+84
-3
lines changedFilter options
+84
-3
lines changed Original file line number Diff line number Diff line change
@@ -59,7 +59,7 @@ const getContents = async (manifest, tarball) => {
59 59
totalEntries++
60 60
totalEntrySize += entry.size
61 61
const p = entry.path
62 -
if (p.startsWith('package/node_modules/')) {
62 +
if (p.startsWith('package/node_modules/') && p !== 'package/node_modules/') {
63 63
const name = p.match(/^package\/node_modules\/((?:@[^/]+\/)?[^/]+)/)[1]
64 64
bundled.add(name)
65 65
}
@@ -72,7 +72,7 @@ const getContents = async (manifest, tarball) => {
72 72
})
73 73
stream.end(tarball)
74 74 75 -
const integrity = await ssri.fromData(tarball, {
75 +
const integrity = ssri.fromData(tarball, {
76 76
algorithms: ['sha1', 'sha512'],
77 77
})
78 78
@@ -1,6 +1,8 @@
1 1
const t = require('tap')
2 +
const tar = require('tar')
2 3
const pack = require('libnpmpack')
3 4
const ssri = require('ssri')
5 +
const { readFile } = require('fs/promises')
4 6
const tmock = require('../../fixtures/tmock')
5 7
const { cleanZlib } = require('../../fixtures/clean-snapshot')
6 8
@@ -106,7 +108,7 @@ t.test('should log tarball contents with unicode', async (t) => {
106 108
t.end()
107 109
})
108 110 109 -
t.test('should getContents of a tarball', async (t) => {
111 +
t.test('should getContents of a tarball with only a package.json', async (t) => {
110 112
const testDir = t.testdir({
111 113
'package.json': JSON.stringify({
112 114
name: 'my-cool-pkg',
@@ -142,3 +144,82 @@ t.test('should getContents of a tarball', async (t) => {
142 144
}, 'contents are correct')
143 145
t.end()
144 146
})
147 + 148 +
t.test('should getContents of a tarball with a node_modules directory included', async (t) => {
149 +
const testDir = t.testdir({
150 +
package: {
151 +
'package.json': JSON.stringify({
152 +
name: 'my-cool-pkg',
153 +
version: '1.0.0',
154 +
}, null, 2),
155 +
node_modules: {
156 +
'bundle-dep': {
157 +
'package.json': JSON.stringify({
158 +
name: 'bundle-dep',
159 +
version: '1.0.0',
160 +
}, null, 2),
161 +
},
162 +
},
163 +
},
164 +
})
165 + 166 +
await tar.c({
167 +
gzip: true,
168 +
file: 'npm-example-v1.tgz',
169 +
C: testDir,
170 +
}, ['package'])
171 + 172 +
const tarball = await readFile(`npm-example-v1.tgz`)
173 + 174 +
const tarballContents = await getContents({
175 +
name: 'my-cool-pkg',
176 +
version: '1.0.0',
177 +
}, tarball)
178 + 179 +
const integrity = ssri.fromData(tarball, {
180 +
algorithms: ['sha1', 'sha512'],
181 +
})
182 + 183 +
// zlib is nondeterministic
184 +
t.match(tarballContents.shasum, /^[0-9a-f]{40}$/)
185 +
delete tarballContents.shasum
186 + 187 +
// assert mode differently according to platform
188 +
if (process.platform === 'win32') {
189 +
tarballContents.files[0].mode = 511
190 +
tarballContents.files[1].mode = 511
191 +
tarballContents.files[2].mode = 511
192 +
tarballContents.files[3].mode = 438
193 +
tarballContents.files[4].mode = 438
194 +
} else {
195 +
tarballContents.files[0].mode = 493
196 +
tarballContents.files[1].mode = 493
197 +
tarballContents.files[2].mode = 493
198 +
tarballContents.files[3].mode = 420
199 +
tarballContents.files[4].mode = 420
200 +
}
201 + 202 +
tarballContents.files.forEach((file) => {
203 +
delete file.mode
204 +
})
205 + 206 +
t.same(tarballContents, {
207 +
id: 'my-cool-pkg@1.0.0',
208 +
name: 'my-cool-pkg',
209 +
version: '1.0.0',
210 +
size: tarball.length,
211 +
unpackedSize: 97,
212 +
integrity: ssri.parse(integrity.sha512[0]),
213 +
filename: 'my-cool-pkg-1.0.0.tgz',
214 +
files: [
215 +
{ path: '', size: 0 },
216 +
{ path: 'node_modules/', size: 0 },
217 +
{ path: 'node_modules/bundle-dep/', size: 0 },
218 +
{ path: 'node_modules/bundle-dep/package.json', size: 48 },
219 +
{ path: 'package.json', size: 49 },
220 +
],
221 +
entryCount: 5,
222 +
bundled: ['bundle-dep'],
223 +
}, 'contents are correct')
224 +
t.end()
225 +
})
You can’t perform that action at this time.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4