mirror of
https://github.com/pnpm/pnpm.git
synced 2026-06-28 09:55:39 -04:00
a84d2a1157
Add @pnpm/resolving.tarball-url, which builds and recognizes the canonical npm tarball URL of a package. It vendors getNpmTarballUrl (previously the external get-npm-tarball-url dependency) and adds isCanonicalRegistryTarballUrl. @pnpm/lockfile.utils (toLockfileResolution, pkgSnapshotToResolution) and @pnpm/installing.env-installer now import from the new package; the private copy of the canonical check in toLockfileResolution is removed, and the external get-npm-tarball-url dependency and its catalog entry are dropped. The vendored getNpmTarballUrl is byte-for-byte equivalent to get-npm-tarball-url@2.1.0, so the fetch paths that use it are unchanged. Two correctness fixes are folded in while consolidating the logic: - the scoped-package unescape now handles uppercase %2F as well as %2f (percent-encoding is case-insensitive), so canonical scoped URLs are not needlessly persisted; - protocol-insensitive comparison strips only a leading http(s):// scheme via regex instead of splitting on the first :// (which could truncate a URL containing a later :// and yield a false-positive "canonical" match). Both fixes are mirrored in the pacquet port (is_canonical_registry_tarball_url in pacquet/crates/lockfile/src/resolution.rs) so the two stacks omit the same canonical scoped registry URLs from the lockfile, with matching regression tests. --------- Co-authored-by: Zoltan Kochan <z@kochan.io>
60 lines
1.6 KiB
JSON
60 lines
1.6 KiB
JSON
{
|
|
"name": "@pnpm/lockfile.utils",
|
|
"version": "1100.0.13",
|
|
"description": "Utils for dealing with pnpm-lock.yaml",
|
|
"keywords": [
|
|
"pnpm",
|
|
"pnpm11",
|
|
"lockfile",
|
|
"shrinkwrap"
|
|
],
|
|
"license": "MIT",
|
|
"funding": "https://opencollective.com/pnpm",
|
|
"repository": "https://github.com/pnpm/pnpm/tree/main/lockfile/utils",
|
|
"homepage": "https://github.com/pnpm/pnpm/tree/main/lockfile/utils#readme",
|
|
"bugs": {
|
|
"url": "https://github.com/pnpm/pnpm/issues"
|
|
},
|
|
"type": "module",
|
|
"main": "lib/index.js",
|
|
"types": "lib/index.d.ts",
|
|
"exports": {
|
|
".": "./lib/index.js"
|
|
},
|
|
"files": [
|
|
"lib",
|
|
"!*.map"
|
|
],
|
|
"scripts": {
|
|
"lint": "eslint \"src/**/*.ts\" \"test/**/*.ts\"",
|
|
"test": "pn compile && pn .test",
|
|
"prepublishOnly": "tsgo --build",
|
|
"compile": "tsgo --build && pn lint --fix",
|
|
".test": "cross-env NODE_OPTIONS=\"$NODE_OPTIONS --experimental-vm-modules --disable-warning=ExperimentalWarning --disable-warning=DEP0169\" jest"
|
|
},
|
|
"dependencies": {
|
|
"@pnpm/deps.path": "workspace:*",
|
|
"@pnpm/error": "workspace:*",
|
|
"@pnpm/hooks.types": "workspace:*",
|
|
"@pnpm/lockfile.types": "workspace:*",
|
|
"@pnpm/resolving.resolver-base": "workspace:*",
|
|
"@pnpm/resolving.tarball-url": "workspace:*",
|
|
"@pnpm/types": "workspace:*",
|
|
"ramda": "catalog:"
|
|
},
|
|
"devDependencies": {
|
|
"@jest/globals": "catalog:",
|
|
"@pnpm/lockfile.utils": "workspace:*",
|
|
"@types/ramda": "catalog:",
|
|
"tempy": "catalog:",
|
|
"write-yaml-file": "catalog:",
|
|
"yaml-tag": "catalog:"
|
|
},
|
|
"engines": {
|
|
"node": ">=22.13"
|
|
},
|
|
"jest": {
|
|
"preset": "@pnpm/jest-config"
|
|
}
|
|
}
|