diff --git a/node_modules/.gitignore b/node_modules/.gitignore index 92d5c9cce5e3a..b89ea46721e24 100644 --- a/node_modules/.gitignore +++ b/node_modules/.gitignore @@ -192,6 +192,11 @@ !/once !/p-map !/pacote +!/pacote/node_modules/ +/pacote/node_modules/* +!/pacote/node_modules/@npmcli/ +/pacote/node_modules/@npmcli/* +!/pacote/node_modules/@npmcli/run-script !/parse-conflict-json !/path-is-absolute !/postcss-selector-parser diff --git a/node_modules/pacote/lib/dir.js b/node_modules/pacote/lib/dir.js index df04cd08c51e5..923fdd65c22f3 100644 --- a/node_modules/pacote/lib/dir.js +++ b/node_modules/pacote/lib/dir.js @@ -49,7 +49,6 @@ class DirFetcher extends Fetcher { pkg: mani, event: 'prepare', path: this.resolved, - stdioString: true, stdio, banner, env: { diff --git a/node_modules/pacote/lib/util/npm.js b/node_modules/pacote/lib/util/npm.js index c444d788ad192..a3005c255565f 100644 --- a/node_modules/pacote/lib/util/npm.js +++ b/node_modules/pacote/lib/util/npm.js @@ -10,5 +10,5 @@ module.exports = (npmBin, npmCommand, cwd, env, extra) => { // in temp directories. this lets us link previously-seen repos that // are also being prepared. - return spawn(cmd, args, { cwd, stdioString: true, env }, extra) + return spawn(cmd, args, { cwd, env }, extra) } diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/LICENSE b/node_modules/pacote/node_modules/@npmcli/run-script/LICENSE new file mode 100644 index 0000000000000..19cec97b18468 --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/LICENSE @@ -0,0 +1,15 @@ +The ISC License + +Copyright (c) npm, Inc. + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/lib/is-server-package.js b/node_modules/pacote/node_modules/@npmcli/run-script/lib/is-server-package.js new file mode 100644 index 0000000000000..d168623247527 --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/lib/is-server-package.js @@ -0,0 +1,12 @@ +const util = require('util') +const fs = require('fs') +const { stat } = fs.promises || { stat: util.promisify(fs.stat) } +const { resolve } = require('path') +module.exports = async path => { + try { + const st = await stat(resolve(path, 'server.js')) + return st.isFile() + } catch (er) { + return false + } +} diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/lib/is-windows.js b/node_modules/pacote/node_modules/@npmcli/run-script/lib/is-windows.js new file mode 100644 index 0000000000000..651917e6ad27a --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/lib/is-windows.js @@ -0,0 +1,2 @@ +const platform = process.env.__FAKE_TESTING_PLATFORM__ || process.platform +module.exports = platform === 'win32' diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/lib/make-spawn-args.js b/node_modules/pacote/node_modules/@npmcli/run-script/lib/make-spawn-args.js new file mode 100644 index 0000000000000..2b2f96a91c8d5 --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/lib/make-spawn-args.js @@ -0,0 +1,40 @@ +/* eslint camelcase: "off" */ +const setPATH = require('./set-path.js') +const { resolve } = require('path') +const npm_config_node_gyp = require.resolve('node-gyp/bin/node-gyp.js') + +const makeSpawnArgs = options => { + const { + event, + path, + scriptShell = true, + binPaths, + env = {}, + stdio, + cmd, + args = [], + stdioString, + } = options + + const spawnEnv = setPATH(path, binPaths, { + // we need to at least save the PATH environment var + ...process.env, + ...env, + npm_package_json: resolve(path, 'package.json'), + npm_lifecycle_event: event, + npm_lifecycle_script: cmd, + npm_config_node_gyp, + }) + + const spawnOpts = { + env: spawnEnv, + stdioString, + stdio, + cwd: path, + shell: scriptShell, + } + + return [cmd, args, spawnOpts] +} + +module.exports = makeSpawnArgs diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp b/node_modules/pacote/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp new file mode 100755 index 0000000000000..5bec64d961a3a --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp @@ -0,0 +1,2 @@ +#!