pnpm 7.9.1 → 7.9.2

package/dist/node_modules/minipass-fetch/lib/index.js

@@ -1,5 +1,5 @@
 'use strict'
-const Url = require('url')
+const { URL } = require('url')
 const http = require('http')
 const https = require('https')
 const zlib = require('minizlib')
@@ -15,25 +15,41 @@ const { getNodeRequestOptions } = Request
 const FetchError = require('./fetch-error.js')
 const AbortError = require('./abort-error.js')
 
-const resolveUrl = Url.resolve
-
-const fetch = (url, opts) => {
+// XXX this should really be split up and unit-ized for easier testing
+// and better DRY implementation of data/http request aborting
+const fetch = async (url, opts) => {
   if (/^data:/.test(url)) {
     const request = new Request(url, opts)
-    try {
-      const split = url.split(',')
-      const data = Buffer.from(split[1], 'base64')
-      const type = split[0].match(/^data:(.*);base64$/)[1]
-      return Promise.resolve(new Response(data, {
-        headers: {
-          'Content-Type': type,
-          'Content-Length': data.length,
+    // delay 1 promise tick so that the consumer can abort right away
+    return Promise.resolve().then(() => new Promise((resolve, reject) => {
+      let type, data
+      try {
+        const { pathname, search } = new URL(url)
+        const split = pathname.split(',')
+        if (split.length < 2) {
+          throw new Error('invalid data: URI')
         }
-      }))
-    } catch (er) {
-      return Promise.reject(new FetchError(`[${request.method}] ${
-        request.url} invalid URL, ${er.message}`, 'system', er))
-    }
+        const mime = split.shift()
+        const base64 = /;base64$/.test(mime)
+        type = base64 ? mime.slice(0, -1 * ';base64'.length) : mime
+        const rawData = decodeURIComponent(split.join(',') + search)
+        data = base64 ? Buffer.from(rawData, 'base64') : Buffer.from(rawData)
+      } catch (er) {
+        return reject(new FetchError(`[${request.method}] ${
+          request.url} invalid URL, ${er.message}`, 'system', er))
+      }
+
+      const { signal } = request
+      if (signal && signal.aborted) {
+        return reject(new AbortError('The user aborted a request.'))
+      }
+
+      const headers = { 'Content-Length': data.length }
+      if (type) {
+        headers['Content-Type'] = type
+      }
+      return resolve(new Response(data, { headers }))
+    }))
   }
 
   return new Promise((resolve, reject) => {
@@ -61,8 +77,9 @@ const fetch = (url, opts) => {
       }
     }
 
-    if (signal && signal.aborted)
+    if (signal && signal.aborted) {
       return abort()
+    }
 
     const abortAndFinalize = () => {
       abort()
@@ -71,16 +88,18 @@ const fetch = (url, opts) => {
 
     const finalize = () => {
       req.abort()
-      if (signal)
+      if (signal) {
         signal.removeEventListener('abort', abortAndFinalize)
+      }
       clearTimeout(reqTimeout)
     }
 
     // send request
     const req = send(options)
 
-    if (signal)
+    if (signal) {
       signal.addEventListener('abort', abortAndFinalize)
+    }
 
     let reqTimeout = null
     if (request.timeout) {
@@ -105,8 +124,9 @@ const fetch = (url, opts) => {
       // exits without warning.
       // coverage skipped here due to the difficulty in testing
       // istanbul ignore next
-      if (req.res)
+      if (req.res) {
         req.res.emit('error', er)
+      }
       reject(new FetchError(`request to ${request.url} failed, reason: ${
         er.message}`, 'system', er))
       finalize()
@@ -124,98 +144,103 @@ const fetch = (url, opts) => {
 
         // HTTP fetch step 5.3
         const locationURL = location === null ? null
-          : resolveUrl(request.url, location)
+          : (new URL(location, request.url)).toString()
 
