moment.'
116
+ 'The homepage associated with the package (homepage-url) does not exist or is unreachable at the moment.'
117
117
  )
118
118
  })
119
119
 
@@ -34,7 +34,7 @@ describe('Version Maturity Marshall', () => {
34
34
  packageVersion: '1.0.0'
35
35
  })
36
36
  ).rejects.toThrow(
37
- 'detected a recently published version (published 2 hours ago) - consider waiting for community review'
37
+ 'Detected a recently published version (published 2 hours ago) - consider waiting for community review'
38
38
  )
39
39
  })
40
40
 
@@ -61,7 +61,7 @@ describe('Version Maturity Marshall', () => {
61
61
  packageVersion: '1.0.0'
62
62
  })
63
63
  ).rejects.toThrow(
64
- 'detected a recently published version (published 3 days ago) - consider waiting for community review'
64
+ 'Detected a recently published version (published 3 days ago) - consider waiting for community review'
65
65
  )
66
66
  })
67
67
 
@@ -88,7 +88,7 @@ describe('Version Maturity Marshall', () => {
88
88
  packageVersion: '1.0.0'
89
89
  })
90
90
  ).rejects.toThrow(
91
- 'detected a recently published version (published 1 day ago) - consider waiting for community review'
91
+ 'Detected a recently published version (published 1 day ago) - consider waiting for community review'
92
92
  )
93
93
  })
94
94
 
@@ -135,7 +135,7 @@ describe('Version Maturity Marshall', () => {
135
135
  packageName: 'test-package',
136
136
  packageVersion: '1.0.0'
137
137
  })
138
- ).rejects.toThrow('could not determine package version information')
138
+ ).rejects.toThrow('Could not determine package version information')
139
139
  })
140
140
 
141
141
  test('should throw error when version release date is missing', async () => {
@@ -157,7 +157,7 @@ describe('Version Maturity Marshall', () => {
157
157
  packageName: 'test-package',
158
158
  packageVersion: '1.0.0'
159
159
  })
160
- ).rejects.toThrow('could not determine release date for version 1.0.0')
160
+ ).rejects.toThrow('Could not determine release date for version 1.0.0')
161
161
  })
162
162
 
163
163
  test('should handle version aliases correctly', async () => {
@@ -188,7 +188,7 @@ describe('Version Maturity Marshall', () => {
188
188
  packageVersion: 'latest'
189
189
  })
190
190
  ).rejects.toThrow(
191
- 'detected a recently published version (published 2 days ago) - consider waiting for community review'
191
+ 'Detected a recently published version (published 2 days ago) - consider waiting for community review'
192
192
  )
193
193
  })
194
194
  })
@@ -157,7 +157,7 @@ test('repo utils returns valid semver for different cases of version asked', asy
157
157
  expect(result).toEqual('3.1.0')
158
158
 
159
159
  await expect(packageRepoUtils.getSemVer(packageName, 'next')).rejects.toThrow(
160
- 'could not find dist-tag next for package testPackage'
160
+ 'Could not find dist-tag next for package testPackage'
161
161
  )
162
162
  })
163
163
 
@@ -186,12 +186,12 @@ test('repo utils resolves semver ranges by finding the highest satisfying versio
186
186
 
187
187
  // Test invalid semver range that doesn't match any version
188
188
  await expect(packageRepoUtils.getSemVer(packageName, '^10.0.0')).rejects.toThrow(
189
- 'could not find dist-tag ^10.0.0 for package testPackage'
189
+ 'Could not find dist-tag ^10.0.0 for package testPackage'
190
190
  )
191
191
 
192
192
  // Test invalid semver range with version 2 (no 2.x versions in mock)
193
193
  await expect(packageRepoUtils.getSemVer(packageName, '2')).rejects.toThrow(
194
- 'could not find dist-tag 2 for package testPackage'
194
+ 'Could not find dist-tag 2 for package testPackage'
195
195
  )
196
196
  })
197
197
 
@@ -246,6 +246,6 @@ test('repo utils resolves semver ranges with multiple versions', async () => {
246
246
 
247
247
  // Test that non-existent major versions still fail appropriately
248
248
  await expect(packageRepoUtils.getSemVer(packageName, '10')).rejects.toThrow(
249
- 'could not find dist-tag 10 for package @astrojs/vue'
249
+ 'Could not find dist-tag 10 for package @astrojs/vue'
250
250
  )
251
251
  })
@@ -61,7 +61,7 @@ class PackageRepoUtils {
61
61
  const packageInfo = await this.getPackageInfo(packageName)
62
62
 
