fix: fix strict-ssl mapping for node-fetch-registry during unpublishe…

…d projects lookup (#3747)

libs/commands/publish/src/lib/fetch-config.ts

@@ -1,6 +1,7 @@
 import log from "npmlog";
 
 export interface FetchConfig {
+  [key: string]: unknown;
   fetchRetries?: number;
   log: typeof log;
   registry?: string;

libs/commands/publish/src/lib/get-projects-with-unpublished-packages.spec.ts

@@ -82,3 +82,26 @@ test("getProjectsWithUnpublishedPackages with private package", async () => {
     }),
   ]);
 });
+
+test("getProjectsWithUnpublishedPackages with strict-ssl = false", async () => {
+  const cwd = await initFixture("public-private");
+  const packages = await getPackages(cwd);
+  const projectNodes = packages.map(
+    (pkg): ProjectGraphProjectNodeWithPackage => ({
+      name: pkg.name,
+      type: "lib",
+      data: { root: pkg.location },
+      package: pkg,
+    })
+  );
+
+  const opts = { "strict-ssl": false };
+  const pkgs = await getProjectsWithUnpublishedPackages(projectNodes, opts);
+
+  expect(pacote.packument).toHaveBeenCalledWith("package-1", { "strict-ssl": false, strictSSL: false });
+  expect(pkgs).toEqual([
+    expect.objectContaining({
+      name: "package-1",
+    }),
+  ]);
+});

libs/commands/publish/src/lib/get-projects-with-unpublished-packages.ts

@@ -15,6 +15,8 @@ export async function getProjectsWithUnpublishedPackages(
 
   const mapper = (node: ProjectGraphProjectNodeWithPackage) => {
     const pkg = getPackage(node);
+    // libnpmpublish / npm-registry-fetch check strictSSL rather than strict-ssl
+    opts["strictSSL"] = opts["strict-ssl"];
     return pacote.packument(pkg.name, opts).then(
       (packument) => {
         if (packument.versions === undefined || packument.versions[pkg.version] === undefined) {