Proxy the "npm install <name>" to an another registry if the package doesn't exists in our #252

Closed
hekike opened this Issue Mar 5, 2014 · 11 comments

Projects

None yet

4 participants

@hekike
hekike commented Mar 5, 2014

Proxy the "npm install " to an another registry if the package doesn't exists in our, then save it (optional).

@dead-horse
Member

@fengmk2
https://github.com/cnpm/cnpmjs.org/blob/master/middleware/sync_by_install.js#L40

this bug still exist?
but in private model, only admin can publish, it seems like only need to disable admin sync by install ?

@hekike
hekike commented Mar 6, 2014

Yes, it works great with a forced:

this.session.allowSync = true;
@fengmk2
Member
fengmk2 commented Mar 6, 2014

@hekike I fix this stupid now.

@fengmk2 fengmk2 closed this in aa7077e Mar 6, 2014
@fengmk2 fengmk2 added the bug label Mar 6, 2014
@fengmk2 fengmk2 added this to the v0.3 koa milestone Mar 6, 2014
@fengmk2 fengmk2 self-assigned this Mar 6, 2014
@fengmk2
Member
fengmk2 commented Mar 6, 2014

@hekike
cnpmjs.org@0.3.6 had fix this bug.

@dead-horse
Member

this proxy still has one problem:

if run npm install package-a, and package-a dependencies is:

{
  "package-b": ">=1.0.0"
}

npm will try to install package-b, but if package-b in our registry only has 0.9.0, it can not install success. because npm will request http://registry.cnpmjs.org/package-b to check if has package-b@>=1.0.0, but the registry don't know this. so the npm can not found package-b@>=1.0.0 from our registry, then install failed.

@fengmk2 fengmk2 reopened this Mar 6, 2014
@gergelyke

Any update on this one?

@dead-horse
Member
$ lnpm install co-any
npm WARN package.json anywhere@0.0.3 No repository field.
npm WARN package.json honeycomb@0.0.12 No repository field.
npm WARN package.json moduletest@0.0.6 No description
npm WARN package.json moduletest@0.0.6 No repository field.
npm WARN package.json shark@0.3.21 No repository field.
npm WARN package.json shark@0.3.21 homepage field must start with a protocol.
npm WARN package.json sfile@0.1.1 No repository field.
npm http GET http://localhost:7001/back-to-thunk/0.0.1
npm http 200 http://localhost:7001/back-to-thunk/0.0.1
npm http GET http://r.cnpmjs.org/back-to-thunk/download/back-to-thunk-0.0.1.tgz
npm http 200 http://r.cnpmjs.org/back-to-thunk/download/back-to-thunk-0.0.1.tgz
npm http GET http://localhost:7001/is-type-of
npm http 200 http://localhost:7001/is-type-of
npm http GET http://localhost:7001/is-type-of/download/is-type-of-0.0.1.tgz
npm http 200 http://localhost:7001/is-type-of/download/is-type-of-0.0.1.tgz
npm http GET http://localhost:7001/core-util-is/1.0.1
npm http 200 http://localhost:7001/core-util-is/1.0.1
npm http GET http://r.cnpmjs.org/core-util-is/download/core-util-is-1.0.1.tgz
npm http 200 http://r.cnpmjs.org/core-util-is/download/core-util-is-1.0.1.tgz
npm WARN unmet dependency /Users/deadhorse/node_modules/node-hsf requires cutter@'0.0.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/cutter,
npm WARN unmet dependency which is version 0.0.3
npm WARN unmet dependency /Users/deadhorse/node_modules/honeycomb/node_modules/tfs requires debug@'0.7.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/debug,
npm WARN unmet dependency which is version 0.7.4
npm WARN unmet dependency /Users/deadhorse/node_modules/honeycomb/node_modules/tfs/node_modules/eventproxy requires debug@'0.7.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/debug,
npm WARN unmet dependency which is version 0.7.4
npm WARN unmet dependency /Users/deadhorse/node_modules/message/node_modules/alert/node_modules/urllib requires debug@'0.7.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/debug,
npm WARN unmet dependency which is version 0.7.4
co-any@0.0.2 ../node_modules/co-any
└── back-to-thunk@0.0.1 (is-type-of@0.0.1)
$ lnpm info co-any
npm http GET http://localhost:7001/co-any
npm http 200 http://localhost:7001/co-any

{ name: 'co-any',
  description: 'Execute thunks in parallel and return after any of them return',
  'dist-tags': { latest: '0.0.2' },
  maintainers: 'dead_horse <dead_horse@qq.com>',
  time: 
   { modified: '2014-03-12T04:01:25.614Z',
     created: '2014-03-08T06:28:04.889Z',
     '0.0.2': '2014-03-12T04:01:25.614Z',
     '0.0.1': '2014-03-10T14:28:09.439Z',
     '0.0.0': '2014-03-08T06:28:04.889Z' },
  users: {},
  author: 'dead_horse <dead_horse@qq.com>',
  repository: 
   { type: 'git',
     url: 'git://github.com/dead-horse/co-any.git' },
  versions: [ '0.0.0', '0.0.1', '0.0.2' ],
  homepage: 'https://github.com/dead-horse/co-any',
  bugs: { url: 'https://github.com/dead-horse/co-any/issues' },
  license: 'MIT',
  version: '0.0.2',
  main: 'index.js',
  scripts: { test: 'make test' },
  files: 'index.js',
  keywords: [ 'co', 'flow', 'any' ],
  devDependencies: 
   { autod: '^0.1.1',
     co: '3.0.4',
     'co-wait': '0.0.0',
     istanbul: 'git://github.com/gotwarlost/istanbul.git#harmony',
     mocha: '^1.17.1',
     should: '3.1.3' },
  dependencies: { 'back-to-thunk': '0.0.1' },
  dist: 
   { shasum: 'd9d2235dc0c06bcaaba3a1af97377895ade306d2',
     size: 1472,
     noattachment: false,
     tarball: 'http://r.cnpmjs.org/co-any/download/co-any-0.0.2.tgz' },
  directories: {},
  publish_time: 1394596885614 }
@dead-horse
Member

install will trigger sync and return the package from source registry if this pacakge not exist in our registry.

but still can not make sure this install not fail.

@gergelyke

I have syncByInstall: true in my config, and using version 0.3.10 - still doesn't trigger the sync. What am I missing?

@dead-horse
Member

the check middleware:

module.exports = function *syncByInstall(next) {
  if (!config.syncByInstall || !config.enablePrivate) {
    // only config.enablePrivate should enable sync on install
    return yield *next;
  }
  // request not by node, consider it request from web
  var ua = this.get('user-agent');
  if (!ua || ua.indexOf('node') < 0) {
    return yield *next;
  }

  if (this.query.write) {
    return yield *next;
  }

  this.allowSync = true;
  yield *next;
};

enablePrivate: true to make it as private mode ?

enablePrivate: true, // enable private mode, only admin can publish, other use just can sync package from source npm
@dead-horse
Member

i try with cnpmjs.org@0.3.10, it works fine

@fengmk2 fengmk2 modified the milestone: v0.4, v0.3 koa Apr 9, 2014
@fengmk2 fengmk2 closed this Jun 15, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment