From 2369de378839a146571da21e6fede572efa3f42c Mon Sep 17 00:00:00 2001 From: Gar Date: Fri, 14 Apr 2023 19:13:08 -0700 Subject: [PATCH 01/12] deps: @npmcli/metavuln-calculator@5.0.1 --- node_modules/@npmcli/metavuln-calculator/lib/advisory.js | 4 ++-- node_modules/@npmcli/metavuln-calculator/package.json | 9 +++++---- package-lock.json | 6 +++--- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/node_modules/@npmcli/metavuln-calculator/lib/advisory.js b/node_modules/@npmcli/metavuln-calculator/lib/advisory.js index 1f479a90dd999..01f6a66fc2ac4 100644 --- a/node_modules/@npmcli/metavuln-calculator/lib/advisory.js +++ b/node_modules/@npmcli/metavuln-calculator/lib/advisory.js @@ -106,7 +106,7 @@ class Advisory { this[_packument] = packument - const pakuVersions = Object.keys(packument.versions) + const pakuVersions = Object.keys(packument.versions || {}) const allVersions = new Set([...pakuVersions, ...this.versions]) const versionsAdded = [] const versionsRemoved = [] @@ -242,7 +242,7 @@ class Advisory { // check the dependency of this version on the vulnerable dep // if we got a version that's not in the packument, fall back on // the spec provided, if possible. - const mani = this[_packument].versions[version] || { + const mani = this[_packument]?.versions?.[version] || { dependencies: { [this.dependency]: spec, }, diff --git a/node_modules/@npmcli/metavuln-calculator/package.json b/node_modules/@npmcli/metavuln-calculator/package.json index baf59c47fcb40..18ebb68c4bfd1 100644 --- a/node_modules/@npmcli/metavuln-calculator/package.json +++ b/node_modules/@npmcli/metavuln-calculator/package.json @@ -1,6 +1,6 @@ { "name": "@npmcli/metavuln-calculator", - "version": "5.0.0", + "version": "5.0.1", "main": "lib/index.js", "files": [ "bin/", @@ -33,8 +33,8 @@ ] }, "devDependencies": { - "@npmcli/eslint-config": "^3.0.1", - "@npmcli/template-oss": "4.5.1", + "@npmcli/eslint-config": "^4.0.0", + "@npmcli/template-oss": "4.13.0", "require-inject": "^1.4.4", "tap": "^16.0.1" }, @@ -49,6 +49,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.5.1" + "version": "4.13.0", + "publish": "true" } } diff --git a/package-lock.json b/package-lock.json index dcdbf32500f79..5e7a6d018fb20 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2150,9 +2150,9 @@ } }, "node_modules/@npmcli/metavuln-calculator": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/@npmcli/metavuln-calculator/-/metavuln-calculator-5.0.0.tgz", - "integrity": "sha512-BBFQx4M12wiEuVwCgtX/Depx0B/+NHMwDWOlXT41/Pdy5W/1Fenk+hibUlMSrFWwASbX+fY90UbILAEIYH02/A==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/@npmcli/metavuln-calculator/-/metavuln-calculator-5.0.1.tgz", + "integrity": "sha512-qb8Q9wIIlEPj3WeA1Lba91R4ZboPL0uspzV0F9uwP+9AYMVB2zOoa7Pbk12g6D2NHAinSbHh6QYmGuRyHZ874Q==", "dependencies": { "cacache": "^17.0.0", "json-parse-even-better-errors": "^3.0.0", From 33f728c6baa55afcba6833cefcb9e153a72f01b6 Mon Sep 17 00:00:00 2001 From: Gar Date: Fri, 14 Apr 2023 19:14:06 -0700 Subject: [PATCH 02/12] deps: make-fetch-happen@11.1.0 --- .../make-fetch-happen/lib/cache/entry.js | 25 +++++++++++++++++++ node_modules/make-fetch-happen/lib/options.js | 2 ++ node_modules/make-fetch-happen/package.json | 7 +++--- package-lock.json | 8 +++--- package.json | 2 +- 5 files changed, 36 insertions(+), 8 deletions(-) diff --git a/node_modules/make-fetch-happen/lib/cache/entry.js b/node_modules/make-fetch-happen/lib/cache/entry.js index dba89d715d8a5..12e2fb231f4e9 100644 --- a/node_modules/make-fetch-happen/lib/cache/entry.js +++ b/node_modules/make-fetch-happen/lib/cache/entry.js @@ -99,6 +99,12 @@ const getMetadata = (request, response, options) => { } } + for (const name of options.cacheAdditionalHeaders) { + if (response.headers.has(name)) { + metadata.resHeaders[name] = response.headers.get(name) + } + } + return metadata } @@ -331,6 +337,7 @@ class CacheEntry { // that reads from cacache and attach it to a new Response const body = new Minipass() const headers = { ...this.policy.responseHeaders() } + const onResume = () => { const cacheStream = cacache.get.stream.byDigest( this.options.cachePath, this.entry.integrity, { memoize: this.options.memoize } @@ -417,6 +424,24 @@ class CacheEntry { } } + for (const name of options.cacheAdditionalHeaders) { + const inMeta = hasOwnProperty(metadata.resHeaders, name) + const inEntry = hasOwnProperty(this.entry.metadata.resHeaders, name) + const inPolicy = hasOwnProperty(this.policy.response.headers, name) + + // if the header is in the existing entry, but it is not in the metadata + // then we need to write it to the metadata as this will refresh the on-disk cache + if (!inMeta && inEntry) { + metadata.resHeaders[name] = this.entry.metadata.resHeaders[name] + } + // if the header is in the metadata, but not in the policy, then we need to set + // it in the policy so that it's included in the immediate response. future + // responses will load a new cache entry, so we don't need to change that + if (!inPolicy && inMeta) { + this.policy.response.headers[name] = metadata.resHeaders[name] + } + } + try { await cacache.index.insert(options.cachePath, this.key, this.entry.integrity, { size: this.entry.size, diff --git a/node_modules/make-fetch-happen/lib/options.js b/node_modules/make-fetch-happen/lib/options.js index daa9ecd9d5d5f..f77511279f831 100644 --- a/node_modules/make-fetch-happen/lib/options.js +++ b/node_modules/make-fetch-happen/lib/options.js @@ -40,6 +40,8 @@ const configureOptions = (opts) => { } } + options.cacheAdditionalHeaders = options.cacheAdditionalHeaders || [] + // cacheManager is deprecated, but if it's set and // cachePath is not we should copy it to the new field if (options.cacheManager && !options.cachePath) { diff --git a/node_modules/make-fetch-happen/package.json b/node_modules/make-fetch-happen/package.json index 7c340820f0c55..c3d704fbe8497 100644 --- a/node_modules/make-fetch-happen/package.json +++ b/node_modules/make-fetch-happen/package.json @@ -1,6 +1,6 @@ { "name": "make-fetch-happen", - "version": "11.0.3", + "version": "11.1.0", "description": "Opinionated, caching, retrying fetch client", "main": "lib/index.js", "files": [ @@ -51,7 +51,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.11.3", + "@npmcli/template-oss": "4.13.0", "nock": "^13.2.4", "safe-buffer": "^5.2.1", "standard-version": "^9.3.2", @@ -72,6 +72,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.11.3" + "version": "4.13.0", + "publish": "true" } } diff --git a/package-lock.json b/package-lock.json index 5e7a6d018fb20..2b3268de4bc6b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -117,7 +117,7 @@ "libnpmsearch": "^6.0.2", "libnpmteam": "^5.0.3", "libnpmversion": "^4.0.2", - "make-fetch-happen": "^11.0.3", + "make-fetch-happen": "^11.1.0", "minimatch": "^7.4.3", "minipass": "^4.2.5", "minipass-pipeline": "^1.2.4", @@ -7429,9 +7429,9 @@ "dev": true }, "node_modules/make-fetch-happen": { - "version": "11.0.3", - "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-11.0.3.tgz", - "integrity": "sha512-oPLh5m10lRNNZDjJ2kP8UpboUx2uFXVaVweVe/lWut4iHWcQEmfqSVJt2ihZsFI8HbpwyyocaXbCAWf0g1ukIA==", + "version": "11.1.0", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-11.1.0.tgz", + "integrity": "sha512-7ChuOzCb1LzdQZrTy0ky6RsCoMYeM+Fh4cY0+4zsJVhNcH5Q3OJojLY1mGkD0xAhWB29lskECVb6ZopofwjldA==", "inBundle": true, "dependencies": { "agentkeepalive": "^4.2.1", diff --git a/package.json b/package.json index 4cbc0fc20913a..3b4a926ef8b90 100644 --- a/package.json +++ b/package.json @@ -86,7 +86,7 @@ "libnpmsearch": "^6.0.2", "libnpmteam": "^5.0.3", "libnpmversion": "^4.0.2", - "make-fetch-happen": "^11.0.3", + "make-fetch-happen": "^11.1.0", "minimatch": "^7.4.3", "minipass": "^4.2.5", "minipass-pipeline": "^1.2.4", From 739220d57d7db4f53309e7726f622c5b90411d8e Mon Sep 17 00:00:00 2001 From: Gar Date: Fri, 14 Apr 2023 19:14:41 -0700 Subject: [PATCH 03/12] deps: npm-install-checks@6.1.1 --- node_modules/npm-install-checks/lib/index.js | 2 +- node_modules/npm-install-checks/package.json | 7 ++++--- package-lock.json | 8 ++++---- package.json | 2 +- 4 files changed, 10 insertions(+), 9 deletions(-) diff --git a/node_modules/npm-install-checks/lib/index.js b/node_modules/npm-install-checks/lib/index.js index 37530bb52d19a..fa5f593aaac64 100644 --- a/node_modules/npm-install-checks/lib/index.js +++ b/node_modules/npm-install-checks/lib/index.js @@ -40,7 +40,7 @@ const checkPlatform = (target, force = false) => { libcOk = false } else { const report = process.report.getReport() - if (report.header?.glibcRuntimeVersion) { + if (report.header?.glibcVersionRuntime) { libcFamily = 'glibc' } else if (Array.isArray(report.sharedObjects) && report.sharedObjects.some(isMusl)) { libcFamily = 'musl' diff --git a/node_modules/npm-install-checks/package.json b/node_modules/npm-install-checks/package.json index d9304ebf2a284..192cf68837146 100644 --- a/node_modules/npm-install-checks/package.json +++ b/node_modules/npm-install-checks/package.json @@ -1,6 +1,6 @@ { "name": "npm-install-checks", - "version": "6.1.0", + "version": "6.1.1", "description": "Check the engines and platform fields in package.json", "main": "lib/index.js", "dependencies": { @@ -8,7 +8,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.12.0", + "@npmcli/template-oss": "4.13.0", "tap": "^16.0.1" }, "scripts": { @@ -39,7 +39,8 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.12.0" + "version": "4.13.0", + "publish": "true" }, "tap": { "nyc-arg": [ diff --git a/package-lock.json b/package-lock.json index 2b3268de4bc6b..5dd0a5d417782 100644 --- a/package-lock.json +++ b/package-lock.json @@ -125,7 +125,7 @@ "node-gyp": "^9.3.1", "nopt": "^7.1.0", "npm-audit-report": "^4.0.0", - "npm-install-checks": "^6.1.0", + "npm-install-checks": "^6.1.1", "npm-package-arg": "^10.1.0", "npm-pick-manifest": "^8.0.1", "npm-profile": "^7.0.1", @@ -9259,9 +9259,9 @@ } }, "node_modules/npm-install-checks": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/npm-install-checks/-/npm-install-checks-6.1.0.tgz", - "integrity": "sha512-udSGENih/5xKh3Ex+L0PtZcOt0Pa+6ppDLnpG5D49/EhMja3LupaY9E/DtJTxyFBwE09ot7Fc+H4DywnZNWTVA==", + "version": "6.1.1", + "resolved": "https://registry.npmjs.org/npm-install-checks/-/npm-install-checks-6.1.1.tgz", + "integrity": "sha512-dH3GmQL4vsPtld59cOn8uY0iOqRmqKvV+DLGwNXV/Q7MDgD2QfOADWd/mFXcIE5LVhYYGjA3baz6W9JneqnuCw==", "inBundle": true, "dependencies": { "semver": "^7.1.1" diff --git a/package.json b/package.json index 3b4a926ef8b90..6cce6437003a4 100644 --- a/package.json +++ b/package.json @@ -94,7 +94,7 @@ "node-gyp": "^9.3.1", "nopt": "^7.1.0", "npm-audit-report": "^4.0.0", - "npm-install-checks": "^6.1.0", + "npm-install-checks": "^6.1.1", "npm-package-arg": "^10.1.0", "npm-pick-manifest": "^8.0.1", "npm-profile": "^7.0.1", From 9a41da8ad8ce4aefac63bf9d0a434e31c9950c3e Mon Sep 17 00:00:00 2001 From: Gar Date: Fri, 14 Apr 2023 19:15:12 -0700 Subject: [PATCH 04/12] deps: npm-registry-fetch@14.0.4 --- node_modules/npm-registry-fetch/lib/clean-url.js | 3 ++- node_modules/npm-registry-fetch/package.json | 9 ++++----- package-lock.json | 8 ++++---- package.json | 2 +- tap-snapshots/test/lib/utils/error-message.js.test.cjs | 2 +- test/lib/cli.js | 2 +- test/lib/utils/exit-handler.js | 2 +- test/lib/utils/replace-info.js | 6 +++--- 8 files changed, 17 insertions(+), 17 deletions(-) diff --git a/node_modules/npm-registry-fetch/lib/clean-url.js b/node_modules/npm-registry-fetch/lib/clean-url.js index a419b47d6a339..0c2656b5653a0 100644 --- a/node_modules/npm-registry-fetch/lib/clean-url.js +++ b/node_modules/npm-registry-fetch/lib/clean-url.js @@ -12,7 +12,8 @@ const cleanUrl = (str) => { try { const url = new URL(str) if (url.password) { - str = str.replace(url.password, replace) + url.password = replace + str = url.toString() } } catch { // ignore errors diff --git a/node_modules/npm-registry-fetch/package.json b/node_modules/npm-registry-fetch/package.json index 89550cee29ae6..1625e91544bfb 100644 --- a/node_modules/npm-registry-fetch/package.json +++ b/node_modules/npm-registry-fetch/package.json @@ -1,6 +1,6 @@ { "name": "npm-registry-fetch", - "version": "14.0.3", + "version": "14.0.4", "description": "Fetch-based http client for use with npm registry APIs", "main": "lib", "files": [ @@ -41,12 +41,10 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.10.0", + "@npmcli/template-oss": "4.13.0", "cacache": "^17.0.0", - "mkdirp": "^1.0.4", "nock": "^13.2.4", "require-inject": "^1.4.4", - "rimraf": "^3.0.2", "ssri": "^10.0.0", "tap": "^16.0.1" }, @@ -63,6 +61,7 @@ }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.10.0" + "version": "4.13.0", + "publish": "true" } } diff --git a/package-lock.json b/package-lock.json index 5dd0a5d417782..c42d4c87c80c0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -129,7 +129,7 @@ "npm-package-arg": "^10.1.0", "npm-pick-manifest": "^8.0.1", "npm-profile": "^7.0.1", - "npm-registry-fetch": "^14.0.3", + "npm-registry-fetch": "^14.0.4", "npm-user-validate": "^2.0.0", "npmlog": "^7.0.1", "p-map": "^4.0.0", @@ -9341,9 +9341,9 @@ } }, "node_modules/npm-registry-fetch": { - "version": "14.0.3", - "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-14.0.3.tgz", - "integrity": "sha512-YaeRbVNpnWvsGOjX2wk5s85XJ7l1qQBGAp724h8e2CZFFhMSuw9enom7K1mWVUtvXO1uUSFIAPofQK0pPN0ZcA==", + "version": "14.0.4", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-14.0.4.tgz", + "integrity": "sha512-pMS2DRkwg+M44ct65zrN/Cr9IHK1+n6weuefAo6Er4lc+/8YBCU0Czq04H3ZiSigluh7pb2rMM5JpgcytctB+Q==", "inBundle": true, "dependencies": { "make-fetch-happen": "^11.0.0", diff --git a/package.json b/package.json index 6cce6437003a4..5b839c379a3af 100644 --- a/package.json +++ b/package.json @@ -98,7 +98,7 @@ "npm-package-arg": "^10.1.0", "npm-pick-manifest": "^8.0.1", "npm-profile": "^7.0.1", - "npm-registry-fetch": "^14.0.3", + "npm-registry-fetch": "^14.0.4", "npm-user-validate": "^2.0.0", "npmlog": "^7.0.1", "p-map": "^4.0.0", diff --git a/tap-snapshots/test/lib/utils/error-message.js.test.cjs b/tap-snapshots/test/lib/utils/error-message.js.test.cjs index 35d7003853edb..7c155cb16687f 100644 --- a/tap-snapshots/test/lib/utils/error-message.js.test.cjs +++ b/tap-snapshots/test/lib/utils/error-message.js.test.cjs @@ -190,7 +190,7 @@ Object { "r", "g", "s", - "https://evil:***@npmjs.org", + "https://evil:***@npmjs.org/", ], Array [ "", diff --git a/test/lib/cli.js b/test/lib/cli.js index 28640a226065e..cafd13feabe93 100644 --- a/test/lib/cli.js +++ b/test/lib/cli.js @@ -98,7 +98,7 @@ t.test('logged argv is sanitized with equals', async t => { }) await cli(process) - t.match(logsBy('argv'), [['"version" "--registry" "https://u:***@npmjs.org"']]) + t.match(logsBy('argv'), [['"version" "--registry" "https://u:***@npmjs.org/"']]) }) t.test('print usage if no params provided', async t => { diff --git a/test/lib/utils/exit-handler.js b/test/lib/utils/exit-handler.js index 969bd05a98cea..8942d90922597 100644 --- a/test/lib/utils/exit-handler.js +++ b/test/lib/utils/exit-handler.js @@ -549,7 +549,7 @@ t.test('uses all err special properties', async t => { t.test('verbose logs replace info on err props', async t => { const { exitHandler, logs } = await mockExitHandler(t) - const keys = ['type', 'stack', 'statusCode', 'pkgid'] + const keys = ['type', 'stack', 'pkgid'] const properties = keys.reduce((acc, k) => { acc[k] = `${k}-https://user:pass@registry.npmjs.org/` return acc diff --git a/test/lib/utils/replace-info.js b/test/lib/utils/replace-info.js index c7fffdb544096..c1e77e943b491 100644 --- a/test/lib/utils/replace-info.js +++ b/test/lib/utils/replace-info.js @@ -57,7 +57,7 @@ t.equal( t.equal( replaceInfo('https://user:pass@registry.npmjs.org/ http://a:b@reg.github.com'), - 'https://user:***@registry.npmjs.org/ http://a:***@reg.github.com', + 'https://user:***@registry.npmjs.org/ http://a:***@reg.github.com/', 'should replace multiple items on a string' ) @@ -81,7 +81,7 @@ t.same( ]), [ 'Something https://user:***@registry.npmjs.org/ foo bar', - 'http://foo:***@registry.npmjs.org', + 'http://foo:***@registry.npmjs.org/', 'http://example.npmjs.org', ], 'should replace items in an array' @@ -95,7 +95,7 @@ t.same( ]), [ 'Something --x=https://user:***@registry.npmjs.org/ foo bar', - '--url=http://foo:***@registry.npmjs.org', + '--url=http://foo:***@registry.npmjs.org/', '--url=http://example.npmjs.org', ], 'should replace items in an array with equals' From ec425bb40f402a863c212b619f6a70f23574db2b Mon Sep 17 00:00:00 2001 From: Gar Date: Fri, 14 Apr 2023 19:15:55 -0700 Subject: [PATCH 05/12] deps: read@2.1.0 --- node_modules/read/lib/read.js | 6 +++--- node_modules/read/package.json | 7 ++++--- package-lock.json | 8 ++++---- package.json | 2 +- 4 files changed, 12 insertions(+), 11 deletions(-) diff --git a/node_modules/read/lib/read.js b/node_modules/read/lib/read.js index 882b11c285bcf..92ed415726107 100644 --- a/node_modules/read/lib/read.js +++ b/node_modules/read/lib/read.js @@ -5,6 +5,7 @@ module.exports = async function read ({ default: def = '', input = process.stdin, output = process.stdout, + completer, prompt = '', silent, timeout, @@ -35,7 +36,7 @@ module.exports = async function read ({ output = m return new Promise((resolve, reject) => { - const rl = readline.createInterface({ input, output, terminal }) + const rl = readline.createInterface({ input, output, terminal, silent: true, completer }) const timer = timeout && setTimeout(() => onError(new Error('timed out')), timeout) output.unmute() @@ -66,11 +67,10 @@ module.exports = async function read ({ rl.on('line', (line) => { if (silent && terminal) { output.unmute() - output.write('\r\n') } done() // truncate the \n at the end. - const res = line.replace(/\r?\n$/, '') || def || '' + const res = line.replace(/\r?\n?$/, '') || def || '' return resolve(res) }) diff --git a/node_modules/read/package.json b/node_modules/read/package.json index 7f8d7fc249c55..4d41f91878c11 100644 --- a/node_modules/read/package.json +++ b/node_modules/read/package.json @@ -1,13 +1,13 @@ { "name": "read", - "version": "2.0.0", + "version": "2.1.0", "main": "lib/read.js", "dependencies": { "mute-stream": "~1.0.0" }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.11.0", + "@npmcli/template-oss": "4.13.0", "tap": "^16.3.0" }, "engines": { @@ -35,7 +35,8 @@ ], "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.11.0" + "version": "4.13.0", + "publish": "true" }, "tap": { "statements": 77, diff --git a/package-lock.json b/package-lock.json index c42d4c87c80c0..608dbbbc07dcd 100644 --- a/package-lock.json +++ b/package-lock.json @@ -137,7 +137,7 @@ "parse-conflict-json": "^3.0.1", "proc-log": "^3.0.0", "qrcode-terminal": "^0.12.0", - "read": "^2.0.0", + "read": "^2.1.0", "read-package-json": "^6.0.1", "read-package-json-fast": "^3.0.2", "semver": "^7.3.8", @@ -10346,9 +10346,9 @@ } }, "node_modules/read": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/read/-/read-2.0.0.tgz", - "integrity": "sha512-88JMmpeeRYzW9gvIpYyXlYadWanW4vB2CYtDDVBfbRpbSogUNjTWEBXxJXMIVFSLjWVdCcdcIjI3+VV3Z2e9mw==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/read/-/read-2.1.0.tgz", + "integrity": "sha512-bvxi1QLJHcaywCAEsAk4DG3nVoqiY2Csps3qzWalhj5hFqRn1d/OixkFXtLO1PrgHUcAP0FNaSY/5GYNfENFFQ==", "inBundle": true, "dependencies": { "mute-stream": "~1.0.0" diff --git a/package.json b/package.json index 5b839c379a3af..2c04a1781266c 100644 --- a/package.json +++ b/package.json @@ -106,7 +106,7 @@ "parse-conflict-json": "^3.0.1", "proc-log": "^3.0.0", "qrcode-terminal": "^0.12.0", - "read": "^2.0.0", + "read": "^2.1.0", "read-package-json": "^6.0.1", "read-package-json-fast": "^3.0.2", "semver": "^7.3.8", From 4312478713e7319a7ba019b5f6266d52fd06ccb5 Mon Sep 17 00:00:00 2001 From: Gar Date: Fri, 14 Apr 2023 19:16:54 -0700 Subject: [PATCH 06/12] deps: ssri@10.0.3 --- node_modules/ssri/lib/index.js | 82 +++++++++++++++++++++++++++------- node_modules/ssri/package.json | 2 +- package-lock.json | 8 ++-- package.json | 2 +- 4 files changed, 71 insertions(+), 23 deletions(-) diff --git a/node_modules/ssri/lib/index.js b/node_modules/ssri/lib/index.js index e1424316802d0..7db8dcf75598e 100644 --- a/node_modules/ssri/lib/index.js +++ b/node_modules/ssri/lib/index.js @@ -29,10 +29,15 @@ class IntegrityStream extends MiniPass { this.#getOptions() // options used for calculating stream. can't be changed. - const algorithms = opts?.algorithms || DEFAULT_ALGORITHMS - this.algorithms = Array.from( - new Set(algorithms.concat(this.algorithm ? [this.algorithm] : [])) - ) + if (opts?.algorithms) { + this.algorithms = [...opts.algorithms] + } else { + this.algorithms = [...DEFAULT_ALGORITHMS] + } + if (this.algorithm !== null && !this.algorithms.includes(this.algorithm)) { + this.algorithms.push(this.algorithm) + } + this.hashes = this.algorithms.map(crypto.createHash) } @@ -40,8 +45,17 @@ class IntegrityStream extends MiniPass { // For verification this.sri = this.opts?.integrity ? parse(this.opts?.integrity, this.opts) : null this.expectedSize = this.opts?.size - this.goodSri = this.sri ? !!Object.keys(this.sri).length : false - this.algorithm = this.goodSri ? this.sri.pickAlgorithm(this.opts) : null + + if (!this.sri) { + this.algorithm = null + } else if (this.sri.isHash) { + this.goodSri = true + this.algorithm = this.sri.algorithm + } else { + this.goodSri = !this.sri.isEmpty() + this.algorithm = this.sri.pickAlgorithm(this.opts) + } + this.digests = this.goodSri ? this.sri[this.algorithm] : null this.optString = getOptString(this.opts?.options) } @@ -159,6 +173,29 @@ class Hash { return this.toString() } + match (integrity, opts) { + const other = parse(integrity, opts) + if (!other) { + return false + } + if (other.isIntegrity) { + const algo = other.pickAlgorithm(opts, [this.algorithm]) + + if (!algo) { + return false + } + + const foundHash = other[algo].find(hash => hash.digest === this.digest) + + if (foundHash) { + return foundHash + } + + return false + } + return other.digest === this.digest ? other : false + } + toString (opts) { if (opts?.strict) { // Strict mode enforces the standard as close to the foot of the @@ -285,8 +322,9 @@ class Integrity { if (!other) { return false } - const algo = other.pickAlgorithm(opts) + const algo = other.pickAlgorithm(opts, Object.keys(this)) return ( + !!algo && this[algo] && other[algo] && this[algo].find(hash => @@ -297,12 +335,22 @@ class Integrity { ) || false } - pickAlgorithm (opts) { + // Pick the highest priority algorithm present, optionally also limited to a + // set of hashes found in another integrity. When limiting it may return + // nothing. + pickAlgorithm (opts, hashes) { const pickAlgorithm = opts?.pickAlgorithm || getPrioritizedHash - const keys = Object.keys(this) - return keys.reduce((acc, algo) => { - return pickAlgorithm(acc, algo) || acc + const keys = Object.keys(this).filter(k => { + if (hashes?.length) { + return hashes.includes(k) + } + return true }) + if (keys.length) { + return keys.reduce((acc, algo) => pickAlgorithm(acc, algo) || acc) + } + // no intersection between this and hashes, + return null } } @@ -365,7 +413,7 @@ function fromHex (hexDigest, algorithm, opts) { module.exports.fromData = fromData function fromData (data, opts) { - const algorithms = opts?.algorithms || DEFAULT_ALGORITHMS + const algorithms = opts?.algorithms || [...DEFAULT_ALGORITHMS] const optString = getOptString(opts?.options) return algorithms.reduce((acc, algo) => { const digest = crypto.createHash(algo).update(data).digest('base64') @@ -399,7 +447,7 @@ function fromStream (stream, opts) { sri = s }) istream.on('end', () => resolve(sri)) - istream.on('data', () => {}) + istream.resume() }) } @@ -466,7 +514,7 @@ function checkStream (stream, sri, opts) { verified = s }) checker.on('end', () => resolve(verified)) - checker.on('data', () => {}) + checker.resume() }) } @@ -477,7 +525,7 @@ function integrityStream (opts = Object.create(null)) { module.exports.create = createIntegrity function createIntegrity (opts) { - const algorithms = opts?.algorithms || DEFAULT_ALGORITHMS + const algorithms = opts?.algorithms || [...DEFAULT_ALGORITHMS] const optString = getOptString(opts?.options) const hashes = algorithms.map(crypto.createHash) @@ -512,7 +560,7 @@ function createIntegrity (opts) { } } -const NODE_HASHES = new Set(crypto.getHashes()) +const NODE_HASHES = crypto.getHashes() // This is a Best Effortâ„¢ at a reasonable priority for hash algos const DEFAULT_PRIORITY = [ @@ -522,7 +570,7 @@ const DEFAULT_PRIORITY = [ 'sha3', 'sha3-256', 'sha3-384', 'sha3-512', 'sha3_256', 'sha3_384', 'sha3_512', -].filter(algo => NODE_HASHES.has(algo)) +].filter(algo => NODE_HASHES.includes(algo)) function getPrioritizedHash (algo1, algo2) { /* eslint-disable-next-line max-len */ diff --git a/node_modules/ssri/package.json b/node_modules/ssri/package.json index 4d5963e9a0e74..b41400c8190d4 100644 --- a/node_modules/ssri/package.json +++ b/node_modules/ssri/package.json @@ -1,6 +1,6 @@ { "name": "ssri", - "version": "10.0.2", + "version": "10.0.3", "description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.", "main": "lib/index.js", "files": [ diff --git a/package-lock.json b/package-lock.json index 608dbbbc07dcd..eaec381299e85 100644 --- a/package-lock.json +++ b/package-lock.json @@ -141,7 +141,7 @@ "read-package-json": "^6.0.1", "read-package-json-fast": "^3.0.2", "semver": "^7.3.8", - "ssri": "^10.0.2", + "ssri": "^10.0.3", "tar": "^6.1.13", "text-table": "~0.2.0", "tiny-relative-date": "^1.3.0", @@ -11440,9 +11440,9 @@ "dev": true }, "node_modules/ssri": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/ssri/-/ssri-10.0.2.tgz", - "integrity": "sha512-LWMXUSh7fEfCXNBq4UnRzC4Qc5Y1PPg5ogmb+6HX837i2cKzjB133aYmQ4lgO0shVTcTQHquKp3v5bn898q3Sw==", + "version": "10.0.3", + "resolved": "https://registry.npmjs.org/ssri/-/ssri-10.0.3.tgz", + "integrity": "sha512-lJtX/BFPI/VEtxZmLfeh7pzisIs6micwZ3eruD3+ds9aPsXKlYpwDS2Q7omD6WC42WO9+bnUSzlMmfv8uK8meg==", "inBundle": true, "dependencies": { "minipass": "^4.0.0" diff --git a/package.json b/package.json index 2c04a1781266c..8e3d283373767 100644 --- a/package.json +++ b/package.json @@ -110,7 +110,7 @@ "read-package-json": "^6.0.1", "read-package-json-fast": "^3.0.2", "semver": "^7.3.8", - "ssri": "^10.0.2", + "ssri": "^10.0.3", "tar": "^6.1.13", "text-table": "~0.2.0", "tiny-relative-date": "^1.3.0", From b40dc9bf72b902b3c4ca6da085cf5585ab510156 Mon Sep 17 00:00:00 2001 From: Gar Date: Fri, 14 Apr 2023 19:17:45 -0700 Subject: [PATCH 07/12] deps: minimatch@7.4.6 --- node_modules/minimatch/dist/cjs/_parse.js | 300 -------- .../dist/cjs/assert-valid-pattern.js | 14 - node_modules/minimatch/dist/cjs/extglob.js | 4 - node_modules/minimatch/dist/cjs/parse.js | 650 ------------------ node_modules/minimatch/dist/mjs/_parse.js | 296 -------- .../dist/mjs/assert-valid-pattern.js | 10 - node_modules/minimatch/dist/mjs/extglob.js | 3 - node_modules/minimatch/dist/mjs/parse.js | 646 ----------------- node_modules/minimatch/package.json | 5 +- package-lock.json | 8 +- package.json | 2 +- 11 files changed, 9 insertions(+), 1929 deletions(-) delete mode 100644 node_modules/minimatch/dist/cjs/_parse.js delete mode 100644 node_modules/minimatch/dist/cjs/assert-valid-pattern.js delete mode 100644 node_modules/minimatch/dist/cjs/extglob.js delete mode 100644 node_modules/minimatch/dist/cjs/parse.js delete mode 100644 node_modules/minimatch/dist/mjs/_parse.js delete mode 100644 node_modules/minimatch/dist/mjs/assert-valid-pattern.js delete mode 100644 node_modules/minimatch/dist/mjs/extglob.js delete mode 100644 node_modules/minimatch/dist/mjs/parse.js diff --git a/node_modules/minimatch/dist/cjs/_parse.js b/node_modules/minimatch/dist/cjs/_parse.js deleted file mode 100644 index 4387a26171dfe..0000000000000 --- a/node_modules/minimatch/dist/cjs/_parse.js +++ /dev/null @@ -1,300 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.parse = void 0; -// parse a single path portion -const brace_expressions_js_1 = require("./brace-expressions.js"); -const assert_valid_pattern_js_1 = require("./assert-valid-pattern.js"); -const globUnescape = (s) => s.replace(/\\(.)/g, '$1'); -const regExpEscape = (s) => s.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, '\\$&'); -// "abc" -> { a:true, b:true, c:true } -const charSet = (s) => s.split('').reduce((set, c) => { - set[c] = true; - return set; -}, {}); -const plTypes = { - '!': { open: '(?:(?!(?:', close: '))[^/]*?)' }, - '?': { open: '(?:', close: ')?' }, - '+': { open: '(?:', close: ')+' }, - '*': { open: '(?:', close: ')*' }, - '@': { open: '(?:', close: ')' }, -}; -// characters that need to be escaped in RegExp. -const reSpecials = charSet('().*{}+?[]^$\\!'); -// characters that indicate we have to add the pattern start -const addPatternStartSet = charSet('[.('); -// any single thing other than / -// don't need to escape / when using new RegExp() -const qmark = '[^/]'; -// * => any number of characters -const star = qmark + '*?'; -// TODO: take an offset and length, so we can sub-parse the extglobs -const parse = (options, pattern, debug) => { - (0, assert_valid_pattern_js_1.assertValidPattern)(pattern); - if (pattern === '') - return ''; - let re = ''; - let hasMagic = false; - let escaping = false; - // ? => one single character - const patternListStack = []; - const negativeLists = []; - let stateChar = false; - let uflag = false; - let pl; - // . and .. never match anything that doesn't start with ., - // even when options.dot is set. However, if the pattern - // starts with ., then traversal patterns can match. - let dotTravAllowed = pattern.charAt(0) === '.'; - let dotFileAllowed = options.dot || dotTravAllowed; - const patternStart = () => dotTravAllowed - ? '' - : dotFileAllowed - ? '(?!(?:^|\\/)\\.{1,2}(?:$|\\/))' - : '(?!\\.)'; - const subPatternStart = (p) => p.charAt(0) === '.' - ? '' - : options.dot - ? '(?!(?:^|\\/)\\.{1,2}(?:$|\\/))' - : '(?!\\.)'; - const clearStateChar = () => { - if (stateChar) { - // we had some state-tracking character - // that wasn't consumed by this pass. - switch (stateChar) { - case '*': - re += star; - hasMagic = true; - break; - case '?': - re += qmark; - hasMagic = true; - break; - default: - re += '\\' + stateChar; - break; - } - debug('clearStateChar %j %j', stateChar, re); - stateChar = false; - } - }; - for (let i = 0, c; i < pattern.length && (c = pattern.charAt(i)); i++) { - debug('%s\t%s %s %j', pattern, i, re, c); - // skip over any that are escaped. - if (escaping) { - // completely not allowed, even escaped. - // should be impossible. - /* c8 ignore start */ - if (c === '/') { - return false; - } - /* c8 ignore stop */ - if (reSpecials[c]) { - re += '\\'; - } - re += c; - escaping = false; - continue; - } - switch (c) { - // Should already be path-split by now. - /* c8 ignore start */ - case '/': { - return false; - } - /* c8 ignore stop */ - case '\\': - clearStateChar(); - escaping = true; - continue; - // the various stateChar values - // for the "extglob" stuff. - case '?': - case '*': - case '+': - case '@': - case '!': - debug('%s\t%s %s %j <-- stateChar', pattern, i, re, c); - // if we already have a stateChar, then it means - // that there was something like ** or +? in there. - // Handle the stateChar, then proceed with this one. - debug('call clearStateChar %j', stateChar); - clearStateChar(); - stateChar = c; - // if extglob is disabled, then +(asdf|foo) isn't a thing. - // just clear the statechar *now*, rather than even diving into - // the patternList stuff. - if (options.noext) - clearStateChar(); - continue; - case '(': { - if (!stateChar) { - re += '\\('; - continue; - } - const plEntry = { - type: stateChar, - start: i - 1, - reStart: re.length, - open: plTypes[stateChar].open, - close: plTypes[stateChar].close, - }; - debug(pattern, '\t', plEntry); - patternListStack.push(plEntry); - // negation is (?:(?!(?:js)(?:))[^/]*) - re += plEntry.open; - // next entry starts with a dot maybe? - if (plEntry.start === 0 && plEntry.type !== '!') { - dotTravAllowed = true; - re += subPatternStart(pattern.slice(i + 1)); - } - debug('plType %j %j', stateChar, re); - stateChar = false; - continue; - } - case ')': { - const plEntry = patternListStack[patternListStack.length - 1]; - if (!plEntry) { - re += '\\)'; - continue; - } - patternListStack.pop(); - // closing an extglob - clearStateChar(); - hasMagic = true; - pl = plEntry; - // negation is (?:(?!js)[^/]*) - // The others are (?:) - re += pl.close; - if (pl.type === '!') { - negativeLists.push(Object.assign(pl, { reEnd: re.length })); - } - continue; - } - case '|': { - const plEntry = patternListStack[patternListStack.length - 1]; - if (!plEntry) { - re += '\\|'; - continue; - } - clearStateChar(); - re += '|'; - // next subpattern can start with a dot? - if (plEntry.start === 0 && plEntry.type !