New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proxy the "npm install <name>" to an another registry if the package doesn't exists in our #252

Closed
hekike opened this Issue Mar 5, 2014 · 11 comments

Comments

Projects
None yet
4 participants
@hekike

hekike commented Mar 5, 2014

Proxy the "npm install " to an another registry if the package doesn't exists in our, then save it (optional).

@dead-horse

This comment has been minimized.

Member

dead-horse commented Mar 5, 2014

@fengmk2
https://github.com/cnpm/cnpmjs.org/blob/master/middleware/sync_by_install.js#L40

this bug still exist?
but in private model, only admin can publish, it seems like only need to disable admin sync by install ?

@hekike

This comment has been minimized.

hekike commented Mar 6, 2014

Yes, it works great with a forced:

this.session.allowSync = true;
@fengmk2

This comment has been minimized.

Member

fengmk2 commented Mar 6, 2014

@hekike I fix this stupid now.

@fengmk2 fengmk2 closed this in aa7077e Mar 6, 2014

@fengmk2 fengmk2 added the bug label Mar 6, 2014

@fengmk2 fengmk2 added this to the v0.3 koa milestone Mar 6, 2014

@fengmk2 fengmk2 self-assigned this Mar 6, 2014

@fengmk2

This comment has been minimized.

Member

fengmk2 commented Mar 6, 2014

@hekike
cnpmjs.org@0.3.6 had fix this bug.

@dead-horse

This comment has been minimized.

Member

dead-horse commented Mar 6, 2014

this proxy still has one problem:

if run npm install package-a, and package-a dependencies is:

{
  "package-b": ">=1.0.0"
}

npm will try to install package-b, but if package-b in our registry only has 0.9.0, it can not install success. because npm will request http://registry.cnpmjs.org/package-b to check if has package-b@>=1.0.0, but the registry don't know this. so the npm can not found package-b@>=1.0.0 from our registry, then install failed.

@fengmk2 fengmk2 reopened this Mar 6, 2014

@gergelyke

This comment has been minimized.

gergelyke commented Mar 18, 2014

Any update on this one?

@dead-horse

This comment has been minimized.

Member

dead-horse commented Mar 18, 2014

$ lnpm install co-any
npm WARN package.json anywhere@0.0.3 No repository field.
npm WARN package.json honeycomb@0.0.12 No repository field.
npm WARN package.json moduletest@0.0.6 No description
npm WARN package.json moduletest@0.0.6 No repository field.
npm WARN package.json shark@0.3.21 No repository field.
npm WARN package.json shark@0.3.21 homepage field must start with a protocol.
npm WARN package.json sfile@0.1.1 No repository field.
npm http GET http://localhost:7001/back-to-thunk/0.0.1
npm http 200 http://localhost:7001/back-to-thunk/0.0.1
npm http GET http://r.cnpmjs.org/back-to-thunk/download/back-to-thunk-0.0.1.tgz
npm http 200 http://r.cnpmjs.org/back-to-thunk/download/back-to-thunk-0.0.1.tgz
npm http GET http://localhost:7001/is-type-of
npm http 200 http://localhost:7001/is-type-of
npm http GET http://localhost:7001/is-type-of/download/is-type-of-0.0.1.tgz
npm http 200 http://localhost:7001/is-type-of/download/is-type-of-0.0.1.tgz
npm http GET http://localhost:7001/core-util-is/1.0.1
npm http 200 http://localhost:7001/core-util-is/1.0.1
npm http GET http://r.cnpmjs.org/core-util-is/download/core-util-is-1.0.1.tgz
npm http 200 http://r.cnpmjs.org/core-util-is/download/core-util-is-1.0.1.tgz
npm WARN unmet dependency /Users/deadhorse/node_modules/node-hsf requires cutter@'0.0.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/cutter,
npm WARN unmet dependency which is version 0.0.3
npm WARN unmet dependency /Users/deadhorse/node_modules/honeycomb/node_modules/tfs requires debug@'0.7.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/debug,
npm WARN unmet dependency which is version 0.7.4
npm WARN unmet dependency /Users/deadhorse/node_modules/honeycomb/node_modules/tfs/node_modules/eventproxy requires debug@'0.7.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/debug,
npm WARN unmet dependency which is version 0.7.4
npm WARN unmet dependency /Users/deadhorse/node_modules/message/node_modules/alert/node_modules/urllib requires debug@'0.7.2' but will load
npm WARN unmet dependency /Users/deadhorse/node_modules/debug,
npm WARN unmet dependency which is version 0.7.4
co-any@0.0.2 ../node_modules/co-any
└── back-to-thunk@0.0.1 (is-type-of@0.0.1)
$ lnpm info co-any
npm http GET http://localhost:7001/co-any
npm http 200 http://localhost:7001/co-any

