├── .release-please-manifest.json ├── .npmrc ├── .github ├── CODEOWNERS ├── ISSUE_TEMPLATE │ ├── config.yml │ └── bug.yml ├── dependabot.yml ├── matchers │ └── tap.json ├── settings.yml ├── workflows │ ├── codeql-analysis.yml │ ├── audit.yml │ ├── pull-request.yml │ ├── release-integration.yml │ ├── ci.yml │ ├── ci-release.yml │ ├── post-dependabot.yml │ └── release.yml └── actions │ ├── create-check │ └── action.yml │ └── install-latest-npm │ └── action.yml ├── test ├── invalid-url.js ├── posix.js ├── purl.js ├── realize-package-specifier.js ├── gitlab.js ├── bitbucket.js ├── windows.js ├── github.js └── basic.js ├── CODE_OF_CONDUCT.md ├── .commitlintrc.js ├── .eslintrc.js ├── .gitignore ├── LICENSE ├── release-please-config.json ├── SECURITY.md ├── package.json ├── CONTRIBUTING.md ├── README.md ├── CHANGELOG.md └── lib └── npa.js /.release-please-manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | ".": "13.0.2" 3 | } 4 | -------------------------------------------------------------------------------- /.npmrc: -------------------------------------------------------------------------------- 1 | ; This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | package-lock=false 4 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | * @npm/cli-team 4 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/config.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | blank_issues_enabled: true 4 | -------------------------------------------------------------------------------- /test/invalid-url.js: -------------------------------------------------------------------------------- 1 | const npa = require('..') 2 | const t = require('tap') 3 | t.throws(() => npa('foo@gopher://goodluckwiththat'), { 4 | code: 'EUNSUPPORTEDPROTOCOL', 5 | }) 6 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | All interactions in this repo are covered by the [npm Code of 4 | Conduct](https://docs.npmjs.com/policies/conduct) 5 | 6 | The npm cli team may, at its own discretion, moderate, remove, or edit 7 | any interactions such as pull requests, issues, and comments. 8 | -------------------------------------------------------------------------------- /.commitlintrc.js: -------------------------------------------------------------------------------- 1 | /* This file is automatically added by @npmcli/template-oss. Do not edit. */ 2 | 3 | module.exports = { 4 | extends: ['@commitlint/config-conventional'], 5 | rules: { 6 | 'type-enum': [2, 'always', ['feat', 'fix', 'docs', 'deps', 'chore']], 7 | 'header-max-length': [2, 'always', 80], 8 | 'subject-case': [0], 9 | 'body-max-line-length': [0], 10 | 'footer-max-line-length': [0], 11 | }, 12 | } 13 | -------------------------------------------------------------------------------- /.eslintrc.js: -------------------------------------------------------------------------------- 1 | /* This file is automatically added by @npmcli/template-oss. Do not edit. */ 2 | 3 | 'use strict' 4 | 5 | const { readdirSync: readdir } = require('fs') 6 | 7 | const localConfigs = readdir(__dirname) 8 | .filter((file) => file.startsWith('.eslintrc.local.')) 9 | .map((file) => `./${file}`) 10 | 11 | module.exports = { 12 | root: true, 13 | ignorePatterns: [ 14 | 'tap-testdir*/', 15 | ], 16 | extends: [ 17 | '@npmcli', 18 | ...localConfigs, 19 | ], 20 | } 21 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | version: 2 4 | 5 | updates: 6 | - package-ecosystem: npm 7 | directory: / 8 | schedule: 9 | interval: daily 10 | target-branch: "main" 11 | allow: 12 | - dependency-type: direct 13 | versioning-strategy: increase-if-necessary 14 | commit-message: 15 | prefix: deps 16 | prefix-development: chore 17 | labels: 18 | - "Dependencies" 19 | open-pull-requests-limit: 10 20 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | # ignore everything in the root 4 | /* 5 | 6 | !**/.gitignore 7 | !/.commitlintrc.js 8 | !/.eslint.config.js 9 | !/.eslintrc.js 10 | !/.eslintrc.local.* 11 | !/.git-blame-ignore-revs 12 | !/.github/ 13 | !/.gitignore 14 | !/.npmrc 15 | !/.prettierignore 16 | !/.prettierrc.js 17 | !/.release-please-manifest.json 18 | !/bin/ 19 | !/CHANGELOG* 20 | !/CODE_OF_CONDUCT.md 21 | !/CONTRIBUTING.md 22 | !/docs/ 23 | !/lib/ 24 | !/LICENSE* 25 | !/map.js 26 | !/package.json 27 | !/README* 28 | !/release-please-config.json 29 | !/scripts/ 30 | !/SECURITY.md 31 | !/tap-snapshots/ 32 | !/test/ 33 | !/tsconfig.json 34 | tap-testdir*/ 35 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The ISC License 2 | 3 | Copyright (c) npm, Inc. 4 | 5 | Permission to use, copy, modify, and/or distribute this software for any 6 | purpose with or without fee is hereby granted, provided that the above 7 | copyright notice and this permission notice appear in all copies. 8 | 9 | THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 | WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 | MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 | ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR 15 | IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 | -------------------------------------------------------------------------------- /.github/matchers/tap.json: -------------------------------------------------------------------------------- 1 | { 2 | "//@npmcli/template-oss": "This file is automatically added by @npmcli/template-oss. Do not edit.", 3 | "problemMatcher": [ 4 | { 5 | "owner": "tap", 6 | "pattern": [ 7 | { 8 | "regexp": "^\\s*not ok \\d+ - (.*)", 9 | "message": 1 10 | }, 11 | { 12 | "regexp": "^\\s*---" 13 | }, 14 | { 15 | "regexp": "^\\s*at:" 16 | }, 17 | { 18 | "regexp": "^\\s*line:\\s*(\\d+)", 19 | "line": 1 20 | }, 21 | { 22 | "regexp": "^\\s*column:\\s*(\\d+)", 23 | "column": 1 24 | }, 25 | { 26 | "regexp": "^\\s*file:\\s*(.*)", 27 | "file": 1 28 | } 29 | ] 30 | } 31 | ] 32 | } 33 | -------------------------------------------------------------------------------- /test/posix.js: -------------------------------------------------------------------------------- 1 | // redefine process.platform before any requires so that we don't cache a require that got the non-redefined value 2 | const { platform } = process 3 | Object.defineProperty(process, 'platform', { value: 'linux' }) 4 | 5 | const t = require('tap') 6 | const npa = require('..') 7 | 8 | t.teardown(() => { 9 | Object.defineProperty(process, 'platform', { value: platform }) 10 | }) 11 | 12 | // These are purely for coverage 13 | // We need tests that act like linux so that code paths are covered both ways when testing in windows itself. 14 | // 15 | t.test('file spec', t => { 16 | const actual = npa('./local') 17 | t.equal(actual.type, 'directory') 18 | t.equal(actual.raw, './local') 19 | t.end() 20 | }) 21 | 22 | t.test('encoded path', t => { 23 | const actual = npa('./path\\backslash') 24 | t.equal(actual.rawSpec, './path\\backslash') 25 | t.end() 26 | }) 27 | -------------------------------------------------------------------------------- /release-please-config.json: -------------------------------------------------------------------------------- 1 | { 2 | "group-pull-request-title-pattern": "chore: release ${version}", 3 | "pull-request-title-pattern": "chore: release${component} ${version}", 4 | "changelog-sections": [ 5 | { 6 | "type": "feat", 7 | "section": "Features", 8 | "hidden": false 9 | }, 10 | { 11 | "type": "fix", 12 | "section": "Bug Fixes", 13 | "hidden": false 14 | }, 15 | { 16 | "type": "docs", 17 | "section": "Documentation", 18 | "hidden": false 19 | }, 20 | { 21 | "type": "deps", 22 | "section": "Dependencies", 23 | "hidden": false 24 | }, 25 | { 26 | "type": "chore", 27 | "section": "Chores", 28 | "hidden": true 29 | } 30 | ], 31 | "packages": { 32 | ".": { 33 | "package-name": "" 34 | } 35 | }, 36 | "prerelease-type": "pre.0" 37 | } 38 | -------------------------------------------------------------------------------- /.github/settings.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | repository: 4 | allow_merge_commit: false 5 | allow_rebase_merge: true 6 | allow_squash_merge: true 7 | squash_merge_commit_title: PR_TITLE 8 | squash_merge_commit_message: PR_BODY 9 | delete_branch_on_merge: true 10 | enable_automated_security_fixes: true 11 | enable_vulnerability_alerts: true 12 | 13 | branches: 14 | - name: main 15 | protection: 16 | required_status_checks: null 17 | enforce_admins: true 18 | block_creations: true 19 | required_pull_request_reviews: 20 | required_approving_review_count: 1 21 | require_code_owner_reviews: true 22 | require_last_push_approval: true 23 | dismiss_stale_reviews: true 24 | restrictions: 25 | apps: [] 26 | users: [] 27 | teams: [ "cli-team" ] 28 | -------------------------------------------------------------------------------- /.github/workflows/codeql-analysis.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | name: CodeQL 4 | 5 | on: 6 | push: 7 | branches: 8 | - main 9 | pull_request: 10 | branches: 11 | - main 12 | schedule: 13 | # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1 14 | - cron: "0 10 * * 1" 15 | 16 | permissions: 17 | contents: read 18 | 19 | jobs: 20 | analyze: 21 | name: Analyze 22 | runs-on: ubuntu-latest 23 | permissions: 24 | actions: read 25 | contents: read 26 | security-events: write 27 | steps: 28 | - name: Checkout 29 | uses: actions/checkout@v4 30 | - name: Setup Git User 31 | run: | 32 | git config --global user.email "npm-cli+bot@github.com" 33 | git config --global user.name "npm CLI robot" 34 | - name: Initialize CodeQL 35 | uses: github/codeql-action/init@v3 36 | with: 37 | languages: javascript 38 | - name: Perform CodeQL Analysis 39 | uses: github/codeql-action/analyze@v3 40 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub). 4 | 5 | If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways. 6 | 7 | If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly through [opensource-security@github.com](mailto:opensource-security@github.com). 8 | 9 | If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award. 10 | 11 | **Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.** 12 | 13 | Thanks for helping make GitHub safe for everyone. 14 | -------------------------------------------------------------------------------- /test/purl.js: -------------------------------------------------------------------------------- 1 | 'use strict' 2 | var test = require('tap').test 3 | var npa = require('..') 4 | 5 | test('toPurl - valid', function (t) { 6 | // Unscoped package 7 | t.equal(npa.toPurl('foo@1.2.3'), 'pkg:npm/foo@1.2.3') 8 | 9 | // Scoped package 10 | t.equal( 11 | npa.toPurl('@foo/bar@1.2.3-alpha.1'), 12 | 'pkg:npm/%40foo/bar@1.2.3-alpha.1') 13 | 14 | // Non-default registry 15 | t.equal( 16 | npa.toPurl({ name: '@foo/bar', rawSpec: '1.0.0' }, 'https://npm.pkg.github.com'), 17 | 'pkg:npm/%40foo/bar@1.0.0?repository_url=https://npm.pkg.github.com' 18 | ) 19 | 20 | // Default registry 21 | t.equal( 22 | npa.toPurl({ name: '@foo/bar', rawSpec: '1.0.0' }, 'https://registry.npmjs.org'), 23 | 'pkg:npm/%40foo/bar@1.0.0' 24 | ) 25 | 26 | t.end() 27 | }) 28 | 29 | test('toPurl - invalid', function (t) { 30 | // Invalid version 31 | t.throws(() => npa.toPurl({ name: 'foo/bar', rawSpec: '1.0.0' }), { 32 | code: 'EINVALIDPACKAGENAME', 33 | }) 34 | 35 | // Invalid version 36 | t.throws(() => npa.toPurl('foo@a.b.c'), { 37 | code: 'EINVALIDPURLTYPE', 38 | }) 39 | 40 | // Invalid type 41 | t.throws(() => npa.toPurl('git+ssh://git@github.com/user/foo#1.2.3'), { 42 | code: 'EINVALIDPURLTYPE', 43 | }) 44 | 45 | t.end() 46 | }) 47 | -------------------------------------------------------------------------------- /.github/workflows/audit.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | name: Audit 4 | 5 | on: 6 | workflow_dispatch: 7 | schedule: 8 | # "At 08:00 UTC (01:00 PT) on Monday" https://crontab.guru/#0_8_*_*_1 9 | - cron: "0 8 * * 1" 10 | 11 | permissions: 12 | contents: read 13 | 14 | jobs: 15 | audit: 16 | name: Audit Dependencies 17 | if: github.repository_owner == 'npm' 18 | runs-on: ubuntu-latest 19 | defaults: 20 | run: 21 | shell: bash 22 | steps: 23 | - name: Checkout 24 | uses: actions/checkout@v4 25 | - name: Setup Git User 26 | run: | 27 | git config --global user.email "npm-cli+bot@github.com" 28 | git config --global user.name "npm CLI robot" 29 | - name: Setup Node 30 | uses: actions/setup-node@v4 31 | id: node 32 | with: 33 | node-version: 22.x 34 | check-latest: contains('22.x', '.x') 35 | - name: Install Latest npm 36 | uses: ./.github/actions/install-latest-npm 37 | with: 38 | node: ${{ steps.node.outputs.node-version }} 39 | - name: Install Dependencies 40 | run: npm i --ignore-scripts --no-audit --no-fund --package-lock 41 | - name: Run Production Audit 42 | run: npm audit --omit=dev 43 | - name: Run Full Audit 44 | run: npm audit --audit-level=none 45 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | name: Bug 4 | description: File a bug/issue 5 | title: "[BUG] " 6 | labels: [ Bug, Needs Triage ] 7 | 8 | body: 9 | - type: checkboxes 10 | attributes: 11 | label: Is there an existing issue for this? 12 | description: Please [search here](./issues) to see if an issue already exists for your problem. 13 | options: 14 | - label: I have searched the existing issues 15 | required: true 16 | - type: textarea 17 | attributes: 18 | label: Current Behavior 19 | description: A clear & concise description of what you're experiencing. 20 | validations: 21 | required: false 22 | - type: textarea 23 | attributes: 24 | label: Expected Behavior 25 | description: A clear & concise description of what you expected to happen. 26 | validations: 27 | required: false 28 | - type: textarea 29 | attributes: 30 | label: Steps To Reproduce 31 | description: Steps to reproduce the behavior. 32 | value: | 33 | 1. In this environment... 34 | 2. With this config... 35 | 3. Run '...' 36 | 4. See error... 37 | validations: 38 | required: false 39 | - type: textarea 40 | attributes: 41 | label: Environment 42 | description: | 43 | examples: 44 | - **npm**: 7.6.3 45 | - **Node**: 13.14.0 46 | - **OS**: Ubuntu 20.04 47 | - **platform**: Macbook Pro 48 | value: | 49 | - npm: 50 | - Node: 51 | - OS: 52 | - platform: 53 | validations: 54 | required: false 55 | -------------------------------------------------------------------------------- /.github/actions/create-check/action.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | name: 'Create Check' 4 | inputs: 5 | name: 6 | required: true 7 | token: 8 | required: true 9 | sha: 10 | required: true 11 | check-name: 12 | default: '' 13 | outputs: 14 | check-id: 15 | value: ${{ steps.create-check.outputs.check_id }} 16 | runs: 17 | using: "composite" 18 | steps: 19 | - name: Get Workflow Job 20 | uses: actions/github-script@v7 21 | id: workflow 22 | env: 23 | JOB_NAME: "${{ inputs.name }}" 24 | SHA: "${{ inputs.sha }}" 25 | with: 26 | result-encoding: string 27 | script: | 28 | const { repo: { owner, repo}, runId, serverUrl } = context 29 | const { JOB_NAME, SHA } = process.env 30 | 31 | const job = await github.rest.actions.listJobsForWorkflowRun({ 32 | owner, 33 | repo, 34 | run_id: runId, 35 | per_page: 100 36 | }).then(r => r.data.jobs.find(j => j.name.endsWith(JOB_NAME))) 37 | 38 | return [ 39 | `This check is assosciated with ${serverUrl}/${owner}/${repo}/commit/${SHA}.`, 40 | 'Run logs:', 41 | job?.html_url || `could not be found for a job ending with: "${JOB_NAME}"`, 42 | ].join(' ') 43 | - name: Create Check 44 | uses: LouisBrunner/checks-action@v1.6.0 45 | id: create-check 46 | with: 47 | token: ${{ inputs.token }} 48 | sha: ${{ inputs.sha }} 49 | status: in_progress 50 | name: ${{ inputs.check-name || inputs.name }} 51 | output: | 52 | {"summary":"${{ steps.workflow.outputs.result }}"} 53 | -------------------------------------------------------------------------------- /.github/workflows/pull-request.