-
Notifications
You must be signed in to change notification settings - Fork 2.7k
/
validate.js
145 lines (121 loc) · 4.18 KB
/
validate.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
/* @flow */
import type {Reporter} from '../../reporters/index.js';
import {MessageError} from '../../errors.js';
import {isValidLicense} from './util.js';
import typos from './typos.js';
const isBuiltinModule = require('is-builtin-module');
const strings = ['name', 'version'];
const dependencyKeys = [
// npm registry will include optionalDependencies in dependencies and we'll want to dedupe them from the
// other fields first
'optionalDependencies',
// it's seemingly common to include a dependency in dependencies and devDependencies of the same name but
// different ranges, this can cause a lot of issues with our determinism and the behaviour of npm is
// currently unspecified.
'dependencies',
'devDependencies',
];
function isValidName(name: string): boolean {
return !name.match(/[\/@\s\+%:]/) && encodeURIComponent(name) === name;
}
function isValidScopedName(name: string): boolean {
if (name[0] !== '@') {
return false;
}
const parts = name.slice(1).split('/');
return parts.length === 2 && isValidName(parts[0]) && isValidName(parts[1]);
}
export function isValidPackageName(name: string): boolean {
return isValidName(name) || isValidScopedName(name);
}
type WarnFunction = (msg: string) => void;
export default function(info: Object, isRoot: boolean, reporter: Reporter, warn: WarnFunction) {
if (isRoot) {
for (const key in typos) {
if (key in info) {
warn(reporter.lang('manifestPotentialTypo', key, typos[key]));
}
}
}
// validate name
const {name} = info;
if (typeof name === 'string') {
if (isRoot && isBuiltinModule(name)) {
warn(reporter.lang('manifestBuiltinModule', name));
}
// cannot start with a dot
if (name[0] === '.') {
throw new MessageError(reporter.lang('manifestNameDot'));
}
// cannot contain the following characters
if (!isValidPackageName(name)) {
throw new MessageError(reporter.lang('manifestNameIllegalChars'));
}
// cannot equal node_modules or favicon.ico
const lower = name.toLowerCase();
if (lower === 'node_modules' || lower === 'favicon.ico') {
throw new MessageError(reporter.lang('manifestNameBlacklisted'));
}
}
// validate license
if (isRoot && !info.private) {
if (typeof info.license === 'string') {
const license = info.license.replace(/\*$/g, '');
if (!isValidLicense(license)) {
warn(reporter.lang('manifestLicenseInvalid'));
}
} else {
warn(reporter.lang('manifestLicenseNone'));
}
}
// validate strings
for (const key of strings) {
const val = info[key];
if (val && typeof val !== 'string') {
throw new MessageError(reporter.lang('manifestStringExpected', key));
}
}
cleanDependencies(info, isRoot, reporter, warn);
}
export function cleanDependencies(info: Object, isRoot: boolean, reporter: Reporter, warn: WarnFunction) {
// get dependency objects
const depTypes = [];
for (const type of dependencyKeys) {
const deps = info[type];
if (!deps || typeof deps !== 'object') {
continue;
}
depTypes.push([type, deps]);
}
// aggregate all non-trivial deps (not '' or '*')
const nonTrivialDeps: Map<string, {type: string, version: string}> = new Map();
for (const [type, deps] of depTypes) {
for (const name of Object.keys(deps)) {
const version = deps[name];
if (!nonTrivialDeps.has(name) && version && version !== '*') {
nonTrivialDeps.set(name, {type, version});
}
}
}
// overwrite first dep of package with non-trivial version, remove the rest
const setDeps: Set<string> = new Set();
for (const [type, deps] of depTypes) {
for (const name of Object.keys(deps)) {
let version = deps[name];
const dep = nonTrivialDeps.get(name);
if (dep) {
if (version && version !== '*' && version !== dep.version && isRoot) {
// only throw a warning when at the root
warn(reporter.lang('manifestDependencyCollision', dep.type, name, dep.version, type, version));
}
version = dep.version;
}
if (setDeps.has(name)) {
delete deps[name];
} else {
deps[name] = version;
setDeps.add(name);
}
}
}
}