pacote 17.0.5 → 17.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/fetcher.js +1 -1
- package/lib/git.js +1 -1
- package/lib/registry.js +1 -0
- package/package.json +6 -6
package/lib/fetcher.js
CHANGED
|
@@ -8,7 +8,7 @@ const ssri = require('ssri')
|
|
|
8
8
|
const { promisify } = require('util')
|
|
9
9
|
const { basename, dirname } = require('path')
|
|
10
10
|
const tar = require('tar')
|
|
11
|
-
const log = require('proc-log')
|
|
11
|
+
const { log } = require('proc-log')
|
|
12
12
|
const retry = require('promise-retry')
|
|
13
13
|
const fs = require('fs/promises')
|
|
14
14
|
const fsm = require('fs-minipass')
|
package/lib/git.js
CHANGED
|
@@ -8,7 +8,7 @@ const pickManifest = require('npm-pick-manifest')
|
|
|
8
8
|
const npa = require('npm-package-arg')
|
|
9
9
|
const { Minipass } = require('minipass')
|
|
10
10
|
const cacache = require('cacache')
|
|
11
|
-
const log = require('proc-log')
|
|
11
|
+
const { log } = require('proc-log')
|
|
12
12
|
const npm = require('./util/npm.js')
|
|
13
13
|
|
|
14
14
|
const _resolvedFromRepo = Symbol('_resolvedFromRepo')
|
package/lib/registry.js
CHANGED
|
@@ -321,6 +321,7 @@ class RegistryFetcher extends Fetcher {
|
|
|
321
321
|
// specify a public key from the keys endpoint: `registry-host.tld/-/npm/v1/keys`
|
|
322
322
|
const options = {
|
|
323
323
|
tufCachePath: this.tufCache,
|
|
324
|
+
tufForceCache: true,
|
|
324
325
|
keySelector: publicKey ? () => publicKey.pemkey : undefined,
|
|
325
326
|
}
|
|
326
327
|
await sigstore.verify(bundle, options)
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "pacote",
|
|
3
|
-
"version": "17.0.
|
|
3
|
+
"version": "17.0.7",
|
|
4
4
|
"description": "JavaScript package downloader",
|
|
5
5
|
"author": "GitHub Inc.",
|
|
6
6
|
"bin": {
|
|
@@ -11,7 +11,7 @@
|
|
|
11
11
|
"scripts": {
|
|
12
12
|
"test": "tap",
|
|
13
13
|
"snap": "tap",
|
|
14
|
-
"lint": "eslint \"**/*.js\"",
|
|
14
|
+
"lint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"",
|
|
15
15
|
"postlint": "template-oss-check",
|
|
16
16
|
"lintfix": "npm run lint -- --fix",
|
|
17
17
|
"posttest": "npm run lint",
|
|
@@ -27,7 +27,7 @@
|
|
|
27
27
|
"devDependencies": {
|
|
28
28
|
"@npmcli/arborist": "^7.1.0",
|
|
29
29
|
"@npmcli/eslint-config": "^4.0.0",
|
|
30
|
-
"@npmcli/template-oss": "4.
|
|
30
|
+
"@npmcli/template-oss": "4.21.3",
|
|
31
31
|
"hosted-git-info": "^7.0.0",
|
|
32
32
|
"mutate-fs": "^2.1.1",
|
|
33
33
|
"nock": "^13.2.4",
|
|
@@ -55,11 +55,11 @@
|
|
|
55
55
|
"npm-packlist": "^8.0.0",
|
|
56
56
|
"npm-pick-manifest": "^9.0.0",
|
|
57
57
|
"npm-registry-fetch": "^16.0.0",
|
|
58
|
-
"proc-log": "^
|
|
58
|
+
"proc-log": "^4.0.0",
|
|
59
59
|
"promise-retry": "^2.0.1",
|
|
60
60
|
"read-package-json": "^7.0.0",
|
|
61
61
|
"read-package-json-fast": "^3.0.0",
|
|
62
|
-
"sigstore": "^2.
|
|
62
|
+
"sigstore": "^2.2.0",
|
|
63
63
|
"ssri": "^10.0.0",
|
|
64
64
|
"tar": "^6.1.11"
|
|
65
65
|
},
|
|
@@ -72,7 +72,7 @@
|
|
|
72
72
|
},
|
|
73
73
|
"templateOSS": {
|
|
74
74
|
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
|
|
75
|
-
"version": "4.
|
|
75
|
+
"version": "4.21.3",
|
|
76
76
|
"windowsCI": false,
|
|
77
77
|
"publish": "true"
|
|
78
78
|
}
|