63
63
  if (packageInfo['dist-tags'] === undefined) {
64
- throw new Error(`could not find dist-tags for package ${packageName}`)
64
+ throw new Error(`Could not find dist-tags for package ${packageName}`)
65
65
  }
66
66
 
67
67
  if (packageInfo['dist-tags'][packageVersion] !== undefined) {
@@ -85,7 +85,7 @@ class PackageRepoUtils {
85
85
  }
86
86
  }
87
87
 
88
- throw new Error(`could not find dist-tag ${packageVersion} for package ${packageName}`)
88
+ throw new Error(`Could not find dist-tag ${packageVersion} for package ${packageName}`)
89
89
  }
90
90
  }
91
91
  }
@@ -32,13 +32,13 @@ class Marshall extends BaseMarshall {
32
32
  ageDateDiff = dateDiff
33
33
  if (dateDiff < PACKAGE_AGE_THRESHOLD) {
34
34
  throw new Error(
35
- `detected a newly published package (created < ${PACKAGE_AGE_THRESHOLD} days) act carefully`
35
+ `Detected a newly published package (created < ${PACKAGE_AGE_THRESHOLD} days) act carefully`
36
36
  )
37
37
  }
38
38
 
39
39
  return pkg
40
40
  } else {
41
- throw new Error('could not determine package age')
41
+ throw new Error('Could not determine package age')
42
42
  }
43
43
  })
44
44
  .then((pkg) => {
@@ -59,7 +59,7 @@ class Marshall extends BaseMarshall {
59
59
  }
60
60
 
61
61
  if (versionDateDiffInDays >= PACKAGE_AGE_UNMAINTAINED_RISK) {
62
- throw new Error(`detected an old package (created ${timeAgoNumber} ${timeAgoText} ago)`)
62
+ throw new Error(`Detected an old package (created ${timeAgoNumber} ${timeAgoText} ago)`)
63
63
  }
64
64
  })
65
65
  }
@@ -43,11 +43,11 @@ class Marshall extends BaseMarshall {
43
43
  // for dis-tags (latest)
44
44
  const npmUser = pakument.versions[packageVersion]._npmUser
45
45
  if (!npmUser || !npmUser.email) {
46
- throw new Error('could not determine publishing user for this package version')
46
+ throw new Error('Could not determine publishing user for this package version')
47
47
  }
48
48
 
49
49
  if (!validator.isEmail(npmUser.email)) {
50
- throw new Error('the publishing user has no valid email address')
50
+ throw new Error('The publishing user has no valid email address')
51
51
  }
52
52
 
53
53
  let firstVersionForUser = null
@@ -23,13 +23,13 @@ class Marshall extends BaseMarshall {
23
23
  return this.packageRepoUtils.getDownloadInfo(pkg.packageName).then((downloadCount) => {
24
24
  if (downloadCount < DOWNLOAD_COUNT_THRESHOLD) {
25
25
  throw new Error(
26
- `detected a low download-count package (downloads last month < ${DOWNLOAD_COUNT_THRESHOLD})`
26
+ `Detected a low download-count package (downloads last month < ${DOWNLOAD_COUNT_THRESHOLD})`
27
27
  )
28
28
  }
29
29
 
30
30
  if (downloadCount < DOWNLOAD_COUNT_UPPER_THRESHOLD) {
31
31
  throw new Warning(
32
- `detected a low relatively low download-count package (${downloadCount} downloads last month)`
32
+ `Detected a low relatively low download-count package (${downloadCount} downloads last month)`
33
33
  )
34
34
  }
35
35
 
@@ -19,11 +19,11 @@ class Marshall extends BaseMarshall {
19
19
  validate(pkg) {
20
20
  return this.packageRepoUtils.getLicenseInfo(pkg.packageName).then((licenseContents) => {
21
21
  if (!licenseContents || licenseContents === 'ERROR: No LICENSE data found!') {
22
- throw new Error('package has no LICENSE file available')
22
+ throw new Error('Package has no LICENSE file available')
23
23
  }
24
24
 
25
25
  if (licenseContents && licenseContents.indexOf('# Security holding package') === 0) {
26
- throw new Error('package flagged for security issues and served as place-holder')
26
+ throw new Error('Package flagged for security issues and served as place-holder')
27
27
  }
28
28
 