== '!') { - dotTravAllowed = true; - re += subPatternStart(pattern.slice(i + 1)); - } - continue; - } - // these are mostly the same in regexp and glob - case '[': - // swallow any state-tracking char before the [ - clearStateChar(); - const [src, needUflag, consumed, magic] = (0, brace_expressions_js_1.parseClass)(pattern, i); - if (consumed) { - re += src; - uflag = uflag || needUflag; - i += consumed - 1; - hasMagic = hasMagic || magic; - } - else { - re += '\\['; - } - continue; - case ']': - re += '\\' + c; - continue; - default: - // swallow any state char that wasn't consumed - clearStateChar(); - re += regExpEscape(c); - break; - } // switch - } // for - // handle the case where we had a +( thing at the *end* - // of the pattern. - // each pattern list stack adds 3 chars, and we need to go through - // and escape any | chars that were passed through as-is for the regexp. - // Go through and escape them, taking care not to double-escape any - // | chars that were already escaped. - for (pl = patternListStack.pop(); pl; pl = patternListStack.pop()) { - let tail; - tail = re.slice(pl.reStart + pl.open.length); - debug(pattern, 'setting tail', re, pl); - // maybe some even number of \, then maybe 1 \, followed by a | - tail = tail.replace(/((?:\\{2}){0,64})(\\?)\|/g, (_, $1, $2) => { - if (!$2) { - // the | isn't already escaped, so escape it. - $2 = '\\'; - // should already be done - /* c8 ignore start */ - } - /* c8 ignore stop */ - // need to escape all those slashes *again*, without escaping the - // one that we need for escaping the | character. As it works out, - // escaping an even number of slashes can be done by simply repeating - // it exactly after itself. That's why this trick works. - // - // I am sorry that you have to see this. - return $1 + $1 + $2 + '|'; - }); - debug('tail=%j\n %s', tail, tail, pl, re); - const t = pl.type === '*' ? star : pl.type === '?' ? qmark : '\\' + pl.type; - hasMagic = true; - re = re.slice(0, pl.reStart) + t + '\\(' + tail; - } - // handle trailing things that only matter at the very end. - clearStateChar(); - if (escaping) { - // trailing \\ - re += '\\\\'; - } - // only need to apply the nodot start if the re starts with - // something that could conceivably capture a dot - const addPatternStart = addPatternStartSet[re.charAt(0)]; - // Hack to work around lack of negative lookbehind in JS - // A pattern like: *.!(x).!(y|z) needs to ensure that a name - // like 'a.xyz.yz' doesn't match. So, the first negative - // lookahead, has to look ALL the way ahead, to the end of - // the pattern. - for (let n = negativeLists.length - 1; n > -1; n--) { - const nl = negativeLists[n]; - const nlBefore = re.slice(0, nl.reStart); - const nlFirst = re.slice(nl.reStart, nl.reEnd - 8); - let nlAfter = re.slice(nl.reEnd); - const nlLast = re.slice(nl.reEnd - 8, nl.reEnd) + nlAfter; - // Handle nested stuff like *(*.js|!(*.json)), where open parens - // mean that we should *not* include the ) in the bit that is considered - // "after" the negated section. - const closeParensBefore = nlBefore.split(')').length; - const openParensBefore = nlBefore.split('(').length - closeParensBefore; - let cleanAfter = nlAfter; - for (let i = 0; i < openParensBefore; i++) { - cleanAfter = cleanAfter.replace(/\)[+*?]?/, ''); - } - nlAfter = cleanAfter; - const dollar = nlAfter === '' ? '(?:$|\\/)' : ''; - re = nlBefore + nlFirst + nlAfter + dollar + nlLast; - } - // if the re is not "" at this point, then we need to make sure - // it doesn't match against an empty path part. - // Otherwise a/* will match a/, which it should not. - if (re !== '' && hasMagic) { - re = '(?=.)' + re; - } - if (addPatternStart) { - re = patternStart() + re; - } - // if it's nocase, and the lcase/uppercase don't match, it's magic - if (options.nocase && !hasMagic && !options.nocaseMagicOnly) { - hasMagic = pattern.toUpperCase() !== pattern.toLowerCase(); - } - // skip the regexp for non-magical patterns - // unescape anything in it, though, so that it'll be - // an exact match against a file etc. - if (!hasMagic) { - return globUnescape(re); - } - return re; -}; -exports.parse = parse; -//# sourceMappingURL=_parse.js.map \ No newline at end of file diff --git a/node_modules/minimatch/dist/cjs/assert-valid-pattern.js b/node_modules/minimatch/dist/cjs/assert-valid-pattern.js deleted file mode 100644 index 5fc86bbd0116c..0000000000000 --- a/node_modules/minimatch/dist/cjs/assert-valid-pattern.js +++ /dev/null @@ -1,14 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.assertValidPattern = void 0; -const MAX_PATTERN_LENGTH = 1024 * 64; -const assertValidPattern = (pattern) => { - if (typeof pattern !== 'string') { - throw new TypeError('invalid pattern'); - } - if (pattern.length > MAX_PATTERN_LENGTH) { - throw new TypeError('pattern is too long'); - } -}; -exports.assertValidPattern = assertValidPattern; -//# sourceMappingURL=assert-valid-pattern.js.map \ No newline at end of file diff --git a/node_modules/minimatch/dist/cjs/extglob.js b/node_modules/minimatch/dist/cjs/extglob.js deleted file mode 100644 index 8d7607b7f7ead..0000000000000 --- a/node_modules/minimatch/dist/cjs/extglob.js +++ /dev/null @@ -1,4 +0,0 @@ -"use strict"; -// translate an extglob into a regular expression -Object.defineProperty(exports, "__esModule", { value: true }); -//# sourceMappingURL=extglob.js.map \ No newline at end of file diff --git a/node_modules/minimatch/dist/cjs/parse.js b/node_modules/minimatch/dist/cjs/parse.js deleted file mode 100644 index 2fff625bcbb6e..0000000000000 --- a/node_modules/minimatch/dist/cjs/parse.js +++ /dev/null @@ -1,650 +0,0 @@ -"use strict"; -// parse a single path portion -Object.defineProperty(exports, "__esModule", { value: true }); -exports.AST = void 0; -const brace_expressions_1 = require("./brace-expressions"); -const types = new Set(['!', '?', '+', '*', '@']); -const isExtglobType = (c) => types.has(c); -// characters that indicate a start of pattern needs the "no dots" bit -const addPatternStart = new Set(['[', '.']); -const justDots = new Set(['..', '.']); -const reSpecials = new Set('().*{}+?[]^$\\!'); -const regExpEscape = (s) => s.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, '\\$&'); -// any single thing other than / -// don't need to escape / when using new RegExp() -const qmark = '[^/]'; -// * => any number of characters -const star = qmark + '*?'; -class AST { - type; - #root; - #parts = []; - #parent; - #parentIndex; - #negs; - #filledNegs = false; - #options; - constructor(type, parent, options = {}) { - this.type = type; - this.#parent = parent; - this.#root = this.#parent ? this.#parent.#root : this; - this.#options = this.#root === this ? options : this.#root.#options; - this.#negs = this.#root === this ? [] : this.#root.#negs; - if (type === '!' && !this.#root.#filledNegs) - this.#negs.push(this); - this.#parentIndex = this.#parent ? this.#parent.#parts.length : 0; - } - fillNegs() { - if (this !== this.#root) { - this.#root.fillNegs(); - return this; - } - if (this.#filledNegs) - return this; - this.#filledNegs = true; - let n; - while ((n = this.#negs.pop())) { - if (n.type !== '!') - continue; - // walk up the tree, appending everthing that comes AFTER parentIndex - let p = n; - let pp = p.#parent; - while (pp) { - for (let i = p.#parentIndex + 1; !pp.type && i < pp.#parts.length; i++) { - for (const part of n.#parts) { - /* c8 ignore start */ - if (typeof part === 'string') { - throw new Error('string part in extglob AST??'); - } - /* c8 ignore stop */ - part.copyIn(pp.#parts[i]); - } - } - p = pp; - pp = p.#parent; - } - } - return this; - } - push(...parts) { - for (const p of parts) { - if (p === '') - continue; - /* c8 ignore start */ - if (typeof p !== 'string' && !(p instanceof AST && p.#parent === this)) { - throw new Error('invalid part: ' + p); - } - /* c8 ignore stop */ - this.#parts.push(p); - } - } - toJSON() { - const ret = this.type === null ? this.#parts.slice() : [this.type, ...this.#parts]; - if (this.isStart() && !this.type) - ret.unshift([]); - if (this.isEnd() && - (this === this.#root || - (this.#root.#filledNegs && this.#parent?.type === '!'))) { - ret.push({}); - } - return ret; - } - isStart() { - if (this.#root === this) - return true; - // if (this.type) return !!this.#parent?.isStart() - if (!this.#parent?.isStart()) - return false; - return this.#parentIndex === 0; - } - isEnd() { - if (this.#root === this) - return true; - if (this.#parent?.type === '!') - return true; - if (!this.#parent?.isEnd()) - return false; - if (!this.type) - return this.#parent?.isEnd(); - return (this.#parentIndex === (this.#parent ? this.#parent.#parts.length : 0) - 1); - } - copyIn(part) { - if (typeof part === 'string') - this.push(part); - else - this.push(part.clone(this)); - } - clone(parent) { - const c = new AST(this.type, parent); - for (const p of this.#parts) { - c.copyIn(p); - } - return c; - } - static #parseAST(str, ast, pos, opt) { - let escaping = false; - if (ast.type === null) { - // outside of a extglob, append until we find a start - let i = pos; - let acc = ''; - while (i < str.length) { - const c = str.charAt(i++); - // still accumulate escapes at this point, but we do ignore - // starts that are escaped - if (escaping || c === '\\') { - escaping = !escaping; - acc += c; - continue; - } - if (!opt.noext && isExtglobType(c) && str.charAt(i) === '(') { - ast.push(acc); - acc = ''; - const ext = new AST(c, ast); - i = AST.#parseAST(str, ext, i, opt); - ast.push(ext); - continue; - } - acc += c; - } - ast.push(acc); - return i; - } - // some kind of extglob, pos is at the ( - // find the next | or ) - let i = pos + 1; - let part = new AST(null, ast); - const parts = []; - let acc = ''; - while (i < str.length) { - const c = str.charAt(i++); - // still accumulate escapes at this point, but we do ignore - // starts that are escaped - if (escaping || c === '\\') { - escaping = !escaping; - acc += c; - continue; - } - if (isExtglobType(c) && str.charAt(i) === '(') { - part.push(acc); - acc = ''; - const ext = new AST(c, part); - part.push(ext); - i = AST.#parseAST(str, ext, i, opt); - continue; - } - if (c === '|') { - part.push(acc); - acc = ''; - parts.push(part); - part = new AST(null, ast); - continue; - } - if (c === ')') { - part.push(acc); - acc = ''; - ast.push(...parts, part); - return i; - } - acc += c; - } - // if we got here, it was a malformed extglob! not an extglob, but - // maybe something else in there. - ast.type = null; - ast.#parts = [str.substring(pos)]; - return i; - } - static fromGlob(pattern, options = {}) { - const ast = new AST(null, undefined, options); - AST.#parseAST(pattern, ast, 0, options); - console.log('parsed', pattern, JSON.stringify(ast)); - return ast; - } - toRegExpSource() { - if (this.#root === this) - this.fillNegs(); - if (!this.type) { - const src = this.#parts - .map(p => { - if (typeof p === 'string') - return AST.#parseGlob(p, this.#options); - else - return p.toRegExpSource(); - }) - .join(''); - let start = ''; - if (this.isStart() && typeof this.#parts[0] === 'string') { - // '.' and '..' cannot match unless the pattern is that exactly - const dotTravAllowed = this.#parts.length === 1 && justDots.has(this.#parts[0]); - if (dotTravAllowed) { - start = '(?:^|\\/)'; - } - else { - const dotsAllowed = this.#options.dot || - // no need to prevent dots if it can't match a dot, or if a sub-pattern - // will be preventing it anyway. - !addPatternStart.has(src.charAt(0)); - start = dotsAllowed ? '(?!(?:^|\\/)\\.{1,2}(?:$|\\/))' : '(?!\\.)'; - } - } - let end = ''; - if (this.isEnd() && - (this === this.#root || - (this.#root.#filledNegs && this.#parent?.type === '!'))) { - end = '(?:$|\\/)'; - } - return start + src + end; - } - // some kind of extglob - const start = this.type === '!' ? '(?:(?!(?:' : '(?:'; - const body = this.#parts - .map(p => { - /* c8 ignore start */ - if (typeof p === 'string') { - throw new Error('string type in extglob ast??'); - } - /* c8 ignore stop */ - return p.toRegExpSource(); - }) - .join('|'); - const close = this.type === '!' - ? '))[^/]*?)' - : this.type === '@' - ? ')' - : `)${this.type}`; - return start + body + close; - } - static #parseGlob(glob, options) { - let escaping = false; - let re = ''; - let uflag = false; - let hasMagic = false; - for (let i = 0; i < glob.length; i++) { - const c = glob.charAt(i); - if (escaping) { - escaping = false; - re += (reSpecials.has(c) ? '\\' : '') + c; - continue; - } - if (c === '\\') { - if (i === glob.length - 1) { - re += '\\\\'; - } - else { - escaping = true; - } - continue; - } - if (c === '[') { - const [src, needUflag, consumed, magic] = (0, brace_expressions_1.parseClass)(glob, i); - if (consumed) { - re += src; - uflag = uflag || needUflag; - i += consumed - 1; - hasMagic = hasMagic || magic; - continue; - } - } - if (c === '*') { - re += star; - hasMagic = true; - continue; - } - if (c === '?') { - re += qmark; - hasMagic = true; - continue; - } - re += regExpEscape(c); - } - return re; - } -} -exports.AST = AST; -const pattern = 'a@(i|w!(x|y)z+(l|m)|j)'; -const ast = AST.fromGlob(pattern).fillNegs(); -console.log('negged', pattern, JSON.stringify(ast)); -console.log('to re src', pattern, ast.toRegExpSource()); -// // the type (exttype or null for strings), and array of children tokens -// -// // append everything after a negative extglob to each of the parts -// // of the negative extglob node. So, eg, [a, [!, x, y], z] -// -// // -// // -// // -// // -// -// const globUnescape = (s: string) => s.replace(/\\(.)/g, '$1') -// const regExpEscape = (s: string) => -// s.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, '\\$&') -// -// // "abc" -> { a:true, b:true, c:true } -// const charSet = (s: string) => -// s.split('').reduce((set: { [k: string]: boolean }, c) => { -// set[c] = true -// return set -// }, {}) -// -// // characters that need to be escaped in RegExp. -// const reSpecials = charSet('().*{}+?[]^$\\!') -// -// // characters that indicate we have to add the pattern start -// const addPatternStartSet = charSet('[.(') -// -// // any single thing other than / -// // don't need to escape / when using new RegExp() -// const qmark = '[^/]' -// -// // * => any number of characters -// const star = qmark + '*?' -// -// // TODO: take an offset and length, so we can sub-parse the extglobs -// const parse = ( -// options: MinimatchOptions, -// pattern: string, -// debug: (...a: any[]) => void -// ): false | string => { -// assertValidPattern(pattern) -// -// if (pattern === '') return '' -// -// let re = '' -// let hasMagic = false -// let escaping = false -// // ? => one single character -// let uflag = false -// -// // . and .. never match anything that doesn't start with ., -// // even when options.dot is set. However, if the pattern -// // starts with ., then traversal patterns can match. -// let dotTravAllowed = pattern.charAt(0) === '.' -// let dotFileAllowed = options.dot || dotTravAllowed -// const patternStart = () => -// dotTravAllowed -// ? '' -// : dotFileAllowed -// ? '(?!(?:^|\\/)\\.{1,2}(?:$|\\/))' -// : '(?!\\.)' -// const subPatternStart = (p: string) => -// p.charAt(0) === '.' -// ? '' -// : options.dot -// ? '(?!(?:^|\\/)\\.{1,2}(?:$|\\/))' -// : '(?!