169c08e20a
backport of #21372 for v1.17.4 ------------------- npm package.json supports binary packaging: https://docs.npmjs.com/cli/v8/configuring-npm/package-json#bin the npm registry documents that the binary references will be attached to the abbreviated version object: https://github.com/npm/registry/blob/master/docs/responses/package-metadata.md#abbreviated-version-object unfortunately their api documentation leaves this out: https://github.com/npm/registry/blob/master/docs/responses/package-metadata.md#abbreviated-version-objectdoc which is likely to be the reason this was left out in gitea's initial implementation this response is critical for npm to install the binary in the .bin folder so as to be included on the users default bin path, resulting in immediate access to any binaries provided by the package i have tested upload and installing through npm and can confirm the npm registry now responds with bin in the version metadata and results in the binary being available after install. this fixes https://github.com/go-gitea/gitea/issues/21303 Co-authored-by: eleith <online-github@eleith.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
277 lines
7.3 KiB
Go
277 lines
7.3 KiB
Go
// Copyright 2021 The Gitea Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package npm
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/base64"
|
|
"fmt"
|
|
"strings"
|
|
"testing"
|
|
|
|
"code.gitea.io/gitea/modules/json"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestParsePackage(t *testing.T) {
|
|
packageScope := "@scope"
|
|
packageName := "test-package"
|
|
packageFullName := packageScope + "/" + packageName
|
|
packageVersion := "1.0.1-pre"
|
|
packageTag := "latest"
|
|
packageAuthor := "KN4CK3R"
|
|
packageBin := "gitea"
|
|
packageDescription := "Test Description"
|
|
data := "H4sIAAAAAAAA/ytITM5OTE/VL4DQelnF+XkMVAYGBgZmJiYK2MRBwNDcSIHB2NTMwNDQzMwAqA7IMDUxA9LUdgg2UFpcklgEdAql5kD8ogCnhwio5lJQUMpLzE1VslJQcihOzi9I1S9JLS7RhSYIJR2QgrLUouLM/DyQGkM9Az1D3YIiqExKanFyUWZBCVQ2BKhVwQVJDKwosbQkI78IJO/tZ+LsbRykxFXLNdA+HwWjYBSMgpENACgAbtAACAAA"
|
|
integrity := "sha512-yA4FJsVhetynGfOC1jFf79BuS+jrHbm0fhh+aHzCQkOaOBXKf9oBnC4a6DnLLnEsHQDRLYd00cwj8sCXpC+wIg=="
|
|
|
|
t.Run("InvalidUpload", func(t *testing.T) {
|
|
p, err := ParsePackage(bytes.NewReader([]byte{0}))
|
|
assert.Nil(t, p)
|
|
assert.Error(t, err)
|
|
})
|
|
|
|
t.Run("InvalidUploadNoData", func(t *testing.T) {
|
|
b, _ := json.Marshal(packageUpload{})
|
|
p, err := ParsePackage(bytes.NewReader(b))
|
|
assert.Nil(t, p)
|
|
assert.ErrorIs(t, err, ErrInvalidPackage)
|
|
})
|
|
|
|
t.Run("InvalidPackageName", func(t *testing.T) {
|
|
test := func(t *testing.T, name string) {
|
|
b, _ := json.Marshal(packageUpload{
|
|
PackageMetadata: PackageMetadata{
|
|
ID: name,
|
|
Name: name,
|
|
Versions: map[string]*PackageMetadataVersion{
|
|
packageVersion: {
|
|
Name: name,
|
|
},
|
|
},
|
|
},
|
|
})
|
|
|
|
p, err := ParsePackage(bytes.NewReader(b))
|
|