/usr/bin/env sh +node "$npm_config_node_gyp" "$@" diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp.cmd b/node_modules/pacote/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp.cmd new file mode 100755 index 0000000000000..4c6987ac9868b --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp.cmd @@ -0,0 +1 @@ +@node "%npm_config_node_gyp%" %* diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/lib/package-envs.js b/node_modules/pacote/node_modules/@npmcli/run-script/lib/package-envs.js new file mode 100644 index 0000000000000..6b538e50247fd --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/lib/package-envs.js @@ -0,0 +1,26 @@ +// https://github.com/npm/rfcs/pull/183 + +const envVal = val => Array.isArray(val) ? val.map(v => envVal(v)).join('\n\n') + : val === null || val === false ? '' + : String(val) + +const packageEnvs = (env, vals, prefix) => { + for (const [key, val] of Object.entries(vals)) { + if (val === undefined) { + continue + } else if (val && !Array.isArray(val) && typeof val === 'object') { + packageEnvs(env, val, `${prefix}${key}_`) + } else { + env[`${prefix}${key}`] = envVal(val) + } + } + return env +} + +module.exports = (env, pkg) => packageEnvs({ ...env }, { + name: pkg.name, + version: pkg.version, + config: pkg.config, + engines: pkg.engines, + bin: pkg.bin, +}, 'npm_package_') diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/lib/run-script-pkg.js b/node_modules/pacote/node_modules/@npmcli/run-script/lib/run-script-pkg.js new file mode 100644 index 0000000000000..cbb0a0b3a5e73 --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/lib/run-script-pkg.js @@ -0,0 +1,108 @@ +const makeSpawnArgs = require('./make-spawn-args.js') +const promiseSpawn = require('@npmcli/promise-spawn') +const packageEnvs = require('./package-envs.js') +const { isNodeGypPackage, defaultGypInstallScript } = require('@npmcli/node-gyp') +const signalManager = require('./signal-manager.js') +const isServerPackage = require('./is-server-package.js') + +// you wouldn't like me when I'm angry... +const bruce = (id, event, cmd, args) => { + let banner = id + ? `\n> ${id} ${event}\n` + : `\n> ${event}\n` + banner += `> ${cmd.trim().replace(/\n/g, '\n> ')}` + if (args.length) { + banner += ` ${args.join(' ')}` + } + banner += '\n' + return banner +} + +const runScriptPkg = async options => { + const { + event, + path, + scriptShell, + binPaths = false, + env = {}, + stdio = 'pipe', + pkg, + args = [], + stdioString, + // note: only used when stdio:inherit + banner = true, + // how long to wait for a process.kill signal + // only exposed here so that we can make the test go a bit faster. + signalTimeout = 500, + } = options + + const { scripts = {}, gypfile } = pkg + let cmd = null + if (options.cmd) { + cmd = options.cmd + } else if (pkg.scripts && pkg.scripts[event]) { + cmd = pkg.scripts[event] + } else if ( + // If there is no preinstall or install script, default to rebuilding node-gyp packages. + event === 'install' && + !scripts.install && + !scripts.preinstall && + gypfile !== false && + await isNodeGypPackage(path) + ) { + cmd = defaultGypInstallScript + } else if (event === 'start' && await isServerPackage(path)) { + cmd = 'node server.js' + } + + if (!cmd) { + return { code: 0, signal: null } + } + + if (stdio === 'inherit' && banner !== false) { + // we're dumping to the parent's stdout, so print the banner + console.log(bruce(pkg._id, event, cmd, args)) + } + + const [spawnShell, spawnArgs, spawnOpts] = makeSpawnArgs({ + event, + path, + scriptShell, + binPaths, + env: packageEnvs(env, pkg), + stdio, + cmd, + args, + stdioString, + }) + + const p = promiseSpawn(spawnShell, spawnArgs, spawnOpts, { + event, + script: cmd, + pkgid: pkg._id, + path, + }) + + if (stdio === 'inherit') { + signalManager.add(p.process) + } + + if (p.stdin) { + p.stdin.end() + } + + return p.catch(er => { + const { signal } = er + if (stdio === 'inherit' && signal) { + process.kill(process.pid, signal) + // just in case we don't die, reject after 500ms + // this also keeps the node process open long enough to actually + // get the signal, rather than terminating gracefully. + return new Promise((res, rej) => setTimeout(() => rej(er), signalTimeout)) + } else { + throw er + } + }) +} + +module.exports = runScriptPkg diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/lib/run-script.js b/node_modules/pacote/node_modules/@npmcli/run-script/lib/run-script.js new file mode 100644 index 0000000000000..e9d18261a2c1f --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/lib/run-script.js @@ -0,0 +1,14 @@ +const rpj = require('read-package-json-fast') +const runScriptPkg = require('./run-script-pkg.js') +const validateOptions = require('./validate-options.js') +const isServerPackage = require('./is-server-package.js') + +const runScript = options => { + validateOptions(options) + const { pkg, path } = options + return pkg ? runScriptPkg(options) + : rpj(path + '/package.json') + .then(readPackage => runScriptPkg({ ...options, pkg: readPackage })) +} + +module.exports = Object.assign(runScript, { isServerPackage }) diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/lib/set-path.js b/node_modules/pacote/node_modules/@npmcli/run-script/lib/set-path.js new file mode 100644 index 0000000000000..c59c270d9969a --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/lib/set-path.js @@ -0,0 +1,45 @@ +const { resolve, dirname, delimiter } = require('path') +// the path here is relative, even though it does not need to be +// in order to make the posix tests pass in windows +const nodeGypPath = resolve(__dirname, '../lib/node-gyp-bin') + +// Windows typically calls its PATH environ 'Path', but this is not +// guaranteed, nor is it guaranteed to be the only one. Merge them +// all together in the order they appear in the object. +const setPATH = (projectPath, binPaths, env) => { + const PATH = Object.keys(env).filter(p => /^path$/i.test(p) && env[p]) + .map(p => env[p].split(delimiter)) + .reduce((set, p) => set.concat(p.filter(concatted => !set.includes(concatted))), []) + .join(delimiter) + + const pathArr = [] + if (binPaths) { + pathArr.push(...binPaths) + } + // unshift the ./node_modules/.bin from every folder + // walk up until dirname() does nothing, at the root + // XXX we should specify a cwd that we don't go above + let p = projectPath + let pp + do { + pathArr.push(resolve(p, 'node_modules', '.bin')) + pp = p + p = dirname(p) + } while (p !== pp) + pathArr.push(nodeGypPath, PATH) + + const pathVal = pathArr.join(delimiter) + + // XXX include the node-gyp-bin path somehow? Probably better for + // npm or arborist or whoever to just provide that by putting it in + // the PATH environ, since that's preserved anyway. + for (const key of Object.keys(env)) { + if (/^path$/i.test(key)) { + env[key] = pathVal + } + } + + return env +} + +module.exports = setPATH diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/lib/signal-manager.js b/node_modules/pacote/node_modules/@npmcli/run-script/lib/signal-manager.js new file mode 100644 index 0000000000000..7e10f859e0a68 --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/lib/signal-manager.js @@ -0,0 +1,47 @@ +const runningProcs = new Set() +let handlersInstalled = false + +const forwardedSignals = [ + 'SIGINT', + 'SIGTERM', +] + +const handleSignal = signal => { + for (const proc of runningProcs) { + proc.kill(signal) + } +} + +const setupListeners = () => { + for (const signal of forwardedSignals) { + process.on(signal, handleSignal) + } + handlersInstalled = true +} + +const cleanupListeners = () => { + if (runningProcs.size === 0) { + for (const signal of forwardedSignals) { + process.removeListener(signal, handleSignal) + } + handlersInstalled = false + } +} + +const add = proc => { + runningProcs.add(proc) + if (!handlersInstalled) { + setupListeners() + } + + proc.once('exit', () => { + runningProcs.delete(proc) + cleanupListeners() + }) +} + +module.exports = { + add, + handleSignal, + forwardedSignals, +} diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/lib/validate-options.js b/node_modules/pacote/node_modules/@npmcli/run-script/lib/validate-options.js new file mode 100644 index 0000000000000..8d855916ecd15 --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/lib/validate-options.js @@ -0,0 +1,39 @@ +const validateOptions = options => { + if (typeof options !== 'object' || !options) { + throw new TypeError('invalid options object provided to runScript') + } + + const { + event, + path, + scriptShell, + env = {}, + stdio = 'pipe', + args = [], + cmd, + } = options + + if (!event || typeof event !== 'string') { + throw new TypeError('valid event not provided to runScript') + } + if (!path || typeof path !== 'string') { + throw new TypeError('valid path not provided to runScript') + } + if (scriptShell !== undefined && typeof scriptShell !== 'string') { + throw new TypeError('invalid scriptShell option provided to runScript') + } + if (typeof env !== 'object' || !env) { + throw new TypeError('invalid env option provided to runScript') + } + if (typeof stdio !== 'string' && !Array.isArray(stdio)) { + throw new TypeError('invalid stdio option provided to runScript') + } + if (!Array.isArray(args) || args.some(a => typeof a !== 'string')) { + throw new TypeError('invalid args option provided to runScript') + } + if (cmd !