pacote 17.0.0 → 17.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/lib/registry.js +2 -2
  2. package/package.json +4 -4
package/lib/registry.js CHANGED
@@ -8,7 +8,7 @@ const pickManifest = require('npm-pick-manifest')
8
8
  const ssri = require('ssri')
9
9
  const crypto = require('crypto')
10
10
  const npa = require('npm-package-arg')
11
- const { sigstore } = require('sigstore')
11
+ const sigstore = require('sigstore')
12
12
 
13
13
  // Corgis are cute. 🐕🐶
14
14
  const corgiDoc = 'application/vnd.npm.install-v1+json; q=1.0, application/json; q=0.8, */*'
@@ -299,7 +299,7 @@ class RegistryFetcher extends Fetcher {
299
299
  tufCachePath: this.tufCache,
300
300
  keySelector: publicKey ? () => publicKey.pemkey : undefined,
301
301
  }
302
- await sigstore.verify(bundle, null, options)
302
+ await sigstore.verify(bundle, options)
303
303
  } catch (e) {
304
304
  throw Object.assign(new Error(
305
305
  `${mani._id} failed to verify attestation: ${e.message}`
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "pacote",
3
- "version": "17.0.0",
3
+ "version": "17.0.2",
4
4
  "description": "JavaScript package downloader",
5
5
  "author": "GitHub Inc.",
6
6
  "bin": {
@@ -53,13 +53,13 @@
53
53
  "minipass": "^7.0.2",
54
54
  "npm-package-arg": "^11.0.0",
55
55
  "npm-packlist": "^7.0.0",
56
- "npm-pick-manifest": "^8.0.0",
57
- "npm-registry-fetch": "^15.0.0",
56
+ "npm-pick-manifest": "^9.0.0",
57
+ "npm-registry-fetch": "^16.0.0",
58
58
  "proc-log": "^3.0.0",
59
59
  "promise-retry": "^2.0.1",
60
60
  "read-package-json": "^7.0.0",
61
61
  "read-package-json-fast": "^3.0.0",
62
- "sigstore": "^1.3.0",
62
+ "sigstore": "^2.0.0",
63
63
  "ssri": "^10.0.0",
64
64
  "tar": "^6.1.11"
65
65
  },