assert.Nil(t, p)
|
|
assert.ErrorIs(t, err, ErrInvalidPackageName)
|
|
}
|
|
|
|
test(t, " test ")
|
|
test(t, " test")
|
|
test(t, "test ")
|
|
test(t, "te st")
|
|
test(t, "invalid/scope")
|
|
test(t, "@invalid/_name")
|
|
test(t, "@invalid/.name")
|
|
})
|
|
|
|
t.Run("ValidPackageName", func(t *testing.T) {
|
|
test := func(t *testing.T, name string) {
|
|
b, _ := json.Marshal(packageUpload{
|
|
PackageMetadata: PackageMetadata{
|
|
ID: name,
|
|
Name: name,
|
|
Versions: map[string]*PackageMetadataVersion{
|
|
packageVersion: {
|
|
Name: name,
|
|
},
|
|
},
|
|
},
|
|
})
|
|
|
|
p, err := ParsePackage(bytes.NewReader(b))
|
|
assert.Nil(t, p)
|
|
assert.ErrorIs(t, err, ErrInvalidPackageVersion)
|
|
}
|
|
|
|
test(t, "test")
|
|
test(t, "@scope/name")
|
|
test(t, packageFullName)
|
|
})
|
|
|
|
t.Run("InvalidPackageVersion", func(t *testing.T) {
|
|
version := "first-version"
|
|
b, _ := json.Marshal(packageUpload{
|
|
PackageMetadata: PackageMetadata{
|
|
ID: packageFullName,
|
|
Name: packageFullName,
|
|
Versions: map[string]*PackageMetadataVersion{
|
|
version: {
|
|
Name: packageFullName,
|
|
Version: version,
|
|
},
|
|
},
|
|
},
|
|
})
|
|
|
|
p, err := ParsePackage(bytes.NewReader(b))
|
|
assert.Nil(t, p)
|
|
assert.ErrorIs(t, err, ErrInvalidPackageVersion)
|
|
})
|
|
|
|
t.Run("InvalidAttachment", func(t *testing.T) {
|
|
b, _ := json.Marshal(packageUpload{
|
|
PackageMetadata: PackageMetadata{
|
|
ID: packageFullName,
|
|
Name: packageFullName,
|
|
Versions: map[string]*PackageMetadataVersion{
|
|
packageVersion: {
|
|
Name: packageFullName,
|
|
Version: packageVersion,
|
|
},
|
|
},
|
|
},
|
|
Attachments: map[string]*PackageAttachment{
|
|
"dummy.tgz": {},
|
|
},
|
|
})
|
|
|
|
p, err := ParsePackage(bytes.NewReader(b))
|
|
assert.Nil(t, p)
|
|
assert.ErrorIs(t, err, ErrInvalidAttachment)
|
|
})
|
|
|
|
t.Run("InvalidData", func(t *testing.T) {
|
|
filename := fmt.Sprintf("%s-%s.tgz", packageFullName, packageVersion)
|
|
b, _ := json.Marshal(packageUpload{
|
|
PackageMetadata: PackageMetadata{
|
|
ID: packageFullName,
|
|
Name: packageFullName,
|
|
Versions: map[string]*PackageMetadataVersion{
|
|
packageVersion: {
|
|
Name: packageFullName,
|
|
Version: packageVersion,
|
|
},
|
|
},
|
|
},
|
|
Attachments: map[string]*PackageAttachment{
|
|
filename: {
|
|
Data: "/",
|
|
},
|
|
},
|
|
})
|
|
|
|
p, err := ParsePackage(bytes.NewReader(b))
|
|
assert.Nil(t, p)
|
|
assert.ErrorIs(t, err, ErrInvalidAttachment)
|
|
})
|
|
|
|
t.Run("InvalidIntegrity", func(t *testing.T) {
|
|
filename := fmt.Sprintf("%s-%s.tgz", packageFullName, packageVersion)
|
|
b, _ := json.Marshal(packageUpload{
|
|
PackageMetadata: PackageMetadata{
|
|
ID: packageFullName,
|
|
Name: packageFullName,
|
|
Versions: map[string]*PackageMetadataVersion{
|
|
packageVersion: {
|
|
Name: packageFullName,
|
|
Version: packageVersion,
|
|
Dist: PackageDistribution{
|
|
Integrity: "sha512-test==",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
Attachments: map[string]*PackageAttachment{
|
|
filename: {
|
|
Data: data,
|
|
},
|
|
},
|
|
})
|
|
|
|
p, err := ParsePackage(bytes.NewReader(b))
|
|
assert.Nil(t, p)
|
|
assert.ErrorIs(t, err, ErrInvalidIntegrity)
|
|
})
|
|
|
|
t.Run("InvalidIntegrity2", func(t *testing.T) {
|
|
filename := fmt.Sprintf("%s-%s.tgz", packageFullName, packageVersion)
|
|
b, _ := json.Marshal(packageUpload{
|
|
PackageMetadata: PackageMetadata{
|
|
ID: packageFullName,
|
|
Name: packageFullName,
|
|
Versions: map[string]*PackageMetadataVersion{
|
|
packageVersion: {
|
|
Name: packageFullName,
|
|
Version: packageVersion,
|
|
Dist: PackageDistribution{
|
|
Integrity: integrity,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
Attachments: map[string]*PackageAttachment{
|
|
filename: {
|
|
Data: base64.StdEncoding.EncodeToString([]byte("data")),
|
|
},
|
|
},
|
|
})
|
|
|
|
p, err := ParsePackage(bytes.NewReader(b))
|
|
assert.Nil(t, p)
|
|
assert.ErrorIs(t, err, ErrInvalidIntegrity)
|
|
})
|
|
|
|
t.Run("Valid", func(t *testing.T) {
|
|
filename := fmt.Sprintf("%s-%s.tgz", packageFullName, packageVersion)
|
|
b, _ := json.Marshal(packageUpload{
|
|
PackageMetadata: PackageMetadata{
|
|
ID: packageFullName,
|
|
Name: packageFullName,
|
|
DistTags: map[string]string{
|
|
packageTag: packageVersion,
|
|
},
|
|
Versions: map[string]*PackageMetadataVersion{
|
|
packageVersion: {
|
|
Name: packageFullName,
|
|
Version: packageVersion,
|
|
Description: packageDescription,
|
|
Author: User{Name: packageAuthor},
|
|
License: "MIT",
|
|
Homepage: "https://gitea.io/",
|
|
Readme: packageDescription,
|
|
Dependencies: map[string]string{
|
|
"package": "1.2.0",
|
|
},
|
|
Bin: map[string]string{
|
|
"bin": packageBin,
|
|
},
|
|
Dist: PackageDistribution{
|
|
Integrity: integrity,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
Attachments: map[string]*PackageAttachment{
|
|
filename: {
|
|
Data: data,
|
|
},
|
|
},
|
|
})
|
|
|
|
p, err := ParsePackage(bytes.NewReader(b))
|
|
assert.NotNil(t, p)
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, packageFullName, p.Name)
|
|
assert.Equal(t, packageVersion, p.Version)
|
|
assert.Equal(t, []string{packageTag}, p.DistTags)
|
|
assert.Equal(t, fmt.Sprintf("%s-%s.tgz", strings.Split(packageFullName, "/")[1], packageVersion), p.Filename)
|
|
b, _ = base64.StdEncoding.DecodeString(data)
|
|
assert.Equal(t, b, p.Data)
|
|
assert.Equal(t, packageName, p.Metadata.Name)
|
|
assert.Equal(t, packageScope, p.Metadata.Scope)
|
|
assert.Equal(t, packageDescription, p.Metadata.Description)
|
|
assert.Equal(t, packageDescription, p.Metadata.Readme)
|
|
assert.Equal(t, packageAuthor, p.Metadata.Author)
|
|
assert.Equal(t, packageBin, p.Metadata.Bin["bin"])
|
|
assert.Equal(t, "MIT", p.Metadata.License)
|
|
assert.Equal(t, "https://gitea.io/", p.Metadata.ProjectURL)
|
|
assert.Contains(t, p.Metadata.Dependencies, "package")
|
|
assert.Equal(t, "1.2.0", p.Metadata.Dependencies["package"])
|
|
})
|
|
}
|