mirror/pnpm
1
0
Fork 0
mirror of https://github.com/pnpm/pnpm.git synced 2026-04-11 10:40:53 -04:00
Code Issues Packages Projects Releases Wiki Activity
10,667 Commits 378 Branches 1,872 Tags
bfd38cdc15e89b36eab4fa106a94de066c4638ef
Commit Graph

8 Commits

Author SHA1 Message Date
Zoltan Kochan
45a6cb6b2a refactor(auth): unify auth/SSL into structured configByUri (#11201) 
Replaces the dual `authConfig` (raw .npmrc) + `authInfos` (parsed auth) + `sslConfigs` (parsed SSL) pattern with a single structured `configByUri: Record<string, RegistryConfig>` field on Config.

### New types (`@pnpm/types`)
- **`RegistryConfig`** — per-registry config: `{ creds?: Creds, tls?: TlsConfig }`
- **`Creds`** — auth credentials: `{ authToken?, basicAuth?, tokenHelper? }`
- **`TlsConfig`** — TLS config: `{ cert?, key?, ca? }`

### Key changes
- Rewrite `createGetAuthHeaderByURI` to accept `Record<string, RegistryConfig>` instead of raw .npmrc key-value pairs
- Eliminate duplicate auth parsing between `getAuthHeadersFromConfig` and `getNetworkConfigs`
- Remove `authConfig` from the install pipeline (`StrictInstallOptions`, `HeadlessOptions`), replaced by `configByUri`
- Remove `sslConfigs` from Config — SSL fields now live in `configByUri[uri].tls`
- Remove `authConfig['registry']` mutation in `extendInstallOptions` (default registry now passed directly to `createGetAuthHeaderByURI`)
- `authConfig` remains on Config only for raw .npmrc access (config commands, error reporting, config inheritance)

### Security
- tokenHelper in project .npmrc now throws instead of being silently stripped
- tokenHelper execution uses `shell: false` to prevent shell metacharacter injection
- Basic auth uses `Buffer.from().toString('base64')` instead of `btoa()` for Unicode safety
- Dispatcher only creates custom agents when entries actually have TLS fields
 2026-04-05 20:15:10 +02:00
Zoltan Kochan
27cbc09206 style: fix jest-related linting issues (#9894) 2025-08-22 21:56:49 +02:00
Khải
3ac0487b3f feat(network): basic auth header (#7376) 
close #7371

---------

Co-authored-by: Zoltan Kochan <z@kochan.io>
 2023-12-05 18:59:50 +01:00
Nacho Aldama
23039a6d60 fix: missing auth token in registries with paths included (#7337) 
close #5970
close #2933

---------

Co-authored-by: Zoltan Kochan <z@kochan.io>
 2023-11-21 23:03:11 +02:00
Frederick Engelhardt
3c5aaaf84e test: add tests specifically for removePort function includes http|https|wss|ws (#6874) 
* * chore(tests): add tests specifically for removePort function
* chore(test): move removePort to it's own helper function
* add support for more url types, http,https,ws,wss

* chore(formatting): remove auto-formatting

* chore(formatting): remove auto-formatting for test file

* style: reformat

---------

Co-authored-by: Frederick Engelhardt <frederick.engelhardt@bestbuy.com>
Co-authored-by: Zoltan Kochan <z@kochan.io>
 2023-07-29 01:14:18 +03:00
Frederick Engelhardt
aa20818a0e feat(always-auth): add https port parsing on registry matching for artifactory compatibility (#6864) 
Co-authored-by: Frederick Engelhardt <frederick.engelhardt@bestbuy.com>
Co-authored-by: Zoltan Kochan <z@kochan.io>
 2023-07-27 17:18:29 +03:00
Zoltan Kochan
4e7afec90c fix: searching for auth token for URL with port (#6708) 
close #6354
 2023-06-23 12:30:04 +03:00
Zoltan Kochan
4ca53b0b50 refactor: group projects in different subdirectories (#5659) 2022-11-20 01:35:22 +02:00