         // HTTP fetch step 5.5
-        switch (request.redirect) {
-          case 'error':
-            reject(new FetchError(`uri requested responds with a redirect, redirect mode is set to error: ${
-              request.url}`, 'no-redirect'))
+        if (request.redirect === 'error') {
+          reject(new FetchError('uri requested responds with a redirect, ' +
+            `redirect mode is set to error: ${request.url}`, 'no-redirect'))
+          finalize()
+          return
+        } else if (request.redirect === 'manual') {
+          // node-fetch-specific step: make manual redirect a bit easier to
+          // use by setting the Location header value to the resolved URL.
+          if (locationURL !== null) {
+            // handle corrupted header
+            try {
+              headers.set('Location', locationURL)
+            } catch (err) {
+              /* istanbul ignore next: nodejs server prevent invalid
+                 response headers, we can't test this through normal
+                 request */
+              reject(err)
+            }
+          }
+        } else if (request.redirect === 'follow' && locationURL !== null) {
+          // HTTP-redirect fetch step 5
+          if (request.counter >= request.follow) {
+            reject(new FetchError(`maximum redirect reached at: ${
+              request.url}`, 'max-redirect'))
             finalize()
             return
-
-          case 'manual':
-            // node-fetch-specific step: make manual redirect a bit easier to
-            // use by setting the Location header value to the resolved URL.
-            if (locationURL !== null) {
-              // handle corrupted header
-              try {
-                headers.set('Location', locationURL)
-              } catch (err) {
-                /* istanbul ignore next: nodejs server prevent invalid
-                   response headers, we can't test this through normal
-                   request */
-                reject(err)
-              }
-            }
-            break
-
-          case 'follow':
-            // HTTP-redirect fetch step 2
-            if (locationURL === null) {
-              break
-            }
-
-            // HTTP-redirect fetch step 5
-            if (request.counter >= request.follow) {
-              reject(new FetchError(`maximum redirect reached at: ${
-                request.url}`, 'max-redirect'))
-              finalize()
-              return
-            }
-
-            // HTTP-redirect fetch step 9
-            if (res.statusCode !== 303 &&
-                request.body &&
-                getTotalBytes(request) === null) {
-              reject(new FetchError(
-                'Cannot follow redirect with body being a readable stream',
-                'unsupported-redirect'
-              ))
-              finalize()
-              return
-            }
-
-            // Update host due to redirection
-            request.headers.set('host', Url.parse(locationURL).host)
-
-            // HTTP-redirect fetch step 6 (counter increment)
-            // Create a new Request object.
-            const requestOpts = {
-              headers: new Headers(request.headers),
-              follow: request.follow,
-              counter: request.counter + 1,
-              agent: request.agent,
-              compress: request.compress,
-              method: request.method,
-              body: request.body,
-              signal: request.signal,
-              timeout: request.timeout,
-            }
-
-            // HTTP-redirect fetch step 11
-            if (res.statusCode === 303 || (
-                (res.statusCode === 301 || res.statusCode === 302) &&
-                request.method === 'POST'
-            )) {
-              requestOpts.method = 'GET'
-              requestOpts.body = undefined
-              requestOpts.headers.delete('content-length')
-            }
-
-            // HTTP-redirect fetch step 15
-            resolve(fetch(new Request(locationURL, requestOpts)))
+          }
+
+          // HTTP-redirect fetch step 9
+          if (res.statusCode !== 303 &&
+              request.body &&
+              getTotalBytes(request) === null) {
+            reject(new FetchError(
+              'Cannot follow redirect with body being a readable stream',
+              'unsupported-redirect'
+            ))
             finalize()
             return
+          }
+
+          // Update host due to redirection
+          request.headers.set('host', (new URL(locationURL)).host)
+
+          // HTTP-redirect fetch step 6 (counter increment)
+          // Create a new Request object.
+          const requestOpts = {
+            headers: new Headers(request.headers),
+            follow: request.follow,
+            counter: request.counter + 1,
+            agent: request.agent,
+            compress: request.compress,
+            method: request.method,
+            body: request.body,
+            signal: request.signal,
+            timeout: request.timeout,
+          }
+
+          // if the redirect is to a new hostname, strip the authorization and cookie headers
+          const parsedOriginal = new URL(request.url)
+          const parsedRedirect = new URL(locationURL)
+          if (parsedOriginal.hostname !== parsedRedirect.hostname) {
+            requestOpts.headers.delete('authorization')
+            requestOpts.headers.delete('cookie')
+          }
+
+          // HTTP-redirect fetch step 11
+          if (res.statusCode === 303 || (
+            (res.statusCode === 301 || res.statusCode === 302) &&
+              request.method === 'POST'
+          )) {
+            requestOpts.method = 'GET'
+            requestOpts.body = undefined
+            requestOpts.headers.delete('content-length')
+          }
+
+          // HTTP-redirect fetch step 15
+          resolve(fetch(new Request(locationURL, requestOpts)))
+          finalize()
+          return
         }
       } // end if(isRedirect)
 