\\.)' -// -// const clearStateChar = () => { -// if (stateChar) { -// // we had some state-tracking character -// // that wasn't consumed by this pass. -// switch (stateChar) { -// case '*': -// re += star -// hasMagic = true -// break -// case '?': -// re += qmark -// hasMagic = true -// break -// default: -// re += '\\' + stateChar -// break -// } -// debug('clearStateChar %j %j', stateChar, re) -// stateChar = false -// } -// } -// -// for ( -// let i = 0, c: string; -// i < pattern.length && (c = pattern.charAt(i)); -// i++ -// ) { -// debug('%s\t%s %s %j', pattern, i, re, c) -// -// // skip over any that are escaped. -// if (escaping) { -// // completely not allowed, even escaped. -// // should be impossible. -// /* c8 ignore start */ -// if (c === '/') { -// return false -// } -// /* c8 ignore stop */ -// -// if (reSpecials[c]) { -// re += '\\' -// } -// re += c -// escaping = false -// continue -// } -// -// switch (c) { -// // Should already be path-split by now. -// /* c8 ignore start */ -// case '/': { -// return false -// } -// /* c8 ignore stop */ -// -// case '\\': -// clearStateChar() -// escaping = true -// continue -// -// // the various stateChar values -// // for the "extglob" stuff. -// case '?': -// case '*': -// case '+': -// case '@': -// case '!': -// debug('%s\t%s %s %j <-- stateChar', pattern, i, re, c) -// -// // if we already have a stateChar, then it means -// // that there was something like ** or +? in there. -// // Handle the stateChar, then proceed with this one. -// debug('call clearStateChar %j', stateChar) -// clearStateChar() -// stateChar = c -// // if extglob is disabled, then +(asdf|foo) isn't a thing. -// // just clear the statechar *now*, rather than even diving into -// // the patternList stuff. -// if (options.noext) clearStateChar() -// continue -// -// case '(': { -// if (!stateChar) { -// re += '\\(' -// continue -// } -// -// const plEntry: PatternListEntry = { -// type: stateChar, -// start: i - 1, -// reStart: re.length, -// open: plTypes[stateChar].open, -// close: plTypes[stateChar].close, -// } -// debug(pattern, '\t', plEntry) -// patternListStack.push(plEntry) -// // negation is (?:(?!(?:js)(?:))[^/]*) -// re += plEntry.open -// // next entry starts with a dot maybe? -// if (plEntry.start === 0 && plEntry.type !== '!') { -// dotTravAllowed = true -// re += subPatternStart(pattern.slice(i + 1)) -// } -// debug('plType %j %j', stateChar, re) -// stateChar = false -// continue -// } -// -// case ')': { -// const plEntry = patternListStack[patternListStack.length - 1] -// if (!plEntry) { -// re += '\\)' -// continue -// } -// patternListStack.pop() -// -// // closing an extglob -// clearStateChar() -// hasMagic = true -// pl = plEntry -// // negation is (?:(?!js)[^/]*) -// // The others are (?:) -// re += pl.close -// if (pl.type === '!') { -// negativeLists.push(Object.assign(pl, { reEnd: re.length })) -// } -// continue -// } -// -// case '|': { -// const plEntry = patternListStack[patternListStack.length - 1] -// if (!plEntry) { -// re += '\\|' -// continue -// } -// -// clearStateChar() -// re += '|' -// // next subpattern can start with a dot? -// if (plEntry.start === 0 && plEntry.type !== '!') { -// dotTravAllowed = true -// re += subPatternStart(pattern.slice(i + 1)) -// } -// continue -// } -// -// // these are mostly the same in regexp and glob -// case '[': -// // swallow any state-tracking char before the [ -// clearStateChar() -// const [src, needUflag, consumed, magic] = parseClass(pattern, i) -// if (consumed) { -// re += src -// uflag = uflag || needUflag -// i += consumed - 1 -// hasMagic = hasMagic || magic -// } else { -// re += '\\[' -// } -// continue -// -// case ']': -// re += '\\' + c -// continue -// -// default: -// // swallow any state char that wasn't consumed -// clearStateChar() -// -// re += regExpEscape(c) -// break -// } // switch -// } // for -// -// // handle the case where we had a +( thing at the *end* -// // of the pattern. -// // each pattern list stack adds 3 chars, and we need to go through -// // and escape any | chars that were passed through as-is for the regexp. -// // Go through and escape them, taking care not to double-escape any -// // | chars that were already escaped. -// for (pl = patternListStack.pop(); pl; pl = patternListStack.pop()) { -// let tail: string -// tail = re.slice(pl.reStart + pl.open.length) -// debug(pattern, 'setting tail', re, pl) -// // maybe some even number of \, then maybe 1 \, followed by a | -// tail = tail.replace(/((?:\\{2}){0,64})(\\?)\|/g, (_, $1, $2) => { -// if (!$2) { -// // the | isn't already escaped, so escape it. -// $2 = '\\' -// // should already be done -// /* c8 ignore start */ -// } -// /* c8 ignore stop */ -// -// // need to escape all those slashes *again*, without escaping the -// // one that we need for escaping the | character. As it works out, -// // escaping an even number of slashes can be done by simply repeating -// // it exactly after itself. That's why this trick works. -// // -// // I am sorry that you have to see this. -// return $1 + $1 + $2 + '|' -// }) -// -// debug('tail=%j\n %s', tail, tail, pl, re) -// const t = pl.type === '*' ? star : pl.type === '?' ? qmark : '\\' + pl.type -// -// hasMagic = true -// re = re.slice(0, pl.reStart) + t + '\\(' + tail -// } -// -// // handle trailing things that only matter at the very end. -// clearStateChar() -// if (escaping) { -// // trailing \\ -// re += '\\\\' -// } -// -// // only need to apply the nodot start if the re starts with -// // something that could conceivably capture a dot -// const addPatternStart = addPatternStartSet[re.charAt(0)] -// -// // Hack to work around lack of negative lookbehind in JS -// // A pattern like: *.!(x).!(y|z) needs to ensure that a name -// // like 'a.xyz.yz' doesn't match. So, the first negative -// // lookahead, has to look ALL the way ahead, to the end of -// // the pattern. -// for (let n = negativeLists.length - 1; n > -1; n--) { -// const nl = negativeLists[n] -// -// const nlBefore = re.slice(0, nl.reStart) -// const nlFirst = re.slice(nl.reStart, nl.reEnd - 8) -// let nlAfter = re.slice(nl.reEnd) -// const nlLast = re.slice(nl.reEnd - 8, nl.reEnd) + nlAfter -// -// // Handle nested stuff like *(*.js|!(*.json)), where open parens -// // mean that we should *not* include the ) in the bit that is considered -// // "after" the negated section. -// const closeParensBefore = nlBefore.split(')').length -// const openParensBefore = nlBefore.split('(').length - closeParensBefore -// let cleanAfter = nlAfter -// for (let i = 0; i < openParensBefore; i++) { -// cleanAfter = cleanAfter.replace(/\)[+*?]?/, '') -// } -// nlAfter = cleanAfter -// -// const dollar = nlAfter === '' ? '(?:$|\\/)' : '' -// -// re = nlBefore + nlFirst + nlAfter + dollar + nlLast -// } -// -// // if the re is not "" at this point, then we need to make sure -// // it doesn't match against an empty path part. -// // Otherwise a/* will match a/, which it should not. -// if (re !== '' && hasMagic) { -// re = '(?=.)' + re -// } -// -// if (addPatternStart) { -// re = patternStart() + re -// } -// -// // if it's nocase, and the lcase/uppercase don't match, it's magic -// if (options.nocase && !hasMagic && !options.nocaseMagicOnly) { -// hasMagic = pattern.toUpperCase() !== pattern.toLowerCase() -// } -// -// // skip the regexp for non-magical patterns -// // unescape anything in it, though, so that it'll be -// // an exact match against a file etc. -// if (!hasMagic) { -// return globUnescape(re) -// } -// -// return re -// } -//# sourceMappingURL=parse.js.map \ No newline at end of file diff --git a/node_modules/minimatch/dist/mjs/_parse.js b/node_modules/minimatch/dist/mjs/_parse.js deleted file mode 100644 index db6a28ab08a74..0000000000000 --- a/node_modules/minimatch/dist/mjs/_parse.js +++ /dev/null @@ -1,296 +0,0 @@ -// parse a single path portion -import { parseClass } from './brace-expressions.js'; -import { assertValidPattern } from './assert-valid-pattern.js'; -const globUnescape = (s) => s.replace(/\\(.)/g, '$1'); -const regExpEscape = (s) => s.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, '\\$&'); -// "abc" -> { a:true, b:true, c:true } -const charSet = (s) => s.split('').reduce((set, c) => { - set[c] = true; - return set; -}, {}); -const plTypes = { - '!': { open: '(?:(?!(?:', close: '))[^/]*?)' }, - '?': { open: '(?:', close: ')?' }, - '+': { open: '(?:', close: ')+' }, - '*': { open: '(?:', close: ')*' }, - '@': { open: '(?:', close: ')' }, -}; -// characters that need to be escaped in RegExp. -const reSpecials = charSet('().*{}+?[]^$\\!'); -// characters that indicate we have to add the pattern start -const addPatternStartSet = charSet('[.('); -// any single thing other than / -// don't need to escape / when using new RegExp() -const qmark = '[^/]'; -// * => any number of characters -const star = qmark + '*?'; -// TODO: take an offset and length, so we can sub-parse the extglobs -export const parse = (options, pattern, debug) => { - assertValidPattern(pattern); - if (pattern === '') - return ''; - let re = ''; - let hasMagic = false; - let escaping = false; - // ? => one single character - const patternListStack = []; - const negativeLists = []; - let stateChar = false; - let uflag = false; - let pl; - // . and .. never match anything that doesn't start with ., - // even when options.dot is set. However, if the pattern - // starts with ., then traversal patterns can match. - let dotTravAllowed = pattern.charAt(0) === '.'; - let dotFileAllowed = options.dot || dotTravAllowed; - const patternStart = () => dotTravAllowed - ? '' - : dotFileAllowed - ? '(?!(?:^|\\/)\\.{1,2}(?:$|\\/))' - : '(?!\\.)'; - const subPatternStart = (p) => p.charAt(0) === '.' - ? '' - : options.dot - ? '(?!(?:^|\\/)\\.{1,2}(?:$|\\/))' - : '(?!\\.)'; - const clearStateChar = () => { - if (stateChar) { - // we had some state-tracking character - // that wasn't consumed by this pass. - switch (stateChar) { - case '*': - re += star; - hasMagic = true; - break; - case '?': - re += qmark; - hasMagic = true; - break; - default: - re += '\\' + stateChar; - break; - } - debug('clearStateChar %j %j', stateChar, re); - stateChar = false; - } - }; - for (let i = 0, c; i < pattern.length && (c = pattern.charAt(i)); i++) { - debug('%s\t%s %s %j', pattern, i, re, c); - // skip over any that are escaped. - if (escaping) { - // completely not allowed, even escaped. - // should be impossible. - /* c8 ignore start */ - if (c === '/') { - return false; - } - /* c8 ignore stop */ - if (reSpecials[c]) { - re += '\\'; - } - re += c; - escaping = false; - continue; - } - switch (c) { - // Should already be path-split by now. - /* c8 ignore start */ - case '/': { - return false; - } - /* c8 ignore stop */ - case '\\': - clearStateChar(); - escaping = true; - continue; - // the various stateChar values - // for the "extglob" stuff. - case '?': - case '*': - case '+': - case '@': - case '!': - debug('%s\t%s %s %j <-- stateChar', pattern, i, re, c); - // if we already have a stateChar, then it means - // that there was something like ** or +? in there. - // Handle the stateChar, then proceed with this one. - debug('call clearStateChar %j', stateChar); - clearStateChar(); - stateChar = c; - // if extglob is disabled, then +(asdf|foo) isn't a thing. - // just clear the statechar *now*, rather than even diving into - // the patternList stuff. - if (options.noext) - clearStateChar(); - continue; - case '(': { - if (!stateChar) { - re += '\\('; - continue; - } - const plEntry = { - type: stateChar, - start: i - 1, - reStart: re.length, - open: plTypes[stateChar].open, - close: plTypes[stateChar].close, - }; - debug(pattern, '\t', plEntry); - patternListStack.push(plEntry); - // negation is (?:(?!(?:js)(?:))[^/]*) - re += plEntry.open; - // next entry starts with a dot maybe? - if (plEntry.start === 0 && plEntry.type !== '!') { - dotTravAllowed = true; - re += subPatternStart(pattern.slice(i + 1)); - } - debug('plType %j %j', stateChar, re); - stateChar = false; - continue; - } - case ')': { - const plEntry = patternListStack[patternListStack.length - 1]; - if (!plEntry) { - re += '\\)'; - continue; - } - patternListStack.pop(); - // closing an extglob - clearStateChar(); - hasMagic = true; - pl = plEntry; - // negation is (?:(?!js)[^/]*) - // The others are (?:) - re += pl.close; - if (pl.type === '!') { - negativeLists.push(Object.assign(pl, { reEnd: re.length })); - } - continue; - } - case '|': { - const plEntry = patternListStack[patternListStack.length - 1]; - if (!plEntry) { - re += '\\|'; - continue; - } - clearStateChar(); - re += '|'; - // next subpattern can start with a dot? - if (plEntry.start === 0 && plEntry.type !== '!') { - dotTravAllowed = true; - re += subPatternStart(pattern.slice(i + 1)); - } - continue; - } - // these are mostly the same in regexp and glob - case '[': - // swallow any state-tracking char before the [ - clearStateChar(); - const [src, needUflag, consumed, magic] = parseClass(pattern, i); - if (consumed) { - re += src; - uflag = uflag || needUflag; - i += consumed - 1; - hasMagic = hasMagic || magic; - } - else { - re += '\\['; - } - continue; - case ']': - re += '\\' + c; - continue; - default: - // swallow any state char that wasn't consumed - clearStateChar(); - re += regExpEscape(c); - break; - } // switch - } // for - // handle the case where we had a +( thing at the *end* - // of the pattern. - // each pattern list stack adds 3 chars, and we need to go through - // and escape any | chars that were passed through as-is for the regexp. - // Go through and escape them, taking care not to double-escape any - // | chars that were already escaped. - for (pl = patternListStack.pop(); pl; pl = patternListStack.pop()) { - let tail; - tail = re.slice(pl.reStart + pl.open.length); - debug(pattern, 'setting tail', re, pl); - // maybe some even number of \, then maybe 1 \, followed by a | - tail = tail.replace(/((?:\\{2}){0,64})(\\?)\|/g, (_, $1, $2) => { - if (!$2) { - // the | isn't already escaped, so escape it. - $2 = '\\'; - // should already be done - /* c8 ignore start */ - } - /* c8 ignore stop */ - // need to escape all those slashes *again*, without escaping the - // one that we need for escaping the | character. As it works out, - // escaping an even number of slashes can be done by simply repeating - // it exactly after itself. That's why this trick works. - // - // I am sorry that you have to see this. - return $1 + $1 + $2 + '|'; - }); - debug('tail=%j\n %s', tail, tail, pl, re); - const t = pl.type === '*' ? star : pl.type === '?' ? qmark : '\\' + pl.type; - hasMagic = true; - re = re.slice(0, pl.reStart) + t + '\\(' + tail; - } - // handle trailing things that only matter at the very end. - clearStateChar(); - if (escaping) { - // trailing \\ - re += '\\\\'; - } - // only need to apply the nodot start if the re starts with - // something that could conceivably capture a dot - const addPatternStart = addPatternStartSet[re.charAt(0)]; - // Hack to work around lack of negative lookbehind in JS - // A pattern like: *.!(x).!(y|z) needs to ensure that a name - // like 'a.xyz.yz' doesn't match. So, the first negative - // lookahead, has to look ALL the way ahead, to the end of - // the pattern. - for (let n = negativeLists.length - 1; n > -1; n--) { - const nl = negativeLists[n]; - const nlBefore = re.slice(0, nl.reStart); - const nlFirst = re.slice(nl.reStart, nl.reEnd - 8); - let nlAfter = re.slice(nl.reEnd); - const nlLast = re.slice(nl.reEnd - 8, nl.reEnd) + nlAfter; - // Handle nested stuff like *(*.js|!(*.json)), where open parens - // mean that we should *not* include the ) in the bit that is considered - // "after" the negated section. - const closeParensBefore = nlBefore.split(')').length; - const openParensBefore = nlBefore.split('(').length - closeParensBefore; - let cleanAfter = nlAfter; - for (let i = 0; i < openParensBefore; i++) { - cleanAfter = cleanAfter.replace(/\)[+*?]?/, ''); - } - nlAfter = cleanAfter; - const dollar = nlAfter === '' ? '(?:$|\\/)' : ''; - re = nlBefore + nlFirst + nlAfter + dollar + nlLast; - } - // if the re is not "" at this point, then we need to make sure - // it doesn't match against an empty path part. - // Otherwise a/* will match a/, which it should not. - if (re !== '' && hasMagic) { - re = '(?=.)' + re; - } - if (addPatternStart) { - re = patternStart() + re; - } - // if it's nocase, and the lcase/uppercase don't match, it's magic - if (options.nocase && !hasMagic && !options.nocaseMagicOnly) { - hasMagic = pattern.toUpperCase() !== pattern.toLowerCase(); - } - // skip the regexp for non-magical patterns - // unescape anything in it, though, so that it'll be - // an exact match against a file etc. - if (!hasMagic) { - return globUnescape(re); - } - return re; -}; -//# sourceMappingURL=_parse.js.map \ No newline at end of file diff --git a/node_modules/minimatch/dist/mjs/assert-valid-pattern.js b/node_modules/minimatch/dist/mjs/assert-valid-pattern.js deleted file mode 100644 index 7b534fc30200b..0000000000000 --- a/node_modules/minimatch/dist/mjs/assert-valid-pattern.js +++ /dev/null @@ -1,10 +0,0 @@ -const MAX_PATTERN_LENGTH = 1024 * 64; -export const assertValidPattern = (pattern) => { - if (typeof pattern !== 'string') { - throw new TypeError('invalid pattern'); - } - if (pattern.length > MAX_PATTERN_LENGTH) { - throw new TypeError('pattern is too long'); - } -}; -//# sourceMappingURL=assert-valid-pattern.js.map \ No newline at end of file diff --git a/node_modules/minimatch/dist/mjs/extglob.js b/node_modules/minimatch/dist/mjs/extglob.js deleted file mode 100644 index 4033f4d60e34d..0000000000000 --- a/node_modules/minimatch/dist/mjs/extglob.js +++ /dev/null @@ -1,3 +0,0 @@ -// translate an extglob into a regular expression -export {}; -//# sourceMappingURL=extglob.js.map \ No newline at end of file diff --git a/node_modules/minimatch/dist/mjs/parse.js b/node_modules/minimatch/dist/mjs/parse.js deleted file mode 100644 index 70a26dee58f30..0000000000000 --- a/node_modules/minimatch/dist/mjs/parse.js +++ /dev/null @@ -1,646 +0,0 @@ -// parse a single path portion -import { parseClass } from './brace-expressions'; -const types = new Set(['!', '?', '+', '*', '@']); -const isExtglobType = (c) => types.has(c); -// characters that indicate a start of pattern needs the "no dots" bit -const addPatternStart = new Set(['[', '.']); -const justDots = new Set(['..', '.']); -const reSpecials = new Set('().*{}+?[]^$\\!'); -const regExpEscape = (s) => s.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, '\\$&'); -// any single thing other than / -// don't need to escape / when using new RegExp() -const qmark = '[^/]'; -// * => any number of characters -const star = qmark + '*?'; -export class AST { - type; - #root; - #parts = []; - #parent; - #parentIndex; - #negs; - #filledNegs = false; - #options; - constructor(type, parent, options = {}) { - this.type = type; - this.#parent = parent; - this.#root = this.#parent ? this.#parent.#root : this; - this.#options = this.#root === this ? options : this.#root.#options; - this.#negs = this.#root === this ? [] : this.#root.#negs; - if (type === '!' && !this.#root.#filledNegs) - this.#negs.push(this); - this.#parentIndex = this.#parent ? this.#parent.#parts.length : 0; - } - fillNegs() { - if (this !== this.#root) { - this.#root.fillNegs(); - return this; - } - if (this.#filledNegs) - return this; - this.#filledNegs = true; - let n; - while ((n = this.#negs.pop())) { - if (n.type !== '!') - continue; - // walk up the tree, appending everthing that comes AFTER parentIndex - let p = n; - let pp = p.#parent; - while (pp) { - for (let i = p.#parentIndex + 1; !pp.type && i < pp.#parts.length; i++) { - for (const part of n.#parts) { - /* c8 ignore start */ - if (typeof part === 'string') { - throw new Error('string part in extglob AST??'); - } - /* c8 ignore stop */ - part.copyIn(pp.#parts[i]); - } - } - p = pp; - pp = p.#parent; - } - } - return this; - } - push(...parts) { - for (const p of parts) { - if (p === '') - continue; - /* c8 ignore start */ - if (typeof p !== 'string' && !(p instanceof AST && p.#parent === this)) { - throw new Error('invalid part: ' + p); - } - /* c8 ignore stop */ - this.#parts.push(p); - } - } - toJSON() { - const ret = this.type === null ? this.#parts.slice() : [this.type, ...this.#parts]; - if (this.isStart() && !this.type) - ret.unshift([]); - if (this.isEnd() && - (this === this.#root || - (this.#root.#filledNegs && this.#parent?.type === '!'))) { - ret.push({}); - } - return ret; - } - isStart() { - if (this.#root === this) - return true; - // if (this.type) return !!this.#parent?.isStart() - if (!this.#parent?.isStart()) - return false; - return this.#parentIndex === 0; - } - isEnd() { - if (this.#root === this) - return true; - if (this.#parent?.type === '!') - return true; - if (!this.#parent?.isEnd()) - return false; - if (!this.type) - return this.#parent?.isEnd(); - return (this.#parentIndex === (this.#parent ? this.#parent.#parts.length : 0) - 1); - } - copyIn(part) { - if (typeof part === 'string') - this.push(part); - else - this.push(part.clone(this)); - } - clone(parent) { - const c = new AST(this.type, parent); - for (const p of this.#parts) { - c.copyIn(p); - } - return c; - } - static #parseAST(str, ast, pos, opt) { - let escaping = false; - if (ast.type === null) { - // outside of a extglob, append until we find a start - let i = pos; - let acc = ''; - while (i < str.length) { - const c = str.charAt(i++); - // still accumulate escapes at this point, but we do ignore - // starts that are escaped - if (escaping || c === '\\') { - escaping = !escaping; - acc += c; - continue; - } - if (!opt.noext && isExtglobType(c) && str.charAt(i) === '(') { - ast.push(acc); - acc = ''; - const ext = new AST(c, ast); - i = AST.#parseAST(str, ext, i, opt); - ast.push(ext); - continue; - } - acc += c; - } - ast.push(acc); - return i; - } - // some kind of extglob, pos is at the ( - // find the next | or ) - let i = pos + 1; - let part = new AST(null, ast); - const parts = []; - let acc = ''; - while (i < str.length) { - const c = str.charAt(i++); - // still accumulate escapes at this point, but we do ignore - // starts that are escaped - if (escaping || c === '\\') { - escaping = !escaping; - acc += c; - continue; - } - if (isExtglobType(c) && str.charAt(i) === '(') { - part.push(acc); - acc = ''; - const ext = new AST(c, part); - part.push(ext); - i = AST.#parseAST(str, ext, i, opt); - continue; - } - if (c === '|') { - part.push(acc); - acc = ''; - parts.push(part); - part = new AST(null, ast); - continue; - } - if (c === ')') { - part.push(acc); - acc = ''; - ast.push(...parts, part); - return i; - } - acc += c; - } - // if we got here, it was a malformed extglob! not an extglob, but - // maybe something else in there. - ast.type = null; - ast.#parts = [str.substring(pos)]; - return i; - } - static fromGlob(pattern, options = {}) { - const ast = new AST(null, undefined, options); - AST.#parseAST(pattern, ast, 0, options); - console.log('parsed', pattern, JSON.stringify(ast)); - return ast; - } - toRegExpSource() { - if (this.#root === this) - this.fillNegs(); - if (!this.type) { - const src = this.#parts - .map(p => { - if (typeof p === 'string') - return AST.#parseGlob(p, this.#options); - else - return p.toRegExpSource(); - }) - .join(''); - let start = ''; - if (this.isStart() && typeof this.#parts[0] === 'string') { - // '.' and '..' cannot match unless the pattern is that exactly - const dotTravAllowed = this.#parts.length === 1 && justDots.has(this.#parts[0]); - if (dotTravAllowed) { - start = '(?:^|\\/)'; - } - else { - const dotsAllowed = this.#options.dot || - // no need to prevent dots if it can't match a dot, or if a sub-pattern - // will be preventing it anyway. - !addPatternStart.has(src.charAt(0)); - start = dotsAllowed ? '(?!(?:^|\\/)\\.{1,2}(?:$|\\/))' : '(?!\\.)'; - } - } - let end = ''; - if (this.isEnd() && - (this === this.#root || - (this.#root.#filledNegs && this.#parent?.type === '!'))) { - end = '(?:$|\\/)'; - } - return start + src + end; - } - // some kind of extglob - const start = this.type === '!' ? '(?:(?!(?:' : '(?:'; - const body = this.#parts - .map(p => { - /* c8 ignore start */ - if (typeof p === 'string') { - throw new Error('string type in extglob ast??'); - } - /* c8 ignore stop */ - return p.toRegExpSource(); - }) - .join('|'); - const close = this.type === '!' - ? '))[^/]*?)' - : this.type === '@' - ? ')' - : `)${this.type}`; - return start + body + close; - } - static #parseGlob(glob, options) { - let escaping = false; - let re = ''; - let uflag = false; - let hasMagic = false; - for (let i = 0; i < glob.length; i++) { - const c = glob.charAt(i); - if (escaping) { - escaping = false; - re += (reSpecials.has(c) ? '\\' : '') + c; - continue; - } - if (c === '\\') { - if (i === glob.length - 1) { - re += '\\\\'; - } - else { - escaping = true; - } - continue; - } - if (c === '[') { - const [src, needUflag, consumed, magic] = parseClass(glob, i); - if (consumed) { - re += src; - uflag = uflag || needUflag; - i += consumed - 1; - hasMagic = hasMagic || magic; - continue; - } - } - if (c === '*') { - re += star; - hasMagic = true; - continue; - } - if (c === '?') { - re += qmark; - hasMagic = true; - continue; - } - re += regExpEscape(c); - } - return re; - } -} -const pattern = 'a@(i|w!(x|y)z+(l|m)|j)'; -const ast = AST.fromGlob(pattern).fillNegs(); -console.log('negged', pattern, JSON.stringify(ast)); -console.log('to re src', pattern, ast.toRegExpSource()); -// // the type (exttype or null for strings), and array of children tokens -// -// // append everything after a negative extglob to each of the parts -// // of the negative extglob node. So, eg, [a, [!, x, y], z] -// -// // -// // -// // -// // -// -// const globUnescape = (s: string) => s.replace(/\\(.)/g, '$1') -// const regExpEscape = (s: string) => -// s.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, '\\$&') -// -// // "abc" -> { a:true, b:true, c:true } -// const charSet = (s: string) => -// s.split('').reduce((set: { [k: string]: boolean }, c) => { -// set[c] = true -// return set -// }, {}) -// -// // characters that need to be escaped in RegExp. -// const reSpecials = charSet('().*{}+?[]^$\\!') -// -// // characters that indicate we have to add the pattern start -// const addPatternStartSet = charSet('[.(') -// -// // any single thing other than / -// // don't need to escape / when using new RegExp() -// const qmark = '[^/]' -// -// // * => any number of characters -// const star = qmark + '*?' -// -// // TODO: take an offset and length, so we can sub-parse the extglobs -// const parse = ( -// options: MinimatchOptions, -// pattern: string, -// debug: (...a: any[]) => void -// ): false | string => { -// assertValidPattern(pattern) -// -// if (pattern === '') return '' -// -// let re = '' -// let hasMagic = false -// let escaping = false -// // ? => one single character -// let uflag = false -// -// // . and .. never match anything that doesn't start with ., -// // even when options.dot is set. However, if the pattern -// // starts with ., then traversal patterns can match. -// let dotTravAllowed = pattern.charAt(0) === '.' -// let dotFileAllowed = options.dot || dotTravAllowed -// const patternStart = () => -// dotTravAllowed -// ? '' -// : dotFileAllowed -// ? '(?!(?:^|\\/)\\.{1,2}(?:$|\\/))' -// : '(?!\\.)' -// const subPatternStart = (p: string) => -// p.charAt(0) === '.' -// ? '' -// : options.dot -// ? '(?!(?:^|\\/)\\.{1,2}(?:$|\\/))' -// : '(?!\\.)' -// -// const clearStateChar = () => { -// if (stateChar) { -// // we had some state-tracking character -// // that wasn't consumed by this pass. -// switch (stateChar) { -// case '*': -// re += star -// hasMagic = true -// break -// case '?': -// re += qmark -// hasMagic = true -// break -// default: -// re += '\\' + stateChar -// break -// } -// debug('clearStateChar %j %j', stateChar, re) -// stateChar = false -// } -// } -// -// for ( -// let i = 0, c: string; -// i < pattern.length && (c = pattern.charAt(i)); -// i++ -// ) { -// debug('%s\t%s %s %j', pattern, i, re, c) -// -// // skip over any that are escaped. -// if (escaping) { -// // completely not allowed, even escaped. -// // should be impossible. -// /* c8 ignore start */ -// if (c === '/') { -// return false -// } -// /* c8 ignore stop */ -// -// if (reSpecials[c]) { -// re += '\\' -// } -// re += c -// escaping = false -// continue -// } -// -// switch (c) { -// // Should already be path-split by now. -// /* c8 ignore start */ -// case '/': { -// return false -// } -// /* c8 ignore stop */ -// -// case '\\': -// clearStateChar() -// escaping = true -// continue -// -// // the various stateChar values -// // for the "extglob" stuff. -// case '?': -// case '*': -// case '+': -// case '@': -// case '!': -// debug('%s\t%s %s %j <-- stateChar', pattern, i, re, c) -// -// // if we already have a stateChar, then it means -// // that there was something like ** or +? in there. -// // Handle the stateChar, then proceed with this one. -// debug('call clearStateChar %j', stateChar) -// clearStateChar() -// stateChar = c -// // if extglob is disabled, then +(asdf|foo) isn't a thing. -// // just clear the statechar *now*, rather than even diving into -// // the patternList stuff. -// if (options.noext) clearStateChar() -// continue -// -// case '(': { -// if (!stateChar) { -// re += '\\(' -// continue -// } -// -// const plEntry: PatternListEntry = { -// type: stateChar, -// start: i - 1, -// reStart: re.length, -// open: plTypes[stateChar].open, -// close: plTypes[stateChar].close, -// } -// debug(pattern, '\t', plEntry) -// patternListStack.push(plEntry) -// // negation is (?:(?!(?:js)(?:))[^/]*) -// re += plEntry.open -// // next entry starts with a dot maybe? -// if (plEntry.start === 0 && plEntry.type !== '!') { -// dotTravAllowed = true -// re += subPatternStart(pattern.slice(i + 1)) -// } -// debug('plType %j %j', stateChar, re) -// stateChar = false -// continue -// } -// -// case ')': { -// const plEntry = patternListStack[patternListStack.length - 1] -// if (!plEntry) { -// re += '\\)' -// continue -// } -// patternListStack.pop() -// -// // closing an extglob -// clearStateChar() -// hasMagic = true -// pl = plEntry -// // negation is (?:(?!js)[^/]*) -// // The others are (?:) -// re += pl.close -// if (pl.type === '!') { -// negativeLists.push(Object.assign(pl, { reEnd: re.length })) -// } -// continue -// } -// -// case '|': { -// const plEntry = patternListStack[patternListStack.length - 1] -// if (!plEntry) { -// re += '\\|' -// continue -// } -// -// clearStateChar() -// re += '|' -// // next subpattern can start with a dot? -// if (plEntry.start === 0 && plEntry.type !== '!') { -// dotTravAllowed = true -// re += subPatternStart(pattern.slice(i + 1)) -// } -// continue -// } -// -// // these are mostly the same in regexp and glob -// case '[': -// // swallow any state-tracking char before the [ -// clearStateChar() -// const [src, needUflag, consumed, magic] = parseClass(pattern, i) -// if (consumed) { -// re += src -// uflag = uflag || needUflag -// i += consumed - 1 -// hasMagic = hasMagic || magic -// } else { -// re += '\\[' -// } -// continue -// -// case ']': -// re += '\\' + c -// continue -// -// default: -// // swallow any state char that wasn't consumed -// clearStateChar() -// -// re += regExpEscape(c) -// break -// } // switch -// } // for -// -// // handle the case where we had a +( thing at the *end* -// // of the pattern. -// // each pattern list stack adds 3 chars, and we need to go through -// // and escape any | chars that were passed through as-is for the regexp. -// // Go through and escape them, taking care not to double-escape any -// // | chars that were already escaped. -// for (pl = patternListStack.pop(); pl; pl = patternListStack.pop()) { -// let tail: string -// tail = re.slice(pl.reStart + pl.open.length) -// debug(pattern, 'setting tail', re, pl) -// // maybe some even number of \, then maybe 1 \, followed by a | -// tail = tail.replace(/((?:\\{2}){0,64})(\\?)\|/g, (_, $1, $2) => { -// if (!$2) { -// // the | isn't already escaped, so escape it. -// $2 = '\\' -// // should already be done -// /* c8 ignore start */ -// } -// /* c8 ignore stop */ -// -// // need to escape all those slashes *again*, without escaping the -// // one that we need for escaping the | character. As it works out, -// // escaping an even number of slashes can be done by simply repeating -// // it exactly after itself. That's why this trick works. -// // -// // I am sorry that you have to see this. -// return $1 + $1 + $2 + '|' -// }) -// -// debug('tail=%j\n %s', tail, tail, pl, re) -// const t = pl.type === '*' ? star : pl.type === '?' ? qmark : '\\' + pl.type -// -// hasMagic = true -// re = re.slice(0, pl.reStart) + t + '\\(' + tail -// } -// -// // handle trailing things that only matter at the very end. -// clearStateChar() -// if (escaping) { -// // trailing \\ -// re += '\\\\' -// } -// -// // only need to apply the nodot start if the re starts with -// // something that could conceivably capture a dot -// const addPatternStart = addPatternStartSet[re.charAt(0)] -// -// // Hack to work around lack of negative lookbehind in JS -// // A pattern like: *.!(x).!(y|z) needs to ensure that a name -// // like 'a.xyz.yz' doesn't match. So, the first negative -// // lookahead, has to look ALL the way ahead, to the end of -// // the pattern. -// for (let n = negativeLists.length - 1; n > -1; n--) { -// const nl = negativeLists[n] -// -// const nlBefore = re.slice(0, nl.reStart) -// const nlFirst = re.slice(nl.reStart, nl.reEnd - 8) -// let nlAfter = re.slice(nl.reEnd) -// const nlLast = re.slice(nl.reEnd - 8, nl.reEnd) + nlAfter -// -// // Handle nested stuff like *(*.js|!(*.json)), where open parens -// // mean that we should *not* include the ) in the bit that is considered -// // "after" the negated section. -// const closeParensBefore = nlBefore.split(')').length -// const openParensBefore = nlBefore.split('(').length - closeParensBefore -// let cleanAfter = nlAfter -// for (let i = 0; i < openParensBefore; i++) { -// cleanAfter = cleanAfter.replace(/\)[+*?]?/, '') -// } -// nlAfter = cleanAfter -// -// const dollar = nlAfter === '' ? '(?:$|\\/)' : '' -// -// re = nlBefore + nlFirst + nlAfter + dollar + nlLast -// } -// -// // if the re is not "" at this point, then we need to make sure -// // it doesn't match against an empty path part. -// // Otherwise a/* will match a/, which it should not. -// if (re !== '' && hasMagic) { -// re = '(?=.)' + re -// } -// -// if (addPatternStart) { -// re = patternStart() + re -// } -// -// // if it's nocase, and the lcase/uppercase don't match, it's magic -// if (options.nocase && !hasMagic && !options.nocaseMagicOnly) { -// hasMagic = pattern.toUpperCase() !== pattern.toLowerCase() -// } -// -// // skip the regexp for non-magical patterns -// // unescape anything in it, though, so that it'll be -// // an exact match against a file etc. -// if (!hasMagic) { -// return globUnescape(re) -// } -// -// return re -// } -//# sourceMappingURL=parse.js.map \ No newline at end of file diff --git a/node_modules/minimatch/package.json b/node_modules/minimatch/package.json index 95364b1548246..a91cc266d019b 100644 --- a/node_modules/minimatch/package.json +++ b/node_modules/minimatch/package.json @@ -2,7 +2,10 @@ "author": "Isaac Z. Schlueter (http://blog.izs.me)", "name": "minimatch", "description": "a glob matcher in javascript", - "version": "7.4.3", + "version": "7.4.6", + "publishConfig": { + "tag": "legacy-v7" + }, "repository": { "type": "git", "url": "git://github.com/isaacs/minimatch.git" diff --git a/package-lock.json b/package-lock.json index eaec381299e85..d9feefed12c0e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -118,7 +118,7 @@ "libnpmteam": "^5.0.3", "libnpmversion": "^4.0.2", "make-fetch-happen": "^11.1.0", - "minimatch": "^7.4.3", + "minimatch": "^7.4.6", "minipass": "^4.2.5", "minipass-pipeline": "^1.2.4", "ms": "^2.1.2", @@ -8501,9 +8501,9 @@ } }, "node_modules/minimatch": { - "version": "7.4.3", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-7.4.3.tgz", - "integrity": "sha512-5UB4yYusDtkRPbRiy1cqZ1IpGNcJCGlEMG17RKzPddpyiPKoCdwohbED8g4QXT0ewCt8LTkQXuljsUfQ3FKM4A==", + "version": "7.4.6", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-7.4.6.tgz", + "integrity": "sha512-sBz8G/YjVniEz6lKPNpKxXwazJe4c19fEfV2GDMX6AjFz+MX9uDWIZW8XreVhkFW3fkIdTv/gxWr/Kks5FFAVw==", "inBundle": true, "dependencies": { "brace-expansion": "^2.0.1" diff --git a/package.json b/package.json index 8e3d283373767..0cd848c5bfebd 100644 --- a/package.json +++ b/package.json @@ -87,7 +87,7 @@ "libnpmteam": "^5.0.3", "libnpmversion": "^4.0.2", "make-fetch-happen": "^11.1.0", - "minimatch": "^7.4.3", + "minimatch": "^7.4.6", "minipass": "^4.2.5", "minipass-pipeline": "^1.2.4", "ms": "^2.1.2", From 5832fc9d0f1b202c13e8251cff9b1c384542ee5c Mon Sep 17 00:00:00 2001 From: Gar Date: Fri, 14 Apr 2023 19:18:47 -0700 Subject: [PATCH 08/12] deps: minipass@4.2.8 --- node_modules/minipass/package.json | 5 ++++- package-lock.json | 8 ++++---- package.json | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/node_modules/minipass/package.json b/node_modules/minipass/package.json index 1286b88ed5d8f..243c82c89175c 100644 --- a/node_modules/minipass/package.json +++ b/node_modules/minipass/package.json @@ -1,6 +1,9 @@ { "name": "minipass", - "version": "4.2.5", + "version": "4.2.8", + "publishConfig": { + "tag": "legacy-v4" + }, "description": "minimal implementation of a PassThrough stream", "main": "./index.js", "module": "./index.mjs", diff --git a/package-lock.json b/package-lock.json index d9feefed12c0e..88f360340fd9a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -119,7 +119,7 @@ "libnpmversion": "^4.0.2", "make-fetch-happen": "^11.1.0", "minimatch": "^7.4.6", - "minipass": "^4.2.5", + "minipass": "^4.2.8", "minipass-pipeline": "^1.2.4", "ms": "^2.1.2", "node-gyp": "^9.3.1", @@ -8539,9 +8539,9 @@ } }, "node_modules/minipass": { - "version": "4.2.5", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-4.2.5.tgz", - "integrity": "sha512-+yQl7SX3bIT83Lhb4BVorMAHVuqsskxRdlmO9kTpyukp8vsm2Sn/fUOV9xlnG8/a5JsypJzap21lz/y3FBMJ8Q==", + "version": "4.2.8", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-4.2.8.tgz", + "integrity": "sha512-fNzuVyifolSLFL4NzpF+wEF4qrgqaaKX0haXPQEdQ7NKAN+WecoKMHV09YcuL/DHxrUsYQOK3MiuDf7Ip2OXfQ==", "inBundle": true, "engines": { "node": ">=8" diff --git a/package.json b/package.json index 0cd848c5bfebd..328b687e64a98 100644 --- a/package.json +++ b/package.json @@ -88,7 +88,7 @@ "libnpmversion": "^4.0.2", "make-fetch-happen": "^11.1.0", "minimatch": "^7.4.6", - "minipass": "^4.2.5", + "minipass": "^4.2.8", "minipass-pipeline": "^1.2.4", "ms": "^2.1.2", "node-gyp": "^9.3.1", From d9bb89fba894771b2c89d0ac3e39d0f95b7d9b39 Mon Sep 17 00:00:00 2001 From: Gar Date: Fri, 14 Apr 2023 19:19:46 -0700 Subject: [PATCH 09/12] deps: ini@4.1.0 --- node_modules/ini/lib/ini.js | 115 +++++++++++++++++++++++---------- node_modules/ini/package.json | 20 +++--- package-lock.json | 21 ++++-- package.json | 2 +- workspaces/config/package.json | 2 +- 5 files changed, 110 insertions(+), 50 deletions(-) diff --git a/node_modules/ini/lib/ini.js b/node_modules/ini/lib/ini.js index d05682b606bc2..763c829c6fc51 100644 --- a/node_modules/ini/lib/ini.js +++ b/node_modules/ini/lib/ini.js @@ -1,49 +1,70 @@ const { hasOwnProperty } = Object.prototype -/* istanbul ignore next */ -const eol = typeof process !== 'undefined' && - process.platform === 'win32' ? '\r\n' : '\n' +const encode = (obj, opt = {}) => { + if (typeof opt === 'string') { + opt = { section: opt } + } + opt.align = opt.align === true + opt.newline = opt.newline === true + opt.sort = opt.sort === true + opt.whitespace = opt.whitespace === true || opt.align === true + /* istanbul ignore next */ + opt.platform = opt.platform || process?.platform + opt.bracketedArray = opt.bracketedArray !== false -const encode = (obj, opt) => { + /* istanbul ignore next */ + const eol = opt.platform === 'win32' ? '\r\n' : '\n' + const separator = opt.whitespace ? ' = ' : '=' const children = [] - let out = '' - if (typeof opt === 'string') { - opt = { - section: opt, - whitespace: false, - } - } else { - opt = opt || Object.create(null) - opt.whitespace = opt.whitespace === true + const keys = opt.sort ? Object.keys(obj).sort() : Object.keys(obj) + + let padToChars = 0 + // If aligning on the separator, then padToChars is determined as follows: + // 1. Get the keys + // 2. Exclude keys pointing to objects unless the value is null or an array + // 3. Add `[]` to array keys + // 4. Ensure non empty set of keys + // 5. Reduce the set to the longest `safe` key + // 6. Get the `safe` length + if (opt.align) { + padToChars = safe( + ( + keys + .filter(k => obj[k] === null || Array.isArray(obj[k]) || typeof obj[k] !== 'object') + .map(k => Array.isArray(obj[k]) ? `${k}[]` : k) + ) + .concat(['']) + .reduce((a, b) => safe(a).length >= safe(b).length ? a : b) + ).length } - const separator = opt.whitespace ? ' = ' : '=' + let out = '' + const arraySuffix = opt.bracketedArray ? '[]' : '' - for (const k of Object.keys(obj)) { + for (const k of keys) { const val = obj[k] if (val && Array.isArray(val)) { for (const item of val) { - out += safe(k + '[]') + separator + safe(item) + eol + out += safe(`${k}${arraySuffix}`).padEnd(padToChars, ' ') + separator + safe(item) + eol } } else if (val && typeof val === 'object') { children.push(k) } else { - out += safe(k) + separator + safe(val) + eol + out += safe(k).padEnd(padToChars, ' ') + separator + safe(val) + eol } } if (opt.section && out.length) { - out = '[' + safe(opt.section) + ']' + eol + out + out = '[' + safe(opt.section) + ']' + (opt.newline ? eol + eol : eol) + out } for (const k of children) { - const nk = dotSplit(k).join('\\.') + const nk = splitSections(k, '.').join('\\.') const section = (opt.section ? opt.section + '.' : '') + nk - const { whitespace } = opt const child = encode(obj[k], { + ...opt, section, - whitespace, }) if (out.length && child.length) { out += eol @@ -55,24 +76,44 @@ const encode = (obj, opt) => { return out } -const dotSplit = str => - str.replace(/\1/g, '\u0002LITERAL\\1LITERAL\u0002') - .replace(/\\\./g, '\u0001') - .split(/\./) - .map(part => - part.replace(/\1/g, '\\.') - .replace(/\2LITERAL\\1LITERAL\2/g, '\u0001')) +function splitSections (str, separator) { + var lastMatchIndex = 0 + var lastSeparatorIndex = 0 + var nextIndex = 0 + var sections = [] + + do { + nextIndex = str.indexOf(separator, lastMatchIndex) -const decode = str => { + if (nextIndex !== -1) { + lastMatchIndex = nextIndex + separator.length + + if (nextIndex > 0 && str[nextIndex - 1] === '\\') { + continue + } + + sections.push(str.slice(lastSeparatorIndex, nextIndex)) + lastSeparatorIndex = nextIndex + separator.length + } + } while (nextIndex !== -1) + + sections.push(str.slice(lastSeparatorIndex)) + + return sections +} + +const decode = (str, opt = {}) => { + opt.bracketedArray = opt.bracketedArray !== false const out = Object.create(null) let p = out let section = null - // section |key = value - const re = /^\[([^\]]*)\]$|^([^=]+)(=(.*))?$/i + // section |key = value + const re = /^\[([^\]]*)\]\s*$|^([^=]+)(=(.*))?$/i const lines = str.split(/[\r\n]+/g) + const duplicates = {} for (const line of lines) { - if (!line || line.match(/^\s*[;#]/)) { + if (!line || line.match(/^\s*[;#]/) || line.match(/^\s*$/)) { continue } const match = line.match(re) @@ -91,7 +132,13 @@ const decode = str => { continue } const keyRaw = unsafe(match[2]) - const isArray = keyRaw.length > 2 && keyRaw.slice(-2) === '[]' + let isArray + if (opt.bracketedArray) { + isArray = keyRaw.length > 2 && keyRaw.slice(-2) === '[]' + } else { + duplicates[keyRaw] = (duplicates?.[keyRaw] || 0) + 1 + isArray = duplicates[keyRaw] > 1 + } const key = isArray ? keyRaw.slice(0, -2) : keyRaw if (key === '__proto__') { continue @@ -132,7 +179,7 @@ const decode = str => { // see if the parent section is also an object. // if so, add it to that, and mark this one for deletion - const parts = dotSplit(k) + const parts = splitSections(k, '.') p = out const l = parts.pop() const nl = l.replace(/\\\./g, '.') diff --git a/node_modules/ini/package.json b/node_modules/ini/package.json index e41c0f0f3dcc5..5dd968e0edb88 100644 --- a/node_modules/ini/package.json +++ b/node_modules/ini/package.json @@ -2,7 +2,7 @@ "author": "GitHub Inc.", "name": "ini", "description": "An ini encoder/decoder for node", - "version": "3.0.1", + "version": "4.1.0", "repository": { "type": "git", "url": "https://github.com/npm/ini.git" @@ -15,15 +15,12 @@ "test": "tap", "snap": "tap", "posttest": "npm run lint", - "preversion": "npm test", - "postversion": "npm publish", - "prepublishOnly": "git push origin --follow-tags", "postlint": "template-oss-check", "template-oss-apply": "template-oss-apply --force" }, "devDependencies": { - "@npmcli/eslint-config": "^3.0.1", - "@npmcli/template-oss": "3.5.0", + "@npmcli/eslint-config": "^4.0.0", + "@npmcli/template-oss": "4.13.0", "tap": "^16.0.1" }, "license": "ISC", @@ -32,10 +29,17 @@ "lib/" ], "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + "node": "^14.17.0 || ^16.13.0 || >=18.0.0" }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "3.5.0" + "version": "4.13.0", + "publish": "true" + }, + "tap": { + "nyc-arg": [ + "--exclude", + "tap-snapshots/**" + ] } } diff --git a/package-lock.json b/package-lock.json index 88f360340fd9a..906600f0d4711 100644 --- a/package-lock.json +++ b/package-lock.json @@ -102,7 +102,7 @@ "glob": "^9.3.2", "graceful-fs": "^4.2.11", "hosted-git-info": "^6.1.1", - "ini": "^3.0.1", + "ini": "^4.1.0", "init-package-json": "^5.0.0", "is-cidr": "^4.0.2", "json-parse-even-better-errors": "^3.0.0", @@ -2295,6 +2295,15 @@ "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } }, + "node_modules/@npmcli/template-oss/node_modules/ini": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/ini/-/ini-3.0.1.tgz", + "integrity": "sha512-it4HyVAUTKBc6m8e1iXWvXSTdndF7HbdN713+kvLrymxTaU4AUBWrJ4vEooP+V7fexnVD3LKcBshjGGPefSMUQ==", + "dev": true, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } + }, "node_modules/@octokit/auth-token": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-3.0.3.tgz", @@ -6184,12 +6193,12 @@ "inBundle": true }, "node_modules/ini": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/ini/-/ini-3.0.1.tgz", - "integrity": "sha512-it4HyVAUTKBc6m8e1iXWvXSTdndF7HbdN713+kvLrymxTaU4AUBWrJ4vEooP+V7fexnVD3LKcBshjGGPefSMUQ==", + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ini/-/ini-4.1.0.tgz", + "integrity": "sha512-HLR38RSF2iulAzc3I/sma4CoYxQP844rPYCNfzGDOHqa/YqVlwuuZgBx6M50/X8dKgzk0cm1qRg3+47mK2N+cQ==", "inBundle": true, "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } }, "node_modules/init-package-json": { @@ -15077,7 +15086,7 @@ "license": "ISC", "dependencies": { "@npmcli/map-workspaces": "^3.0.2", - "ini": "^3.0.0", + "ini": "^4.1.0", "nopt": "^7.0.0", "proc-log": "^3.0.0", "read-package-json-fast": "^3.0.2", diff --git a/package.json b/package.json index 328b687e64a98..5f191d7934620 100644 --- a/package.json +++ b/package.json @@ -71,7 +71,7 @@ "glob": "^9.3.2", "graceful-fs": "^4.2.11", "hosted-git-info": "^6.1.1", - "ini": "^3.0.1", + "ini": "^4.1.0", "init-package-json": "^5.0.0", "is-cidr": "^4.0.2", "json-parse-even-better-errors": "^3.0.0", diff --git a/workspaces/config/package.json b/workspaces/config/package.json index d61e4fab839c4..7aec3c2d9cc92 100644 --- a/workspaces/config/package.json +++ b/workspaces/config/package.json @@ -38,7 +38,7 @@ }, "dependencies": { "@npmcli/map-workspaces": "^3.0.2", - "ini": "^3.0.0", + "ini": "^4.1.0", "nopt": "^7.0.0", "proc-log": "^3.0.0", "read-package-json-fast": "^3.0.2", From d5ee2f740653f6181d94beb13b3d80666744c91f Mon Sep 17 00:00:00 2001 From: Gar Date: Fri, 14 Apr 2023 19:24:32 -0700 Subject: [PATCH 10/12] deps: walk-up-path@3.0.1 --- node_modules/walk-up-path/dist/cjs/index.js | 18 ++++++ .../walk-up-path/dist/cjs/package.json | 3 + node_modules/walk-up-path/dist/mjs/index.js | 14 +++++ .../walk-up-path/dist/mjs/package.json | 3 + node_modules/walk-up-path/index.js | 11 ---- node_modules/walk-up-path/package.json | 60 ++++++++++++++++--- package-lock.json | 12 ++-- .../arborist/lib/arborist/load-actual.js | 2 +- workspaces/arborist/lib/arborist/reify.js | 2 +- workspaces/arborist/lib/node.js | 2 +- workspaces/arborist/package.json | 2 +- workspaces/config/lib/index.js | 2 +- workspaces/config/package.json | 2 +- workspaces/libnpmexec/lib/file-exists.js | 2 +- workspaces/libnpmexec/package.json | 2 +- 15 files changed, 104 insertions(+), 33 deletions(-) create mode 100644 node_modules/walk-up-path/dist/cjs/index.js create mode 100644 node_modules/walk-up-path/dist/cjs/package.json create mode 100644 node_modules/walk-up-path/dist/mjs/index.js create mode 100644 node_modules/walk-up-path/dist/mjs/package.json delete mode 100644 node_modules/walk-up-path/index.js diff --git a/node_modules/walk-up-path/dist/cjs/index.js b/node_modules/walk-up-path/dist/cjs/index.js new file mode 100644 index 0000000000000..9295d00ca85b1 --- /dev/null +++ b/node_modules/walk-up-path/dist/cjs/index.js @@ -0,0 +1,18 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.walkUp = void 0; +const path_1 = require("path"); +const walkUp = function* (path) { + for (path = (0, path_1.resolve)(path); path;) { + yield path; + const pp = (0, path_1.dirname)(path); + if (pp === path) { + break; + } + else { + path = pp; + } + } +}; +exports.walkUp = walkUp; +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/walk-up-path/dist/cjs/package.json b/node_modules/walk-up-path/dist/cjs/package.json new file mode 100644 index 0000000000000..5bbefffbabee3 --- /dev/null +++ b/node_modules/walk-up-path/dist/cjs/package.json @@ -0,0 +1,3 @@ +{ + "type": "commonjs" +} diff --git a/node_modules/walk-up-path/dist/mjs/index.js b/node_modules/walk-up-path/dist/mjs/index.js new file mode 100644 index 