From 2f9c7ca85241dbbd840f73f8527fcdce1c3fdf1d Mon Sep 17 00:00:00 2001
From: Zoltan Kochan <zkochan@users.noreply.github.com>
Date: Thu, 28 May 2020 23:43:02 +0300
Subject: [PATCH] fix: install a pkg hosted not under registry domain

close #2586
PR #2588
---
 .changeset/cool-pugs-reply.md         |   6 ++
 packages/supi/package.json            |   1 +
 packages/supi/src/install/lockfile.ts |   2 +-
 packages/supi/test/lockfile.ts        |  57 +++++++++++++++++++
 pnpm-lock.yaml                        |   2 +
 registry-mirror/is-positive-3.1.0.tgz | Bin 0 -> 1542 bytes
 registry-mirror/is-positive.json      |  78 ++++++++++++++++++++++++++
 7 files changed, 145 insertions(+), 1 deletion(-)
 create mode 100644 .changeset/cool-pugs-reply.md
 create mode 100644 registry-mirror/is-positive-3.1.0.tgz
 create mode 100644 registry-mirror/is-positive.json

diff --git a/.changeset/cool-pugs-reply.md b/.changeset/cool-pugs-reply.md
new file mode 100644
index 0000000000..2777b97b80
--- /dev/null
+++ b/.changeset/cool-pugs-reply.md
@@ -0,0 +1,6 @@
+---
+"supi": patch
+---
+
+Fix a regression introduced in pnpm v5.0.0.
+Create correct lockfile when the package tarball is hosted not under the registry domain.
diff --git a/packages/supi/package.json b/packages/supi/package.json
index 23d66f0cd7..6e8bb4861a 100644
--- a/packages/supi/package.json
+++ b/packages/supi/package.json
@@ -103,6 +103,7 @@
     "is-ci": "2.0.0",
     "is-windows": "1.0.2",
     "ncp": "2.0.0",
+    "nock": "^12.0.3",
     "npm-run-all": "4.1.5",
     "path-exists": "4.0.0",
     "path-name": "1.0.0",
diff --git a/packages/supi/src/install/lockfile.ts b/packages/supi/src/install/lockfile.ts
index f2269afb4e..12ec01ea6e 100644
--- a/packages/supi/src/install/lockfile.ts
+++ b/packages/supi/src/install/lockfile.ts
@@ -18,7 +18,7 @@ export function depPathToRef (
   if (depPath.startsWith(`${registryName}/`) && !depPath.includes('/-/')) {
     depPath = depPath.replace(`${registryName}/`, '/')
   }
-  if (opts.alias === opts.realName) {
+  if (depPath[0] === '/' && opts.alias === opts.realName) {
     const ref = depPath.replace(`/${opts.realName}/`, '')
     if (!ref.includes('/')) return ref
   }
diff --git a/packages/supi/test/lockfile.ts b/packages/supi/test/lockfile.ts
index 520ebacc56..cb42f017e5 100644
--- a/packages/supi/test/lockfile.ts
+++ b/packages/supi/test/lockfile.ts
@@ -7,7 +7,9 @@ import { fromDir as readPackageJsonFromDir } from '@pnpm/read-package-json'
 import { getIntegrity, REGISTRY_MOCK_PORT } from '@pnpm/registry-mock'
 import { ProjectManifest } from '@pnpm/types'
 import rimraf = require('@zkochan/rimraf')
+import loadJsonFile = require('load-json-file')
 import fs = require('mz/fs')
+import nock = require('nock')
 import path = require('path')
 import exists = require('path-exists')
 import R = require('ramda')
@@ -1128,3 +1130,58 @@ test('broken lockfile is fixed even if it seems like up-to-date at first. Unless
   const lockfile = await project.readLockfile()
   t.ok(lockfile.packages['/dep-of-pkg-with-1-dep/100.0.0'])
 })
+
+const REGISTRY_MIRROR_DIR = path.join(__dirname, '../../../registry-mirror')
+
+// tslint:disable:no-any
+const isPositiveMeta = loadJsonFile.sync<any>(path.join(REGISTRY_MIRROR_DIR, 'is-positive.json'))
+// tslint:enable:no-any
+const tarballPath = path.join(REGISTRY_MIRROR_DIR, 'is-positive-3.1.0.tgz')
+
+test('tarball domain differs from registry domain', async (t: tape.Test) => {
