feat: allow to disable npm audits proxy (#1430)

cnpm · Aug 24, 2019 · 19563f5 · 19563f5
1 parent d5ba93a
commit 19563f5
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 8 deletions.
diff --git a/config/index.js b/config/index.js
@@ -147,6 +147,9 @@ var config = {
     storage: path.join(dataDir, 'data.sqlite'),
 
     logging: !!process.env.SQL_DEBUG,
+
+    // enable proxy npm audits request or not
+    enableNpmAuditsProxy: true,
   },
 
   // package tarball store in local filesystem by default
@@ -251,6 +254,7 @@ var config = {
 
   packagephobiaURL: 'https://packagephobia.now.sh',
   packagephobiaSupportPrivatePackage: false,
+  packagephobiaMinDownloadCount: 1000,
 
   // custom user service, @see https://github.com/cnpm/cnpmjs.org/wiki/Use-Your-Own-User-Authorization
   // when you not intend to ingegrate with your company's user system, then use null, it would

diff --git a/controllers/web/package/show.js b/controllers/web/package/show.js
@@ -215,11 +215,11 @@ module.exports = function* show(next) {
     };
   }
 
-  let packagephobiaSupport = downloadTotal >= 1000;
+  let packagephobiaSupport = downloadTotal >= config.packagephobiaMinDownloadCount;
   if (pkg._publish_on_cnpm) {
     pkg.isPrivate = true;
     // need download total >= 1000
-    packagephobiaSupport = downloadTotal >= 1000 && config.packagephobiaSupportPrivatePackage;
+    packagephobiaSupport = downloadTotal >= config.packagephobiaMinDownloadCount && config.packagephobiaSupportPrivatePackage;
   } else {
     pkg.isPrivate = false;
     // add security check badge

diff --git a/servers/registry.js b/servers/registry.js
@@ -20,12 +20,13 @@ var cors = require('kcors');
 var proxyToNpm = require('../middleware/proxy_to_npm');
 var maxrequests = require('koa-maxrequests');
 
-var proxy = require('koa-proxy');
-app.use(proxy({
-  host:  'https://registry.npmjs.org',
-  match: /^\/\-\/npm\/v1\/security\/audits/
-}));
-
+if (config.enableNpmAuditsProxy) {
+  var proxy = require('koa-proxy');
+  app.use(proxy({
+    host:  'https://registry.npmjs.org',
+    match: /^\/\-\/npm\/v1\/security\/audits/
+  }));
+}
 
 app.use(maxrequests());
 app.use(block());