0000000000000..93f37e1d81968 --- /dev/null +++ b/node_modules/walk-up-path/dist/mjs/index.js @@ -0,0 +1,14 @@ +import { dirname, resolve } from 'path'; +export const walkUp = function* (path) { + for (path = resolve(path); path;) { + yield path; + const pp = dirname(path); + if (pp === path) { + break; + } + else { + path = pp; + } + } +}; +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/node_modules/walk-up-path/dist/mjs/package.json b/node_modules/walk-up-path/dist/mjs/package.json new file mode 100644 index 0000000000000..3dbc1ca591c05 --- /dev/null +++ b/node_modules/walk-up-path/dist/mjs/package.json @@ -0,0 +1,3 @@ +{ + "type": "module" +} diff --git a/node_modules/walk-up-path/index.js b/node_modules/walk-up-path/index.js deleted file mode 100644 index 05524a6c055eb..0000000000000 --- a/node_modules/walk-up-path/index.js +++ /dev/null @@ -1,11 +0,0 @@ -const {dirname, resolve} = require('path') -module.exports = function* (path) { - for (path = resolve(path); path;) { - yield path - const pp = dirname(path) - if (pp === path) - path = null - else - path = pp - } -} diff --git a/node_modules/walk-up-path/package.json b/node_modules/walk-up-path/package.json index df69d9238514c..0931c670a8d04 100644 --- a/node_modules/walk-up-path/package.json +++ b/node_modules/walk-up-path/package.json @@ -1,9 +1,24 @@ { "name": "walk-up-path", - "version": "1.0.0", + "version": "3.0.1", "files": [ - "index.js" + "dist" ], + "main": "./dist/cjs/index.js", + "module": "./dist/mjs/index.js", + "types": "./dist/mjs/index.d.ts", + "exports": { + ".": { + "require": { + "types": "./dist/cjs/index.d.ts", + "default": "./dist/cjs/index.js" + }, + "import": { + "types": "./dist/mjs/index.d.ts", + "default": "./dist/mjs/index.js" + } + } + }, "description": "Given a path string, return a generator that walks up the path, emitting each dirname.", "repository": { "type": "git", @@ -12,17 +27,46 @@ "author": "Isaac Z. Schlueter (https://izs.me)", "license": "ISC", "scripts": { - "test": "tap", - "snap": "tap", "preversion": "npm test", "postversion": "npm publish", - "prepublishOnly": "git push origin --follow-tags" + "prepublishOnly": "git push origin --follow-tags", + "prepare": "tsc -p tsconfig.json && tsc -p tsconfig-esm.json && bash ./scripts/fixup.sh", + "pretest": "npm run prepare", + "presnap": "npm run prepare", + "test": "c8 tap", + "snap": "c8 tap", + "format": "prettier --write . --loglevel warn", + "typedoc": "typedoc --tsconfig tsconfig-esm.json ./src/*.ts" + }, + "prettier": { + "semi": false, + "printWidth": 75, + "tabWidth": 2, + "useTabs": false, + "singleQuote": true, + "jsxSingleQuote": false, + "bracketSameLine": true, + "arrowParens": "avoid", + "endOfLine": "lf" }, "tap": { - "check-coverage": true + "coverage": false, + "node-arg": [ + "--no-warnings", + "--loader", + "ts-node/esm" + ], + "ts": false }, "devDependencies": { - "tap": "^14.10.7", - "require-inject": "^1.4.4" + "@types/node": "^18.15.5", + "@types/tap": "^15.0.8", + "c8": "^7.13.0", + "eslint-config-prettier": "^8.8.0", + "prettier": "^2.8.6", + "tap": "^16.3.4", + "ts-node": "^10.9.1", + "typedoc": "^0.23.28", + "typescript": "^5.0.2" } } diff --git a/package-lock.json b/package-lock.json index 906600f0d4711..03f1e28874a3f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -14593,9 +14593,9 @@ } }, "node_modules/walk-up-path": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/walk-up-path/-/walk-up-path-1.0.0.tgz", - "integrity": "sha512-hwj/qMDUEjCU5h0xr90KGCf0tg0/LgJbmOWgrWKYlcJZM7XvquvUJZ0G/HMGr7F7OQMOUuPHWP9JpriinkAlkg==" + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/walk-up-path/-/walk-up-path-3.0.1.tgz", + "integrity": "sha512-9YlCL/ynK3CTlrSRrDxZvUauLzAswPCrsaCgilqFevUYpeEW0/3ScEjaa3kbW/T0ghhkEr7mv+fpjqn1Y1YuTA==" }, "node_modules/wcwidth": { "version": "1.0.1", @@ -15060,7 +15060,7 @@ "semver": "^7.3.7", "ssri": "^10.0.1", "treeverse": "^3.0.0", - "walk-up-path": "^1.0.0" + "walk-up-path": "^3.0.1" }, "bin": { "arborist": "bin/index.js" @@ -15091,7 +15091,7 @@ "proc-log": "^3.0.0", "read-package-json-fast": "^3.0.2", "semver": "^7.3.5", - "walk-up-path": "^1.0.0" + "walk-up-path": "^3.0.1" }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", @@ -15158,7 +15158,7 @@ "read": "^2.0.0", "read-package-json-fast": "^3.0.2", "semver": "^7.3.7", - "walk-up-path": "^1.0.0" + "walk-up-path": "^3.0.1" }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", diff --git a/workspaces/arborist/lib/arborist/load-actual.js b/workspaces/arborist/lib/arborist/load-actual.js index 6c3f917c6ac9d..a87e09bc05328 100644 --- a/workspaces/arborist/lib/arborist/load-actual.js +++ b/workspaces/arborist/lib/arborist/load-actual.js @@ -4,7 +4,7 @@ const { relative, dirname, resolve, join, normalize } = require('path') const rpj = require('read-package-json-fast') const { readdirScoped } = require('@npmcli/fs') -const walkUp = require('walk-up-path') +const { walkUp } = require('walk-up-path') const ancestorPath = require('common-ancestor-path') const treeCheck = require('../tree-check.js') diff --git a/workspaces/arborist/lib/arborist/reify.js b/workspaces/arborist/lib/arborist/reify.js index 760fa977ecfd9..6c9fc438a024b 100644 --- a/workspaces/arborist/lib/arborist/reify.js +++ b/workspaces/arborist/lib/arborist/reify.js @@ -6,7 +6,7 @@ const { subset, intersects } = require('semver') const npa = require('npm-package-arg') const semver = require('semver') const debug = require('../debug.js') -const walkUp = require('walk-up-path') +const { walkUp } = require('walk-up-path') const log = require('proc-log') const hgi = require('hosted-git-info') const rpj = require('read-package-json-fast') diff --git a/workspaces/arborist/lib/node.js b/workspaces/arborist/lib/node.js index b21a3d8e3de0a..e264194fd6a6c 100644 --- a/workspaces/arborist/lib/node.js +++ b/workspaces/arborist/lib/node.js @@ -39,7 +39,7 @@ const npa = require('npm-package-arg') const debug = require('./debug.js') const gatherDepSet = require('./gather-dep-set.js') const treeCheck = require('./tree-check.js') -const walkUp = require('walk-up-path') +const { walkUp } = require('walk-up-path') const { resolve, relative, dirname, basename } = require('path') const util = require('util') diff --git a/workspaces/arborist/package.json b/workspaces/arborist/package.json index f5706d414ef12..3506c27027e79 100644 --- a/workspaces/arborist/package.json +++ b/workspaces/arborist/package.json @@ -35,7 +35,7 @@ "semver": "^7.3.7", "ssri": "^10.0.1", "treeverse": "^3.0.0", - "walk-up-path": "^1.0.0" + "walk-up-path": "^3.0.1" }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", diff --git a/workspaces/config/lib/index.js b/workspaces/config/lib/index.js index 7148e126a5db9..9bba1d6977ae3 100644 --- a/workspaces/config/lib/index.js +++ b/workspaces/config/lib/index.js @@ -1,5 +1,5 @@ // TODO: set the scope config from package.json or explicit cli config -const walkUp = require('walk-up-path') +const { walkUp } = require('walk-up-path') const ini = require('ini') const nopt = require('nopt') const mapWorkspaces = require('@npmcli/map-workspaces') diff --git a/workspaces/config/package.json b/workspaces/config/package.json index 7aec3c2d9cc92..d12aeed64a5fd 100644 --- a/workspaces/config/package.json +++ b/workspaces/config/package.json @@ -43,7 +43,7 @@ "proc-log": "^3.0.0", "read-package-json-fast": "^3.0.2", "semver": "^7.3.5", - "walk-up-path": "^1.0.0" + "walk-up-path": "^3.0.1" }, "engines": { "node": "^14.17.0 || ^16.13.0 || >=18.0.0" diff --git a/workspaces/libnpmexec/lib/file-exists.js b/workspaces/libnpmexec/lib/file-exists.js index 0a8d79e83b256..55c04bd4dc547 100644 --- a/workspaces/libnpmexec/lib/file-exists.js +++ b/workspaces/libnpmexec/lib/file-exists.js @@ -1,6 +1,6 @@ const { resolve } = require('path') const { stat } = require('fs/promises') -const walkUp = require('walk-up-path') +const { walkUp } = require('walk-up-path') const fileExists = async (file) => { try { diff --git a/workspaces/libnpmexec/package.json b/workspaces/libnpmexec/package.json index 2582a253f906c..92e14355868b6 100644 --- a/workspaces/libnpmexec/package.json +++ b/workspaces/libnpmexec/package.json @@ -71,7 +71,7 @@ "read": "^2.0.0", "read-package-json-fast": "^3.0.2", "semver": "^7.3.7", - "walk-up-path": "^1.0.0" + "walk-up-path": "^3.0.1" }, "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", From dc0a508e7ce876ff0d3f01138de16afc1402da83 Mon Sep 17 00:00:00 2001 From: Gar Date: Fri, 14 Apr 2023 19:34:32 -0700 Subject: [PATCH 11/12] deps: minipass-fetch@3.0.2 --- node_modules/minipass-fetch/lib/index.js | 16 ++++++++++++++-- node_modules/minipass-fetch/lib/request.js | 1 + node_modules/minipass-fetch/package.json | 7 ++++--- node_modules/normalize-package-data/AUTHORS | 4 ++++ node_modules/tuf-js/dist/utils/url.js | 14 ++++++++++++++ package-lock.json | 6 +++--- 6 files changed, 40 insertions(+), 8 deletions(-) create mode 100644 node_modules/normalize-package-data/AUTHORS create mode 100644 node_modules/tuf-js/dist/utils/url.js diff --git a/node_modules/minipass-fetch/lib/index.js b/node_modules/minipass-fetch/lib/index.js index b1878ac0c06b5..f81492db095f1 100644 --- a/node_modules/minipass-fetch/lib/index.js +++ b/node_modules/minipass-fetch/lib/index.js @@ -143,8 +143,20 @@ const fetch = async (url, opts) => { const location = headers.get('Location') // HTTP fetch step 5.3 - const locationURL = location === null ? null - : (new URL(location, request.url)).toString() + let locationURL = null + try { + locationURL = location === null ? null : new URL(location, request.url).toString() + } catch { + // error here can only be invalid URL in Location: header + // do not throw when options.redirect == manual + // let the user extract the errorneous redirect URL + if (request.redirect !== 'manual') { + /* eslint-disable-next-line max-len */ + reject(new FetchError(`uri requested responds with an invalid redirect URL: ${location}`, 'invalid-redirect')) + finalize() + return + } + } // HTTP fetch step 5.5 if (request.redirect === 'error') { diff --git a/node_modules/minipass-fetch/lib/request.js b/node_modules/minipass-fetch/lib/request.js index e620df6de2c01..1126f6a84dd80 100644 --- a/node_modules/minipass-fetch/lib/request.js +++ b/node_modules/minipass-fetch/lib/request.js @@ -265,6 +265,7 @@ class Request extends Body { secureProtocol, servername, sessionIdContext, + timeout: request.timeout, } } } diff --git a/node_modules/minipass-fetch/package.json b/node_modules/minipass-fetch/package.json index fc6f88473317a..16127ec14efcf 100644 --- a/node_modules/minipass-fetch/package.json +++ b/node_modules/minipass-fetch/package.json @@ -1,6 +1,6 @@ { "name": "minipass-fetch", - "version": "3.0.1", + "version": "3.0.2", "description": "An implementation of window.fetch in Node.js using Minipass streams", "license": "MIT", "main": "lib/index.js", @@ -24,7 +24,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.10.0", + "@npmcli/template-oss": "4.13.0", "@ungap/url-search-params": "^0.2.2", "abort-controller": "^3.0.0", "abortcontroller-polyfill": "~1.7.3", @@ -63,6 +63,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.10.0" + "version": "4.13.0", + "publish": "true" } } diff --git a/node_modules/normalize-package-data/AUTHORS b/node_modules/normalize-package-data/AUTHORS new file mode 100644 index 0000000000000..66282ba1d1197 --- /dev/null +++ b/node_modules/normalize-package-data/AUTHORS @@ -0,0 +1,4 @@ +# Names sorted by how much code was originally theirs. +Isaac Z. Schlueter +Meryn Stol +Robert Kowalski diff --git a/node_modules/tuf-js/dist/utils/url.js b/node_modules/tuf-js/dist/utils/url.js new file mode 100644 index 0000000000000..ce67fe2c23053 --- /dev/null +++ b/node_modules/tuf-js/dist/utils/url.js @@ -0,0 +1,14 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.join = void 0; +const url_1 = require("url"); +function join(base, path) { + return new url_1.URL(ensureTrailingSlash(base) + removeLeadingSlash(path)).toString(); +} +exports.join = join; +function ensureTrailingSlash(path) { + return path.endsWith('/') ? path : path + '/'; +} +function removeLeadingSlash(path) { + return path.startsWith('/') ? path.slice(1) : path; +} diff --git a/package-lock.json b/package-lock.json index 03f1e28874a3f..16ea2859439ac 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8581,9 +8581,9 @@ } }, "node_modules/minipass-fetch": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-3.0.1.tgz", - "integrity": "sha512-t9/wowtf7DYkwz8cfMSt0rMwiyNIBXf5CKZ3S5ZMqRqMYT0oLTp0x1WorMI9WTwvaPg21r1JbFxJMum8JrLGfw==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-3.0.2.tgz", + "integrity": "sha512-/ZpF1CQaWYqjbhfFgKNt3azxztEpc/JUPuMkqOgrnMQqcU8CbE409AUdJYTIWryl3PP5CBaTJZT71N49MXP/YA==", "inBundle": true, "dependencies": { "minipass": "^4.0.0", From 41cc3fff37e3ff32f9ae90826f30c3c4e74a5c3a Mon Sep 17 00:00:00 2001 From: Gar Date: Mon, 17 Apr 2023 13:33:27 -0700 Subject: [PATCH 12/12] deps: semver@7.5.0 --- node_modules/semver/bin/semver.js | 18 ++++- node_modules/semver/classes/comparator.js | 70 ++++++++++--------- node_modules/semver/classes/range.js | 8 ++- node_modules/semver/classes/semver.js | 41 +++++++---- node_modules/semver/functions/diff.js | 65 ++++++++++++----- node_modules/semver/functions/inc.js | 5 +- node_modules/semver/functions/parse.js | 27 ++----- node_modules/semver/index.js | 1 + node_modules/semver/internal/constants.js | 17 ++++- node_modules/semver/internal/parse-options.js | 24 ++++--- node_modules/semver/package.json | 13 ++-- node_modules/semver/ranges/intersects.js | 2 +- node_modules/semver/ranges/subset.js | 9 ++- package-lock.json | 35 ++++++++-- package.json | 2 +- 15 files changed, 218 insertions(+), 119 deletions(-) diff --git a/node_modules/semver/bin/semver.js b/node_modules/semver/bin/semver.js index 8d1b55720e0ab..242b7ade7314f 100755 --- a/node_modules/semver/bin/semver.js +++ b/node_modules/semver/bin/semver.js @@ -23,7 +23,10 @@ let rtl = false let identifier +let identifierBase + const semver = require('../') +const parseOptions = require('../internal/parse-options') let reverse = false @@ -71,6 +74,12 @@ const main = () => { case '-r': case '--range': range.push(argv.shift()) break + case '-n': + identifierBase = argv.shift() + if (identifierBase === 'false') { + identifierBase = false + } + break case '-c': case '--coerce': coerce = true break @@ -88,7 +97,7 @@ const main = () => { } } - options = { loose: loose, includePrerelease: includePrerelease, rtl: rtl } + options = parseOptions({ loose, includePrerelease, rtl }) versions = versions.map((v) => { return coerce ? (semver.coerce(v, options) || { version: v }).version : v @@ -127,7 +136,7 @@ const success = () => { }).map((v) => { return semver.clean(v, options) }).map((v) => { - return inc ? semver.inc(v, inc, options, identifier) : v + return inc ? semver.inc(v, inc, options, identifier, identifierBase) : v }).forEach((v, i, _) => { console.log(v) }) @@ -172,6 +181,11 @@ Options: --ltr Coerce version strings left to right (default) +-n + Base number to be used for the prerelease identifier. + Can be either 0 or 1, or false to omit the number altogether. + Defaults to 0. + Program exits successfully if any valid version satisfies all supplied ranges, and prints all satisfying versions. diff --git a/node_modules/semver/classes/comparator.js b/node_modules/semver/classes/comparator.js index 62cd204d9b796..2146c884bd937 100644 --- a/node_modules/semver/classes/comparator.js +++ b/node_modules/semver/classes/comparator.js @@ -78,13 +78,6 @@ class Comparator { throw new TypeError('a Comparator is required') } - if (!options || typeof options !