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | name: Pull Request 4 | 5 | on: 6 | pull_request: 7 | types: 8 | - opened 9 | - reopened 10 | - edited 11 | - synchronize 12 | 13 | permissions: 14 | contents: read 15 | 16 | jobs: 17 | commitlint: 18 | name: Lint Commits 19 | if: github.repository_owner == 'npm' 20 | runs-on: ubuntu-latest 21 | defaults: 22 | run: 23 | shell: bash 24 | steps: 25 | - name: Checkout 26 | uses: actions/checkout@v4 27 | with: 28 | fetch-depth: 0 29 | - name: Setup Git User 30 | run: | 31 | git config --global user.email "npm-cli+bot@github.com" 32 | git config --global user.name "npm CLI robot" 33 | - name: Setup Node 34 | uses: actions/setup-node@v4 35 | id: node 36 | with: 37 | node-version: 22.x 38 | check-latest: contains('22.x', '.x') 39 | - name: Install Latest npm 40 | uses: ./.github/actions/install-latest-npm 41 | with: 42 | node: ${{ steps.node.outputs.node-version }} 43 | - name: Install Dependencies 44 | run: npm i --ignore-scripts --no-audit --no-fund 45 | - name: Run Commitlint on Commits 46 | id: commit 47 | continue-on-error: true 48 | run: npx --offline commitlint -V --from 'origin/${{ github.base_ref }}' --to ${{ github.event.pull_request.head.sha }} 49 | - name: Run Commitlint on PR Title 50 | if: steps.commit.outcome == 'failure' 51 | env: 52 | PR_TITLE: ${{ github.event.pull_request.title }} 53 | run: echo "$PR_TITLE" | npx --offline commitlint -V 54 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "npm-package-arg", 3 | "version": "13.0.2", 4 | "description": "Parse the things that can be arguments to `npm install`", 5 | "main": "./lib/npa.js", 6 | "directories": { 7 | "test": "test" 8 | }, 9 | "files": [ 10 | "bin/", 11 | "lib/" 12 | ], 13 | "dependencies": { 14 | "hosted-git-info": "^9.0.0", 15 | "proc-log": "^6.0.0", 16 | "semver": "^7.3.5", 17 | "validate-npm-package-name": "^7.0.0" 18 | }, 19 | "devDependencies": { 20 | "@npmcli/eslint-config": "^6.0.0", 21 | "@npmcli/template-oss": "4.28.0", 22 | "tap": "^16.0.1" 23 | }, 24 | "scripts": { 25 | "test": "tap", 26 | "snap": "tap", 27 | "npmclilint": "npmcli-lint", 28 | "lint": "npm run eslint", 29 | "lintfix": "npm run eslint -- --fix", 30 | "posttest": "npm run lint", 31 | "postsnap": "npm run lintfix --", 32 | "postlint": "template-oss-check", 33 | "template-oss-apply": "template-oss-apply --force", 34 | "eslint": "eslint \"**/*.{js,cjs,ts,mjs,jsx,tsx}\"" 35 | }, 36 | "repository": { 37 | "type": "git", 38 | "url": "git+https://github.com/npm/npm-package-arg.git" 39 | }, 40 | "author": "GitHub Inc.", 41 | "license": "ISC", 42 | "bugs": { 43 | "url": "https://github.com/npm/npm-package-arg/issues" 44 | }, 45 | "homepage": "https://github.com/npm/npm-package-arg", 46 | "engines": { 47 | "node": "^20.17.0 || >=22.9.0" 48 | }, 49 | "tap": { 50 | "nyc-arg": [ 51 | "--exclude", 52 | "tap-snapshots/**" 53 | ] 54 | }, 55 | "templateOSS": { 56 | "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", 57 | "version": "4.28.0", 58 | "publish": true 59 | } 60 | } 61 | -------------------------------------------------------------------------------- /.github/actions/install-latest-npm/action.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | name: 'Install Latest npm' 4 | description: 'Install the latest version of npm compatible with the Node version' 5 | inputs: 6 | node: 7 | description: 'Current Node version' 8 | required: true 9 | runs: 10 | using: "composite" 11 | steps: 12 | # node 10/12/14 ship with npm@6, which is known to fail when updating itself in windows 13 | - name: Update Windows npm 14 | if: | 15 | runner.os == 'Windows' && ( 16 | startsWith(inputs.node, 'v10.') || 17 | startsWith(inputs.node, 'v12.') || 18 | startsWith(inputs.node, 'v14.') 19 | ) 20 | shell: cmd 21 | run: | 22 | curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz 23 | tar xf npm-7.5.4.tgz 24 | cd package 25 | node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz 26 | cd .. 27 | rmdir /s /q package 28 | - name: Install Latest npm 29 | shell: bash 30 | env: 31 | NODE_VERSION: ${{ inputs.node }} 32 | working-directory: ${{ runner.temp }} 33 | run: | 34 | MATCH="" 35 | SPECS=("latest" "next-10" "next-9" "next-8" "next-7" "next-6") 36 | 37 | echo "node@$NODE_VERSION" 38 | 39 | for SPEC in ${SPECS[@]}; do 40 | ENGINES=$(npm view npm@$SPEC --json | jq -r '.engines.node') 41 | echo "Checking if node@$NODE_VERSION satisfies npm@$SPEC ($ENGINES)" 42 | 43 | if npx semver -r "$ENGINES" "$NODE_VERSION" > /dev/null; then 44 | MATCH=$SPEC 45 | echo "Found compatible version: npm@$MATCH" 46 | break 47 | fi 48 | done 49 | 50 | if [ -z $MATCH ]; then 51 | echo "Could not find a compatible version of npm for node@$NODE_VERSION" 52 | exit 1 53 | fi 54 | 55 | npm i --prefer-online --no-fund --no-audit -g npm@$MATCH 56 | - name: npm Version 57 | shell: bash 58 | run: npm -v 59 | -------------------------------------------------------------------------------- /test/realize-package-specifier.js: -------------------------------------------------------------------------------- 1 | 'use strict' 2 | var test = require('tap').test 3 | var npa = require('..') 4 | 5 | test('realize-package-specifier', function (t) { 6 | t.plan(6) 7 | var result 8 | result = npa('a.tar.gz', '/test/a/b') 9 | t.equal(result.type, 'file', 'local tarball') 10 | result = npa('d', '/test/a/b') 11 | t.equal(result.type, 'range', 'remote package') 12 | result = npa('file:./a.tar.gz', '/test/a/b') 13 | t.equal(result.type, 'file', 'local tarball') 14 | result = npa('file:./b', '/test/a/b') 15 | t.equal(result.type, 'directory', 'local package directory') 16 | result = npa('file:./c', '/test/a/b') 17 | t.equal(result.type, 'directory', 'non-package local directory, specified with a file URL') 18 | result = npa('file:./d', '/test/a/b') 19 | t.equal(result.type, 'directory', 'no local directory, specified with a file URL') 20 | }) 21 | test('named realize-package-specifier', function (t) { 22 | t.plan(10) 23 | var result 24 | result = npa('a@a.tar.gz', '/test/a/b') 25 | t.equal(result.type, 'file', 'named local tarball') 26 | result = npa('d@d', '/test/a/b') 27 | t.equal(result.type, 'tag', 'remote package') 28 | result = npa('a@file:./a.tar.gz', '/test/a/b') 29 | t.equal(result.type, 'file', 'local tarball') 30 | result = npa('b@file:./b', '/test/a/b') 31 | t.equal(result.type, 'directory', 'local package directory') 32 | result = npa('c@file:./c', '/test/a/b') 33 | t.equal(result.type, 'directory', 'non-package local directory, specified with a file URL') 34 | result = npa('d@file:./d', '/test/a/b') 35 | t.equal(result.type, 'directory', 'no local directory, specified with a file URL') 36 | result = npa('e@e/2', 'test/a/b') 37 | t.equal(result.type, 'git', 'hosted package dependency is git') 38 | t.equal(result.hosted.type, 'github', 'github package dependency') 39 | result = npa('e@1', '/test/a/b') 40 | t.equal(result.type, 'range', 'range like specifier is never a local file') 41 | result = npa('e@1.0.0', '/test/a/b') 42 | t.equal(result.type, 'version', 'version like specifier is never a local file') 43 | }) 44 | -------------------------------------------------------------------------------- /test/gitlab.js: -------------------------------------------------------------------------------- 1 | var npa = require('..') 2 | 3 | require('tap').test('basic', function (t) { 4 | t.setMaxListeners(999) 5 | 6 | var tests = { 7 | 'gitlab:user/foo-js': { 8 | name: null, 9 | type: 'git', 10 | raw: 'gitlab:user/foo-js', 11 | }, 12 | 13 | 'gitlab:user/foo-js#bar/baz': { 14 | name: null, 15 | type: 'git', 16 | raw: 'gitlab:user/foo-js#bar/baz', 17 | }, 18 | 19 | 'gitlab:user..blerg--/..foo-js# . . . . . some . tags / / /': { 20 | name: null, 21 | type: 'git', 22 | saveSpec: 'gitlab:user..blerg--/..foo-js# . . . . . some . tags / / /', 23 | raw: 'gitlab:user..blerg--/..foo-js# . . . . . some . tags / / /', 24 | }, 25 | 26 | 'gitlab:user/foo-js#bar/baz/bin': { 27 | name: null, 28 | type: 'git', 29 | saveSpec: 'gitlab:user/foo-js#bar/baz/bin', 30 | raw: 'gitlab:user/foo-js#bar/baz/bin', 31 | }, 32 | 33 | 'foo@gitlab:user/foo-js': { 34 | name: 'foo', 35 | type: 'git', 36 | saveSpec: 'gitlab:user/foo-js', 37 | raw: 'foo@gitlab:user/foo-js', 38 | }, 39 | 40 | 'git+ssh://git@gitlab.com/user/foo#1.2.3': { 41 | name: null, 42 | type: 'git', 43 | saveSpec: 'git+ssh://git@gitlab.com/user/foo.git#1.2.3', 44 | raw: 'git+ssh://git@gitlab.com/user/foo#1.2.3', 45 | }, 46 | 47 | 'https://gitlab.com/user/foo.git': { 48 | name: null, 49 | type: 'git', 50 | saveSpec: 'git+https://gitlab.com/user/foo.git', 51 | raw: 'https://gitlab.com/user/foo.git', 52 | }, 53 | 54 | '@foo/bar@git+ssh://gitlab.com/user/foo': { 55 | name: '@foo/bar', 56 | scope: '@foo', 57 | type: 'git', 58 | saveSpec: 'git+ssh://git@gitlab.com/user/foo.git', 59 | rawSpec: 'git+ssh://gitlab.com/user/foo', 60 | raw: '@foo/bar@git+ssh://gitlab.com/user/foo', 61 | }, 62 | } 63 | 64 | Object.keys(tests).forEach(function (arg) { 65 | var res = npa(arg) 66 | t.ok(res instanceof npa.Result, arg + ' is a result') 67 | t.has(JSON.parse(JSON.stringify(res)), tests[arg], arg + ' matches expectations') 68 | }) 69 | 70 | t.end() 71 | }) 72 | -------------------------------------------------------------------------------- /test/bitbucket.js: -------------------------------------------------------------------------------- 1 | var npa = require('..') 2 | 3 | require('tap').test('basic', function (t) { 4 | t.setMaxListeners(999) 5 | 6 | var tests = { 7 | 'bitbucket:user/foo-js': { 8 | name: null, 9 | type: 'git', 10 | saveSpec: 'bitbucket:user/foo-js', 11 | raw: 'bitbucket:user/foo-js', 12 | }, 13 | 14 | 'bitbucket:user/foo-js#bar/baz': { 15 | name: null, 16 | type: 'git', 17 | saveSpec: 'bitbucket:user/foo-js#bar/baz', 18 | raw: 'bitbucket:user/foo-js#bar/baz', 19 | }, 20 | 21 | 'bitbucket:user..blerg--/..foo-js# . . . . . some . tags / / /': { 22 | name: null, 23 | type: 'git', 24 | saveSpec: 'bitbucket:user..blerg--/..foo-js# . . . . . some . tags / / /', 25 | raw: 'bitbucket:user..blerg--/..foo-js# . . . . . some . tags / / /', 26 | }, 27 | 28 | 'bitbucket:user/foo-js#bar/baz/bin': { 29 | name: null, 30 | type: 'git', 31 | saveSpec: 'bitbucket:user/foo-js#bar/baz/bin', 32 | raw: 'bitbucket:user/foo-js#bar/baz/bin', 33 | }, 34 | 35 | 'foo@bitbucket:user/foo-js': { 36 | name: 'foo', 37 | type: 'git', 38 | saveSpec: 'bitbucket:user/foo-js', 39 | raw: 'foo@bitbucket:user/foo-js', 40 | }, 41 | 42 | 'git+ssh://git@bitbucket.org/user/foo#1.2.3': { 43 | name: null, 44 | type: 'git', 45 | saveSpec: 'git+ssh://git@bitbucket.org/user/foo.git#1.2.3', 46 | raw: 'git+ssh://git@bitbucket.org/user/foo#1.2.3', 47 | }, 48 | 49 | 'https://bitbucket.org/user/foo.git': { 50 | name: null, 51 | type: 'git', 52 | saveSpec: 'git+https://bitbucket.org/user/foo.git', 53 | raw: 'https://bitbucket.org/user/foo.git', 54 | }, 55 | 56 | '@foo/bar@git+ssh://bitbucket.org/user/foo': { 57 | name: '@foo/bar', 58 | scope: '@foo', 59 | type: 'git', 60 | saveSpec: 'git+ssh://git@bitbucket.org/user/foo.git', 61 | rawSpec: 'git+ssh://bitbucket.org/user/foo', 62 | raw: '@foo/bar@git+ssh://bitbucket.org/user/foo', 63 | }, 64 | } 65 | 66 | Object.keys(tests).forEach(function (arg) { 67 | var res = npa(arg) 68 | t.ok(res instanceof npa.Result, arg + ' is a result') 69 | t.has(res, tests[arg], arg + ' matches expectations') 70 | }) 71 | 72 | t.end() 73 | }) 74 | -------------------------------------------------------------------------------- /.github/workflows/release-integration.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | name: Release Integration 4 | 5 | on: 6 | workflow_dispatch: 7 | inputs: 8 | releases: 9 | required: true 10 | type: string 11 | description: 'A json array of releases. Required fields: publish: tagName, publishTag. publish check: pkgName, version' 12 | workflow_call: 13 | inputs: 14 | releases: 15 | required: true 16 | type: string 17 | description: 'A json array of releases. Required fields: publish: tagName, publishTag. publish check: pkgName, version' 18 | secrets: 19 | PUBLISH_TOKEN: 20 | required: true 21 | 22 | permissions: 23 | contents: read 24 | id-token: write 25 | 26 | jobs: 27 | publish: 28 | name: Publish 29 | runs-on: ubuntu-latest 30 | defaults: 31 | run: 32 | shell: bash 33 | permissions: 34 | id-token: write 35 | steps: 36 | - name: Checkout 37 | uses: actions/checkout@v4 38 | with: 39 | ref: ${{ fromJSON(inputs.releases)[0].tagName }} 40 | - name: Setup Git User 41 | run: | 42 | git config --global user.email "npm-cli+bot@github.com" 43 | git config --global user.name "npm CLI robot" 44 | - name: Setup Node 45 | uses: actions/setup-node@v4 46 | id: node 47 | with: 48 | node-version: 22.x 49 | check-latest: contains('22.x', '.x') 50 | - name: Install Latest npm 51 | uses: ./.github/actions/install-latest-npm 52 | with: 53 | node: ${{ steps.node.outputs.node-version }} 54 | - name: Install Dependencies 55 | run: npm i --ignore-scripts --no-audit --no-fund 56 | - name: Set npm authToken 57 | run: npm config set '//registry.npmjs.org/:_authToken'=\${PUBLISH_TOKEN} 58 | - name: Publish 59 | env: 60 | PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} 61 | RELEASES: ${{ inputs.releases }} 62 | run: | 63 | EXIT_CODE=0 64 | 65 | for release in $(echo $RELEASES | jq -r '.[] | @base64'); do 66 | PUBLISH_TAG=$(echo "$release" | base64 --decode | jq -r .publishTag) 67 | npm publish --provenance --tag="$PUBLISH_TAG" 68 | STATUS=$? 69 | if [[ "$STATUS" -eq 1 ]]; then 70 | EXIT_CODE=$STATUS 71 | fi 72 | done 73 | 74 | exit $EXIT_CODE 75 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | <!-- This file is automatically added by @npmcli/template-oss. Do not edit. --> 2 | 3 | # Contributing 4 | 5 | ## Code of Conduct 6 | 7 | All interactions in the **npm** organization on GitHub are considered to be covered by our standard [Code of Conduct](https://docs.npmjs.com/policies/conduct). 8 | 9 | ## Reporting Bugs 10 | 11 | Before submitting a new bug report please search for an existing or similar report. 12 | 13 | Use one of our existing issue templates if you believe you've come across a unique problem. 14 | 15 | Duplicate issues, or issues that don't use one of our templates may get closed without a response. 16 | 17 | ## Pull Request Conventions 18 | 19 | ### Commits 20 | 21 | We use [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/). 22 | 23 | When opening a pull request please be sure that either the pull request title, or each commit in the pull request, has one of the following prefixes: 24 | 25 | - `feat`: For when introducing a new feature. The result will be a new semver minor version of the package when it is next published. 26 | - `fix`: For bug fixes. The result will be a new semver patch version of the package when it is next published. 27 | - `docs`: For documentation updates. The result will be a new semver patch version of the package when it is next published. 28 | - `chore`: For changes that do not affect the published module. Often these are changes to tests. The result will be *no* change to the version of the package when it is next published (as the commit does not affect the published version). 29 | 30 | ### Test Coverage 31 | 32 | Pull requests made against this repo will run `npm test` automatically. Please make sure tests pass locally before submitting a PR. 33 | 34 | Every new feature or bug fix should come with a corresponding test or tests that validate the solutions. Testing also reports on code coverage and will fail if code coverage drops. 35 | 36 | ### Linting 37 | 38 | Linting is also done automatically once tests pass. `npm run lintfix` will fix most linting errors automatically. 39 | 40 | Please make sure linting passes before submitting a PR. 41 | 42 | ## What _not_ to contribute? 43 | 44 | ### Dependencies 45 | 46 | It should be noted that our team does not accept third-party dependency updates/PRs. If you submit a PR trying to update our dependencies we will close it with or without a reference to these contribution guidelines. 47 | 48 | ### Tools/Automation 49 | 50 | Our core team is responsible for the maintenance of the tooling/automation in this project and we ask contributors to not make changes to these when contributing (e.g. `.github/*`, `.eslintrc.json`, `.licensee.json`). Most of those files also have a header at the top to remind folks they are automatically generated. Pull requests that alter these will not be accepted. 51 | -------------------------------------------------------------------------------- /test/windows.js: -------------------------------------------------------------------------------- 1 | // redefine process.platform before any requires so that we don't cache a require that got the non-redefined value 2 | const { platform } = process 3 | Object.defineProperty(process, 'platform', { value: 'win32' }) 4 | 5 | const t = require('tap') 6 | const npa = require('..') 7 | 8 | t.teardown(() => { 9 | Object.defineProperty(process, 'platform', { value: platform }) 10 | }) 11 | 12 | const cases = { 13 | 'C:\\x\\y\\z': { 14 | raw: 'C:\\x\\y\\z', 15 | scope: null, 16 | name: null, 17 | escapedName: null, 18 | rawSpec: 'C:\\x\\y\\z', 19 | fetchSpec: 'C:\\x\\y\\z', 20 | type: 'directory', 21 | }, 22 | 23 | 'foo@C:\\x\\y\\z': { 24 | raw: 'foo@C:\\x\\y\\z', 25 | scope: null, 26 | name: 'foo', 27 | escapedName: 'foo', 28 | rawSpec: 'C:\\x\\y\\z', 29 | fetchSpec: 'C:\\x\\y\\z', 30 | type: 'directory', 31 | }, 32 | 33 | 'foo@file:///C:\\x\\y\\z': { 34 | raw: 'foo@file:///C:\\x\\y\\z', 35 | scope: null, 36 | name: 'foo', 37 | escapedName: 'foo', 38 | rawSpec: 'file:///C:\\x\\y\\z', 39 | fetchSpec: 'C:\\x\\y\\z', 40 | type: 'directory', 41 | }, 42 | 43 | 'foo@file://C:\\x\\y\\z': { 44 | raw: 'foo@file://C:\\x\\y\\z', 45 | scope: null, 46 | name: 'foo', 47 | escapedName: 'foo', 48 | rawSpec: 'file://C:\\x\\y\\z', 49 | fetchSpec: 'C:\\x\\y\\z', 50 | type: 'directory', 51 | }, 52 | 53 | 'file:///C:\\x\\y\\z': { 54 | raw: 'file:///C:\\x\\y\\z', 55 | scope: null, 56 | name: null, 57 | escapedName: null, 58 | rawSpec: 'file:///C:\\x\\y\\z', 59 | fetchSpec: 'C:\\x\\y\\z', 60 | type: 'directory', 61 | }, 62 | 63 | 'file://C:\\x\\y\\z': { 64 | raw: 'file://C:\\x\\y\\z', 65 | scope: null, 66 | name: null, 67 | escapedName: null, 68 | rawSpec: 'file://C:\\x\\y\\z', 69 | fetchSpec: 'C:\\x\\y\\z', 70 | type: 'directory', 71 | }, 72 | 73 | 'foo@/foo/bar/baz': { 74 | raw: 'foo@/foo/bar/baz', 75 | scope: null, 76 | name: 'foo', 77 | escapedName: 'foo', 78 | rawSpec: '/foo/bar/baz', 79 | fetchSpec: 'C:\\foo\\bar\\baz', 80 | type: 'directory', 81 | }, 82 | 83 | 'foo@git+file://C:\\x\\y\\z': { 84 | type: 'git', 85 | registry: null, 86 | where: null, 87 | raw: 'foo@git+file://C:\\x\\y\\z', 88 | name: 'foo', 89 | escapedName: 'foo', 90 | scope: null, 91 | rawSpec: 'git+file://C:\\x\\y\\z', 92 | saveSpec: 'git+file://C:\\x\\y\\z', 93 | fetchSpec: 'file://c:/x/y/z', 94 | gitRange: null, 95 | gitCommittish: null, 96 | hosted: null, 97 | }, 98 | } 99 | 100 | t.test('parse a windows path', function (t) { 101 | Object.keys(cases).forEach(function (c) { 102 | t.test(c, t => { 103 | const expect = cases[c] 104 | const actual = npa(c, 'C:\\test\\path') 105 | t.has(actual, expect, c) 106 | t.end() 107 | }) 108 | }) 109 | t.end() 110 | }) 111 | -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | name: CI 4 | 5 | on: 6 | workflow_dispatch: 7 | pull_request: 8 | push: 9 | branches: 10 | - main 11 | schedule: 12 | # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1 13 | - cron: "0 9 * * 1" 14 | 15 | permissions: 16 | contents: read 17 | 18 | jobs: 19 | lint: 20 | name: Lint 21 | if: github.repository_owner == 'npm' 22 | runs-on: ubuntu-latest 23 | defaults: 24 | run: 25 | shell: bash 26 | steps: 27 | - name: Checkout 28 | uses: actions/checkout@v4 29 | - name: Setup Git User 30 | run: | 31 | git config --global user.email "npm-cli+bot@github.com" 32 | git config --global user.name "npm CLI robot" 33 | - name: Setup Node 34 | uses: actions/setup-node@v4 35 | id: node 36 | with: 37 | node-version: 22.x 38 | check-latest: contains('22.x', '.x') 39 | - name: Install Latest npm 40 | uses: ./.github/actions/install-latest-npm 41 | with: 42 | node: ${{ steps.node.outputs.node-version }} 43 | - name: Install Dependencies 44 | run: npm i --ignore-scripts --no-audit --no-fund 45 | - name: Lint 46 | run: npm run lint --ignore-scripts 47 | - name: Post Lint 48 | run: npm run postlint --ignore-scripts 49 | 50 | test: 51 | name: Test - ${{ matrix.platform.name }} - ${{ matrix.node-version }} 52 | if: github.repository_owner == 'npm' 53 | strategy: 54 | fail-fast: false 55 | matrix: 56 | platform: 57 | - name: Linux 58 | os: ubuntu-latest 59 | shell: bash 60 | - name: macOS 61 | os: macos-latest 62 | shell: bash 63 | - name: macOS 64 | os: macos-13 65 | shell: bash 66 | - name: Windows 67 | os: windows-latest 68 | shell: cmd 69 | node-version: 70 | - 20.17.0 71 | - 20.x 72 | - 22.9.0 73 | - 22.x 74 | exclude: 75 | - platform: { name: macOS, os: macos-13, shell: bash } 76 | node-version: 20.17.0 77 | - platform: { name: macOS, os: macos-13, shell: bash } 78 | node-version: 20.x 79 | - platform: { name: macOS, os: macos-13, shell: bash } 80 | node-version: 22.9.0 81 | - platform: { name: macOS, os: macos-13, shell: bash } 82 | node-version: 22.x 83 | runs-on: ${{ matrix.platform.os }} 84 | defaults: 85 | run: 86 | shell: ${{ matrix.platform.shell }} 87 | steps: 88 | - name: Checkout 89 | uses: actions/checkout@v4 90 | - name: Setup Git User 91 | run: | 92 | git config --global user.email "npm-cli+bot@github.com" 93 | git config --global user.name "npm CLI robot" 94 | - name: Setup Node 95 | uses: actions/setup-node@v4 96 | id: node 97 | with: 98 | node-version: ${{ matrix.node-version }} 99 | check-latest: contains(matrix.node-version, '.x') 100 | - name: Install Latest npm 101 | uses: ./.github/actions/install-latest-npm 102 | with: 103 | node: ${{ steps.node.outputs.node-version }} 104 | - name: Install Dependencies 105 | run: npm i --ignore-scripts --no-audit --no-fund 106 | - name: Add Problem Matcher 107 | run: echo "::add-matcher::.github/matchers/tap.json" 108 | - name: Test 109 | run: npm test --ignore-scripts 110 | -------------------------------------------------------------------------------- /test/github.js: -------------------------------------------------------------------------------- 1 | var npa = require('..') 2 | 3 | require('tap').test('basic', function (t) { 4 | t.setMaxListeners(999) 5 | 6 | var tests = { 7 | 'user/foo-js': { 8 | name: null, 9 | type: 'git', 10 | saveSpec: 'github:user/foo-js', 11 | raw: 'user/foo-js', 12 | }, 13 | 14 | 'user/foo-js#bar/baz': { 15 | name: null, 16 | type: 'git', 17 | saveSpec: 'github:user/foo-js#bar/baz', 18 | raw: 'user/foo-js#bar/baz', 19 | }, 20 | 21 | 'user..blerg--/..foo-js# . . . . . some . tags / / /': { 22 | name: null, 23 | type: 'git', 24 | saveSpec: 'github:user..blerg--/..foo-js# . . . . . some . tags / / /', 25 | raw: 'user..blerg--/..foo-js# . . . . . some . tags / / /', 26 | }, 27 | 28 | 'user/foo-js#bar/baz/bin': { 29 | name: null, 30 | type: 'git', 31 | raw: 'user/foo-js#bar/baz/bin', 32 | }, 33 | 34 | 'foo@user/foo-js': { 35 | name: 'foo', 36 | type: 'git', 37 | saveSpec: 'github:user/foo-js', 38 | raw: 'foo@user/foo-js', 39 | }, 40 | 41 | 'github:user/foo-js': { 42 | name: null, 43 | type: 'git', 44 | saveSpec: 'github:user/foo-js', 45 | raw: 'github:user/foo-js', 46 | }, 47 | 48 | 'git+ssh://git@github.com/user/foo#1.2.3': { 49 | name: null, 50 | type: 'git', 51 | saveSpec: 'git+ssh://git@github.com/user/foo.git#1.2.3', 52 | raw: 'git+ssh://git@github.com/user/foo#1.2.3', 53 | }, 54 | 55 | 'git+ssh://git@github.com:user/foo#1.2.3': { 56 | name: null, 57 | type: 'git', 58 | saveSpec: 'git+ssh://git@github.com/user/foo.git#1.2.3', 59 | raw: 'git+ssh://git@github.com:user/foo#1.2.3', 60 | }, 61 | 62 | 'git://github.com/user/foo': { 63 | name: null, 64 | type: 'git', 65 | saveSpec: 'git://github.com/user/foo.git', 66 | raw: 'git://github.com/user/foo', 67 | }, 68 | 69 | 'https://github.com/user/foo.git': { 70 | name: null, 71 | type: 'git', 72 | saveSpec: 'git+https://github.com/user/foo.git', 73 | raw: 'https://github.com/user/foo.git', 74 | }, 75 | 76 | '@foo/bar@git+ssh://github.com/user/foo': { 77 | name: '@foo/bar', 78 | scope: '@foo', 79 | type: 'git', 80 | saveSpec: 'git+ssh://git@github.com/user/foo.git', 81 | rawSpec: 'git+ssh://github.com/user/foo', 82 | raw: '@foo/bar@git+ssh://github.com/user/foo', 83 | }, 84 | 85 | 'foo@bar/foo': { 86 | name: 'foo', 87 | type: 'git', 88 | saveSpec: 'github:bar/foo', 89 | raw: 'foo@bar/foo', 90 | }, 91 | 92 | 'git@github.com:12345': { 93 | name: undefined, 94 | type: 'git', 95 | saveSpec: 'git+ssh://git@github.com:12345', 96 | fetchSpec: 'ssh://git@github.com:12345', 97 | raw: 'git@github.com:12345', 98 | }, 99 | 100 | 'git@github.com:12345/': { 101 | name: undefined, 102 | type: 'git', 103 | saveSpec: 'git+ssh://git@github.com:12345/', 104 | fetchSpec: 'ssh://git@github.com:12345/', 105 | raw: 'git@github.com:12345/', 106 | }, 107 | 108 | 'git@github.com:12345/foo': { 109 | name: undefined, 110 | type: 'git', 111 | saveSpec: 'git+ssh://git@github.com:12345/foo', 112 | fetchSpec: 'ssh://git@github.com:12345/foo', 113 | raw: 'git@github.com:12345/foo', 114 | }, 115 | 116 | 'git@github.com:12345foo': { 117 | name: undefined, 118 | type: 'git', 119 | saveSpec: 'git+ssh://git@github.com:12345foo', 120 | fetchSpec: 'git@github.com:12345foo', 121 | raw: 'git@github.com:12345foo', 122 | }, 123 | } 124 | 125 | Object.keys(tests).forEach(function (arg) { 126 | var res = npa(arg) 127 | t.ok(res instanceof npa.Result, arg + ' is a result') 128 | t.has(res, tests[arg], arg + ' matches expectations') 129 | }) 130 | 131 | t.end() 132 | }) 133 | -------------------------------------------------------------------------------- /.github/workflows/ci-release.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | name: CI - Release 4 | 5 | on: 6 | workflow_dispatch: 7 | inputs: 8 | ref: 9 | required: true 10 | type: string 11 | default: main 12 | workflow_call: 13 | inputs: 14 | ref: 15 | required: true 16 | type: string 17 | check-sha: 18 | required: true 19 | type: string 20 | 21 | permissions: 22 | contents: read 23 | checks: write 24 | 25 | jobs: 26 | lint-all: 27 | name: Lint All 28 | if: github.repository_owner == 'npm' 29 | runs-on: ubuntu-latest 30 | defaults: 31 | run: 32 | shell: bash 33 | steps: 34 | - name: Checkout 35 | uses: actions/checkout@v4 36 | with: 37 | ref: ${{ inputs.ref }} 38 | - name: Setup Git User 39 | run: | 40 | git config --global user.email "npm-cli+bot@github.com" 41 | git config --global user.name "npm CLI robot" 42 | - name: Create Check 43 | id: create-check 44 | if: ${{ inputs.check-sha }} 45 | uses: ./.github/actions/create-check 46 | with: 47 | name: "Lint All" 48 | token: ${{ secrets.GITHUB_TOKEN }} 49 | sha: ${{ inputs.check-sha }} 50 | - name: Setup Node 51 | uses: actions/setup-node@v4 52 | id: node 53 | with: 54 | node-version: 22.x 55 | check-latest: contains('22.x', '.x') 56 | - name: Install Latest npm 57 | uses: ./.github/actions/install-latest-npm 58 | with: 59 | node: ${{ steps.node.outputs.node-version }} 60 | - name: Install Dependencies 61 | run: npm i --ignore-scripts --no-audit --no-fund 62 | - name: Lint 63 | run: npm run lint --ignore-scripts 64 | - name: Post Lint 65 | run: npm run postlint --ignore-scripts 66 | - name: Conclude Check 67 | uses: LouisBrunner/checks-action@v1.6.0 68 | if: steps.create-check.outputs.check-id && always() 69 | with: 70 | token: ${{ secrets.GITHUB_TOKEN }} 71 | conclusion: ${{ job.status }} 72 | check_id: ${{ steps.create-check.outputs.check-id }} 73 | 74 | test-all: 75 | name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }} 76 | if: github.repository_owner == 'npm' 77 | strategy: 78 | fail-fast: false 79 | matrix: 80 | platform: 81 | - name: Linux 82 | os: ubuntu-latest 83 | shell: bash 84 | - name: macOS 85 | os: macos-latest 86 | shell: bash 87 | - name: macOS 88 | os: macos-13 89 | shell: bash 90 | - name: Windows 91 | os: windows-latest 92 | shell: cmd 93 | node-version: 94 | - 20.17.0 95 | - 20.x 96 | - 22.9.0 97 | - 22.x 98 | exclude: 99 | - platform: { name: macOS, os: macos-13, shell: bash } 100 | node-version: 20.17.0 101 | - platform: { name: macOS, os: macos-13, shell: bash } 102 | node-version: 20.x 103 | - platform: { name: macOS, os: macos-13, shell: bash } 104 | node-version: 22.9.0 105 | - platform: { name: macOS, os: macos-13, shell: bash } 106 | node-version: 22.x 107 | runs-on: ${{ matrix.platform.os }} 108 | defaults: 109 | run: 110 | shell: ${{ matrix.platform.shell }} 111 | steps: 112 | - name: Checkout 113 | uses: actions/checkout@v4 114 | with: 115 | ref: ${{ inputs.ref }} 116 | - name: Setup Git User 117 | run: | 118 | git config --global user.email "npm-cli+bot@github.com" 119 | git config --global user.name "npm CLI robot" 120 | - name: Create Check 121 | id: create-check 122 | if: ${{ inputs.check-sha }} 123 | uses: ./.github/actions/create-check 124 | with: 125 | name: "Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }}" 126 | token: ${{ secrets.GITHUB_TOKEN }} 127 | sha: ${{ inputs.check-sha }} 128 | - name: Setup Node 129 | uses: actions/setup-node@v4 130 | id: node 131 | with: 132 | node-version: ${{ matrix.node-version }} 133 | check-latest: contains(matrix.node-version, '.x') 134 | - name: Install Latest npm 135 | uses: ./.github/actions/install-latest-npm 136 | with: 137 | node: ${{ steps.node.outputs.node-version }} 138 | - name: Install Dependencies 139 | run: npm i --ignore-scripts --no-audit --no-fund 140 | - name: Add Problem Matcher 141 | run: echo "::add-matcher::.github/matchers/tap.json" 142 | - name: Test 143 | run: npm test --ignore-scripts 144 | - name: Conclude Check 145 | uses: LouisBrunner/checks-action@v1.6.0 146 | if: steps.create-check.outputs.check-id && always() 147 | with: 148 | token: ${{ secrets.GITHUB_TOKEN }} 149 | conclusion: ${{ job.status }} 150 | check_id: ${{ steps.create-check.outputs.check-id }} 151 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # npm-package-arg 2 | 3 | [![Build Status](https://img.shields.io/github/actions/workflow/status/npm/npm-package-arg/ci.yml?branch=main)](https://github.com/npm/npm-package-arg) 4 | 5 | Parses package name and specifier passed to commands like `npm install` or 6 | `npm cache add`, or as found in `package.json` dependency sections. 7 | 8 | ## EXAMPLES 9 | 10 | ```javascript 11 | const assert = require("assert") 12 | const npa = require("npm-package-arg") 13 | 14 | // Pass in the descriptor, and it'll return an object 15 | try { 16 | const parsed = npa("@bar/foo@1.2") 17 | } catch (ex) { 18 | … 19 | } 20 | ``` 21 | 22 | ## USING 23 | 24 | `const npa = require('npm-package-arg')` 25 | 26 | ### const result = npa(*arg*[, *where*]) 27 | 28 | * *arg* - a string that you might pass to `npm install`, like: 29 | `foo@1.2`, `@bar/foo@1.2`, `foo@user/foo`, `http://x.com/foo.tgz`, 30 | `git+https://github.com/user/foo`, `bitbucket:user/foo`, `foo.tar.gz`, 31 | `../foo/bar/` or `bar`. If the *arg* you provide doesn't have a specifier 32 | part, eg `foo` then the specifier will default to `latest`. 33 | * *where* - Optionally the path to resolve file paths relative to. Defaults to `process.cwd()` 34 | 35 | **Throws** if the package name is invalid, a dist-tag is invalid or a URL's protocol is not supported. 36 | 37 | ### const result = npa.resolve(*name*, *spec*[, *where*]) 38 | 39 | * *name* - The name of the module you want to install. For example: `foo` or `@bar/foo`. 40 | * *spec* - The specifier indicating where and how you can get this module. Something like: 41 | `1.2`, `^1.7.17`, `http://x.com/foo.tgz`, `git+https://github.com/user/foo`, 42 | `bitbucket:user/foo`, `file:foo.tar.gz` or `file:../foo/bar/`. If not 43 | included then the default is `latest`. 44 | * *where* - Optionally the path to resolve file paths relative to. Defaults to `process.cwd()` 45 | 46 | **Throws** if the package name is invalid, a dist-tag is invalid or a URL's protocol is not supported. 47 | 48 | ### const purl = npa.toPurl(*arg*, *reg*) 49 | 50 | Returns the [purl (package URL)](https://github.com/package-url/purl-spec) form of the given package name/spec. 51 | 52 | * *arg* - A package/version string. For example: `foo@1.0.0` or `@bar/foo@2.0.0-alpha.1`. 53 | * *reg* - Optionally the URL to the package registry. If not specified, assumes the default 54 | `https://registry.npmjs.org`. 55 | 56 | **Throws** if the package name is invalid, or the supplied arg can't be resolved to a purl. 57 | 58 | ## RESULT OBJECT 59 | 60 | The objects that are returned by npm-package-arg contain the following 61 | keys: 62 | 63 | * `type` - One of the following strings: 64 | * `git` - A git repo 65 | * `tag` - A tagged version, like `"foo@latest"` 66 | * `version` - A specific version number, like `"foo@1.2.3"` 67 | * `range` - A version range, like `"foo@2.x"` 68 | * `file` - A local `.tar.gz`, `.tar` or `.tgz` file. 69 | * `directory` - A local directory. 70 | * `remote` - An http url (presumably to a tgz) 71 | * `alias` - A specifier with an alias, like `myalias@npm:foo@1.2.3` 72 | * `registry` - If true this specifier refers to a resource hosted on a 73 | registry. This is true for `tag`, `version` and `range` types. 74 | * `name` - If known, the `name` field expected in the resulting pkg. 75 | * `scope` - If a name is something like `@org/module` then the `scope` 76 | field will be set to `@org`. If it doesn't have a scoped name, then 77 | scope is `null`. 78 | * `escapedName` - A version of `name` escaped to match the npm scoped packages 79 | specification. Mostly used when making requests against a registry. When 80 | `name` is `null`, `escapedName` will also be `null`. 81 | * `rawSpec` - The specifier part that was parsed out in calls to `npa(arg)`, 82 | or the value of `spec` in calls to `npa.resolve(name, spec)`. 83 | * `saveSpec` - The normalized specifier, for saving to package.json files. 84 | `null` for registry dependencies. See note below about how this is (not) encoded. 85 | * `fetchSpec` - The version of the specifier to be used to fetch this 86 | resource. `null` for shortcuts to hosted git dependencies as there isn't 87 | just one URL to try with them. 88 | * `gitRange` - If set, this is a semver specifier to match against git tags with 89 | * `gitCommittish` - If set, this is the specific committish to use with a git dependency. 90 | * `hosted` - If `from === 'hosted'` then this will be a `hosted-git-info` 91 | object. This property is not included when serializing the object as 92 | JSON. 93 | * `raw` - The original un-modified string that was provided. If called as 94 | `npa.resolve(name, spec)` then this will be `name + '@' + spec`. 95 | * `subSpec` - If `type === 'alias'`, this is a Result Object for parsing the 96 | target specifier for the alias. 97 | 98 | ## SAVE SPECS 99 | 100 | TLDR: `file:` urls are NOT uri encoded. 101 | 102 | Historically, npm would uri decode file package args, but did not do any uri encoding for the `saveSpec`. This meant that it generated incorrect saveSpecs for directories with characters that *looked* like encoded uri characters, and also that it could not parse directories with some unencoded uri characters (such as `%`). 103 | 104 | In order to fix this, and to not break all existing versions of npm, this module now parses all file package args as not being uri encoded. And in order to not break all of the package.json files npm has made in the past, it also does not uri encode the saveSpec. This includes package args that start with `file:`. This does mean that npm `file:` package args are not RFC compliant, and making them so constitutes quite a breaking change. 105 | -------------------------------------------------------------------------------- /.github/workflows/post-dependabot.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | name: Post Dependabot 4 | 5 | on: pull_request 6 | 7 | permissions: 8 | contents: write 9 | 10 | jobs: 11 | template-oss: 12 | name: template-oss 13 | if: github.repository_owner == 'npm' && github.actor == 'dependabot[bot]' 14 | runs-on: ubuntu-latest 15 | defaults: 16 | run: 17 | shell: bash 18 | steps: 19 | - name: Checkout 20 | uses: actions/checkout@v4 21 | with: 22 | ref: ${{ github.event.pull_request.head.ref }} 23 | - name: Setup Git User 24 | run: | 25 | git config --global user.email "npm-cli+bot@github.com" 26 | git config --global user.name "npm CLI robot" 27 | - name: Setup Node 28 | uses: actions/setup-node@v4 29 | id: node 30 | with: 31 | node-version: 22.x 32 | check-latest: contains('22.x', '.x') 33 | - name: Install Latest npm 34 | uses: ./.github/actions/install-latest-npm 35 | with: 36 | node: ${{ steps.node.outputs.node-version }} 37 | - name: Install Dependencies 38 | run: npm i --ignore-scripts --no-audit --no-fund 39 | - name: Fetch Dependabot Metadata 40 | id: metadata 41 | uses: dependabot/fetch-metadata@v1 42 | with: 43 | github-token: ${{ secrets.GITHUB_TOKEN }} 44 | 45 | # Dependabot can update multiple directories so we output which directory 46 | # it is acting on so we can run the command for the correct root or workspace 47 | - name: Get Dependabot Directory 48 | if: contains(steps.metadata.outputs.dependency-names, '@npmcli/template-oss') 49 | id: flags 50 | run: | 51 | dependabot_dir="${{ steps.metadata.outputs.directory }}" 52 | if [[ "$dependabot_dir" == "/" || "$dependabot_dir" == "/main" ]]; then 53 | echo "workspace=-iwr" >> $GITHUB_OUTPUT 54 | else 55 | # strip leading slash from directory so it works as a 56 | # a path to the workspace flag 57 | echo "workspace=--workspace ${dependabot_dir#/}" >> $GITHUB_OUTPUT 58 | fi 59 | 60 | - name: Apply Changes 61 | if: steps.flags.outputs.workspace 62 | id: apply 63 | run: | 64 | npm run template-oss-apply ${{ steps.flags.outputs.workspace }} 65 | if [[ `git status --porcelain` ]]; then 66 | echo "changes=true" >> $GITHUB_OUTPUT 67 | fi 68 | # This only sets the conventional commit prefix. This workflow can't reliably determine 69 | # what the breaking change is though. If a BREAKING CHANGE message is required then 70 | # this PR check will fail and the commit will be amended with stafftools 71 | if [[ "${{ steps.metadata.outputs.update-type }}" == "version-update:semver-major" ]]; then 72 | prefix='feat!' 73 | else 74 | prefix='chore' 75 | fi 76 | echo "message=$prefix: postinstall for dependabot template-oss PR" >> $GITHUB_OUTPUT 77 | 78 | # This step will fail if template-oss has made any workflow updates. It is impossible 79 | # for a workflow to update other workflows. In the case it does fail, we continue 80 | # and then try to apply only a portion of the changes in the next step 81 | - name: Push All Changes 82 | if: steps.apply.outputs.changes 83 | id: push 84 | continue-on-error: true 85 | env: 86 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 87 | run: | 88 | git commit -am "${{ steps.apply.outputs.message }}" 89 | git push 90 | 91 | # If the previous step failed, then reset the commit and remove any workflow changes 92 | # and attempt to commit and push again. This is helpful because we will have a commit 93 | # with the correct prefix that we can then --amend with @npmcli/stafftools later. 94 | - name: Push All Changes Except Workflows 95 | if: steps.apply.outputs.changes && steps.push.outcome == 'failure' 96 | env: 97 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 98 | run: | 99 | git reset HEAD~ 100 | git checkout HEAD -- .github/workflows/ 101 | git clean -fd .github/workflows/ 102 | git commit -am "${{ steps.apply.outputs.message }}" 103 | git push 104 | 105 | # Check if all the necessary template-oss changes were applied. Since we continued 106 | # on errors in one of the previous steps, this check will fail if our follow up 107 | # only applied a portion of the changes and we need to followup manually. 108 | # 109 | # Note that this used to run `lint` and `postlint` but that will fail this action 110 | # if we've also shipped any linting changes separate from template-oss. We do 111 | # linting in another action, so we want to fail this one only if there are 112 | # template-oss changes that could not be applied. 113 | - name: Check Changes 114 | if: steps.apply.outputs.changes 115 | run: | 116 | npm exec --offline ${{ steps.flags.outputs.workspace }} -- template-oss-check 117 | 118 | - name: Fail on Breaking Change 119 | if: steps.apply.outputs.changes && startsWith(steps.apply.outputs.message, 'feat!') 120 | run: | 121 | echo "This PR has a breaking change. Run 'npx -p @npmcli/stafftools gh template-oss-fix'" 122 | echo "for more information on how to fix this with a BREAKING CHANGE footer." 123 | exit 1 124 | -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- 1 | # This file is automatically added by @npmcli/template-oss. Do not edit. 2 | 3 | name: Release 4 | 5 | on: 6 | push: 7 | branches: 8 | - main 9 | 10 | permissions: 11 | contents: write 12 | pull-requests: write 13 | checks: write 14 | 15 | jobs: 16 | release: 17 | outputs: 18 | pr: ${{ steps.release.outputs.pr }} 19 | pr-branch: ${{ steps.release.outputs.pr-branch }} 20 | pr-number: ${{ steps.release.outputs.pr-number }} 21 | pr-sha: ${{ steps.release.outputs.pr-sha }} 22 | releases: ${{ steps.release.outputs.releases }} 23 | comment-id: ${{ steps.create-comment.outputs.comment-id || steps.update-comment.outputs.comment-id }} 24 | check-id: ${{ steps.create-check.outputs.check-id }} 25 | name: Release 26 | if: github.repository_owner == 'npm' 27 | runs-on: ubuntu-latest 28 | defaults: 29 | run: 30 | shell: bash 31 | steps: 32 | - name: Checkout 33 | uses: actions/checkout@v4 34 | - name: Setup Git User 35 | run: | 36 | git config --global user.email "npm-cli+bot@github.com" 37 | git config --global user.name "npm CLI robot" 38 | - name: Setup Node 39 | uses: actions/setup-node@v4 40 | id: node 41 | with: 42 | node-version: 22.x 43 | check-latest: contains('22.x', '.x') 44 | - name: Install Latest npm 45 | uses: ./.github/actions/install-latest-npm 46 | with: 47 | node: ${{ steps.node.outputs.node-version }} 48 | - name: Install Dependencies 49 | run: npm i --ignore-scripts --no-audit --no-fund 50 | - name: Release Please 51 | id: release 52 | env: 53 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 54 | run: npx --offline template-oss-release-please --branch="${{ github.ref_name }}" --backport="" --defaultTag="latest" 55 | - name: Create Release Manager Comment Text 56 | if: steps.release.outputs.pr-number 57 | uses: actions/github-script@v7 58 | id: comment-text 59 | with: 60 | result-encoding: string 61 | script: | 62 | const { runId, repo: { owner, repo } } = context 63 | const { data: workflow } = await github.rest.actions.getWorkflowRun({ owner, repo, run_id: runId }) 64 | return['## Release Manager', `Release workflow run: ${workflow.html_url}`].join('\n\n') 65 | - name: Find Release Manager Comment 66 | uses: peter-evans/find-comment@v2 67 | if: steps.release.outputs.pr-number 68 | id: found-comment 69 | with: 70 | issue-number: ${{ steps.release.outputs.pr-number }} 71 | comment-author: 'github-actions[bot]' 72 | body-includes: '## Release Manager' 73 | - name: Create Release Manager Comment 74 | id: create-comment 75 | if: steps.release.outputs.pr-number && !steps.found-comment.outputs.comment-id 76 | uses: peter-evans/create-or-update-comment@v3 77 | with: 78 | issue-number: ${{ steps.release.outputs.pr-number }} 79 | body: ${{ steps.comment-text.outputs.result }} 80 | - name: Update Release Manager Comment 81 | id: update-comment 82 | if: steps.release.outputs.pr-number && steps.found-comment.outputs.comment-id 83 | uses: peter-evans/create-or-update-comment@v3 84 | with: 85 | comment-id: ${{ steps.found-comment.outputs.comment-id }} 86 | body: ${{ steps.comment-text.outputs.result }} 87 | edit-mode: 'replace' 88 | - name: Create Check 89 | id: create-check 90 | uses: ./.github/actions/create-check 91 | if: steps.release.outputs.pr-sha 92 | with: 93 | name: "Release" 94 | token: ${{ secrets.GITHUB_TOKEN }} 95 | sha: ${{ steps.release.outputs.pr-sha }} 96 | 97 | update: 98 | needs: release 99 | outputs: 100 | sha: ${{ steps.commit.outputs.sha }} 101 | check-id: ${{ steps.create-check.outputs.check-id }} 102 | name: Update - Release 103 | if: github.repository_owner == 'npm' && needs.release.outputs.pr 104 | runs-on: ubuntu-latest 105 | defaults: 106 | run: 107 | shell: bash 108 | steps: 109 | - name: Checkout 110 | uses: actions/checkout@v4 111 | with: 112 | fetch-depth: 0 113 | ref: ${{ needs.release.outputs.pr-branch }} 114 | - name: Setup Git User 115 | run: | 116 | git config --global user.email "npm-cli+bot@github.com" 117 | git config --global user.name "npm CLI robot" 118 | - name: Setup Node 119 | uses: actions/setup-node@v4 120 | id: node 121 | with: 122 | node-version: 22.x 123 | check-latest: contains('22.x', '.x') 124 | - name: Install Latest npm 125 | uses: ./.github/actions/install-latest-npm 126 | with: 127 | node: ${{ steps.node.outputs.node-version }} 128 | - name: Install Dependencies 129 | run: npm i --ignore-scripts --no-audit --no-fund 130 | - name: Create Release Manager Checklist Text 131 | id: comment-text 132 | env: 133 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 134 | run: npm exec --offline -- template-oss-release-manager --pr="${{ needs.release.outputs.pr-number }}" --backport="" --defaultTag="latest" --publish 135 | - name: Append Release Manager Comment 136 | uses: peter-evans/create-or-update-comment@v3 137 | with: 138 | comment-id: ${{ needs.release.outputs.comment-id }} 139 | body: ${{ steps.comment-text.outputs.result }} 140 | edit-mode: 'append' 141 | - name: Run Post Pull Request Actions 142 | env: 143 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 144 | run: npm run rp-pull-request --ignore-scripts --if-present -- --pr="${{ needs.release.outputs.pr-number }}" --commentId="${{ needs.release.outputs.comment-id }}" 145 | - name: Commit 146 | id: commit 147 | env: 148 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 149 | run: | 150 | git commit --all --amend --no-edit || true 151 | git push --force-with-lease 152 | echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT 153 | - name: Create Check 154 | id: create-check 155 | uses: ./.github/actions/create-check 156 | with: 157 | name: "Update - Release" 158 | check-name: "Release" 159 | token: ${{ secrets.GITHUB_TOKEN }} 