29
29
  return licenseContents
@@ -86,7 +86,7 @@ class Marshall extends BaseMarshall {
86
86
  return keys
87
87
  })
88
88
  .catch((error) => {
89
- throw new Error(`error fetching registry keys: ${error.message}`)
89
+ throw new Error(`Error fetching registry keys: ${error.message}`)
90
90
  })
91
91
  }
92
92
  }
@@ -30,21 +30,21 @@ class Marshall extends BaseMarshall {
30
30
  urlStructure = new URL(lastVersionData.repository.url)
31
31
  urlOfGitRepository = new URL(`https://${urlStructure.host}${urlStructure.pathname}`)
32
32
  } catch (error) {
33
- throw new Error('no valid repository is associated with the package')
33
+ throw new Error('No valid repository is associated with the package')
34
34
  }
35
35
  return fetch(urlOfGitRepository.href).catch(() => {
36
36
  throw new Error(
37
- `the repository associated with the package (${urlOfGitRepository.href}) does not exist or is unreachable at the moment.`
37
+ `The repository associated with the package (${urlOfGitRepository.href}) does not exist or is unreachable at the moment.`
38
38
  )
39
39
  })
40
40
  } else if (lastVersionData && lastVersionData.homepage) {
41
41
  return fetch(lastVersionData.homepage).catch(() => {
42
42
  throw new Error(
43
- `the homepage associated with the package (${lastVersionData.homepage}) does not exist or is unreachable at the moment.`
43
+ `The homepage associated with the package (${lastVersionData.homepage}) does not exist or is unreachable at the moment.`
44
44
  )
45
45
  })
46
46
  } else {
47
- throw new Error('the package has no associated repository or homepage.')
47
+ throw new Error('The package has no associated repository or homepage.')
48
48
  }
49
49
  })
50
50
  }
@@ -43,7 +43,7 @@ class Marshall extends BaseMarshall {
43
43
  packageScripts[scriptName].length > 0
44
44
  ) {
45
45
  throw new Error(
46
- `detected a possible malicious intent script, act carefully: ${scriptName}: ${packageScripts[scriptName]}`
46
+ `Detected a possible malicious intent script, act carefully: ${scriptName}: ${packageScripts[scriptName]}`
47
47
  )
48
48
  }
49
49
  })
@@ -59,7 +59,7 @@ class Marshall extends BaseMarshall {
59
59
  return keys
60
60
  })
61
61
  .catch((error) => {
62
- throw new Error(`error fetching registry keys: ${error.message}`)
62
+ throw new Error(`Error fetching registry keys: ${error.message}`)
63
63
  })
64
64
  }
65
65
  }
@@ -26,7 +26,7 @@ class Marshall extends BaseMarshall {
26
26
  packageData = data
27
27
  return pkg
28
28
  } else {
29
- throw new Error('could not determine package version information')
29
+ throw new Error('Could not determine package version information')
30
30
  }
31
31
  })
32
32
  .then((pkg) => {
@@ -36,7 +36,7 @@ class Marshall extends BaseMarshall {
36
36
  const versionReleaseDate = packageData.time[versionResolved]
37
37
 
38
38
  if (!versionReleaseDate) {
39
- throw new Error(`could not determine release date for version ${versionResolved}`)
39
+ throw new Error(`Could not determine release date for version ${versionResolved}`)
40
40
  }
41
41
 
42
42
  const versionDateDiff = new Date() - new Date(versionReleaseDate)
@@ -55,7 +55,7 @@ class Marshall extends BaseMarshall {
55
55
  }
56
56
 
57
57
  throw new Error(
58
- `detected a recently published version (published ${timeAgoNumber} ${timeAgoText} ago) - consider waiting for community review`
58
+ `Detected a recently published version (published ${timeAgoNumber} ${timeAgoText} ago) - consider waiting for community review`
59
59
  )
60
60
  }
61
61
 
@@ -19,11 +19,11 @@ class Marshall extends BaseMarshall {
19
19
  validate(pkg) {
20
20
  return this.packageRepoUtils.getReadmeInfo(pkg.packageName).then((readmeContents) => {
21
21
  if (!readmeContents || readmeContents === 'ERROR: No README data found!') {
22
- throw new Error('package has no README file available')
22
+ throw new Error('Package has no README file available')
23
23
  }
24
24
 
25
25
  if (readmeContents && readmeContents.indexOf('# Security holding package') === 0) {
26
- throw new Error('package flagged for security issues and served as place-holder')
26
+ throw new Error('Package flagged for security issues and served as place-holder')
27
27
  }
28
28
 
29
29
  return readmeContents
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "npq",
3
- "version": "3.8.0",
3
+ "version": "3.8.1",
4
4
  "description": "marshall your npm/npm package installs with high quality and class 🎖",
5
5
  "bin": {
6
6
  "npq": "./bin/npq.js",