{ name: 'co-any',
  description: 'Execute thunks in parallel and return after any of them return',
  'dist-tags': { latest: '0.0.2' },
  maintainers: 'dead_horse <dead_horse@qq.com>',
  time: 
   { modified: '2014-03-12T04:01:25.614Z',
     created: '2014-03-08T06:28:04.889Z',
     '0.0.2': '2014-03-12T04:01:25.614Z',
     '0.0.1': '2014-03-10T14:28:09.439Z',
     '0.0.0': '2014-03-08T06:28:04.889Z' },
  users: {},
  author: 'dead_horse <dead_horse@qq.com>',
  repository: 
   { type: 'git',
     url: 'git://github.com/dead-horse/co-any.git' },
  versions: [ '0.0.0', '0.0.1', '0.0.2' ],
  homepage: 'https://github.com/dead-horse/co-any',
  bugs: { url: 'https://github.com/dead-horse/co-any/issues' },
  license: 'MIT',
  version: '0.0.2',
  main: 'index.js',
  scripts: { test: 'make test' },
  files: 'index.js',
  keywords: [ 'co', 'flow', 'any' ],
  devDependencies: 
   { autod: '^0.1.1',
     co: '3.0.4',
     'co-wait': '0.0.0',
     istanbul: 'git://github.com/gotwarlost/istanbul.git#harmony',
     mocha: '^1.17.1',
     should: '3.1.3' },
  dependencies: { 'back-to-thunk': '0.0.1' },
  dist: 
   { shasum: 'd9d2235dc0c06bcaaba3a1af97377895ade306d2',
     size: 1472,
     noattachment: false,
     tarball: 'http://r.cnpmjs.org/co-any/download/co-any-0.0.2.tgz' },
  directories: {},
  publish_time: 1394596885614 }
@dead-horse

This comment has been minimized.

Member

dead-horse commented Mar 18, 2014

install will trigger sync and return the package from source registry if this pacakge not exist in our registry.

but still can not make sure this install not fail.

@gergelyke

This comment has been minimized.

gergelyke commented Mar 18, 2014

I have syncByInstall: true in my config, and using version 0.3.10 - still doesn't trigger the sync. What am I missing?

@dead-horse

This comment has been minimized.

Member

dead-horse commented Mar 18, 2014

the check middleware:

module.exports = function *syncByInstall(next) {
  if (!config.syncByInstall || !config.enablePrivate) {
    // only config.enablePrivate should enable sync on install
    return yield *next;
  }
  // request not by node, consider it request from web
  var ua = this.get('user-agent');
  if (!ua || ua.indexOf('node') < 0) {
    return yield *next;
  }

  if (this.query.write) {
    return yield *next;
  }

  this.allowSync = true;
  yield *next;
};

enablePrivate: true to make it as private mode ?

enablePrivate: true, // enable private mode, only admin can publish, other use just can sync package from source npm
@dead-horse

This comment has been minimized.

Member

dead-horse commented Mar 18, 2014

i try with cnpmjs.org@0.3.10, it works fine

@fengmk2 fengmk2 modified the milestones: v0.4, v0.3 koa Apr 9, 2014

@fengmk2 fengmk2 closed this Jun 15, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment