Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add support for configurable registries and applicable authentication options #186

Merged
merged 1 commit into from
Oct 28, 2022

Conversation

micsco
Copy link
Contributor

@micsco micsco commented Sep 24, 2022

This adds support per #66

Resolves #66

Copy link
Member

@merceyz merceyz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you do this without using npm-registry-fetch?
This PR increases the bundle size by 1MB and startup time by about 82% and that seems a bit excessive for essentially adding a few headers.

$ hyperfine "node ./dist-before/corepack.js --version" "node ./dist-after/corepack.js --version"
Benchmark 1: node ./dist-before/corepack.js --version
  Time (mean ± σ):      49.7 ms ±   0.6 ms    [User: 47.4 ms, System: 3.6 ms]
  Range (min … max):    48.9 ms …  52.0 ms    57 runs

Benchmark 2: node ./dist-after/corepack.js --version
  Time (mean ± σ):      90.7 ms ±   1.5 ms    [User: 83.9 ms, System: 8.3 ms]
  Range (min … max):    89.2 ms …  95.1 ms    33 runs

Summary
  'node ./dist-before/corepack.js --version' ran
    1.82 ± 0.04 times faster than 'node ./dist-after/corepack.js --version'

@micsco
Copy link
Contributor Author

micsco commented Sep 28, 2022

@merceyz - Per your suggestion, I removed the dependencies and manually added the appropriate headers.

Now I see the following results when benchmarking:

$ hyperfine "node ./dist-before/corepack.js --version" "node ./dist-after/corepack.js --version"
Benchmark 1: node ./dist-before/corepack.js --version
  Time (mean ± σ):      55.9 ms ±   2.1 ms    [User: 49.8 ms, System: 7.8 ms]
  Range (min … max):    53.9 ms …  65.2 ms    47 runs

Benchmark 2: node ./dist-after/corepack.js --version
  Time (mean ± σ):      56.2 ms ±   2.1 ms    [User: 49.1 ms, System: 8.8 ms]
  Range (min … max):    53.5 ms …  62.2 ms    54 runs

Summary
  'node ./dist-before/corepack.js --version' ran
    1.00 ± 0.05 times faster than 'node ./dist-after/corepack.js --version'

@micsco micsco requested a review from merceyz September 28, 2022 19:26
@xiaoxiangmoe
Copy link
Contributor

This PR helps me a lot.

README.md Outdated Show resolved Hide resolved
sources/npmRegistryUtils.ts Outdated Show resolved Hide resolved
@micsco micsco requested review from aduh95 and removed request for merceyz October 10, 2022 19:53
@micsco
Copy link
Contributor Author

micsco commented Oct 10, 2022

Thanks, @aduh95 - Good catch on the password encoding process.
I've updated both the readme file and the password encoding - I believe that the usual behaviour is just to have the password in plaintext in the environment variables so I have made that so.

Copy link
Contributor

@aduh95 aduh95 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM modulo a few unrelated empty lines that were added probably by accident.

README.md Outdated Show resolved Hide resolved
sources/corepackUtils.ts Outdated Show resolved Hide resolved
@aduh95
Copy link
Contributor

aduh95 commented Oct 10, 2022

@micsco it looks like the added test fails:

FAIL tests/npmRegistryUtils.test.ts
  ● npm registry utils fetchAsJson › adds authorization header with basic auth if COREPACK_NPM_USERNAME and COREPACK_NPM_PASSWORD are set
    expect(jest.fn()).lastCalledWith(...expected)
    - Expected
    + Received
      "https://registry.npmjs.org/package-name",
      Object {
        "headers": Object {
          "Accept": "application/vnd.npm.install-v1+json",
    -     "authorization": "Basic am9objplYXN5cGFzczEyMw==",
    +     "authorization": "Basic am9objpqb2hu",
        },
      },
    Number of calls: 1
      73 |
      74 |     expect(httpFetchAsJson).toBeCalled();
    > 75 |     expect(httpFetchAsJson).lastCalledWith(`${DEFAULT_NPM_REGISTRY_URL}/package-name`, {headers: {
         |                             ^
      76 |       ...DEFAULT_HEADERS,
      77 |       authorization: `Basic ${encodedCreds}`,
      78 |     }});
      at Object.lastCalledWith (tests/npmRegistryUtils.test.ts:75:29)

Can you take a look?

@micsco
Copy link
Contributor Author

micsco commented Oct 10, 2022

@aduh95 apologies, I used the Username env var twice, instead of using the password - thankfully tests caught it but I forgot to check. Have updated the branch.

it(`throw usage error if COREPACK_ENABLE_NETWORK env is set to 0`, async () => {
process.env.COREPACK_ENABLE_NETWORK = `0`;

expect(fetchAsJson(`package-name`)).rejects.toThrowError();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
expect(fetchAsJson(`package-name`)).rejects.toThrowError();
await expect(fetchAsJson(`package-name`)).rejects.toThrowError();

@merceyz
Copy link
Member

merceyz commented Oct 10, 2022

Could you update the description to mention that this PR Resolves https://github.com/nodejs/corepack/issues/66?

README.md Outdated Show resolved Hide resolved
sources/npmRegistryUtils.ts Outdated Show resolved Hide resolved
tests/npmRegistryUtils.test.ts Outdated Show resolved Hide resolved
tests/npmRegistryUtils.test.ts Outdated Show resolved Hide resolved
tests/npmRegistryUtils.test.ts Outdated Show resolved Hide resolved
tests/npmRegistryUtils.test.ts Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
@aduh95 aduh95 linked an issue Oct 10, 2022 that may be closed by this pull request
@micsco
Copy link
Contributor Author

micsco commented Oct 12, 2022

Thanks for the comprehensive review @merceyz - I've applied all your changes and updated the PR.

@micsco micsco requested a review from merceyz October 12, 2022 18:43
@aduh95 aduh95 merged commit 662ae90 into nodejs:main Oct 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Internal Error: Server answered with HTTP 403: hardcoded registries?
4 participants