160 | sha: ${{ steps.commit.outputs.sha }} 161 | - name: Conclude Check 162 | uses: LouisBrunner/checks-action@v1.6.0 163 | with: 164 | token: ${{ secrets.GITHUB_TOKEN }} 165 | conclusion: ${{ job.status }} 166 | check_id: ${{ needs.release.outputs.check-id }} 167 | 168 | ci: 169 | name: CI - Release 170 | needs: [ release, update ] 171 | if: needs.release.outputs.pr 172 | uses: ./.github/workflows/ci-release.yml 173 | with: 174 | ref: ${{ needs.release.outputs.pr-branch }} 175 | check-sha: ${{ needs.update.outputs.sha }} 176 | 177 | post-ci: 178 | needs: [ release, update, ci ] 179 | name: Post CI - Release 180 | if: github.repository_owner == 'npm' && needs.release.outputs.pr && always() 181 | runs-on: ubuntu-latest 182 | defaults: 183 | run: 184 | shell: bash 185 | steps: 186 | - name: Get CI Conclusion 187 | id: conclusion 188 | run: | 189 | result="" 190 | if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then 191 | result="failure" 192 | elif [[ "${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then 193 | result="cancelled" 194 | else 195 | result="success" 196 | fi 197 | echo "result=$result" >> $GITHUB_OUTPUT 198 | - name: Conclude Check 199 | uses: LouisBrunner/checks-action@v1.6.0 200 | with: 201 | token: ${{ secrets.GITHUB_TOKEN }} 202 | conclusion: ${{ steps.conclusion.outputs.result }} 203 | check_id: ${{ needs.update.outputs.check-id }} 204 | 205 | post-release: 206 | needs: release 207 | outputs: 208 | comment-id: ${{ steps.create-comment.outputs.comment-id }} 209 | name: Post Release - Release 210 | if: github.repository_owner == 'npm' && needs.release.outputs.releases 211 | runs-on: ubuntu-latest 212 | defaults: 213 | run: 214 | shell: bash 215 | steps: 216 | - name: Create Release PR Comment Text 217 | id: comment-text 218 | uses: actions/github-script@v7 219 | env: 220 | RELEASES: ${{ needs.release.outputs.releases }} 221 | with: 222 | result-encoding: string 223 | script: | 224 | const releases = JSON.parse(process.env.RELEASES) 225 | const { runId, repo: { owner, repo } } = context 226 | const issue_number = releases[0].prNumber 227 | const runUrl = `https://github.com/${owner}/${repo}/actions/runs/${runId}` 228 | 229 | return [ 230 | '## Release Workflow\n', 231 | ...releases.map(r => `- \`${r.pkgName}@${r.version}\` ${r.url}`), 232 | `- Workflow run: :arrows_counterclockwise: ${runUrl}`, 233 | ].join('\n') 234 | - name: Create Release PR Comment 235 | id: create-comment 236 | uses: peter-evans/create-or-update-comment@v3 237 | with: 238 | issue-number: ${{ fromJSON(needs.release.outputs.releases)[0].prNumber }} 239 | body: ${{ steps.comment-text.outputs.result }} 240 | 241 | release-integration: 242 | needs: release 243 | name: Release Integration 244 | if: needs.release.outputs.releases 245 | uses: ./.github/workflows/release-integration.yml 246 | permissions: 247 | contents: read 248 | id-token: write 249 | secrets: 250 | PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} 251 | with: 252 | releases: ${{ needs.release.outputs.releases }} 253 | 254 | post-release-integration: 255 | needs: [ release, release-integration, post-release ] 256 | name: Post Release Integration - Release 257 | if: github.repository_owner == 'npm' && needs.release.outputs.releases && always() 258 | runs-on: ubuntu-latest 259 | defaults: 260 | run: 261 | shell: bash 262 | steps: 263 | - name: Get Post Release Conclusion 264 | id: conclusion 265 | run: | 266 | if [[ "${{ contains(needs.*.result, 'failure') }}" == "true" ]]; then 267 | result="x" 268 | elif [[ "${{ contains(needs.*.result, 'cancelled') }}" == "true" ]]; then 269 | result="heavy_multiplication_x" 270 | else 271 | result="white_check_mark" 272 | fi 273 | echo "result=$result" >> $GITHUB_OUTPUT 274 | - name: Find Release PR Comment 275 | uses: peter-evans/find-comment@v2 276 | id: found-comment 277 | with: 278 | issue-number: ${{ fromJSON(needs.release.outputs.releases)[0].prNumber }} 279 | comment-author: 'github-actions[bot]' 280 | body-includes: '## Release Workflow' 281 | - name: Create Release PR Comment Text 282 | id: comment-text 283 | if: steps.found-comment.outputs.comment-id 284 | uses: actions/github-script@v7 285 | env: 286 | RESULT: ${{ steps.conclusion.outputs.result }} 287 | BODY: ${{ steps.found-comment.outputs.comment-body }} 288 | with: 289 | result-encoding: string 290 | script: | 291 | const { RESULT, BODY } = process.env 292 | const body = [BODY.replace(/(Workflow run: :)[a-z_]+(:)/, `$1${RESULT}$2`)] 293 | if (RESULT !== 'white_check_mark') { 294 | body.push(':rotating_light::rotating_light::rotating_light:') 295 | body.push([ 296 | '@npm/cli-team: The post-release workflow failed for this release.', 297 | 'Manual steps may need to be taken after examining the workflow output.' 298 | ].join(' ')) 299 | body.push(':rotating_light::rotating_light::rotating_light:') 300 | } 301 | return body.join('\n\n').trim() 302 | - name: Update Release PR Comment 303 | if: steps.comment-text.outputs.result 304 | uses: peter-evans/create-or-update-comment@v3 305 | with: 306 | comment-id: ${{ steps.found-comment.outputs.comment-id }} 307 | body: ${{ steps.comment-text.outputs.result }} 308 | edit-mode: 'replace' 309 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Changelog 2 | 3 | ## [13.0.2](https://github.com/npm/npm-package-arg/compare/v13.0.1...v13.0.2) (2025-11-13) 4 | ### Dependencies 5 | * [`34eddcb`](https://github.com/npm/npm-package-arg/commit/34eddcbb7598db1b025c683d7fb7807e92b055bd) [#216](https://github.com/npm/npm-package-arg/pull/216) `validate-npm-package-name@7.0.0` 6 | * [`aa1d884`](https://github.com/npm/npm-package-arg/commit/aa1d884c2891f17c374105e8ed54e4994d167c24) [#216](https://github.com/npm/npm-package-arg/pull/216) `proc-log@6.0.0` 7 | ### Chores 8 | * [`bfacbad`](https://github.com/npm/npm-package-arg/commit/bfacbad93f0f9c8e85ef1c7e1dc74c144c765133) [#216](https://github.com/npm/npm-package-arg/pull/216) `@npmcli/eslint-config@6.0.0` (@wraithgar) 9 | * [`77e0f08`](https://github.com/npm/npm-package-arg/commit/77e0f0882fad89daf43070110029acbe419cc672) [#216](https://github.com/npm/npm-package-arg/pull/216) `@npmcli/template-oss@4.28.0` (@wraithgar) 10 | * [`86f5fc5`](https://github.com/npm/npm-package-arg/commit/86f5fc5d11b1567904e96cb3cb16fae6dfa13db1) [#215](https://github.com/npm/npm-package-arg/pull/215) remove code coverage bypass (#215) (@wraithgar) 11 | 12 | ## [13.0.1](https://github.com/npm/npm-package-arg/compare/v13.0.0...v13.0.1) (2025-10-06) 13 | ### Bug Fixes 14 | * [`f00dea0`](https://github.com/npm/npm-package-arg/commit/f00dea08e9bb30a4c0a1ed01274b63bdbe79c320) [#211](https://github.com/npm/npm-package-arg/pull/211) Correct tarball regex to detect literal dots (@markovejnovic) 15 | 16 | ## [13.0.0](https://github.com/npm/npm-package-arg/compare/v12.0.2...v13.0.0) (2025-07-24) 17 | ### ⚠️ BREAKING CHANGES 18 | * `npm-package-arg` now supports node `^20.17.0 || >=22.9.0` 19 | ### Bug Fixes 20 | * [`aa3ed29`](https://github.com/npm/npm-package-arg/commit/aa3ed290c5b935159818b7e1d7714f87819df0b6) [#207](https://github.com/npm/npm-package-arg/pull/207) align to npm 11 node engine range (@owlstronaut) 21 | ### Dependencies 22 | * [`fb6ea64`](https://github.com/npm/npm-package-arg/commit/fb6ea6416fc7e0be58162b07601bf359b522de5b) [#207](https://github.com/npm/npm-package-arg/pull/207) `hosted-git-info@9.0.0` 23 | 24 | ## [12.0.2](https://github.com/npm/npm-package-arg/compare/v12.0.1...v12.0.2) (2025-02-05) 25 | ### Bug Fixes 26 | * [`14cb8a1`](https://github.com/npm/npm-package-arg/commit/14cb8a18b32982a3be5c45331331cdbed78218c8) [#200](https://github.com/npm/npm-package-arg/pull/200) properly parse non-url encoded file specs (#200) (@wraithgar) 27 | ### Chores 28 | * [`1343a54`](https://github.com/npm/npm-package-arg/commit/1343a54064dd832befce32dff16d2736e307238e) [#199](https://github.com/npm/npm-package-arg/pull/199) bump @npmcli/template-oss from 4.23.4 to 4.23.5 (#199) (@dependabot[bot], @npm-cli-bot) 29 | 30 | ## [12.0.1](https://github.com/npm/npm-package-arg/compare/v12.0.0...v12.0.1) (2024-12-10) 31 | ### Bug Fixes 32 | * [`ea07a6e`](https://github.com/npm/npm-package-arg/commit/ea07a6edc71caae4db9342f90e03457edbb7bb24) [#197](https://github.com/npm/npm-package-arg/pull/197) allow for git usernames that start with a number (#197) (@wraithgar) 33 | ### Chores 34 | * [`41aa799`](https://github.com/npm/npm-package-arg/commit/41aa799ee562f97d4bef48d0d08be8d4320bb219) [#196](https://github.com/npm/npm-package-arg/pull/196) bump @npmcli/template-oss from 4.23.3 to 4.23.4 (#196) (@dependabot[bot], @npm-cli-bot) 35 | 36 | ## [12.0.0](https://github.com/npm/npm-package-arg/compare/v11.0.3...v12.0.0) (2024-09-25) 37 | ### ⚠️ BREAKING CHANGES 38 | * `npm-package-arg` now supports node `^18.17.0 || >=20.5.0` 39 | ### Bug Fixes 40 | * [`6bf84db`](https://github.com/npm/npm-package-arg/commit/6bf84db8c37990556fa8738d0985c5e904e44d02) [#194](https://github.com/npm/npm-package-arg/pull/194) align to npm 10 node engine range (@reggi) 41 | ### Dependencies 42 | * [`3361e59`](https://github.com/npm/npm-package-arg/commit/3361e594418a6ed6088367682e362042e4318811) [#194](https://github.com/npm/npm-package-arg/pull/194) `validate-npm-package-name@6.0.0` 43 | * [`06e3bd6`](https://github.com/npm/npm-package-arg/commit/06e3bd64cd4e727b9734e0e23be2b09afc3205cd) [#194](https://github.com/npm/npm-package-arg/pull/194) `proc-log@5.0.0` 44 | * [`96dd671`](https://github.com/npm/npm-package-arg/commit/96dd671a06d8b27cd48258d068bdaaa83161cf3c) [#194](https://github.com/npm/npm-package-arg/pull/194) `hosted-git-info@8.0.0` 45 | ### Chores 46 | * [`163925e`](https://github.com/npm/npm-package-arg/commit/163925e69326ef40d208f9789794dcdae6932cdd) [#194](https://github.com/npm/npm-package-arg/pull/194) run template-oss-apply (@reggi) 47 | * [`a8a9bdd`](https://github.com/npm/npm-package-arg/commit/a8a9bddc726802fb5ed30f6b113d57f0655bbd51) [#190](https://github.com/npm/npm-package-arg/pull/190) bump @npmcli/eslint-config from 4.0.5 to 5.0.0 (@dependabot[bot]) 48 | * [`f8d32ec`](https://github.com/npm/npm-package-arg/commit/f8d32ec3d0cb2d195084195664d48719060b6447) [#188](https://github.com/npm/npm-package-arg/pull/188) postinstall for dependabot template-oss PR (@hashtagchris) 49 | * [`a867f96`](https://github.com/npm/npm-package-arg/commit/a867f9644491a28560a8f751fa34320d7db14bde) [#188](https://github.com/npm/npm-package-arg/pull/188) bump @npmcli/template-oss from 4.23.1 to 4.23.3 (@dependabot[bot]) 50 | 51 | ## [11.0.3](https://github.com/npm/npm-package-arg/compare/v11.0.2...v11.0.3) (2024-07-22) 52 | 53 | ### Bug Fixes 54 | 55 | * [`59d53b3`](https://github.com/npm/npm-package-arg/commit/59d53b3ea2f66c7d35250b278b3ada551cef8741) [#184](https://github.com/npm/npm-package-arg/pull/184) throws an err when alias is without name (#184) (@milaninfy) 56 | 57 | ### Chores 58 | 59 | * [`911661e`](https://github.com/npm/npm-package-arg/commit/911661e2bde83ee4489179d75bcaf33a50ce38ad) [#176](https://github.com/npm/npm-package-arg/pull/176) bump @npmcli/template-oss to 4.22.0 (@lukekarrys) 60 | * [`575012e`](https://github.com/npm/npm-package-arg/commit/575012e19092c77995c35b015f2fd18bde5d5bf9) [#186](https://github.com/npm/npm-package-arg/pull/186) bump @npmcli/template-oss from 4.22.0 to 4.23.1 (#186) (@dependabot[bot], @wraithgar) 61 | * [`74d06ae`](https://github.com/npm/npm-package-arg/commit/74d06ae66df6b8a91f5b5e4b8ff001a887cf4851) [#176](https://github.com/npm/npm-package-arg/pull/176) postinstall for dependabot template-oss PR (@lukekarrys) 62 | 63 | ## [11.0.2](https://github.com/npm/npm-package-arg/compare/v11.0.1...v11.0.2) (2024-04-12) 64 | 65 | ### Documentation 66 | 67 | * [`1765111`](https://github.com/npm/npm-package-arg/commit/17651118e122ea7c95a930285b228ccb1609652c) [#171](https://github.com/npm/npm-package-arg/pull/171) readme: fix broken badge URL (#171) (@10xLaCroixDrinker) 68 | 69 | ### Dependencies 70 | 71 | * [`4ccd080`](https://github.com/npm/npm-package-arg/commit/4ccd08087e50c22a498498bbf2f27d2ffed346f3) [#173](https://github.com/npm/npm-package-arg/pull/173) `proc-log@4.0.0` (#173) 72 | 73 | ### Chores 74 | 75 | * [`207ba7d`](https://github.com/npm/npm-package-arg/commit/207ba7d5cf32c6daa4fd2aad644e8371dd33e0de) [#168](https://github.com/npm/npm-package-arg/pull/168) postinstall for dependabot template-oss PR (@lukekarrys) 76 | * [`604c1d2`](https://github.com/npm/npm-package-arg/commit/604c1d2011a2bb6be599f55fc0aeeb7ebe445517) [#168](https://github.com/npm/npm-package-arg/pull/168) bump @npmcli/template-oss from 4.21.1 to 4.21.3 (@dependabot[bot]) 77 | * [`82273b5`](https://github.com/npm/npm-package-arg/commit/82273b59bac85e13e130e270e3c1a0ea55c1bfff) [#165](https://github.com/npm/npm-package-arg/pull/165) postinstall for dependabot template-oss PR (@lukekarrys) 78 | * [`4228b37`](https://github.com/npm/npm-package-arg/commit/4228b378a41174b0671ea1a98b2426d86d3c50b3) [#165](https://github.com/npm/npm-package-arg/pull/165) bump @npmcli/template-oss from 4.19.0 to 4.21.1 (@dependabot[bot]) 79 | * [`d4b1447`](https://github.com/npm/npm-package-arg/commit/d4b144726c787dd5ef98fbcf9863c1dd64b74d6a) [#147](https://github.com/npm/npm-package-arg/pull/147) postinstall for dependabot template-oss PR (@lukekarrys) 80 | * [`c5920a9`](https://github.com/npm/npm-package-arg/commit/c5920a954577df498f3b0455aab35c3d3a8556a8) [#147](https://github.com/npm/npm-package-arg/pull/147) bump @npmcli/template-oss from 4.18.1 to 4.19.0 (@dependabot[bot]) 81 | * [`ee68f93`](https://github.com/npm/npm-package-arg/commit/ee68f93f7b4b661d6fcc1d5d9213f897cfd4bd55) [#146](https://github.com/npm/npm-package-arg/pull/146) postinstall for dependabot template-oss PR (@lukekarrys) 82 | * [`7901052`](https://github.com/npm/npm-package-arg/commit/79010526afd9d97435d0486c7ac76e70cbffa6fe) [#146](https://github.com/npm/npm-package-arg/pull/146) bump @npmcli/template-oss from 4.18.0 to 4.18.1 (@dependabot[bot]) 83 | 84 | ## [11.0.1](https://github.com/npm/npm-package-arg/compare/v11.0.0...v11.0.1) (2023-09-05) 85 | 86 | ### Bug Fixes 87 | 88 | * [`74b3c7e`](https://github.com/npm/npm-package-arg/commit/74b3c7e34a7ec16a6f9d36e3d8dfbc052f3ff5a8) [#141](https://github.com/npm/npm-package-arg/pull/141) use URL instead of url.parse (#141) (@wraithgar) 89 | 90 | ### Documentation 91 | 92 | * [`ea00495`](https://github.com/npm/npm-package-arg/commit/ea0049578355050e0f56cdd28809501326ba534b) [#142](https://github.com/npm/npm-package-arg/pull/142) fix readme typo (#142) (@rotu) 93 | * [`26705c5`](https://github.com/npm/npm-package-arg/commit/26705c5fefcd695a881635cf4ccbd7c27de91af3) [#143](https://github.com/npm/npm-package-arg/pull/143) Fix citations to RFC 8089 (not 8909) for file: url (#143) (@rotu) 94 | 95 | ## [11.0.0](https://github.com/npm/npm-package-arg/compare/v10.1.0...v11.0.0) (2023-08-15) 96 | 97 | ### ⚠️ BREAKING CHANGES 98 | 99 | * the strict RFC 8089 mode has been removed 100 | * support for node 14 has been removed 101 | 102 | ### Bug Fixes 103 | 104 | * [`9344167`](https://github.com/npm/npm-package-arg/commit/934416709cb14ad0a0bab6e544b8d42c62aa279f) [#135](https://github.com/npm/npm-package-arg/pull/135) remove strict 8909 mode (@wraithgar) 105 | * [`5042ff2`](https://github.com/npm/npm-package-arg/commit/5042ff2bba38bf3d8f62541960c808ac3230da08) [#139](https://github.com/npm/npm-package-arg/pull/139) drop node14 support (@lukekarrys) 106 | 107 | ### Dependencies 108 | 109 | * [`d2ab7ba`](https://github.com/npm/npm-package-arg/commit/d2ab7bade19f4594c828ee2a4d5942b2626123cb) [#138](https://github.com/npm/npm-package-arg/pull/138) bump hosted-git-info from 6.1.1 to 7.0.0 110 | 111 | ## [10.1.0](https://github.com/npm/npm-package-arg/compare/v10.0.0...v10.1.0) (2022-12-01) 112 | 113 | ### Features 114 | 115 | * [`f2c243c`](https://github.com/npm/npm-package-arg/commit/f2c243c140a397d3054fe1ec84a091d237bbd6e9) [#122](https://github.com/npm/npm-package-arg/pull/122) add function to return pacakge purl (@bdehamer, @ljharb) 116 | 117 | ## [10.0.0](https://github.com/npm/npm-package-arg/compare/v9.1.0...v10.0.0) (2022-10-18) 118 | 119 | ### ⚠️ BREAKING CHANGES 120 | 121 | * `x` and `x@` now return the same spec as `x@*` 122 | * `npm-package-arg` is now compatible with the following semver range for node: `^14.17.0 || ^16.13.0 || >=18.0.0` 123 | 124 | ### Features 125 | 126 | * [`749ccad`](https://github.com/npm/npm-package-arg/commit/749ccad1516e0e61db989669326165bfdb6b7227) [#104](https://github.com/npm/npm-package-arg/pull/104) postinstall for dependabot template-oss PR (@lukekarrys) 127 | 128 | ### Bug Fixes 129 | 130 | * [`d2b87c0`](https://github.com/npm/npm-package-arg/commit/d2b87c083f6f83d01d869281631a0d544190edcf) [#97](https://github.com/npm/npm-package-arg/pull/97) standardize `x` `x@` and `x@*` (#97) (@wraithgar) 131 | * [`7b9cb25`](https://github.com/npm/npm-package-arg/commit/7b9cb25e2b2788ae7b0c9a9b33ca8701a030b8aa) [#108](https://github.com/npm/npm-package-arg/pull/108) resolve relative urls that start with file:// (@lukekarrys) 132 | 133 | ### Dependencies 134 | 135 | * [`b3f0b93`](https://github.com/npm/npm-package-arg/commit/b3f0b93abae31e8e3a186c5f6ebedd3616b0764a) [#117](https://github.com/npm/npm-package-arg/pull/117) bump proc-log from 2.0.1 to 3.0.0 (#117) 136 | * [`7162848`](https://github.com/npm/npm-package-arg/commit/71628486d9f96ef522e28cb32e15ff8d26cf3903) [#116](https://github.com/npm/npm-package-arg/pull/116) bump validate-npm-package-name from 4.0.0 to 5.0.0 (#116) 137 | * [`3110d8f`](https://github.com/npm/npm-package-arg/commit/3110d8f954a76e237649bd478d0cb2fbc95f6afc) [#115](https://github.com/npm/npm-package-arg/pull/115) `hosted-git-info@6.0.0` (#115) 138 | 139 | ## [9.1.0](https://github.com/npm/npm-package-arg/compare/v9.0.2...v9.1.0) (2022-06-22) 140 | 141 | 142 | ### Features 143 | 144 | * **git:** add support for :: in #committish ([#91](https://github.com/npm/npm-package-arg/issues/91)) ([246f1e9](https://github.com/npm/npm-package-arg/commit/246f1e919bd19302bbb907acbe87735f61392a9a)) 145 | 146 | ### [9.0.2](https://github.com/npm/npm-package-arg/compare/v9.0.1...v9.0.2) (2022-03-29) 147 | 148 | 149 | ### Dependencies 150 | 151 | * bump validate-npm-package-name from 3.0.0 to 4.0.0 ([#83](https://github.com/npm/npm-package-arg/issues/83)) ([05f40c5](https://github.com/npm/npm-package-arg/commit/05f40c512326c0047ef31259ddc231fc81d9a187)) 152 | 153 | ### [9.0.1](https://www.github.com/npm/npm-package-arg/compare/v9.0.0...v9.0.1) (2022-03-15) 154 | 155 | 156 | ### Dependencies 157 | 158 | * bump hosted-git-info from 4.1.0 to 5.0.0 ([#75](https://www.github.com/npm/npm-package-arg/issues/75)) ([c26876d](https://www.github.com/npm/npm-package-arg/commit/c26876d116285c8ab6a91f223b679155c91e60a0)) 159 | 160 | ## [9.0.0](https://www.github.com/npm/npm-package-arg/compare/v8.1.5...v9.0.0) (2022-02-10) 161 | 162 | 163 | ### ⚠ BREAKING CHANGES 164 | 165 | * This drops support for node10 and non-LTS versions of node 12 and node 14. 166 | 167 | ### Bug Fixes 168 | 169 | * make error message more clear to locate which package is invalid ([8cb4527](https://www.github.com/npm/npm-package-arg/commit/8cb452760e9e0d7921ea59a1e4d3ec3db7994595)) 170 | 171 | 172 | ### Dependencies 173 | 174 | * @npmcli/template-oss@2.7.1 ([6975264](https://www.github.com/npm/npm-package-arg/commit/6975264f553471a21b4bb313290c226eb3aa8da3)) 175 | * update hosted-git-info requirement from ^4.0.1 to ^4.1.0 ([c6a9e12](https://www.github.com/npm/npm-package-arg/commit/c6a9e12c67d4209118dfabe6e110ece64a0ad1b7)) 176 | * update semver requirement from ^7.3.4 to ^7.3.5 ([73fc02e](https://www.github.com/npm/npm-package-arg/commit/73fc02e91ba887201880d37be81838df9b161f05)) 177 | 178 | 179 | ### Documentation 180 | 181 | * Update result object documentation for type=alias ([55907a9](https://www.github.com/npm/npm-package-arg/commit/55907a917979e566250428dc6da9aad8fd4fb65a)) 182 | 183 | ## [8.0.0](https://github.com/npm/npm-package-arg/compare/v7.0.0...v8.0.0) (2019-12-15) 184 | 185 | 186 | ### ⚠ BREAKING CHANGES 187 | 188 | * Dropping support for node 6 and 8. It'll probably 189 | still work on those versions, but they are no longer supported or 190 | tested, since npm v7 is moving away from them. 191 | 192 | * drop support for node 6 and 8 ([ba85e68](https://github.com/npm/npm-package-arg/commit/ba85e68555d6270f672c3d59da17672f744d0376)) 193 | 194 | <a name="7.0.0"></a> 195 | # [7.0.0](https://github.com/npm/npm-package-arg/compare/v6.1.1...v7.0.0) (2019-11-11) 196 | 197 | 198 | ### deps 199 | 200 | * bump hosted-git-info to 3.0.2 ([68a4fc3](https://github.com/npm/npm-package-arg/commit/68a4fc3)), closes [/github.com/npm/hosted-git-info/pull/38#issuecomment-520243803](https://github.com//github.com/npm/hosted-git-info/pull/38/issues/issuecomment-520243803) 201 | 202 | 203 | ### BREAKING CHANGES 204 | 205 | * this drops support for ancient node versions. 206 | 207 | 208 | 209 | <a name="6.1.1"></a> 210 | ## [6.1.1](https://github.com/npm/npm-package-arg/compare/v6.1.0...v6.1.1) (2019-08-21) 211 | 212 | 213 | ### Bug Fixes 214 | 215 | * preserve drive letter on windows git file:// urls ([3909203](https://github.com/npm/npm-package-arg/commit/3909203)) 216 | 217 | 218 | 219 | <a name="6.1.0"></a> 220 | # [6.1.0](https://github.com/npm/npm-package-arg/compare/v6.0.0...v6.1.0) (2018-04-10) 221 | 222 | 223 | ### Bug Fixes 224 | 225 | * **git:** Fix gitRange for git+ssh for private git ([#33](https://github.com/npm/npm-package-arg/issues/33)) ([647a0b3](https://github.com/npm/npm-package-arg/commit/647a0b3)) 226 | 227 | 228 | ### Features 229 | 230 | * **alias:** add `npm:` registry alias spec ([#34](https://github.com/npm/npm-package-arg/issues/34)) ([ab99f8e](https://github.com/npm/npm-package-arg/commit/ab99f8e)) 231 | -------------------------------------------------------------------------------- /lib/npa.js: -------------------------------------------------------------------------------- 1 | 'use strict' 2 | 3 | const isWindows = process.platform === 'win32' 4 | 5 | const { URL } = require('node:url') 6 | // We need to use path/win32 so that we get consistent results in tests, but this also means we need to manually convert backslashes to forward slashes when generating file: urls with paths. 7 | const path = isWindows ? require('node:path/win32') : require('node:path') 8 | const { homedir } = require('node:os') 9 | const HostedGit = require('hosted-git-info') 10 | const semver = require('semver') 11 | const validatePackageName = require('validate-npm-package-name') 12 | const { log } = require('proc-log') 13 | 14 | const hasSlashes = isWindows ? /\\|[/]/ : /[/]/ 15 | const isURL = /^(?:git[+])?[a-z]+:/i 16 | const isGit = /^[^@]+@[^:.]+\.[^:]+:.+$/i 17 | const isFileType = /[.](?:tgz|tar\.gz|tar)$/i 18 | const isPortNumber = /:[0-9]+(\/|$)/i 19 | const isWindowsFile = /^(?:[.]|~[/]|[/\\]|[a-zA-Z]:)/ 20 | const isPosixFile = /^(?:[.]|~[/]|[/]|[a-zA-Z]:)/ 21 | const defaultRegistry = 'https://registry.npmjs.org' 22 | 23 | function npa (arg, where) { 24 | let name 25 | let spec 26 | if (typeof arg === 'object') { 27 | if (arg instanceof Result && (!where || where === arg.where)) { 28 | return arg 29 | } else if (arg.name && arg.rawSpec) { 30 | return npa.resolve(arg.name, arg.rawSpec, where || arg.where) 31 | } else { 32 | return npa(arg.raw, where || arg.where) 33 | } 34 | } 35 | const nameEndsAt = arg.indexOf('@', 1) // Skip possible leading @ 36 | const namePart = nameEndsAt > 0 ? arg.slice(0, nameEndsAt) : arg 37 | if (isURL.test(arg)) { 38 | spec = arg 39 | } else if (isGit.test(arg)) { 40 | spec = `git+ssh://${arg}` 41 | // eslint-disable-next-line max-len 42 | } else if (!namePart.startsWith('@') && (hasSlashes.test(namePart) || isFileType.test(namePart))) { 43 | spec = arg 44 | } else if (nameEndsAt > 0) { 45 | name = namePart 46 | spec = arg.slice(nameEndsAt + 1) || '*' 47 | } else { 48 | const valid = validatePackageName(arg) 49 | if (valid.validForOldPackages) { 50 | name = arg 51 | spec = '*' 52 | } else { 53 | spec = arg 54 | } 55 | } 56 | return resolve(name, spec, where, arg) 57 | } 58 | 59 | function isFileSpec (spec) { 60 | if (!spec) { 61 | return false 62 | } 63 | if (spec.toLowerCase().startsWith('file:')) { 64 | return true 65 | } 66 | if (isWindows) { 67 | return isWindowsFile.test(spec) 68 | } 69 | return isPosixFile.test(spec) 70 | } 71 | 72 | function isAliasSpec (spec) { 73 | if (!spec) { 74 | return false 75 | } 76 | return spec.toLowerCase().startsWith('npm:') 77 | } 78 | 79 | function resolve (name, spec, where, arg) { 80 | const res = new Result({ 81 | raw: arg, 82 | name: name, 83 | rawSpec: spec, 84 | fromArgument: arg != null, 85 | }) 86 | 87 | if (name) { 88 | res.name = name 89 | } 90 | 91 | if (!where) { 92 | where = process.cwd() 93 | } 94 | 95 | if (isFileSpec(spec)) { 96 | return fromFile(res, where) 97 | } else if (isAliasSpec(spec)) { 98 | return fromAlias(res, where) 99 | } 100 | 101 | const hosted = HostedGit.fromUrl(spec, { 102 | noGitPlus: true, 103 | noCommittish: true, 104 | }) 105 | if (hosted) { 106 | return fromHostedGit(res, hosted) 107 | } else if (spec && isURL.test(spec)) { 108 | return fromURL(res) 109 | } else if (spec && (hasSlashes.test(spec) || isFileType.test(spec))) { 110 | return fromFile(res, where) 111 | } else { 112 | return fromRegistry(res) 113 | } 114 | } 115 | 116 | function toPurl (arg, reg = defaultRegistry) { 117 | const res = npa(arg) 118 | 119 | if (res.type !== 'version') { 120 | throw invalidPurlType(res.type, res.raw) 121 | } 122 | 123 | // URI-encode leading @ of scoped packages 124 | let purl = 'pkg:npm/' + res.name.replace(/^@/, '%40') + '@' + res.rawSpec 125 | if (reg !== defaultRegistry) { 126 | purl += '?repository_url=' + reg 127 | } 128 | 129 | return purl 130 | } 131 | 132 | function invalidPackageName (name, valid, raw) { 133 | // eslint-disable-next-line max-len 134 | const err = new Error(`Invalid package name "${name}" of package "${raw}": ${valid.errors.join('; ')}.`) 135 | err.code = 'EINVALIDPACKAGENAME' 136 | return err 137 | } 138 | 139 | function invalidTagName (name, raw) { 140 | // eslint-disable-next-line max-len 141 | const err = new Error(`Invalid tag name "${name}" of package "${raw}": Tags may not have any characters that encodeURIComponent encodes.`) 142 | err.code = 'EINVALIDTAGNAME' 143 | return err 144 | } 145 | 146 | function invalidPurlType (type, raw) { 147 | // eslint-disable-next-line max-len 148 | const err = new Error(`Invalid type "${type}" of package "${raw}": Purl can only be generated for "version" types.`) 149 | err.code = 'EINVALIDPURLTYPE' 150 | return err 151 | } 152 | 153 | class Result { 154 | constructor (opts) { 155 | this.type = opts.type 156 | this.registry = opts.registry 157 | this.where = opts.where 158 | if (opts.raw == null) { 159 | this.raw = opts.name ? `${opts.name}@${opts.rawSpec}` : opts.rawSpec 160 | } else { 161 | this.raw = opts.raw 162 | } 163 | this.name = undefined 164 | this.escapedName = undefined 165 | this.scope = undefined 166 | this.rawSpec = opts.rawSpec || '' 167 | this.saveSpec = opts.saveSpec 168 | this.fetchSpec = opts.fetchSpec 169 | if (opts.name) { 170 | this.setName(opts.name) 171 | } 172 | this.gitRange = opts.gitRange 173 | this.gitCommittish = opts.gitCommittish 174 | this.gitSubdir = opts.gitSubdir 175 | this.hosted = opts.hosted 176 | } 177 | 178 | // TODO move this to a getter/setter in a semver major 179 | setName (name) { 180 | const valid = validatePackageName(name) 181 | if (!valid.validForOldPackages) { 182 | throw invalidPackageName(name, valid, this.raw) 183 | } 184 | 185 | this.name = name 186 | this.scope = name[0] === '@' ? name.slice(0, name.indexOf('/')) : undefined 187 | // scoped packages in couch must have slash url-encoded, e.g. @foo%2Fbar 188 | this.escapedName = name.replace('/', '%2f') 189 | return this 190 | } 191 | 192 | toString () { 193 | const full = [] 194 | if (this.name != null && this.name !== '') { 195 | full.push(this.name) 196 | } 197 | const spec = this.saveSpec || this.fetchSpec || this.rawSpec 198 | if (spec != null && spec !== '') { 199 | full.push(spec) 200 | } 201 | return full.length ? full.join('@') : this.raw 202 | } 203 | 204 | toJSON () { 205 | const result = Object.assign({}, this) 206 | delete result.hosted 207 | return result 208 | } 209 | } 210 | 211 | // sets res.gitCommittish, res.gitRange, and res.gitSubdir 212 | function setGitAttrs (res, committish) { 213 | if (!committish) { 214 | res.gitCommittish = null 215 | return 216 | } 217 | 218 | // for each :: separated item: 219 | for (const part of committish.split('::')) { 220 | // if the item has no : the n it is a commit-ish 221 | if (!part.includes(':')) { 222 | if (res.gitRange) { 223 | throw new Error('cannot override existing semver range with a committish') 224 | } 225 | if (res.gitCommittish) { 226 | throw new Error('cannot override existing committish with a second committish') 227 | } 228 | res.gitCommittish = part 229 | continue 230 | } 231 | // split on name:value 232 | const [name, value] = part.split(':') 233 | // if name is semver do semver lookup of ref or tag 234 | if (name === 'semver') { 235 | if (res.gitCommittish) { 236 | throw new Error('cannot override existing committish with a semver range') 237 | } 238 | if (res.gitRange) { 239 | throw new Error('cannot override existing semver range with a second semver range') 240 | } 241 | res.gitRange = decodeURIComponent(value) 242 | continue 243 | } 244 | if (name === 'path') { 245 | if (res.gitSubdir) { 246 | throw new Error('cannot override existing path with a second path') 247 | } 248 | res.gitSubdir = `/${value}` 249 | continue 250 | } 251 | log.warn('npm-package-arg', `ignoring unknown key "${name}"`) 252 | } 253 | } 254 | 255 | // Taken from: EncodePathChars and lookup_table in src/node_url.cc 256 | // url.pathToFileURL only returns absolute references. We can't use it to encode paths. 257 | // encodeURI mangles windows paths. We can't use it to encode paths. 258 | // Under the hood, url.pathToFileURL does a limited set of encoding, with an extra windows step, and then calls path.resolve. 259 | // The encoding node does without path.resolve is not available outside of the source, so we are recreating it here. 260 | const encodedPathChars = new Map([ 261 | ['\0', '%00'], 262 | ['\t', '%09'], 263 | ['\n', '%0A'], 264 | ['\r', '%0D'], 265 | [' ', '%20'], 266 | ['"', '%22'], 267 | ['#', '%23'], 268 | ['%', '%25'], 269 | ['?', '%3F'], 270 | ['[', '%5B'], 271 | ['\\', isWindows ? '/' : '%5C'], 272 | [']', '%5D'], 273 | ['^', '%5E'], 274 | ['|', '%7C'], 275 | ['~', '%7E'], 276 | ]) 277 | 278 | function pathToFileURL (str) { 279 | let result = '' 280 | for (let i = 0; i < str.length; i++) { 281 | result = `${result}${encodedPathChars.get(str[i]) ?? str[i]}` 282 | } 283 | if (result.startsWith('file:')) { 284 | return result 285 | } 286 | return `file:${result}` 287 | } 288 | 289 | function fromFile (res, where) { 290 | res.type = isFileType.test(res.rawSpec) ? 'file' : 'directory' 291 | res.where = where 292 | 293 | let rawSpec = pathToFileURL(res.rawSpec) 294 | 295 | if (rawSpec.startsWith('file:/')) { 296 | // XXX backwards compatibility lack of compliance with RFC 8089 297 | 298 | // turn file://path into file:/path 299 | if (/^file:\/\/[^/]/.test(rawSpec)) { 300 | rawSpec = `file:/${rawSpec.slice(5)}` 301 | } 302 | 303 | // turn file:/../path into file:../path 304 | // for 1 or 3 leading slashes (2 is already ruled out from handling file:// explicitly above) 305 | if (/^\/{1,3}\.\.?(\/|$)/.test(rawSpec.slice(5))) { 306 | rawSpec = rawSpec.replace(/^file:\/{1,3}/, 'file:') 307 | } 308 | } 309 | 310 | let resolvedUrl 311 | let specUrl 312 | try { 313 | // always put the '/' on "where", or else file:foo from /path/to/bar goes to /path/to/foo, when we want it to be /path/to/bar/foo 314 | resolvedUrl = new URL(rawSpec, `${pathToFileURL(path.resolve(where))}/`) 315 | specUrl = new URL(rawSpec) 316 | } catch (originalError) { 317 | const er = new Error('Invalid file: URL, must comply with RFC 8089') 318 | throw Object.assign(er, { 319 | raw: res.rawSpec, 320 | spec: res, 321 | where, 322 | originalError, 323 | }) 324 | } 325 | 326 | // turn /C:/blah into just C:/blah on windows 327 | let specPath = decodeURIComponent(specUrl.pathname) 328 | let resolvedPath = decodeURIComponent(resolvedUrl.pathname) 329 | if (isWindows) { 330 | specPath = specPath.replace(/^\/+([a-z]:\/)/i, '$1') 331 | resolvedPath = resolvedPath.replace(/^\/+([a-z]:\/)/i, '$1') 332 | } 333 | 334 | // replace ~ with homedir, but keep the ~ in the saveSpec 335 | // otherwise, make it relative to where param 336 | if (/^\/~(\/|$)/.test(specPath)) { 337 | res.saveSpec = `file:${specPath.substr(1)}` 338 | resolvedPath = path.resolve(homedir(), specPath.substr(3)) 339 | } else if (!path.isAbsolute(rawSpec.slice(5))) { 340 | res.saveSpec = `file:${path.relative(where, resolvedPath)}` 341 | } else { 342 | res.saveSpec = `file:${path.resolve(resolvedPath)}` 343 | } 344 | 345 | res.fetchSpec = path.resolve(where, resolvedPath) 346 | // re-normalize the slashes in saveSpec due to node:path/win32 behavior in windows 347 | res.saveSpec = res.saveSpec.split('\\').join('/') 348 | // Ignoring because this only happens in windows 349 | /* istanbul ignore next */ 350 | if (res.saveSpec.startsWith('file://')) { 351 | // normalization of \\win32\root paths can cause a double / which we don't want 352 | res.saveSpec = `file:/${res.saveSpec.slice(7)}` 353 | } 354 | return res 355 | } 356 | 357 | function fromHostedGit (res, hosted) { 358 | res.type = 'git' 359 | res.hosted = hosted 360 | res.saveSpec = hosted.toString({ noGitPlus: false, noCommittish: false }) 361 | res.fetchSpec = hosted.getDefaultRepresentation() === 'shortcut' ? null : hosted.toString() 362 | setGitAttrs(res, hosted.committish) 363 | return res 364 | } 365 | 366 | function unsupportedURLType (protocol, spec) { 367 | const err = new Error(`Unsupported URL Type "${protocol}": ${spec}`) 368 | err.code = 'EUNSUPPORTEDPROTOCOL' 369 | return err 370 | } 371 | 372 | function fromURL (res) { 373 | let rawSpec = res.rawSpec 374 | res.saveSpec = rawSpec 375 | if (rawSpec.startsWith('git+ssh:')) { 376 | // git ssh specifiers are overloaded to also use scp-style git 377 | // specifiers, so we have to parse those out and treat them special. 378 | // They are NOT true URIs, so we can't hand them to URL. 379 | 380 | // This regex looks for things that look like: 381 | // git+ssh://git@my.custom.git.com:username/project.git#deadbeef 382 | // ...and various combinations. The username in the beginning is *required*. 383 | const matched = rawSpec.match(/^git\+ssh:\/\/([^:#]+:[^#]+(?:\.git)?)(?:#(.*))?$/i) 384 | // Filter out all-number "usernames" which are really port numbers 385 | // They can either be :1234 :1234/ or :1234/path but not :12abc 386 | if (matched && !matched[1].match(isPortNumber)) { 387 | res.type = 'git' 388 | setGitAttrs(res, matched[2]) 389 | res.fetchSpec = matched[1] 390 | return res 391 | } 392 | } else if (rawSpec.startsWith('git+file://')) { 393 | // URL can't handle windows paths 394 | rawSpec = rawSpec.replace(/\\/g, '/') 395 | } 396 | const parsedUrl = new URL(rawSpec) 397 | // check the protocol, and then see if it's git or not 398 | switch (parsedUrl.protocol) { 399 | case 'git:': 400 | case 'git+http:': 401 | case 'git+https:': 402 | case 'git+rsync:': 403 | case 'git+ftp:': 404 | case 'git+file:': 405 | case 'git+ssh:': 406 | res.type = 'git' 407 | setGitAttrs(res, parsedUrl.hash.slice(1)) 408 | if (parsedUrl.protocol === 'git+file:' && /^git\+file:\/\/[a-z]:/i.test(rawSpec)) { 409 | // URL can't handle drive letters on windows file paths, the host can't contain a : 410 | res.fetchSpec = `git+file://${parsedUrl.host.toLowerCase()}:${parsedUrl.pathname}` 411 | } else { 412 | parsedUrl.hash = '' 413 | res.fetchSpec = parsedUrl.toString() 414 | } 415 | if (res.fetchSpec.startsWith('git+')) { 416 | res.fetchSpec = res.fetchSpec.slice(4) 417 | } 418 | break 419 | case 'http:': 420 | case 'https:': 421 | res.type = 'remote' 422 | res.fetchSpec = res.saveSpec 423 | break 424 | 425 | default: 426 | throw unsupportedURLType(parsedUrl.protocol, rawSpec) 427 | } 428 | 429 | return res 430 | } 431 | 432 | function fromAlias (res, where) { 433 | const subSpec = npa(res.rawSpec.substr(4), where) 434 | if (subSpec.type === 'alias') { 435 | throw new Error('nested aliases not supported') 436 | } 437 | 438 | if (!subSpec.registry) { 439 | throw new Error('aliases only work for registry deps') 440 | } 441 | 442 | if (!subSpec.name) { 443 | throw new Error('aliases must have a name') 444 | } 445 | 446 | res.subSpec = subSpec 447 | res.registry = true 448 | res.type = 'alias' 449 | res.saveSpec = null 450 | res.fetchSpec = null 451 | return res 452 | } 453 | 454 | function fromRegistry (res) { 455 | res.registry = true 456 | const spec = res.rawSpec.trim() 457 | // no save spec for registry components as we save based on the fetched 458 | // version, not on the argument so this can't compute that. 459 | res.saveSpec = null 460 | res.fetchSpec = spec 461 | const version = semver.valid(spec, true) 462 | const range = semver.validRange(spec, true) 463 | if (version) { 464 | res.type = 'version' 465 | } else if (range) { 466 | res.type = 'range' 467 | } else { 468 | if (encodeURIComponent(spec) !== spec) { 469 | throw invalidTagName(spec, res.raw) 470 | } 471 | res.type = 'tag' 472 | } 473 | return res 474 | } 475 | 476 | module.exports = npa 477 | module.exports.resolve = resolve 478 | module.exports.toPurl = toPurl 479 | module.exports.Result = Result 480 | -------------------------------------------------------------------------------- /test/basic.js: -------------------------------------------------------------------------------- 1 | const path = require('node:path').posix 2 | const os = require('node:os') 3 | 4 | const normalizePath = p => p && p.replace(/^[a-zA-Z]:/, '').replace(/\\/g, '/') 5 | 6 | const cwd = normalizePath(process.cwd()) 7 | process.cwd = () => cwd 8 | const normalizePaths = spec => { 9 | spec.fetchSpec = normalizePath(spec.fetchSpec) 10 | return spec 11 | } 12 | 13 | const t = require('tap') 14 | const npa = t.mock('..', { path }) 15 | 16 | t.test('basic', function (t) { 17 | const tests = { 18 | 'foo@1.2': { 19 | name: 'foo', 20 | escapedName: 'foo', 21 | type: 'range', 22 | saveSpec: null, 23 | fetchSpec: '1.2', 24 | raw: 'foo@1.2', 25 | rawSpec: '1.2', 26 | }, 27 | 28 | 'foo@~1.2': { 29 | name: 'foo', 30 | escapedName: 'foo', 31 | type: 'range', 32 | saveSpec: null, 33 | fetchSpec: '~1.2', 34 | raw: 'foo@~1.2', 35 | rawSpec: '~1.2', 36 | }, 37 | 38 | '@foo/bar': { 39 | raw: '@foo/bar', 40 | name: '@foo/bar', 41 | escapedName: '@foo%2fbar', 42 | scope: '@foo', 43 | rawSpec: '*', 44 | saveSpec: null, 45 | fetchSpec: '*', 46 | type: 'range', 47 | }, 48 | 49 | '@foo/bar@': { 50 | raw: '@foo/bar@', 51 | name: '@foo/bar', 52 | escapedName: '@foo%2fbar', 53 | scope: '@foo', 54 | rawSpec: '*', 55 | saveSpec: null, 56 | fetchSpec: '*', 57 | type: 'range', 58 | }, 59 | 60 | '@foo/bar@baz': { 61 | raw: '@foo/bar@baz', 62 | name: '@foo/bar', 63 | escapedName: '@foo%2fbar', 64 | scope: '@foo', 65 | rawSpec: 'baz', 66 | saveSpec: null, 67 | fetchSpec: 'baz', 68 | type: 'tag', 69 | }, 70 | 71 | '@f fo o al/ a d s ;f': { 72 | raw: '@f fo o al/ a d s ;f', 73 | name: null, 74 | escapedName: null, 75 | rawSpec: '@f fo o al/ a d s ;f', 76 | saveSpec: 'file:@f fo o al/ a d s ;f', 77 | fetchSpec: '/test/a/b/@f fo o al/ a d s ;f', 78 | type: 'directory', 79 | }, 80 | 81 | 'foo@1.2.3': { 82 | name: 'foo', 83 | escapedName: 'foo', 84 | type: 'version', 85 | saveSpec: null, 86 | fetchSpec: '1.2.3', 87 | raw: 'foo@1.2.3', 88 | }, 89 | 90 | 'foo@=v1.2.3': { 91 | name: 'foo', 92 | escapedName: 'foo', 93 | type: 'version', 94 | saveSpec: null, 95 | fetchSpec: '=v1.2.3', 96 | raw: 'foo@=v1.2.3', 97 | rawSpec: '=v1.2.3', 98 | }, 99 | 100 | 'foo@npm:bar': { 101 | name: 'foo', 102 | escapedName: 'foo', 103 | type: 'alias', 104 | saveSpec: null, 105 | fetchSpec: null, 106 | raw: 'foo@npm:bar', 107 | rawSpec: 'npm:bar', 108 | subSpec: { 109 | registry: true, 110 | name: 'bar', 111 | escapedName: 'bar', 112 | type: 'range', 113 | raw: 'bar', 114 | rawSpec: '*', 115 | saveSpec: null, 116 | fetchSpec: '*', 117 | }, 118 | }, 119 | 120 | 'git+ssh://git@notgithub.com/user/foo#1.2.3': { 121 | name: null, 122 | escapedName: null, 123 | type: 'git', 124 | saveSpec: 'git+ssh://git@notgithub.com/user/foo#1.2.3', 125 | fetchSpec: 'ssh://git@notgithub.com/user/foo', 126 | gitCommittish: '1.2.3', 127 | raw: 'git+ssh://git@notgithub.com/user/foo#1.2.3', 128 | }, 129 | 130 | 'git+ssh://git@notgithub.com/user/foo': { 131 | name: null, 132 | escapedName: null, 133 | type: 'git', 134 | saveSpec: 'git+ssh://git@notgithub.com/user/foo', 135 | fetchSpec: 'ssh://git@notgithub.com/user/foo', 136 | gitCommittish: null, 137 | raw: 'git+ssh://git@notgithub.com/user/foo', 138 | }, 139 | 140 | 'git+ssh://git@notgithub.com:user/foo': { 141 | name: null, 142 | escapedName: null, 143 | type: 'git', 144 | saveSpec: 'git+ssh://git@notgithub.com:user/foo', 145 | fetchSpec: 'git@notgithub.com:user/foo', 146 | gitCommittish: null, 147 | raw: 'git+ssh://git@notgithub.com:user/foo', 148 | }, 149 | 150 | 'git+ssh://mydomain.com:foo': { 151 | name: null, 152 | escapedName: null, 153 | type: 'git', 154 | saveSpec: 'git+ssh://mydomain.com:foo', 155 | fetchSpec: 'mydomain.com:foo', 156 | gitCommittish: null, 157 | raw: 'git+ssh://mydomain.com:foo', 158 | }, 159 | 160 | 'git+ssh://git@notgithub.com:user/foo#1.2.3': { 161 | name: null, 162 | escapedName: null, 163 | type: 'git', 164 | saveSpec: 'git+ssh://git@notgithub.com:user/foo#1.2.3', 165 | fetchSpec: 'git@notgithub.com:user/foo', 166 | gitCommittish: '1.2.3', 167 | raw: 'git+ssh://git@notgithub.com:user/foo#1.2.3', 168 | }, 169 | 170 | 'git+ssh://mydomain.com:foo#1.2.3': { 171 | name: null, 172 | escapedName: null, 173 | type: 'git', 174 | saveSpec: 'git+ssh://mydomain.com:foo#1.2.3', 175 | fetchSpec: 'mydomain.com:foo', 176 | gitCommittish: '1.2.3', 177 | raw: 'git+ssh://mydomain.com:foo#1.2.3', 178 | }, 179 | 180 | 'git+ssh://mydomain.com:foo/bar#1.2.3': { 181 | name: null, 182 | escapedName: null, 183 | type: 'git', 184 | saveSpec: 'git+ssh://mydomain.com:foo/bar#1.2.3', 185 | fetchSpec: 'mydomain.com:foo/bar', 186 | gitCommittish: '1.2.3', 187 | raw: 'git+ssh://mydomain.com:foo/bar#1.2.3', 188 | }, 189 | 190 | 'git+ssh://mydomain.com:1234#1.2.3': { 191 | name: null, 192 | escapedName: null, 193 | type: 'git', 194 | saveSpec: 'git+ssh://mydomain.com:1234#1.2.3', 195 | fetchSpec: 'ssh://mydomain.com:1234', 196 | gitCommittish: '1.2.3', 197 | raw: 'git+ssh://mydomain.com:1234#1.2.3', 198 | }, 199 | 200 | 'git+ssh://mydomain.com:1234/hey#1.2.3': { 201 | name: null, 202 | escapedName: null, 203 | type: 'git', 204 | saveSpec: 'git+ssh://mydomain.com:1234/hey#1.2.3', 205 | fetchSpec: 'ssh://mydomain.com:1234/hey', 206 | gitCommittish: '1.2.3', 207 | raw: 'git+ssh://mydomain.com:1234/hey#1.2.3', 208 | }, 209 | 210 | 'git+ssh://mydomain.com:1234/hey': { 211 | name: null, 212 | escapedName: null, 213 | type: 'git', 214 | saveSpec: 'git+ssh://mydomain.com:1234/hey', 215 | fetchSpec: 'ssh://mydomain.com:1234/hey', 216 | gitCommittish: null, 217 | raw: 'git+ssh://mydomain.com:1234/hey', 218 | }, 219 | 220 | 'git+ssh://username:password@mydomain.com:1234/hey#1.2.3': { 221 | name: null, 222 | escapedName: null, 223 | type: 'git', 224 | saveSpec: 'git+ssh://username:password@mydomain.com:1234/hey#1.2.3', 225 | fetchSpec: 'ssh://username:password@mydomain.com:1234/hey', 226 | gitCommittish: '1.2.3', 227 | raw: 'git+ssh://username:password@mydomain.com:1234/hey#1.2.3', 228 | }, 229 | 230 | 'git+ssh://git@github.com/user/foo#1.2.3': { 231 | name: null, 232 | escapedName: null, 233 | type: 'git', 234 | saveSpec: 'git+ssh://git@github.com/user/foo.git#1.2.3', 235 | fetchSpec: 'ssh://git@github.com/user/foo.git', 236 | gitCommittish: '1.2.3', 237 | raw: 'git+ssh://git@github.com/user/foo#1.2.3', 238 | }, 239 | 240 | 'git+ssh://git@notgithub.com/user/foo#semver:^1.2.3': { 241 | name: null, 242 | escapedName: null, 243 | type: 'git', 244 | hosted: null, 245 | saveSpec: 'git+ssh://git@notgithub.com/user/foo#semver:^1.2.3', 246 | fetchSpec: 'ssh://git@notgithub.com/user/foo', 247 | gitCommittish: null, 248 | gitRange: '^1.2.3', 249 | raw: 'git+ssh://git@notgithub.com/user/foo#semver:^1.2.3', 250 | }, 251 | 252 | 'git+ssh://git@notgithub.com:user/foo#semver:^1.2.3': { 253 | name: null, 254 | escapedName: null, 255 | type: 'git', 256 | hosted: null, 257 | saveSpec: 'git+ssh://git@notgithub.com:user/foo#semver:^1.2.3', 258 | fetchSpec: 'git@notgithub.com:user/foo', 259 | gitCommittish: null, 260 | gitRange: '^1.2.3', 261 | raw: 'git+ssh://git@notgithub.com:user/foo#semver:^1.2.3', 262 | }, 263 | 264 | 'git+ssh://git@github.com/user/foo#semver:^1.2.3': { 265 | name: null, 266 | escapedName: null, 267 | type: 'git', 268 | saveSpec: 'git+ssh://git@github.com/user/foo.git#semver:^1.2.3', 269 | fetchSpec: 'ssh://git@github.com/user/foo.git', 270 | gitCommittish: null, 271 | gitRange: '^1.2.3', 272 | raw: 'git+ssh://git@github.com/user/foo#semver:^1.2.3', 273 | }, 274 | 275 | 'git+ssh://git@github.com:user/foo#semver:^1.2.3': { 276 | name: null, 277 | escapedName: null, 278 | type: 'git', 279 | saveSpec: 'git+ssh://git@github.com/user/foo.git#semver:^1.2.3', 280 | fetchSpec: 'ssh://git@github.com/user/foo.git', 281 | gitCommittish: null, 282 | gitRange: '^1.2.3', 283 | raw: 'git+ssh://git@github.com:user/foo#semver:^1.2.3', 284 | }, 285 | 286 | 'user/foo#semver:^1.2.3': { 287 | name: null, 288 | escapedName: null, 289 | type: 'git', 290 | saveSpec: 'github:user/foo#semver:^1.2.3', 291 | fetchSpec: null, 292 | gitCommittish: null, 293 | gitRange: '^1.2.3', 294 | raw: 'user/foo#semver:^1.2.3', 295 | }, 296 | 297 | 'user/foo#path:dist': { 298 | name: null, 299 | escapedName: null, 300 | type: 'git', 301 | saveSpec: 'github:user/foo#path:dist', 302 | fetchSpec: null, 303 | gitCommittish: null, 304 | gitSubdir: '/dist', 305 | raw: 'user/foo#path:dist', 306 | }, 307 | 308 | 'user/foo#1234::path:dist': { 309 | name: null, 310 | escapedName: null, 311 | type: 'git', 312 | saveSpec: 'github:user/foo#1234::path:dist', 313 | fetchSpec: null, 314 | gitCommittish: '1234', 315 | gitRange: null, 316 | gitSubdir: '/dist', 317 | raw: 'user/foo#1234::path:dist', 318 | }, 319 | 320 | 'user/foo#notimplemented:value': { 321 | name: null, 322 | escapedName: null, 323 | type: 'git', 324 | saveSpec: 'github:user/foo#notimplemented:value', 325 | fetchSpec: null, 326 | gitCommittish: null, 327 | gitRange: null, 328 | gitSubdir: null, 329 | raw: 'user/foo#notimplemented:value', 330 | }, 331 | 332 | 'git+file://path/to/repo#1.2.3': { 333 | name: null, 334 | escapedName: null, 335 | type: 'git', 336 | saveSpec: 'git+file://path/to/repo#1.2.3', 337 | fetchSpec: 'file://path/to/repo', 338 | gitCommittish: '1.2.3', 339 | raw: 'git+file://path/to/repo#1.2.3', 340 | }, 341 | 342 | 'git://notgithub.com/user/foo': { 343 | name: null, 344 | escapedName: null, 345 | type: 'git', 346 | saveSpec: 'git://notgithub.com/user/foo', 347 | fetchSpec: 'git://notgithub.com/user/foo', 348 | raw: 'git://notgithub.com/user/foo', 349 | }, 350 | 351 | '@foo/bar@git+ssh://notgithub.com/user/foo': { 352 | name: '@foo/bar', 353 | escapedName: '@foo%2fbar', 354 | scope: '@foo', 355 | saveSpec: 'git+ssh://notgithub.com/user/foo', 356 | fetchSpec: 'ssh://notgithub.com/user/foo', 357 | rawSpec: 'git+ssh://notgithub.com/user/foo', 358 | raw: '@foo/bar@git+ssh://notgithub.com/user/foo', 359 | }, 360 | 361 | 'git@npm:not-git': { 362 | name: 'git', 363 | type: 'alias', 364 | subSpec: { 365 | type: 'range', 366 | registry: true, 367 | name: 'not-git', 368 | fetchSpec: '*', 369 | }, 370 | raw: 'git@npm:not-git', 371 | }, 372 | 373 | 'not-git@hostname.com:some/repo': { 374 | name: null, 375 | type: 'git', 376 | saveSpec: 'git+ssh://not-git@hostname.com:some/repo', 377 | fetchSpec: 'not-git@hostname.com:some/repo', 378 | raw: 'not-git@hostname.com:some/repo', 379 | }, 380 | 381 | '/path/to/foo': { 382 | name: null, 383 | escapedName: null, 384 | type: 'directory', 385 | saveSpec: 'file:/path/to/foo', 386 | fetchSpec: '/path/to/foo', 387 | raw: '/path/to/foo', 388 | }, 389 | 390 | '/path/to/foo.tar': { 391 | name: null, 392 | escapedName: null, 393 | type: 'file', 394 | saveSpec: 'file:/path/to/foo.tar', 395 | fetchSpec: '/path/to/foo.tar', 396 | raw: '/path/to/foo.tar', 397 | }, 398 | 399 | '/path/to/foo.tgz': { 400 | name: null, 401 | escapedName: null, 402 | type: 'file', 403 | saveSpec: 'file:/path/to/foo.tgz', 404 | fetchSpec: '/path/to/foo.tgz', 405 | raw: '/path/to/foo.tgz', 406 | }, 407 | 'file:path/to/foo': { 408 | name: null, 409 | escapedName: null, 410 | type: 'directory', 411 | saveSpec: 'file:path/to/foo', 412 | fetchSpec: '/test/a/b/path/to/foo', 413 | raw: 'file:path/to/foo', 414 | }, 415 | 'file:path/to/foo.tar.gz': { 416 | name: null, 417 | escapedName: null, 418 | type: 'file', 419 | saveSpec: 'file:path/to/foo', 420 | fetchSpec: '/test/a/b/path/to/foo.tar.gz', 421 | raw: 'file:path/to/foo.tar.gz', 422 | }, 423 | 424 | 'file:~/path/to/foo': { 425 | name: null, 426 | escapedName: null, 427 | type: 'directory', 428 | saveSpec: 'file:~/path/to/foo', 429 | fetchSpec: normalizePath(path.join(os.homedir(), '/path/to/foo')), 430 | raw: 'file:~/path/to/foo', 431 | }, 432 | 433 | 'file:/~/path/to/foo': { 434 | name: null, 435 | escapedName: null, 436 | type: 'directory', 437 | saveSpec: 'file:~/path/to/foo', 438 | fetchSpec: normalizePath(path.join(os.homedir(), '/path/to/foo')), 439 | raw: 'file:/~/path/to/foo', 440 | }, 441 | 442 | 'file:/~path/to/foo': { 443 | name: null, 444 | escapedName: null, 445 | type: 'directory', 446 | saveSpec: 'file:/~path/to/foo', 447 | fetchSpec: '/~path/to/foo', 448 | raw: 'file:/~path/to/foo', 449 | }, 450 | 451 | 'file:/.path/to/foo': { 452 | name: null, 453 | escapedName: null, 454 | type: 'directory', 455 | saveSpec: 'file:/.path/to/foo', 456 | fetchSpec: '/.path/to/foo', 457 | raw: 'file:/.path/to/foo', 458 | }, 459 | 460 | 'file:./path/to/foo': { 461 | name: null, 462 | escapedName: null, 463 | type: 'directory', 464 | saveSpec: 'file:path/to/foo', 465 | fetchSpec: '/test/a/b/path/to/foo', 466 | raw: 'file:./path/to/foo', 467 | }, 468 | 469 | 'file:/./path/to/foo': { 470 | name: null, 471 | escapedName: null, 472 | type: 'directory', 473 | saveSpec: 'file:path/to/foo', 474 | fetchSpec: '/test/a/b/path/to/foo', 475 | raw: 'file:/./path/to/foo', 476 | }, 477 | 478 | 'file://./path/to/foo': { 479 | name: null, 480 | escapedName: null, 481 | type: 'directory', 482 | saveSpec: 'file:path/to/foo', 483 | fetchSpec: '/test/a/b/path/to/foo', 484 | raw: 'file://./path/to/foo', 485 | }, 486 | 487 | 'file:../path/to/foo': { 488 | name: null, 489 | escapedName: null, 490 | type: 'directory', 491 | saveSpec: 'file:../path/to/foo', 492 | fetchSpec: '/test/a/path/to/foo', 493 | raw: 'file:../path/to/foo', 494 | }, 495 | 496 | 'file:/../path/to/foo': { 497 | name: null, 498 | escapedName: null, 499 | type: 'directory', 500 | saveSpec: 'file:../path/to/foo', 501 | fetchSpec: '/test/a/path/to/foo', 502 | raw: 'file:/../path/to/foo', 503 | }, 504 | 505 | 'file://../path/to/foo': { 506 | name: null, 507 | escapedName: null, 508 | type: 'directory', 509 | saveSpec: 'file:../path/to/foo', 510 | fetchSpec: '/test/a/path/to/foo', 511 | raw: 'file://../path/to/foo', 512 | }, 513 | 514 | 'file:///path/to/foo': { 515 | name: null, 516 | escapedName: null, 517 | type: 'directory', 518 | saveSpec: 'file:/path/to/foo', 519 | fetchSpec: '/path/to/foo', 520 | raw: 'file:///path/to/foo', 521 | }, 522 | 'file:/path/to/foo': { 523 | name: null, 524 | escapedName: null, 525 | type: 'directory', 526 | saveSpec: 'file:/path/to/foo', 527 | fetchSpec: '/path/to/foo', 528 | raw: 'file:/path/to/foo', 529 | }, 530 | 'file://path/to/foo': { 531 | name: null, 532 | escapedName: null, 533 | type: 'directory', 534 | saveSpec: 'file:/path/to/foo', 535 | fetchSpec: '/path/to/foo', 536 | raw: 'file://path/to/foo', 537 | }, 538 | 'file:////path/to/foo': { 539 | name: null, 540 | escapedName: null, 541 | type: 'directory', 542 | saveSpec: 'file:/path/to/foo', 543 | fetchSpec: '/path/to/foo', 544 | raw: 'file:////path/to/foo', 545 | }, 546 | 547 | 'file://.': { 548 | name: null, 549 | escapedName: null, 550 | type: 'directory', 551 | saveSpec: 'file:', 552 | fetchSpec: '/test/a/b', 553 | raw: 'file://.', 554 | }, 555 | 556 | 'http://insecure.com/foo.tgz': { 557 | name: null, 558 | escapedName: null, 559 | type: 'remote', 560 | saveSpec: 'http://insecure.com/foo.tgz', 561 | fetchSpec: 'http://insecure.com/foo.tgz', 562 | raw: 'http://insecure.com/foo.tgz', 563 | }, 564 | 565 | 'https://server.com/foo.tgz': { 566 | name: null, 567 | escapedName: null, 568 | type: 'remote', 569 | saveSpec: 'https://server.com/foo.tgz', 570 | fetchSpec: 'https://server.com/foo.tgz', 571 | raw: 'https://server.com/foo.tgz', 572 | }, 573 | 574 | 'foo@latest': { 575 | name: 'foo', 576 | escapedName: 'foo', 577 | type: 'tag', 578 | saveSpec: null, 579 | fetchSpec: 'latest', 580 | raw: 'foo@latest', 581 | }, 582 | 583 | foo: { 584 | name: 'foo', 585 | escapedName: 'foo', 586 | type: 'range', 587 | saveSpec: null, 588 | fetchSpec: '*', 589 | raw: 'foo', 590 | }, 591 | 592 | 'foo@ 1.2 ': { 593 | name: 'foo', 594 | escapedName: 'foo', 595 | type: 'range', 596 | saveSpec: null, 597 | fetchSpec: '1.2', 598 | raw: 'foo@ 1.2 ', 599 | rawSpec: ' 1.2 ', 600 | }, 601 | 602 | 'foo@ 1.2.3 ': { 603 | name: 'foo', 604 | escapedName: 'foo', 605 | type: 'version', 606 | saveSpec: null, 607 | fetchSpec: '1.2.3', 608 | raw: 'foo@ 1.2.3 ', 609 | rawSpec: ' 1.2.3 ', 610 | }, 611 | 612 | 'foo@1.2.3 ': { 613 | name: 'foo', 614 | escapedName: 'foo', 615 | type: 'version', 616 | saveSpec: null, 617 | fetchSpec: '1.2.3', 618 | raw: 'foo@1.2.3 ', 619 | rawSpec: '1.2.3 ', 620 | }, 621 | 622 | 'foo@ 1.2.3': { 623 | name: 'foo', 624 | escapedName: 'foo', 625 | type: 'version', 626 | saveSpec: null, 627 | fetchSpec: '1.2.3', 628 | raw: 'foo@ 1.2.3', 629 | rawSpec: ' 1.2.3', 630 | }, 631 | } 632 | 633 | Object.keys(tests).forEach(function (arg) { 634 | t.test(arg, t => { 635 | const res = normalizePaths(npa(arg, '/test/a/b')) 636 | t.ok(res instanceof npa.Result, arg + ' is a result') 637 | Object.keys(tests[arg]).forEach(function (key) { 638 | t.match(res[key], tests[arg][key], arg + ' [' + key + ']') 639 | }) 640 | t.end() 641 | }) 642 | }) 643 | 644 | let objSpec = { name: 'foo', rawSpec: '1.2.3' } 645 | t.equal(npa(objSpec, '/whatnot').toString(), 'foo@1.2.3', 'parsed object') 646 | 647 | objSpec.where = '/whatnot' 648 | t.equal(npa(objSpec).toString(), 'foo@1.2.3', 'parsed object w/o where arg') 649 | 650 | t.equal(npa('git+http://foo.com/bar').toString(), 651 | 'git+http://foo.com/bar', 'parsed git toString') 652 | 653 | objSpec = { raw: './foo/bar', where: '/here' } 654 | t.equal(normalizePath(npa(objSpec).fetchSpec), '/here/foo/bar', '`where` is reused') 655 | 656 | let res = new npa.Result({ name: 'bar', rawSpec: './foo/bar' }) 657 | t.equal(res.toString(), 'bar@./foo/bar', 'toString with only rawSpec') 658 | res = new npa.Result({ rawSpec: './x/y' }) 659 | t.equal(normalizePath(res.toString()), './x/y', 'toString with only rawSpec, no name') 660 | res = new npa.Result({ rawSpec: '' }) 661 | t.equal(res.toString(), '', 'toString with nothing') 662 | 663 | objSpec = { raw: './foo/bar', where: '/here' } 664 | t.equal( 665 | normalizePath(npa(objSpec, '/whatnot').fetchSpec), 666 | '/whatnot/foo/bar', 667 | '`where` arg overrides the one in the spec object' 668 | ) 669 | 670 | t.equal(npa(npa('foo@1.2.3')).toString(), 'foo@1.2.3', 'spec is passthrough') 671 | 672 | const parsedSpec = npa('./foo', './here') 673 | t.equal(npa(parsedSpec), parsedSpec, 'reused if no where') 674 | t.equal(npa(parsedSpec, './here'), parsedSpec, 'reused if where matches') 675 | t.not(npa(parsedSpec, './there'), parsedSpec, 'new instance if where does not match') 676 | t.not(npa(parsedSpec, './there').fetchSpec, '/there/foo', 'new instance has new where') 677 | // Completely unreasonable invalid garbage throws an error 678 | t.throws(function () { 679 | t.comment(npa('this is not a \0 valid package name or url')) 680 | }) 681 | 682 | t.throws(function () { 683 | npa('gopher://yea right') 684 | }, 'Unsupported URL Type: gopher://yea right') 685 | 686 | t.throws(function () { 687 | npa.resolve('invalid/name', '1.0.0') 688 | }, 'Invalid names throw errrors') 689 | 690 | t.throws(() => { 691 | npa('foo@npm:bar@npm:baz') 692 | }, 'nested aliases not supported') 693 | 694 | t.throws(() => { 695 | npa('foo@npm:') 696 | }, 'aliases must have a name') 697 | 698 | t.throws(() => { 699 | npa('foo@npm:foo/bar') 700 | }, 'aliases only work for registry deps') 701 | 702 | t.has(npa.resolve('foo', '^1.2.3', '/test/a/b'), { 703 | type: 'range', 704 | }, 'npa.resolve') 705 | t.has(normalizePaths(npa.resolve('foo', 'file:foo', '/test/a/b')), { 706 | type: 'directory', 707 | fetchSpec: '/test/a/b/foo', 708 | }, 'npa.resolve file:') 709 | t.has(npa.resolve('foo', '../foo/bar', '/test/a/b'), { 710 | type: 'directory', 711 | }, 'npa.resolve no protocol') 712 | t.has(npa.resolve('foo', 'file:../foo/bar', '/test/a/b'), { 713 | type: 'directory', 714 | }, 'npa.resolve file protocol') 715 | t.has(npa.resolve('foo', 'file:../foo/bar.tgz', '/test/a/b'), { 716 | type: 'file', 717 | }, 'npa.resolve file protocol w/ tgz') 718 | t.has(npa.resolve(null, '4.0.0', '/test/a/b'), { 719 | type: 'version', 720 | name: null, 721 | }, 'npa.resolve with no name') 722 | t.has(npa.resolve('foo', 'file:abc'), { 723 | type: 'directory', 724 | raw: 'foo@file:abc', 725 | }, 'npa.resolve sets raw right') 726 | t.has(npa('./path/to/thing/package@1.2.3/'), { 727 | name: null, 728 | type: 'directory', 729 | }, 'npa with path in @ in it') 730 | t.has(npa('path/to/thing/package@1.2.3'), { 731 | name: null, 732 | type: 'directory', 733 | }, 'npa w/o leading or trailing slash') 734 | t.end() 735 | }) 736 | 737 | t.test('directory with non URI compatible components', t => { 738 | t.has(normalizePaths(npa('/test%dir')), { 739 | type: 'directory', 740 | name: null, 741 | rawSpec: '/test%dir', 742 | fetchSpec: '/test%dir', 743 | saveSpec: 'file:/test%dir', 744 | }) 745 | t.end() 746 | }) 747 | 748 | t.test('file: spec with non URI compatible components', t => { 749 | t.has(normalizePaths(npa('file:/test%dir')), { 750 | type: 'directory', 751 | name: null, 752 | rawSpec: 'file:/test%dir', 753 | fetchSpec: '/test%dir', 754 | saveSpec: 'file:/test%dir', 755 | }) 756 | t.end() 757 | }) 758 | 759 | t.test('directory cwd has non URI compatible components', t => { 760 | // eslint-disable-next-line max-len 761 | const where = '/tmp/ !"$%&\'()*+,-.0123456789:;<=>@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~' 762 | const originalCwd = process.cwd 763 | t.teardown(() => { 764 | process.cwd = originalCwd 765 | }) 766 | process.cwd = () => where 767 | t.has(normalizePaths(npa('./')), { 768 | type: 'directory', 769 | where, 770 | name: null, 771 | rawSpec: './', 772 | fetchSpec: normalizePath(where), 773 | }) 774 | t.end() 775 | }) 776 | 777 | t.test('invalid url', t => { 778 | const broken = t.mock('..', { 779 | 'node:url': { 780 | URL: class { 781 | constructor () { 782 | throw new Error('something went wrong') 783 | } 784 | }, 785 | }, 786 | }) 787 | t.throws(() => broken('file:./test'), 788 | { message: 'Invalid file: URL' } 789 | ) 790 | t.end() 791 | }) 792 | 793 | t.test('error message', t => { 794 | t.throws(() => npa('lodash.has@>=^4'), { 795 | // eslint-disable-next-line max-len 796 | message: 'Invalid tag name ">=^4" of package "lodash.has@>=^4": Tags may not have any characters that encodeURIComponent encodes.', 797 | }) 798 | 799 | t.throws(() => npa('lodash.has @^4'), { 800 | // eslint-disable-next-line max-len 801 | message: 'Invalid package name "lodash.has " of package "lodash.has @^4": name cannot contain leading or trailing spaces; name can only contain URL-friendly characters.', 802 | }) 803 | 804 | t.throws(() => npa('user/foo#1234::semver:^1.2.3'), { 805 | message: 'cannot override existing committish with a semver range', 806 | }) 807 | 808 | t.throws(() => npa('user/foo#semver:^1.2.3::1234'), { 809 | message: 'cannot override existing semver range with a committish', 810 | }) 811 | 812 | t.throws(() => npa('user/foo#path:skipped::path:dist'), { 813 | message: 'cannot override existing path with a second path', 814 | }) 815 | 816 | t.throws(() => npa('user/foo#1234::5678'), { 817 | message: 'cannot override existing committish with a second committish', 818 | }) 819 | 820 | t.throws(() => npa('user/foo#semver:^1.0.0::semver:^2.0.0'), { 821 | message: 'cannot override existing semver range with a second semver range', 822 | }) 823 | 824 | t.end() 825 | }) 826 | 827 | t.test('tarball regex should only match literal dots', t => { 828 | // Valid tarball extensions - should match 829 | t.has(normalizePaths(npa('/path/to/package.tar.gz')), { 830 | type: 'file', 831 | name: null, 832 | }, '.tar.gz should match as file') 833 | 834 | t.has(normalizePaths(npa('/path/to/package.tgz')), { 835 | type: 'file', 836 | name: null, 837 | }, '.tgz should match as file') 838 | 839 | t.has(normalizePaths(npa('/path/to/package.tar')), { 840 | type: 'file', 841 | name: null, 842 | }, '.tar should match as file') 843 | 844 | // Invalid patterns with non-dot characters - should NOT match as file 845 | // These should be treated as directories, not files 846 | t.has(normalizePaths(npa('/path/to/package.tarXgz')), { 847 | type: 'directory', 848 | name: null, 849 | }, '.tarXgz should NOT match as file (X is not a dot)') 850 | 851 | t.has(normalizePaths(npa('/path/to/package.tar_gz')), { 852 | type: 'directory', 853 | name: null, 854 | }, '.tar_gz should NOT match as file (underscore is not a dot)') 855 | 856 | t.has(normalizePaths(npa('./package.tar gz')), { 857 | type: 'directory', 858 | name: null, 859 | }, '.tar gz should NOT match as file (space is not a dot)') 860 | 861 | t.end() 862 | }) 863 | --------------------------------------------------------------------------------