-
Notifications
You must be signed in to change notification settings - Fork 2.2k
/
verify-npm-package-access.js
62 lines (52 loc) · 1.93 KB
/
verify-npm-package-access.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
"use strict";
const access = require("@evocateur/libnpmaccess");
const pulseTillDone = require("@lerna/pulse-till-done");
const ValidationError = require("@lerna/validation-error");
const FetchConfig = require("./fetch-config");
module.exports = verifyNpmPackageAccess;
function verifyNpmPackageAccess(packages, username, _opts) {
const opts = FetchConfig(_opts, {
// don't wait forever for third-party failures to be dealt with
"fetch-retries": 0,
});
opts.log.silly("verifyNpmPackageAccess");
return pulseTillDone(access.lsPackages(username, opts)).then(success, failure);
function success(result) {
// when _no_ results received, access.lsPackages returns null
// we can only assume that the packages in question have never been published
if (result === null) {
opts.log.warn(
"",
"The logged-in user does not have any previously-published packages, skipping permission checks..."
);
} else {
for (const pkg of packages) {
if (pkg.name in result && result[pkg.name] !== "read-write") {
throw new ValidationError(
"EACCESS",
`You do not have write permission required to publish "${pkg.name}"`
);
}
}
}
}
function failure(err) {
// pass if registry does not support ls-packages endpoint
if (err.code === "E500" || err.code === "E404") {
// most likely a private registry (npm Enterprise, verdaccio, etc)
opts.log.warn(
"EREGISTRY",
"Registry %j does not support `npm access ls-packages`, skipping permission checks...",
// registry
opts.registry
);
// don't log redundant errors
return;
}
// Log the error cleanly to stderr
opts.log.pause();
console.error(err.message); // eslint-disable-line no-console
opts.log.resume();
throw new ValidationError("EWHOAMI", "Authentication error. Use `npm whoami` to troubleshoot.");
}
}