mirror/pnpm
1
0
Fork 0
mirror of https://github.com/pnpm/pnpm.git synced 2026-04-10 18:18:56 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
bfd38cdc15e89b36eab4fa106a94de066c4638ef
pnpm/bins/resolver/test/index.ts
Zoltan Kochan 4a36b9a110 refactor: rename internal packages to @pnpm/<domain>.<leaf> convention (#10997) 
## Summary

Rename all internal packages so their npm names follow the `@pnpm/<domain>.<leaf>` convention, matching their directory structure. Also rename directories to remove redundancy and improve clarity.

### Bulk rename (94 packages)

All `@pnpm/` packages now derive their name from their directory path using dot-separated segments. Exceptions: `packages/`, `__utils__/`, and `pnpm/artifacts/` keep leaf names only.

### Directory renames (removing redundant prefixes)

- `cli/cli-meta` → `cli/meta`, `cli/cli-utils` → `cli/utils`
- `config/config` → `config/reader`, `config/config-writer` → `config/writer`
- `fetching/fetching-types` → `fetching/types`
- `lockfile/lockfile-to-pnp` → `lockfile/to-pnp`
- `store/store-connection-manager` → `store/connection-manager`
- `store/store-controller-types` → `store/controller-types`
- `store/store-path` → `store/path`

### Targeted renames (clarity improvements)

- `deps/dependency-path` → `deps/path` (`@pnpm/deps.path`)
- `deps/calc-dep-state` → `deps/graph-hasher` (`@pnpm/deps.graph-hasher`)
- `deps/inspection/dependencies-hierarchy` → `deps/inspection/tree-builder` (`@pnpm/deps.inspection.tree-builder`)
- `bins/link-bins` → `bins/linker`, `bins/remove-bins` → `bins/remover`, `bins/package-bins` → `bins/resolver`
- `installing/get-context` → `installing/context`
- `store/package-store` → `store/controller`
- `pkg-manifest/manifest-utils` → `pkg-manifest/utils`

### Manifest reader/writer renames

- `workspace/read-project-manifest` → `workspace/project-manifest-reader` (`@pnpm/workspace.project-manifest-reader`)
- `workspace/write-project-manifest` → `workspace/project-manifest-writer` (`@pnpm/workspace.project-manifest-writer`)
- `workspace/read-manifest` → `workspace/workspace-manifest-reader` (`@pnpm/workspace.workspace-manifest-reader`)
- `workspace/manifest-writer` → `workspace/workspace-manifest-writer` (`@pnpm/workspace.workspace-manifest-writer`)

### Workspace package renames

- `workspace/find-packages` → `workspace/projects-reader`
- `workspace/find-workspace-dir` → `workspace/root-finder`
- `workspace/resolve-workspace-range` → `workspace/range-resolver`
- `workspace/filter-packages-from-dir` merged into `workspace/filter-workspace-packages` → `workspace/projects-filter`

### Domain moves

- `pkg-manifest/read-project-manifest` → `workspace/project-manifest-reader`
- `pkg-manifest/write-project-manifest` → `workspace/project-manifest-writer`
- `pkg-manifest/exportable-manifest` → `releasing/exportable-manifest`

### Scope

- 1206 files changed
- Updated: package.json names/deps, TypeScript imports, tsconfig references, changeset files, renovate.json, test fixtures, import ordering
2026-03-17 21:50:40 +01:00

170 lines
3.6 KiB
TypeScript
Raw Blame History

import path from 'node:path'
import { getBinsFromPackageManifest } from '@pnpm/bins.resolver'
test('getBinsFromPackageManifest()', async () => {
expect(
await getBinsFromPackageManifest({
bin: 'one-bin',
name: 'one-bin',
version: '1.0.0',
}, process.cwd())).toStrictEqual(
[{
name: 'one-bin',
path: path.resolve('one-bin'),
}]
)
})
test('getBinsFromPackageManifest() should allow $ as command name', async () => {
expect(
await getBinsFromPackageManifest({
bin: {
$: './undollar.js',
},
name: 'undollar',
version: '1.0.0',
}, process.cwd())).toStrictEqual(
[{
name: '$',
path: path.resolve('undollar.js'),
}]
)
})
test('find all the bin files from a bin directory', async () => {
const fixtures = path.join(import.meta.dirname, 'fixtures')
expect(
await getBinsFromPackageManifest({
name: 'bin-dir',
version: '1.0.0',
directories: { bin: 'bin-dir' },
}, fixtures)).toStrictEqual(
[
{
name: 'rootBin.js',
path: path.join(fixtures, 'bin-dir/rootBin.js'),
},
{
name: 'subBin.js',
path: path.join(fixtures, 'bin-dir/subdir/subBin.js'),
},
]
)
})
test('get bin of scoped package', async () => {
expect(
await getBinsFromPackageManifest({
bin: 'bin.js',
name: '@foo/bar',
version: '1.0.0',
}, process.cwd())).toStrictEqual(
[{
name: 'bar',
path: path.resolve('bin.js'),
}]
)
})
test('skip dangerous bin names', async () => {
expect(
await getBinsFromPackageManifest({
name: 'foo',
version: '1.0.0',
bin: {
'../bad': './bad',
'..\\bad': './bad',
good: './good',
'~/bad': './bad',
},
}, process.cwd())).toStrictEqual(
[
{
name: 'good',
path: path.resolve('good'),
},
]
)
})
test('skip dangerous bin locations', async () => {
expect(
await getBinsFromPackageManifest({
name: 'foo',
version: '1.0.0',
bin: {
bad: '../bad',
good: './good',
},
}, process.cwd())).toStrictEqual(
[
{
name: 'good',
path: path.resolve('good'),
},
]
)
})
test('get bin from scoped bin name', async () => {
expect(
await getBinsFromPackageManifest({
name: '@foo/a',
version: '1.0.0',
bin: {
'@foo/a': './a',
},
}, process.cwd())).toStrictEqual(
[
{
name: 'a',
path: path.resolve('a'),
},
]
)
})
test('skip scoped bin names with path traversal', async () => {
expect(
await getBinsFromPackageManifest({
name: 'malicious',
version: '1.0.0',
bin: {
'@scope/../../.npmrc': './malicious.js',
'@scope/../etc/passwd': './evil.js',
'@scope/legit': './good.js',
},
}, process.cwd())).toStrictEqual([
{
name: 'legit',
path: path.resolve('good.js'),
},
])
})
test('skip directories.bin with path traversal', async () => {
// Security test: malicious packages can try to escape the package root
// using directories.bin to chmod files at arbitrary locations
expect(
await getBinsFromPackageManifest({
name: 'malicious',
version: '1.0.0',
directories: {
bin: '../../../../tmp/target',
},
}, process.cwd())).toStrictEqual([])
expect(
await getBinsFromPackageManifest({
name: 'malicious',
version: '1.0.0',
directories: {
bin: '../../../etc',
},
}, process.cwd())).toStrictEqual([])
})
Reference in New Issue View Git Blame Copy Permalink