+  nock('https://registry.example.com', { allowUnmocked: true })
+    .get('/is-positive')
+    .reply(200, isPositiveMeta)
+
+  nock('https://registry.npmjs.org', { allowUnmocked: true })
+    .get('/is-positive/-/is-positive-3.1.0.tgz')
+    .replyWithFile(200, tarballPath)
+
+  const project = prepareEmpty(t)
+
+  await addDependenciesToPackage({},
+    [
+      'is-positive',
+    ], await testDefaults({
+      fastUnpack: false,
+      lockfileOnly: true,
+      registries: {
+        default: 'https://registry.example.com',
+      },
+      save: true,
+    })
+  )
+
+  const lockfile = await project.readLockfile()
+
+  t.deepEqual(lockfile, {
+    dependencies: {
+      'is-positive': 'registry.npmjs.org/is-positive/3.1.0',
+    },
+    lockfileVersion: LOCKFILE_VERSION,
+    packages: {
+      'registry.npmjs.org/is-positive/3.1.0': {
+        dev: false,
+        engines: { node: '>=0.10.0' },
+        name: 'is-positive',
+        resolution: {
+          integrity: 'sha1-hX21hKG6XRyymAUn/DtsQ103sP0=',
+          registry: 'https://registry.example.com/',
+          tarball: 'https://registry.npmjs.org/is-positive/-/is-positive-3.1.0.tgz',
+        },
+        version: '3.1.0',
+      },
+    },
+    specifiers: { 'is-positive': '^3.1.0' },
+  })
+})
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 6c05876b89..f71d08a1ec 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -2640,6 +2640,7 @@ importers:
       is-ci: 2.0.0
       is-windows: 1.0.2
       ncp: 2.0.0
+      nock: 12.0.3
       npm-run-all: 4.1.5
       path-exists: 4.0.0
       path-name: 1.0.0
@@ -2727,6 +2728,7 @@ importers:
       load-json-file: 6.2.0
       mz: 2.7.0
       ncp: 2.0.0
+      nock: ^12.0.3
       normalize-path: 3.0.0
       npm-run-all: 4.1.5
       p-every: 2.0.0
diff --git a/registry-mirror/is-positive-3.1.0.tgz b/registry-mirror/is-positive-3.1.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..a1e2a48220ac3aa2333fda8c60c81760b76134c1
GIT binary patch
literal 1542
zcmV+h2Ko6PiwFP!000003+-6_Zre5x@4wSi+}xqI2l+E`0wi-b#a0@jwq(dkvmhvD
zS)y$=vgnbNlWgb%?KSpfJ4#k!r%hL2P1gcG1W?HP_}v|;yR#O4aOF=)ZIL~zZv~5=
zeP*iH>w9~9pq@w%pN;y?K0IqQ_jY&pclKJlt!MSdPQB4Y{^xe&LzD>Vb9Cju+Ibk<
zH$s1E0EO6}lfnTMsHiNMppq_0L060=;exVQ@ph_>YCYQxi3m7d$Q7qEBf%BW2?#bP
zaz^7RPys&VrXWt{W5P4thz2AUDO%t1vOP{xQO0l8_7zz!{n~r3_=%h`jsnW#HJ@LR
zC5@r)bBT8G@}|<rCv%@hD|<Aa-|>H$Dn>P6^IS6Fsoa#xSu$3PTIxapx$jbF5>IJN
z#2PjWQ|zO5z1pZ_TJA)%#H@)*BBT<%VesMw`0HjTG)j$LW|A}x$ql}LO5jZ@a7Avf
z84uTF)-s8!jRfUbtN#OaDEFp9vh0!tL5Mh@>!B!*(7hjXy&IM-m6zH(?f<@>TY6$z
z)%{w2`<?>h<MqGZXf^Na|8BE^^}pF@?QiS<m!M)I2nfk(Ad83EoP|k5s^n(DxD?Qa
zNfHOD&O<3KW6AiA6PfTBBpaeiJgo+P6e(7_-G<^N8^0xi1Us!#Z;Gno#c%}mL+#z+
zwv>F8l)wM0zWgK@AAkRwjosGW``_BzZ>smdzQ3LSz6g0U0yv04FFSuI;i9Z*9k#gT
zbUKqz3d-<s#)6+79jcC?^l*?ua|6QXRH#u>jfOMA$@mtg+>a#*b(nBMfK4En`Fu)r
ztS;ckx3IwB6BXE4`ZQKkr4IqRrJ*EFnF7bniM;kXLE#X5bR(cX+Jle<$(+Q}PYYK%
zWkE?|oQ2^^qfkykLgGgn2Bvs93$D?7mPp_vtBPnt2O0-a5-J~Zc0}iNg`m{aTnP=0
zVm;MUKXt%rN+;?`(y$iEIHF>vLr9hBaUyY3sLeF>x{9O5I0zC&8d|_P4boWey-Q`3
z>kE}oxk`~xJJ&Nd-;9I`ZGy!bAxWweGE7;Dm{w`rQQ{L8MeJII7O*&^Dk5>9Y3g41
zV}{dvaCa4ACehW*1$6+6`%_)9#0>iZjL9lth)ZKlZRO!`1&?oBEU6!X>M{!NVVG6K
zKQ&?KoOtJkYl1a|f$O}sx@H#&#t_#99nLN9)H(A2C0xVyF2Fef!@hu5mfh9C{B_`(
z!y!1XX7vX>%fvm)?)1*Omi-crQO|bp)?0Yp(WvKu0$iE0%%L*YH{H%DE{$WWXL%R8
zc4B$9vU%dTV8Fm|J*#upGh7&)xdUftB77Ik+LnFdB8u5JZLf-`xCiEIT)^<u==Bto
zW}Kn-uJR8$&fvneUY>ez>h!uMZXTQHnQ`1RGbjwI(=)8T4qc;fyfjlS2d%i863e`U
