From 7467ff680a3fffbf6b974c5779229c2e54e8515f Mon Sep 17 00:00:00 2001 From: Luke Karrys Date: Mon, 5 Jun 2023 16:32:23 -0700 Subject: [PATCH] deps: @npmcli/package-json@3.1.1, @npmcli/git@4.1.0 These dependency updates fix the issue found in `9.7.0` that was the reason for its deprecation. Specifically `npm` will now use `bin` before `directories.bin` when looking for bin scripts. This matches the behavior of `npm@9.6.7`. --- DEPENDENCIES.md | 8 +++-- node_modules/@npmcli/git/lib/find.js | 14 ++++---- node_modules/@npmcli/git/package.json | 11 +++---- .../@npmcli/package-json/lib/index.js | 1 + .../@npmcli/package-json/lib/normalize.js | 32 ++++++++++++------- .../@npmcli/package-json/package.json | 8 +++-- package-lock.json | 20 ++++++------ package.json | 4 +-- 8 files changed, 58 insertions(+), 40 deletions(-) diff --git a/DEPENDENCIES.md b/DEPENDENCIES.md index afa21a3899956..681fc6ebc3fa1 100644 --- a/DEPENDENCIES.md +++ b/DEPENDENCIES.md @@ -218,6 +218,8 @@ graph LR; npmcli-package-json-->json-parse-even-better-errors; npmcli-package-json-->normalize-package-data; npmcli-package-json-->npm-normalize-package-bin; + npmcli-package-json-->npmcli-git["@npmcli/git"]; + npmcli-package-json-->proc-log; npmcli-run-script-->npmcli-node-gyp["@npmcli/node-gyp"]; npmcli-run-script-->npmcli-promise-spawn["@npmcli/promise-spawn"]; npmcli-run-script-->read-package-json-fast; @@ -704,6 +706,8 @@ graph LR; npmcli-package-json-->json-parse-even-better-errors; npmcli-package-json-->normalize-package-data; npmcli-package-json-->npm-normalize-package-bin; + npmcli-package-json-->npmcli-git["@npmcli/git"]; + npmcli-package-json-->proc-log; npmcli-promise-spawn-->which; npmcli-query-->postcss-selector-parser; npmcli-run-script-->node-gyp; @@ -822,8 +826,8 @@ packages higher up the chain. - @npmcli/arborist - @npmcli/metavuln-calculator - pacote, libnpmhook, libnpmorg, libnpmsearch, libnpmteam, npm-profile - - npm-registry-fetch, libnpmversion + - npm-registry-fetch, @npmcli/package-json, libnpmversion - @npmcli/git, make-fetch-happen, @npmcli/config, init-package-json - - @npmcli/installed-package-contents, @npmcli/map-workspaces, cacache, npm-pick-manifest, @npmcli/run-script, read-package-json, @npmcli/package-json, promzard + - @npmcli/installed-package-contents, @npmcli/map-workspaces, cacache, npm-pick-manifest, @npmcli/run-script, read-package-json, promzard - @npmcli/docs, @npmcli/fs, npm-bundled, read-package-json-fast, unique-filename, npm-install-checks, npm-package-arg, npm-packlist, normalize-package-data, bin-links, nopt, npmlog, parse-conflict-json, @npmcli/mock-globals, read - @npmcli/eslint-config, @npmcli/template-oss, ignore-walk, semver, npm-normalize-package-bin, @npmcli/name-from-folder, json-parse-even-better-errors, fs-minipass, ssri, unique-slug, @npmcli/promise-spawn, hosted-git-info, proc-log, validate-npm-package-name, @npmcli/node-gyp, minipass-fetch, @npmcli/query, cmd-shim, read-cmd-shim, write-file-atomic, abbrev, are-we-there-yet, gauge, minify-registry-metadata, ini, @npmcli/disparity-colors, mute-stream, npm-audit-report, npm-user-validate diff --git a/node_modules/@npmcli/git/lib/find.js b/node_modules/@npmcli/git/lib/find.js index d58f01dbcc16f..34bd310b88e5d 100644 --- a/node_modules/@npmcli/git/lib/find.js +++ b/node_modules/@npmcli/git/lib/find.js @@ -1,15 +1,15 @@ const is = require('./is.js') const { dirname } = require('path') -module.exports = async ({ cwd = process.cwd() } = {}) => { - if (await is({ cwd })) { - return cwd - } - while (cwd !== dirname(cwd)) { - cwd = dirname(cwd) +module.exports = async ({ cwd = process.cwd(), root } = {}) => { + while (true) { if (await is({ cwd })) { return cwd } + const next = dirname(cwd) + if (cwd === root || cwd === next) { + return null + } + cwd = next } - return null } diff --git a/node_modules/@npmcli/git/package.json b/node_modules/@npmcli/git/package.json index 41c78dddfa3cc..eeba1c0415788 100644 --- a/node_modules/@npmcli/git/package.json +++ b/node_modules/@npmcli/git/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/git", - "version": "4.0.4", + "version": "4.1.0", "main": "lib/index.js", "files": [ "bin/", @@ -23,8 +23,7 @@ "template-oss-apply": "template-oss-apply --force" }, "tap": { - "check-coverage": true, - "coverage-map": "map.js", + "timeout": 600, "nyc-arg": [ "--exclude", "tap-snapshots/**" @@ -32,7 +31,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.12.0", + "@npmcli/template-oss": "4.15.1", "npm-package-arg": "^10.0.0", "slash": "^3.0.0", "tap": "^16.0.1" @@ -52,7 +51,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "windowsCI": false, - "version": "4.12.0" + "version": "4.15.1", + "publish": true } } diff --git a/node_modules/@npmcli/package-json/lib/index.js b/node_modules/@npmcli/package-json/lib/index.js index 34e415b45d49f..756837cdde58a 100644 --- a/node_modules/@npmcli/package-json/lib/index.js +++ b/node_modules/@npmcli/package-json/lib/index.js @@ -38,6 +38,7 @@ class PackageJson { '_attributes', 'bundledDependencies', 'bundleDependencies', + 'bundleDependenciesDeleteFalse', 'gypfile', 'serverjs', 'scriptpath', diff --git a/node_modules/@npmcli/package-json/lib/normalize.js b/node_modules/@npmcli/package-json/lib/normalize.js index bc101cd4fde1b..9594ef3d7ff4f 100644 --- a/node_modules/@npmcli/package-json/lib/normalize.js +++ b/node_modules/@npmcli/package-json/lib/normalize.js @@ -3,10 +3,13 @@ const { glob } = require('glob') const normalizePackageBin = require('npm-normalize-package-bin') const normalizePackageData = require('normalize-package-data') const path = require('path') +const log = require('proc-log') +const git = require('@npmcli/git') -const normalize = async (pkg, { strict, steps }) => { +const normalize = async (pkg, { strict, steps, root }) => { const data = pkg.content const scripts = data.scripts || {} + const pkgId = `${data.name ?? ''}@${data.version ?? ''}` // remove attributes that start with "_" if (steps.includes('_attributes')) { @@ -20,7 +23,7 @@ const normalize = async (pkg, { strict, steps }) => { // build the "_id" attribute if (steps.includes('_id')) { if (data.name && data.version) { - data._id = `${data.name}@${data.version}` + data._id = pkgId } } @@ -34,7 +37,9 @@ const normalize = async (pkg, { strict, steps }) => { // expand "bundleDependencies: true or translate from object" if (steps.includes('bundleDependencies')) { const bd = data.bundleDependencies - if (bd === true) { + if (bd === false && !steps.includes('bundleDependenciesDeleteFalse')) { + data.bundleDependencies = [] + } else if (bd === true) { data.bundleDependencies = Object.keys(data.dependencies || {}) } else if (bd && typeof bd === 'object') { if (!Array.isArray(bd)) { @@ -158,7 +163,7 @@ const normalize = async (pkg, { strict, steps }) => { } // expand "directories.bin" - if (steps.includes('binDir') && data.directories?.bin) { + if (steps.includes('binDir') && data.directories?.bin && !data.bin) { const binsDir = path.resolve(pkg.path, path.join('.', path.join('/', data.directories.bin))) const bins = await glob('**', { cwd: binsDir }) data.bin = bins.reduce((acc, binFile) => { @@ -174,17 +179,20 @@ const normalize = async (pkg, { strict, steps }) => { // populate "gitHead" attribute if (steps.includes('gitHead') && !data.gitHead) { + const gitRoot = await git.find({ cwd: pkg.path, root }) let head - try { - head = await fs.readFile(path.resolve(pkg.path, '.git/HEAD'), 'utf8') - } catch (err) { + if (gitRoot) { + try { + head = await fs.readFile(path.resolve(gitRoot, '.git/HEAD'), 'utf8') + } catch (err) { // do nothing + } } let headData if (head) { if (head.startsWith('ref: ')) { const headRef = head.replace(/^ref: /, '').trim() - const headFile = path.resolve(pkg.path, '.git', headRef) + const headFile = path.resolve(gitRoot, '.git', headRef) try { headData = await fs.readFile(headFile, 'utf8') headData = headData.replace(/^ref: /, '').trim() @@ -192,7 +200,7 @@ const normalize = async (pkg, { strict, steps }) => { // do nothing } if (!headData) { - const packFile = path.resolve(pkg.path, '.git/packed-refs') + const packFile = path.resolve(gitRoot, '.git/packed-refs') try { let refs = await fs.readFile(packFile, 'utf8') if (refs) { @@ -271,11 +279,11 @@ const