== undefined && typeof cmd !== 'string') { + throw new TypeError('invalid cmd option provided to runScript') + } +} + +module.exports = validateOptions diff --git a/node_modules/pacote/node_modules/@npmcli/run-script/package.json b/node_modules/pacote/node_modules/@npmcli/run-script/package.json new file mode 100644 index 0000000000000..dbae5733a368b --- /dev/null +++ b/node_modules/pacote/node_modules/@npmcli/run-script/package.json @@ -0,0 +1,53 @@ +{ + "name": "@npmcli/run-script", + "version": "6.0.0", + "description": "Run a lifecycle script for a package (descendant of npm-lifecycle)", + "author": "GitHub Inc.", + "license": "ISC", + "scripts": { + "test": "tap", + "eslint": "eslint", + "lint": "eslint \"**/*.js\"", + "lintfix": "npm run lint -- --fix", + "postlint": "template-oss-check", + "snap": "tap", + "posttest": "npm run lint", + "template-oss-apply": "template-oss-apply --force" + }, + "devDependencies": { + "@npmcli/eslint-config": "^4.0.0", + "@npmcli/template-oss": "4.8.0", + "minipass": "^3.1.6", + "require-inject": "^1.4.4", + "tap": "^16.0.1" + }, + "dependencies": { + "@npmcli/node-gyp": "^3.0.0", + "@npmcli/promise-spawn": "^6.0.0", + "node-gyp": "^9.0.0", + "read-package-json-fast": "^3.0.0", + "which": "^3.0.0" + }, + "files": [ + "bin/", + "lib/" + ], + "main": "lib/run-script.js", + "repository": { + "type": "git", + "url": "https://github.com/npm/run-script.git" + }, + "engines": { + "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + }, + "templateOSS": { + "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", + "version": "4.8.0" + }, + "tap": { + "nyc-arg": [ + "--exclude", + "tap-snapshots/**" + ] + } +} diff --git a/node_modules/pacote/package.json b/node_modules/pacote/package.json index 93e7cb038e41e..e595e80f39e88 100644 --- a/node_modules/pacote/package.json +++ b/node_modules/pacote/package.json @@ -1,6 +1,6 @@ { "name": "pacote", - "version": "15.0.5", + "version": "15.0.6", "description": "JavaScript package downloader", "author": "GitHub Inc.", "bin": { @@ -47,7 +47,7 @@ "@npmcli/git": "^4.0.0", "@npmcli/installed-package-contents": "^2.0.1", "@npmcli/promise-spawn": "^6.0.1", - "@npmcli/run-script": "^5.0.0", + "@npmcli/run-script": "^6.0.0", "cacache": "^17.0.0", "fs-minipass": "^2.1.0", "minipass": "^3.1.6", diff --git a/package-lock.json b/package-lock.json index 8feefed818cf3..4f383633496b4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -136,7 +136,7 @@ "npm-user-validate": "^1.0.1", "npmlog": "^7.0.1", "p-map": "^4.0.0", - "pacote": "^15.0.2", + "pacote": "^15.0.6", "parse-conflict-json": "^3.0.0", "proc-log": "^3.0.0", "qrcode-terminal": "^0.12.0", @@ -9227,15 +9227,15 @@ } }, "node_modules/pacote": { - "version": "15.0.5", - "resolved": "https://registry.npmjs.org/pacote/-/pacote-15.0.5.tgz", - "integrity": "sha512-s8eSJWTZWHXr59wAOOaQS1yFf9a/aYb2f+MS65HgyVQeLMbwxPfAvy3Xc1GJCwF1bgvMN4pfaTzN2/n5299CPg==", + "version": "15.0.6", + "resolved": "https://registry.npmjs.org/pacote/-/pacote-15.0.6.tgz", + "integrity": "sha512-dQwcz/sME7QIL+cdrw/jftQfMMXxSo17i2kJ/gnhBhUvvBAsxoBu1lw9B5IzCH/Ce8CvEkG/QYZ6txzKfn0bTw==", "inBundle": true, "dependencies": { "@npmcli/git": "^4.0.0", "@npmcli/installed-package-contents": "^2.0.1", "@npmcli/promise-spawn": "^6.0.1", - "@npmcli/run-script": "^5.0.0", + "@npmcli/run-script": "^6.0.0", "cacache": "^17.0.0", "fs-minipass": "^2.1.0", "minipass": "^3.1.6", @@ -9257,6 +9257,22 @@ "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } }, + "node_modules/pacote/node_modules/@npmcli/run-script": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/run-script/-/run-script-6.0.0.tgz", + "integrity": "sha512-ql+AbRur1TeOdl1FY+RAwGW9fcr4ZwiVKabdvm93mujGREVuVLbdkXRJDrkTXSdCjaxYydr1wlA2v67jxWG5BQ==", + "inBundle": true, + "dependencies": { + "@npmcli/node-gyp": "^3.0.0", + "@npmcli/promise-spawn": "^6.0.0", + "node-gyp": "^9.0.0", + "read-package-json-fast": "^3.0.0", + "which": "^3.0.0" + }, + "engines": { + "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + } + }, "node_modules/parent-module": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", diff --git a/package.json b/package.json index 10576efa485b7..051761ef63646 100644 --- a/package.json +++ b/package.json @@ -106,7 +106,7 @@ "npm-user-validate": "^1.0.1", "npmlog": "^7.0.1", "p-map": "^4.0.0", - "pacote": "^15.0.2", + "pacote": "^15.0.6", "parse-conflict-json": "^3.0.0", "proc-log": "^3.0.0", "qrcode-terminal": "^0.12.0",