== 'object') { - options = { - loose: !!options, - includePrerelease: false, - } - } - if (this.operator === '') { if (this.value === '') { return true @@ -97,32 +90,43 @@ class Comparator { return new Range(this.value, options).test(comp.semver) } - const sameDirectionIncreasing = - (this.operator === '>=' || this.operator === '>') && - (comp.operator === '>=' || comp.operator === '>') - const sameDirectionDecreasing = - (this.operator === '<=' || this.operator === '<') && - (comp.operator === '<=' || comp.operator === '<') - const sameSemVer = this.semver.version === comp.semver.version - const differentDirectionsInclusive = - (this.operator === '>=' || this.operator === '<=') && - (comp.operator === '>=' || comp.operator === '<=') - const oppositeDirectionsLessThan = - cmp(this.semver, '<', comp.semver, options) && - (this.operator === '>=' || this.operator === '>') && - (comp.operator === '<=' || comp.operator === '<') - const oppositeDirectionsGreaterThan = - cmp(this.semver, '>', comp.semver, options) && - (this.operator === '<=' || this.operator === '<') && - (comp.operator === '>=' || comp.operator === '>') - - return ( - sameDirectionIncreasing || - sameDirectionDecreasing || - (sameSemVer && differentDirectionsInclusive) || - oppositeDirectionsLessThan || - oppositeDirectionsGreaterThan - ) + options = parseOptions(options) + + // Special cases where nothing can possibly be lower + if (options.includePrerelease && + (this.value === '<0.0.0-0' || comp.value === '<0.0.0-0')) { + return false + } + if (!options.includePrerelease && + (this.value.startsWith('<0.0.0') || comp.value.startsWith('<0.0.0'))) { + return false + } + + // Same direction increasing (> or >=) + if (this.operator.startsWith('>') && comp.operator.startsWith('>')) { + return true + } + // Same direction decreasing (< or <=) + if (this.operator.startsWith('<') && comp.operator.startsWith('<')) { + return true + } + // same SemVer and both sides are inclusive (<= or >=) + if ( + (this.semver.version === comp.semver.version) && + this.operator.includes('=') && comp.operator.includes('=')) { + return true + } + // opposite directions less than + if (cmp(this.semver, '<', comp.semver, options) && + this.operator.startsWith('>') && comp.operator.startsWith('<')) { + return true + } + // opposite directions greater than + if (cmp(this.semver, '>', comp.semver, options) && + this.operator.startsWith('<') && comp.operator.startsWith('>')) { + return true + } + return false } } diff --git a/node_modules/semver/classes/range.js b/node_modules/semver/classes/range.js index a791d912515cc..d9e866de4dcd1 100644 --- a/node_modules/semver/classes/range.js +++ b/node_modules/semver/classes/range.js @@ -81,8 +81,10 @@ class Range { // memoize range parsing for performance. // this is a very hot path, and fully deterministic. - const memoOpts = Object.keys(this.options).join(',') - const memoKey = `parseRange:${memoOpts}:${range}` + const memoOpts = + (this.options.includePrerelease && FLAG_INCLUDE_PRERELEASE) | + (this.options.loose && FLAG_LOOSE) + const memoKey = memoOpts + ':' + range const cached = cache.get(memoKey) if (cached) { return cached @@ -190,6 +192,7 @@ class Range { return false } } + module.exports = Range const LRU = require('lru-cache') @@ -206,6 +209,7 @@ const { tildeTrimReplace, caretTrimReplace, } = require('../internal/re') +const { FLAG_INCLUDE_PRERELEASE, FLAG_LOOSE } = require('../internal/constants') const isNullSet = c => c.value === '<0.0.0-0' const isAny = c => c.value === '' diff --git a/node_modules/semver/classes/semver.js b/node_modules/semver/classes/semver.js index af62955194793..25ee889d1492a 100644 --- a/node_modules/semver/classes/semver.js +++ b/node_modules/semver/classes/semver.js @@ -16,7 +16,7 @@ class SemVer { version = version.version } } else if (typeof version !== 'string') { - throw new TypeError(`Invalid Version: ${version}`) + throw new TypeError(`Invalid Version: ${require('util').inspect(version)}`) } if (version.length > MAX_LENGTH) { @@ -175,36 +175,36 @@ class SemVer { // preminor will bump the version up to the next minor release, and immediately // down to pre-release. premajor and prepatch work the same way. - inc (release, identifier) { + inc (release, identifier, identifierBase) { switch (release) { case 'premajor': this.prerelease.length = 0 this.patch = 0 this.minor = 0 this.major++ - this.inc('pre', identifier) + this.inc('pre', identifier, identifierBase) break case 'preminor': this.prerelease.length = 0 this.patch = 0 this.minor++ - this.inc('pre', identifier) + this.inc('pre', identifier, identifierBase) break case 'prepatch': // If this is already a prerelease, it will bump to the next version // drop any prereleases that might already exist, since they are not // relevant at this point. this.prerelease.length = 0 - this.inc('patch', identifier) - this.inc('pre', identifier) + this.inc('patch', identifier, identifierBase) + this.inc('pre', identifier, identifierBase) break // If the input is a non-prerelease version, this acts the same as // prepatch. case 'prerelease': if (this.prerelease.length === 0) { - this.inc('patch', identifier) + this.inc('patch', identifier, identifierBase) } - this.inc('pre', identifier) + this.inc('pre', identifier, identifierBase) break case 'major': @@ -246,9 +246,15 @@ class SemVer { break // This probably shouldn't be used publicly. // 1.0.0 'pre' would become 1.0.0-0 which is the wrong direction. - case 'pre': + case 'pre': { + const base = Number(identifierBase) ? 1 : 0 + + if (!identifier && identifierBase === false) { + throw new Error('invalid increment argument: identifier is empty') + } + if (this.prerelease.length === 0) { - this.prerelease = [0] + this.prerelease = [base] } else { let i = this.prerelease.length while (--i >= 0) { @@ -259,22 +265,29 @@ class SemVer { } if (i === -1) { // didn't increment anything - this.prerelease.push(0) + if (identifier === this.prerelease.join('.') && identifierBase === false) { + throw new Error('invalid increment argument: identifier already exists') + } + this.prerelease.push(base) } } if (identifier) { // 1.2.0-beta.1 bumps to 1.2.0-beta.2, // 1.2.0-beta.fooblz or 1.2.0-beta bumps to 1.2.0-beta.0 + let prerelease = [identifier, base] + if (identifierBase === false) { + prerelease = [identifier] + } if (compareIdentifiers(this.prerelease[0], identifier) === 0) { if (isNaN(this.prerelease[1])) { - this.prerelease = [identifier, 0] + this.prerelease = prerelease } } else { - this.prerelease = [identifier, 0] + this.prerelease = prerelease } } break - + } default: throw new Error(`invalid increment argument: ${release}`) } diff --git a/node_modules/semver/functions/diff.js b/node_modules/semver/functions/diff.js index 87200ef3b88e8..fafc11c40d345 100644 --- a/node_modules/semver/functions/diff.js +++ b/node_modules/semver/functions/diff.js @@ -1,23 +1,54 @@ -const parse = require('./parse') -const eq = require('./eq') +const parse = require('./parse.js') const diff = (version1, version2) => { - if (eq(version1, version2)) { + const v1 = parse(version1, null, true) + const v2 = parse(version2, null, true) + const comparison = v1.compare(v2) + + if (comparison === 0) { return null - } else { - const v1 = parse(version1) - const v2 = parse(version2) - const hasPre = v1.prerelease.length || v2.prerelease.length - const prefix = hasPre ? 'pre' : '' - const defaultResult = hasPre ? 'prerelease' : '' - for (const key in v1) { - if (key === 'major' || key === 'minor' || key === 'patch') { - if (v1[key] !== v2[key]) { - return prefix + key - } - } - } - return defaultResult // may be undefined } + + const v1Higher = comparison > 0 + const highVersion = v1Higher ? v1 : v2 + const lowVersion = v1Higher ? v2 : v1 + const highHasPre = !!highVersion.prerelease.length + + // add the `pre` prefix if we are going to a prerelease version + const prefix = highHasPre ? 'pre' : '' + + if (v1.major !== v2.major) { + return prefix + 'major' + } + + if (v1.minor !== v2.minor) { + return prefix + 'minor' + } + + if (v1.patch !== v2.patch) { + return prefix + 'patch' + } + + // at this point we know stable versions match but overall versions are not equal, + // so either they are both prereleases, or the lower version is a prerelease + + if (highHasPre) { + // high and low are preleases + return 'prerelease' + } + + if (lowVersion.patch) { + // anything higher than a patch bump would result in the wrong version + return 'patch' + } + + if (lowVersion.minor) { + // anything higher than a minor bump would result in the wrong version + return 'minor' + } + + // bumping major/minor/patch all have same result + return 'major' } + module.exports = diff diff --git a/node_modules/semver/functions/inc.js b/node_modules/semver/functions/inc.js index 62d1da2c4093b..7670b1bea1a49 100644 --- a/node_modules/semver/functions/inc.js +++ b/node_modules/semver/functions/inc.js @@ -1,7 +1,8 @@ const SemVer = require('../classes/semver') -const inc = (version, release, options, identifier) => { +const inc = (version, release, options, identifier, identifierBase) => { if (typeof (options) === 'string') { + identifierBase = identifier identifier = options options = undefined } @@ -10,7 +11,7 @@ const inc = (version, release, options, identifier) => { return new SemVer( version instanceof SemVer ? version.version : version, options - ).inc(release, identifier).version + ).inc(release, identifier, identifierBase).version } catch (er) { return null } diff --git a/node_modules/semver/functions/parse.js b/node_modules/semver/functions/parse.js index a66663aa5918f..459b3b17375c8 100644 --- a/node_modules/semver/functions/parse.js +++ b/node_modules/semver/functions/parse.js @@ -1,32 +1,15 @@ -const { MAX_LENGTH } = require('../internal/constants') -const { re, t } = require('../internal/re') const SemVer = require('../classes/semver') - -const parseOptions = require('../internal/parse-options') -const parse = (version, options) => { - options = parseOptions(options) - +const parse = (version, options, throwErrors = false) => { if (version instanceof SemVer) { return version } - - if (typeof version !== 'string') { - return null - } - - if (version.length > MAX_LENGTH) { - return null - } - - const r = options.loose ? re[t.LOOSE] : re[t.FULL] - if (!r.test(version)) { - return null - } - try { return new SemVer(version, options) } catch (er) { - return null + if (!throwErrors) { + return null + } + throw er } } diff --git a/node_modules/semver/index.js b/node_modules/semver/index.js index 4a342c6afe5ae..86d42ac16a840 100644 --- a/node_modules/semver/index.js +++ b/node_modules/semver/index.js @@ -83,6 +83,7 @@ module.exports = { src: internalRe.src, tokens: internalRe.t, SEMVER_SPEC_VERSION: constants.SEMVER_SPEC_VERSION, + RELEASE_TYPES: constants.RELEASE_TYPES, compareIdentifiers: identifiers.compareIdentifiers, rcompareIdentifiers: identifiers.rcompareIdentifiers, } diff --git a/node_modules/semver/internal/constants.js b/node_modules/semver/internal/constants.js index 4f0de59b56949..25fab1ea01233 100644 --- a/node_modules/semver/internal/constants.js +++ b/node_modules/semver/internal/constants.js @@ -9,9 +9,22 @@ const MAX_SAFE_INTEGER = Number.MAX_SAFE_INTEGER || // Max safe segment length for coercion. const MAX_SAFE_COMPONENT_LENGTH = 16 +const RELEASE_TYPES = [ + 'major', + 'premajor', + 'minor', + 'preminor', + 'patch', + 'prepatch', + 'prerelease', +] + module.exports = { - SEMVER_SPEC_VERSION, MAX_LENGTH, - MAX_SAFE_INTEGER, MAX_SAFE_COMPONENT_LENGTH, + MAX_SAFE_INTEGER, + RELEASE_TYPES, + SEMVER_SPEC_VERSION, + FLAG_INCLUDE_PRERELEASE: 0b001, + FLAG_LOOSE: 0b010, } diff --git a/node_modules/semver/internal/parse-options.js b/node_modules/semver/internal/parse-options.js index bbd9ec77a3ff4..10d64ce06d3c5 100644 --- a/node_modules/semver/internal/parse-options.js +++ b/node_modules/semver/internal/parse-options.js @@ -1,11 +1,15 @@ -// parse out just the options we care about so we always get a consistent -// obj with keys in a consistent order. -const opts = ['includePrerelease', 'loose', 'rtl'] -const parseOptions = options => - !options ? {} - : typeof options !== 'object' ? { loose: true } - : opts.filter(k => options[k]).reduce((o, k) => { - o[k] = true - return o - }, {}) +// parse out just the options we care about +const looseOption = Object.freeze({ loose: true }) +const emptyOpts = Object.freeze({ }) +const parseOptions = options => { + if (!options) { + return emptyOpts + } + + if (typeof options !== 'object') { + return looseOption + } + + return options +} module.exports = parseOptions diff --git a/node_modules/semver/package.json b/node_modules/semver/package.json index 72d3f66e8f766..0a6095b8900a6 100644 --- a/node_modules/semver/package.json +++ b/node_modules/semver/package.json @@ -1,6 +1,6 @@ { "name": "semver", - "version": "7.3.8", + "version": "7.5.0", "description": "The semantic version parser used by npm.", "main": "index.js", "scripts": { @@ -13,8 +13,8 @@ "template-oss-apply": "template-oss-apply --force" }, "devDependencies": { - "@npmcli/eslint-config": "^3.0.1", - "@npmcli/template-oss": "4.4.4", + "@npmcli/eslint-config": "^4.0.0", + "@npmcli/template-oss": "4.13.0", "tap": "^16.0.0" }, "license": "ISC", @@ -53,9 +53,8 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.4.4", + "version": "4.13.0", "engines": ">=10", - "content": "./scripts", "ciVersions": [ "10.0.0", "10.x", @@ -64,6 +63,7 @@ "16.x", "18.x" ], + "npmSpec": "8", "distPaths": [ "classes/", "functions/", @@ -81,6 +81,7 @@ "/index.js", "/preload.js", "/range.bnf" - ] + ], + "publish": "true" } } diff --git a/node_modules/semver/ranges/intersects.js b/node_modules/semver/ranges/intersects.js index 3d1a6f31dfbe0..e0e9b7ce000e4 100644 --- a/node_modules/semver/ranges/intersects.js +++ b/node_modules/semver/ranges/intersects.js @@ -2,6 +2,6 @@ const Range = require('../classes/range') const intersects = (r1, r2, options) => { r1 = new Range(r1, options) r2 = new Range(r2, options) - return r1.intersects(r2) + return r1.intersects(r2, options) } module.exports = intersects diff --git a/node_modules/semver/ranges/subset.js b/node_modules/semver/ranges/subset.js index e0dea43c2b6a8..1e5c26837c047 100644 --- a/node_modules/semver/ranges/subset.js +++ b/node_modules/semver/ranges/subset.js @@ -68,6 +68,9 @@ const subset = (sub, dom, options = {}) => { return true } +const minimumVersionWithPreRelease = [new Comparator('>=0.0.0-0')] +const minimumVersion = [new Comparator('>=0.0.0')] + const simpleSubset = (sub, dom, options) => { if (sub === dom) { return true @@ -77,9 +80,9 @@ const simpleSubset = (sub, dom, options) => { if (dom.length === 1 && dom[0].semver === ANY) { return true } else if (options.includePrerelease) { - sub = [new Comparator('>=0.0.0-0')] + sub = minimumVersionWithPreRelease } else { - sub = [new Comparator('>=0.0.0')] + sub = minimumVersion } } @@ -87,7 +90,7 @@ const simpleSubset = (sub, dom, options) => { if (options.includePrerelease) { return true } else { - dom = [new Comparator('>=0.0.0')] + dom = minimumVersion } } diff --git a/package-lock.json b/package-lock.json index 16ea2859439ac..b2d6d53235de6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -140,7 +140,7 @@ "read": "^2.1.0", "read-package-json": "^6.0.1", "read-package-json-fast": "^3.0.2", - "semver": "^7.3.8", + "semver": "^7.5.0", "ssri": "^10.0.3", "tar": "^6.1.13", "text-table": "~0.2.0", @@ -783,6 +783,33 @@ "node": ">=v14" } }, + "node_modules/@commitlint/is-ignored/node_modules/lru-cache": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", + "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", + "dev": true, + "dependencies": { + "yallist": "^4.0.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/@commitlint/is-ignored/node_modules/semver": { + "version": "7.3.8", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.8.tgz", + "integrity": "sha512-NB1ctGL5rlHrPJtFDVIVzTyQylMLu9N9VICA6HSFJo8MCGVTMW6gfpicwKmmK/dAjTOrqu5l63JJOpDSrAis3A==", + "dev": true, + "dependencies": { + "lru-cache": "^6.0.0" + }, + "bin": { + "semver": "bin/semver.js" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/@commitlint/lint": { "version": "17.4.4", "resolved": "https://registry.npmjs.org/@commitlint/lint/-/lint-17.4.4.tgz", @@ -11113,9 +11140,9 @@ } }, "node_modules/semver": { - "version": "7.3.8", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.8.tgz", - "integrity": "sha512-NB1ctGL5rlHrPJtFDVIVzTyQylMLu9N9VICA6HSFJo8MCGVTMW6gfpicwKmmK/dAjTOrqu5l63JJOpDSrAis3A==", + "version": "7.5.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.0.tgz", + "integrity": "sha512-+XC0AD/R7Q2mPSRuy2Id0+CGTZ98+8f+KvwirxOKIEyid+XSx6HbC63p+O4IndTHuX5Z+JxQ0TghCkO5Cg/2HA==", "inBundle": true, "dependencies": { "lru-cache": "^6.0.0" diff --git a/package.json b/package.json index 5f191d7934620..918392785a757 100644 --- a/package.json +++ b/package.json @@ -109,7 +109,7 @@ "read": "^2.1.0", "read-package-json": "^6.0.1", "read-package-json-fast": "^3.0.2", - "semver": "^7.3.8", + "semver": "^7.5.0", "ssri": "^10.0.3", "tar": "^6.1.13", "text-table": "~0.2.0",