z^HWo8DLe!JI-cd&DvXX}doC_@jMDY)RL`xUse|EKLzR#d*Xiq;N+)VKsS(t(&CH5Q
zHEf&+im3J3(7ZDUUDN2HEj%83<M^uE*8lZV-v2rA!#SzW!zaM_m+wEVdSh+=-%;Ox
zn$7*zw*P+#dJbz}THx~g%j1MbAq=s%CE`tKCgnmL)M}FZOB4)fmGNoqy-ze%v7G)q
z#(o~m+H+q>!ponmi{rr&eBw7GP1Bw~2P?)i!yc)PMkDP9h!=BgGwBvoD#Blq^_Wtj
zRP9XQMNgI93hb|_fpUW!pp6~>_k?m%Dz0f4%ZHkFFI8&bx>jo+f#eC<;M8-@#E--#
ztI~L!S8Nm?XJ$X75VX7on#S{+%_KPhPqpFfM;o?xBI2S{ZCucha2VA`s>x$FelL${
z56>0UID!dJa8N*Dc}++RqY5f3AvA(5Yy!6|fop8r+1w=60D&xBjXP=Uz8vKcl|Kk)
zqx<7u8wUlAL!7G^pCzKUAzxlaQT;7DE0;uSmeaHfT;g%WWa=x~4_dvuQMptZDvw^M
sTxR1!t%hGsQ<L!Df5GL$fj7hb0Bm{N+qSf&Eq$x>4>vI+E&v<=09ncYW&i*H

literal 0
HcmV?d00001

diff --git a/registry-mirror/is-positive.json b/registry-mirror/is-positive.json
new file mode 100644
index 0000000000..3e8b9260d1
--- /dev/null
+++ b/registry-mirror/is-positive.json
@@ -0,0 +1,78 @@
+{
+  "versions": {
+      "1.0.0": {
+          "name": "is-positive",
+          "version": "1.0.0",
+          "devDependencies": {
+              "ava": "^0.0.4"
+          },
+          "_hasShrinkwrap": false,
+          "directories": {},
+          "dist": {
+              "integrity": "sha512-9cI+DmhNhA8ioT/3EJFnt0s1yehnAECyIOXdT+2uQGzcEEBaj8oNmVWj33+ZjPndMIFRQh8JeJlEu1uv5/J7pQ==",
+              "shasum": "88009856b64a2f1eb7d8bb0179418424ae0452cb",
+              "tarball": "https://registry.npmjs.org/is-positive/-/is-positive-1.0.0.tgz"
+          },
+          "engines": {
+              "node": ">=0.10.0"
+          }
+      },
+      "2.0.0": {
+          "name": "is-positive",
+          "version": "2.0.0",
+          "devDependencies": {
+              "ava": "^0.0.4"
+          },
+          "_hasShrinkwrap": false,
+          "directories": {},
+          "dist": {
+              "integrity": "sha512-K+obMwRFQAMZb54Jia82SjPdOyBQ4UX8DSowwWCVhzwJOnAxZZ7UsAEI8sH2R6GhFI9efNeH3VGgOLPdzkMTaA==",
+              "shasum": "b14f06bd2db810ae6c8b12741d136bfaef0d87bd",
+              "tarball": "https://registry.npmjs.org/is-positive/-/is-positive-2.0.0.tgz"
+          },
+          "engines": {
+              "node": ">=0.10.0"
+          }
+      },
+      "3.0.0": {
+          "name": "is-positive",
+          "version": "3.0.0",
+          "devDependencies": {
+              "ava": "^0.0.4"
+          },
+          "_hasShrinkwrap": false,
+          "directories": {},
+          "dist": {
+              "integrity": "sha512-k1fsSAMxK5AjqPB45vXZrojz/UvY+BMSut1nrFBv5MM7uBIrncljDKEElsem5yEkFGxIiRpbCwgaMvny+85DsQ==",
+              "shasum": "8ef0ee22f7ce24f7633f8908030ec48b62acf4a3",
+              "tarball": "https://registry.npmjs.org/is-positive/-/is-positive-3.0.0.tgz"
+          },
+          "engines": {
+              "node": ">=0.10.0"
+          }
+      },
+      "3.1.0": {
+          "name": "is-positive",
+          "version": "3.1.0",
+          "devDependencies": {
+              "ava": "*",
+              "xo": "*"
+          },
+          "_hasShrinkwrap": false,
+          "directories": {},
+          "dist": {
+              "shasum": "857db584a1ba5d1cb2980527fc3b6c435d37b0fd",
+              "tarball": "https://registry.npmjs.org/is-positive/-/is-positive-3.1.0.tgz"
+          },
+          "engines": {
+              "node": ">=0.10.0"
+          }
+      }
+  },
+  "name": "is-positive",
+  "dist-tags": {
+      "stable": "3.0.0",
+      "latest": "3.1.0"
+  },
+  "modified": "2017-08-17T19:26:00.508Z"
+}