-
       // prepare response
       res.once('end', () =>
         signal && signal.removeEventListener('abort', abortAndFinalize))
 
       const body = new Minipass()
+      // if an error occurs, either on the response stream itself, on one of the
+      // decoder streams, or a response length timeout from the Body class, we
+      // forward the error through to our internal body stream. If we see an
+      // error event on that, we call finalize to abort the request and ensure
+      // we don't leave a socket believing a request is in flight.
+      // this is difficult to test, so lacks specific coverage.
+      body.on('error', finalize)
       // exceedingly rare that the stream would have an error,
       // but just in case we proxy it to the stream in use.
       res.on('error', /* istanbul ignore next */ er => body.emit('error', er))
@@ -230,8 +255,8 @@ const fetch = (url, opts) => {
         size: request.size,
         timeout: request.timeout,
         counter: request.counter,
-        trailer: new Promise(resolve =>
-          res.on('end', () => resolve(createHeadersLenient(res.trailers))))
+        trailer: new Promise(resolveTrailer =>
+          res.on('end', () => resolveTrailer(createHeadersLenient(res.trailers)))),
       }
 
       // HTTP-network fetch step 12.1.1.3
@@ -255,7 +280,6 @@ const fetch = (url, opts) => {
         return
       }
 
-
       // Be less strict when decoding compressed responses, since sometimes
       // servers send slightly invalid responses that are still accepted
       // by common browsers.
@@ -266,7 +290,7 @@ const fetch = (url, opts) => {
       }
 
       // for gzip
-      if (codings == 'gzip' || codings == 'x-gzip') {
+      if (codings === 'gzip' || codings === 'x-gzip') {
         const unzip = new zlib.Gunzip(zlibOptions)
         response = new Response(
           // exceedingly rare that the stream would have an error,
@@ -279,7 +303,7 @@ const fetch = (url, opts) => {
       }
 
       // for deflate
-      if (codings == 'deflate' || codings == 'x-deflate') {
+      if (codings === 'deflate' || codings === 'x-deflate') {
         // handle the infamous raw deflate response from old servers
         // a hack for old IIS and Apache servers
         const raw = res.pipe(new Minipass())
@@ -297,9 +321,8 @@ const fetch = (url, opts) => {
         return
       }
 
-
       // for br
-      if (codings == 'br') {
+      if (codings === 'br') {
         // ignoring coverage so tests don't have to fake support (or lack of) for brotli
         // istanbul ignore next
         try {
@@ -339,3 +362,4 @@ fetch.Headers = Headers
 fetch.Request = Request
 fetch.Response = Response
 fetch.FetchError = FetchError
+fetch.AbortError = AbortError

package/dist/node_modules/minipass-fetch/lib/request.js

@@ -1,5 +1,5 @@
 'use strict'
-const Url = require('url')
+const { URL } = require('url')
 const Minipass = require('minipass')
 const Headers = require('./headers.js')
 const { exportNodeCompatibleHeaders } = Headers
@@ -12,8 +12,6 @@ const defaultUserAgent =
 
 const INTERNALS = Symbol('Request internals')
 
-const { parse: parseUrl, format: formatUrl } = Url
-
 const isRequest = input =>
   typeof input === 'object' && typeof input[INTERNALS] === 'object'
 
@@ -28,21 +26,23 @@ const isAbortSignal = signal => {
 
 class Request extends Body {
   constructor (input, init = {}) {
-    const parsedURL = isRequest(input) ? Url.parse(input.url)
-      : input && input.href ? Url.parse(input.href)
-      : Url.parse(`${input}`)
+    const parsedURL = isRequest(input) ? new URL(input.url)
+      : input && input.href ? new URL(input.href)
+      : new URL(`${input}`)
 
-    if (isRequest(input))
+    if (isRequest(input)) {
       init = { ...input[INTERNALS], ...init }
-    else if (!input || typeof input === 'string')
+    } else if (!input || typeof input === 'string') {
       input = {}
+    }
 
     const method = (init.method || input.method || 'GET').toUpperCase()
     const isGETHEAD = method === 'GET' || method === 'HEAD'
 
     if ((init.body !== null && init.body !== undefined ||
-        isRequest(input) && input.body !== null) && isGETHEAD)
+        isRequest(input) && input.body !== null) && isGETHEAD) {
       throw new TypeError('Request with GET/HEAD method cannot have body')
+    }
 
     const inputBody = init.body !== null && init.body !== undefined ? init.body
       : isRequest(input) && input.body !== null ? clone(input)
@@ -58,15 +58,17 @@ class Request extends Body {
     if (inputBody !== null && inputBody !== undefined &&
         !headers.has('Content-Type')) {
       const contentType = extractContentType(inputBody)
-      if (contentType)
+      if (contentType) {
         headers.append('Content-Type', contentType)
+      }
     }
 
     const signal = 'signal' in init ? init.signal
       : null
 
-    if (signal !== null && signal !== undefined && !isAbortSignal(signal))
+    if (signal !== null && signal !== undefined && !isAbortSignal(signal)) {
       throw new TypeError('Expected signal must be an instanceof AbortSignal')
+    }
 
     // TLS specific options that are handled by node
     const {
@@ -125,23 +127,23 @@ class Request extends Body {
     this.agent = init.agent || input.agent
   }
 
-  get method() {
+  get method () {
     return this[INTERNALS].method
   }
 
-  get url() {
-    return formatUrl(this[INTERNALS].parsedURL)
+  get url () {
+    return this[INTERNALS].parsedURL.toString()
   }
 
-  get headers() {
+  get headers () {
     return this[INTERNALS].headers
   }
 
-  get redirect() {
+  get redirect () {
     return this[INTERNALS].redirect
   }
 
-  get signal() {
+  get signal () {
     return this[INTERNALS].signal
   }
 
@@ -158,15 +160,14 @@ class Request extends Body {
     const headers = new Headers(request[INTERNALS].headers)
 
     // fetch step 1.3
-    if (!headers.has('Accept'))
+    if (!headers.has('Accept')) {
       headers.set('Accept', '*/*')
+    }
 
     // Basic fetch
-    if (!parsedURL.protocol || !parsedURL.hostname)
-      throw new TypeError('Only absolute URLs are supported')
-
-    if (!/^https?:$/.test(parsedURL.protocol))
+    if (!/^https?:$/.test(parsedURL.protocol)) {
       throw new TypeError('Only HTTP(S) protocols are supported')
+    }
 
     if (request.signal &&
         Minipass.isStream(request.body) &&
@@ -181,25 +182,29 @@ class Request extends Body {
         /^(POST|PUT)$/i.test(request.method) ? '0'
       : request.body !== null && request.body !== undefined
         ? getTotalBytes(request)
-      : null
+        : null
 
-    if (contentLengthValue)
+    if (contentLengthValue) {
       headers.set('Content-Length', contentLengthValue + '')
+    }
 
     // HTTP-network-or-cache fetch step 2.11
-    if (!headers.has('User-Agent'))
+    if (!headers.has('User-Agent')) {
       headers.set('User-Agent', defaultUserAgent)
+    }
 
     // HTTP-network-or-cache fetch step 2.15
-    if (request.compress && !headers.has('Accept-Encoding'))
+    if (request.compress && !headers.has('Accept-Encoding')) {
       headers.set('Accept-Encoding', 'gzip,deflate')
+    }
 
     const agent = typeof request.agent === 'function'
       ? request.agent(parsedURL)
       : request.agent
 
-    if (!headers.has('Connection') && !agent)
+    if (!headers.has('Connection') && !agent) {
       headers.set('Connection', 'close')
+    }
 
     // TLS specific options that are handled by node
     const {
@@ -225,8 +230,21 @@ class Request extends Body {
     // HTTP-network fetch step 4.2
     // chunked encoding is handled by Node.js
 
+    // we cannot spread parsedURL directly, so we have to read each property one-by-one
+    // and map them to the equivalent https?.request() method options
+    const urlProps = {
+      auth: parsedURL.username || parsedURL.password
+        ? `${parsedURL.username}:${parsedURL.password}`
+        : '',
+      host: parsedURL.host,
+      hostname: parsedURL.hostname,
+      path: `${parsedURL.pathname}${parsedURL.search}`,
+      port: parsedURL.port,
+      protocol: parsedURL.protocol,
+    }
+
     return {
-      ...parsedURL,
+      ...urlProps,
       method: request.method,
       headers: exportNodeCompatibleHeaders(headers),
       agent,

package/dist/node_modules/minipass-fetch/lib/response.js

@@ -17,8 +17,9 @@ class Response extends Body {
 
     if (body !== null && body !== undefined && !headers.has('Content-Type')) {
       const contentType = extractContentType(body)
-      if (contentType)
+      if (contentType) {
         headers.append('Content-Type', contentType)
+      }
     }
 
     this[INTERNALS] = {
@@ -43,7 +44,7 @@ class Response extends Body {
     return this[INTERNALS].status
   }
 
