Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proxy the "npm install <name>" to an another registry if the package doesn't exists in our #252

Closed
hekike opened this issue Mar 5, 2014 · 11 comments
Assignees
Labels
bug
Milestone

Comments

@hekike
Copy link

@hekike hekike commented Mar 5, 2014

Proxy the "npm install " to an another registry if the package doesn't exists in our, then save it (optional).

@dead-horse
Copy link
Member

@dead-horse dead-horse commented Mar 5, 2014

@fengmk2
https://github.com/cnpm/cnpmjs.org/blob/master/middleware/sync_by_install.js#L40

this bug still exist?
but in private model, only admin can publish, it seems like only need to disable admin sync by install ?

@hekike
Copy link
Author

@hekike hekike commented Mar 6, 2014

Yes, it works great with a forced:

this.session.allowSync = true;
@fengmk2
Copy link
Member

@fengmk2 fengmk2 commented Mar 6, 2014

@hekike I fix this stupid now.

@fengmk2 fengmk2 closed this in aa7077e Mar 6, 2014
@fengmk2 fengmk2 added the bug label Mar 6, 2014
@fengmk2 fengmk2 added this to the v0.3 koa milestone Mar 6, 2014
@fengmk2 fengmk2 self-assigned this Mar 6, 2014
@fengmk2
Copy link
Member

@fengmk2 fengmk2 commented Mar 6, 2014

@hekike
cnpmjs.org@0.3.6 had fix this bug.

@dead-horse
Copy link
Member

@dead-horse dead-horse commented Mar 6, 2014

this proxy still has one problem:

if run npm install package-a, and package-a dependencies is:

{
  "package-b": ">=1.0.0"
}

npm will try to install package-b, but if package-b in our registry only has 0.9.0, it can not install success. because npm will request http://registry.cnpmjs.org/package-b to check if has package-b@>=1.0.0, but the registry don't know this. so the npm can not found package-b@>=1.0.0 from our registry, then install failed.

@fengmk2 fengmk2 reopened this Mar 6, 2014
@gergelyke
Copy link

@gergelyke gergelyke commented Mar 18, 2014

Any update on this one?

@dead-horse
Copy link
Member

@dead-horse dead-horse commented Mar 18, 2014

$ lnpm install co-any
npm WARN package.json anywhere@0.0.3 No repository field.
npm WARN package.json honeycomb@0.0.12 No repository field.
npm WARN package.json moduletest@0.0.6 No description
npm WARN package.json moduletest@0.0.6 No repository field.
npm WARN package.json shark@0.3.21 No repository field.
npm WARN package.json shark@0.3.21 homepage field must start with a protocol.
npm WARN package.json sfile@0.1.1 No repository field.
npm http GET http://localhost:7001/back-to-thunk/0.0.1
npm http 200 http://localhost:7001/back-to-thunk/0.0.1
npm http GET http://r.cnpmjs.org/back-to-thunk/download/back-to-thunk-0.0.1.tgz
npm http 200 http://r.cnpmjs.org/back-to-thunk/download/back-to-thunk-0.0.1.tgz
npm http GET http://localhost:7001/is-type-of
npm http 200 http://localhost:7001/is-type-of
npm http GET http://localhost:7001/is-type-of/download/is-type-of-0.0.1.tgz
npm http 200 http://localhost:7001/is-type-of/download/is-type-of-0.0.1.tgz
npm http GET http://localhost:7001/core-util-is/1.0.1
npm http 200 http://localhost:7001/core-util-is/1.0.1
npm http GET http://r.cnpmjs.org/core-util-is/download/core-util-is-1.0.1.tgz
npm http 200 http://r.cnpmjs.org/core-util-is/download/core-util-is-1.0.1.tgz
npm WARN unmet dependency /Users/deadhorse/node_modules/node-hsf requires cutter@'0.0.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/cutter,
npm WARN unmet dependency which is version 0.0.3
npm WARN unmet dependency /Users/deadhorse/node_modules/honeycomb/node_modules/tfs requires debug@'0.7.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/debug,
npm WARN unmet dependency which is version 0.7.4
npm WARN unmet dependency /Users/deadhorse/node_modules/honeycomb/node_modules/tfs/node_modules/eventproxy requires debug@'0.7.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/debug,
npm WARN unmet dependency which is version 0.7.4
npm WARN unmet dependency /Users/deadhorse/node_modules/message/node_modules/alert/node_modules/urllib requires debug@'0.7.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/debug,
npm WARN unmet dependency which is version 0.7.4
co-any@0.0.2 ../node_modules/co-any
└── back-to-thunk@0.0.1 (is-type-of@0.0.1)
$ lnpm info co-any
npm http GET http://localhost:7001/co-any
npm http 200 http://localhost:7001/co-any