normalize = async (pkg, { strict, steps }) => { // in normalize-package-data if it had access to the file path. if (steps.includes('binRefs') && data.bin instanceof Object) { for (const key in data.bin) { - const binPath = path.resolve(pkg.path, data.bin[key]) try { - await fs.access(binPath) + await fs.access(path.resolve(pkg.path, data.bin[key])) } catch { - delete data.bin[key] + log.warn('package-json', pkgId, `No bin file found at ${data.bin[key]}`) + // XXX: should a future breaking change delete bin entries that cannot be accessed? } } } diff --git a/node_modules/@npmcli/package-json/package.json b/node_modules/@npmcli/package-json/package.json index 61607c5bb6ae7..a4e2cbab4c0bd 100644 --- a/node_modules/@npmcli/package-json/package.json +++ b/node_modules/@npmcli/package-json/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/package-json", - "version": "3.1.0", + "version": "3.1.1", "description": "Programmatic API to update package.json", "main": "lib/index.js", "files": [ @@ -26,13 +26,17 @@ "devDependencies": { "@npmcli/eslint-config": "^4.0.0", "@npmcli/template-oss": "4.15.1", + "read-package-json": "^6.0.4", + "read-package-json-fast": "^3.0.2", "tap": "^16.0.1" }, "dependencies": { + "@npmcli/git": "^4.1.0", "glob": "^10.2.2", "json-parse-even-better-errors": "^3.0.0", "normalize-package-data": "^5.0.0", - "npm-normalize-package-bin": "^3.0.1" + "npm-normalize-package-bin": "^3.0.1", + "proc-log": "^3.0.0" }, "repository": { "type": "git", diff --git a/package-lock.json b/package-lock.json index 83076f01a52b5..6f08ec4368e66 100644 --- a/package-lock.json +++ b/package-lock.json @@ -87,7 +87,7 @@ "@npmcli/arborist": "^6.2.9", "@npmcli/config": "^6.2.0", "@npmcli/map-workspaces": "^3.0.4", - "@npmcli/package-json": "^3.1.0", + "@npmcli/package-json": "^3.1.1", "@npmcli/run-script": "^6.0.2", "abbrev": "^2.0.0", "archy": "~1.0.0", @@ -157,7 +157,7 @@ "@npmcli/docs": "^1.0.0", "@npmcli/eslint-config": "^4.0.0", "@npmcli/fs": "^3.1.0", - "@npmcli/git": "^4.0.4", + "@npmcli/git": "^4.1.0", "@npmcli/mock-globals": "^1.0.0", "@npmcli/mock-registry": "^1.0.0", "@npmcli/promise-spawn": "^6.0.2", @@ -2290,9 +2290,9 @@ } }, "node_modules/@npmcli/git": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/@npmcli/git/-/git-4.0.4.tgz", - "integrity": "sha512-5yZghx+u5M47LghaybLCkdSyFzV/w4OuH12d96HO389Ik9CDsLaDZJVynSGGVJOLn6gy/k7Dz5XYcplM3uxXRg==", + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/@npmcli/git/-/git-4.1.0.tgz", + "integrity": "sha512-9hwoB3gStVfa0N31ymBmrX+GuDGdVA/QWShZVqE0HK2Af+7QGGrCTbZia/SW0ImUTjTne7SP91qxDmtXvDHRPQ==", "inBundle": true, "dependencies": { "@npmcli/promise-spawn": "^6.0.0", @@ -2394,15 +2394,17 @@ } }, "node_modules/@npmcli/package-json": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@npmcli/package-json/-/package-json-3.1.0.tgz", - "integrity": "sha512-qNPy6Yf9ruFST99xcrl5EWAvrb7qFrwgVbwdzcTJlIgxbArKOq5e/bgZ6rTL1X9hDgAdPbvL8RWx/OTLSB0ToA==", + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/@npmcli/package-json/-/package-json-3.1.1.tgz", + "integrity": "sha512-+UW0UWOYFKCkvszLoTwrYGrjNrT8tI5Ckeb/h+Z1y1fsNJEctl7HmerA5j2FgmoqFaLI2gsA1X9KgMFqx/bRmA==", "inBundle": true, "dependencies": { + "@npmcli/git": "^4.1.0", "glob": "^10.2.2", "json-parse-even-better-errors": "^3.0.0", "normalize-package-data": "^5.0.0", - "npm-normalize-package-bin": "^3.0.1" + "npm-normalize-package-bin": "^3.0.1", + "proc-log": "^3.0.0" }, "engines": { "node": "^14.17.0 || ^16.13.0 || >=18.0.0" diff --git a/package.json b/package.json index 0f65524e0a08f..5df1321c5c55a 100644 --- a/package.json +++ b/package.json @@ -57,7 +57,7 @@ "@npmcli/arborist": "^6.2.9", "@npmcli/config": "^6.2.0", "@npmcli/map-workspaces": "^3.0.4", - "@npmcli/package-json": "^3.1.0", + "@npmcli/package-json": "^3.1.1", "@npmcli/run-script": "^6.0.2", "abbrev": "^2.0.0", "archy": "~1.0.0", @@ -190,7 +190,7 @@ "@npmcli/docs": "^1.0.0", "@npmcli/eslint-config": "^4.0.0", "@npmcli/fs": "^3.1.0", - "@npmcli/git": "^4.0.4", + "@npmcli/git": "^4.1.0", "@npmcli/mock-globals": "^1.0.0", "@npmcli/mock-registry": "^1.0.0", "@npmcli/promise-spawn": "^6.0.2",