-  get ok ()  {
+  get ok () {
     return this[INTERNALS].status >= 200 && this[INTERNALS].status < 300
   }
 

package/dist/node_modules/minipass-fetch/package.json

@@ -1,6 +1,6 @@
 {
   "name": "minipass-fetch",
-  "version": "1.4.1",
+  "version": "2.1.0",
   "description": "An implementation of window.fetch in Node.js using Minipass streams",
   "license": "MIT",
   "main": "lib/index.js",
@@ -9,33 +9,41 @@
     "snap": "tap",
     "preversion": "npm test",
     "postversion": "npm publish",
-    "postpublish": "git push origin --follow-tags"
+    "postpublish": "git push origin --follow-tags",
+    "lint": "eslint \"**/*.js\"",
+    "postlint": "template-oss-check",
+    "lintfix": "npm run lint -- --fix",
+    "prepublishOnly": "git push origin --follow-tags",
+    "posttest": "npm run lint",
+    "template-oss-apply": "template-oss-apply --force"
   },
   "tap": {
     "coverage-map": "map.js",
     "check-coverage": true
   },
   "devDependencies": {
-    "@ungap/url-search-params": "^0.1.2",
+    "@npmcli/eslint-config": "^3.0.1",
+    "@npmcli/template-oss": "3.1.2",
+    "@ungap/url-search-params": "^0.2.2",
     "abort-controller": "^3.0.0",
-    "abortcontroller-polyfill": "~1.3.0",
-    "form-data": "^2.5.1",
+    "abortcontroller-polyfill": "~1.7.3",
+    "form-data": "^4.0.0",
+    "nock": "^13.2.4",
     "parted": "^0.1.1",
     "string-to-arraybuffer": "^1.0.2",
-    "tap": "^15.0.9",
-    "whatwg-url": "^7.0.0"
+    "tap": "^16.0.0"
   },
   "dependencies": {
-    "minipass": "^3.1.0",
+    "minipass": "^3.1.6",
     "minipass-sized": "^1.0.3",
-    "minizlib": "^2.0.0"
+    "minizlib": "^2.1.2"
   },
   "optionalDependencies": {
-    "encoding": "^0.1.12"
+    "encoding": "^0.1.13"
   },
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/npm/minipass-fetch.git"
+    "url": "https://github.com/npm/minipass-fetch.git"
   },
   "keywords": [
     "fetch",
@@ -44,10 +52,15 @@
     "window.fetch"
   ],
   "files": [
-    "index.js",
-    "lib/*.js"
+    "bin/",
+    "lib/"
   ],
   "engines": {
-    "node": ">=8"
+    "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
+  },
+  "author": "GitHub Inc.",
+  "templateOSS": {
+    "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
+    "version": "3.1.2"
   }
 }

package/dist/node_modules/node-gyp/.github/workflows/release-please.yml

@@ -3,7 +3,7 @@ name: release-please
 on:
   push:
     branches:
-      - master
+      - main
 
 jobs:
   release-please:

package/dist/node_modules/node-gyp/.github/workflows/tests.yml

@@ -1,45 +1,52 @@
-# TODO: Line 43, enable pytest --doctest-modules
+# https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources
+# TODO: Line 48, enable pytest --doctest-modules
 
 name: Tests
-on: [push, pull_request]
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
 jobs:
   Tests:
     strategy:
       fail-fast: false
       max-parallel: 15
       matrix:
-        node: [12.x, 14.x, 16.x]
+        node: [14.x, 16.x, 18.x]
         python: ["3.6", "3.8", "3.10"]
         os: [macos-latest, ubuntu-latest, windows-latest]
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       - name: Use Node.js ${{ matrix.node }}
-        uses: actions/setup-node@v2
+        uses: actions/setup-node@v3
         with:
           node-version: ${{ matrix.node }}
       - name: Use Python ${{ matrix.python }}
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v4
         with:
           python-version: ${{ matrix.python }}
         env:
-          PYTHON_VERSION: ${{ matrix.python }}
+          PYTHON_VERSION: ${{ matrix.python }}  # Why do this?
       - name: Install Dependencies
         run: |
           npm install --no-progress
           pip install flake8 pytest
       - name: Set Windows environment
-        if: matrix.os == 'windows-latest'
+        if: startsWith(matrix.os, 'windows')
         run: |
           echo 'GYP_MSVS_VERSION=2015' >> $Env:GITHUB_ENV
           echo 'GYP_MSVS_OVERRIDE_PATH=C:\\Dummy' >> $Env:GITHUB_ENV
       - name: Lint Python
-        if: matrix.os == 'ubuntu-latest'
+        if: startsWith(matrix.os, 'ubuntu')
         run: flake8 . --ignore=E203,W503  --max-complexity=101 --max-line-length=88 --show-source --statistics
       - name: Run Python tests
         run: python -m pytest
       # - name: Run doctests with pytest
       #   run: python -m pytest --doctest-modules
+      - name: Environment Information
+        run: npx envinfo
       - name: Run Node tests
         run: npm test