{ name: 'co-any',
  description: 'Execute thunks in parallel and return after any of them return',
  'dist-tags': { latest: '0.0.2' },
  maintainers: 'dead_horse <dead_horse@qq.com>',
  time: 
   { modified: '2014-03-12T04:01:25.614Z',
     created: '2014-03-08T06:28:04.889Z',
     '0.0.2': '2014-03-12T04:01:25.614Z',
     '0.0.1': '2014-03-10T14:28:09.439Z',
     '0.0.0': '2014-03-08T06:28:04.889Z' },
  users: {},
  author: 'dead_horse <dead_horse@qq.com>',
  repository: 
   { type: 'git',
     url: 'git://github.com/dead-horse/co-any.git' },
  versions: [ '0.0.0', '0.0.1', '0.0.2' ],
  homepage: 'https://github.com/dead-horse/co-any',
  bugs: { url: 'https://github.com/dead-horse/co-any/issues' },
  license: 'MIT',
  version: '0.0.2',
  main: 'index.js',
  scripts: { test: 'make test' },
  files: 'index.js',
  keywords: [ 'co', 'flow', 'any' ],
  devDependencies: 
   { autod: '^0.1.1',
     co: '3.0.4',
     'co-wait': '0.0.0',
     istanbul: 'git://github.com/gotwarlost/istanbul.git#harmony',
     mocha: '^1.17.1',
     should: '3.1.3' },
  dependencies: { 'back-to-thunk': '0.0.1' },
  dist: 
   { shasum: 'd9d2235dc0c06bcaaba3a1af97377895ade306d2',
     size: 1472,
     noattachment: false,
     tarball: 'http://r.cnpmjs.org/co-any/download/co-any-0.0.2.tgz' },
  directories: {},
  publish_time: 1394596885614 }
@dead-horse
Copy link
Member

@dead-horse dead-horse commented Mar 18, 2014

install will trigger sync and return the package from source registry if this pacakge not exist in our registry.

but still can not make sure this install not fail.

@gergelyke
Copy link

@gergelyke gergelyke commented Mar 18, 2014

I have syncByInstall: true in my config, and using version 0.3.10 - still doesn't trigger the sync. What am I missing?

@dead-horse
Copy link
Member

@dead-horse dead-horse commented Mar 18, 2014

the check middleware:

module.exports = function *syncByInstall(next) {
  if (!config.syncByInstall || !config.enablePrivate) {
    // only config.enablePrivate should enable sync on install
    return yield *next;
  }
  // request not by node, consider it request from web
  var ua = this.get('user-agent');
  if (!ua || ua.indexOf('node') < 0) {
    return yield *next;
  }

  if (this.query.write) {
    return yield *next;
  }

  this.allowSync = true;
  yield *next;
};

enablePrivate: true to make it as private mode ?

enablePrivate: true, // enable private mode, only admin can publish, other use just can sync package from source npm
@dead-horse
Copy link
Member

@dead-horse dead-horse commented Mar 18, 2014

i try with cnpmjs.org@0.3.10, it works fine

@fengmk2 fengmk2 modified the milestones: v0.4, v0.3 koa Apr 9, 2014
@fengmk2 fengmk2 closed this Jun 15, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants