NotificationsYou must be signed in to change notification settings
Fork0
Star0

Commit51ab3c8

committed

fix: remove support for legacy auth

BREAKING CHANGE: legacy authentication using `NPM_USERNAME` and `NPM_PASSWORD` is no longer supported. Use `NPM_TOKEN` instead.

1 parentc5036aa commit51ab3c8Copy full SHA for 51ab3c8

File tree

7 files changed

+42

-119

lines changed

README.md
index.js
lib
- set-legacy-token.js
- set-npmrc-auth.js
test
- helpers
  - npm-registry.js
- integration.test.js
- set-npmrc-auth.test.js

7 files changed

+42

-119

lines changed

`‎README.md‎`

Lines changed: 0 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -47,13 +47,8 @@ Both the [token](https://docs.npmjs.com/getting-started/working_with_tokens) and`
`47`	`47`	`\| Variable\| Description\|`
`48`	`48`	`\| -----------------------\| -----------------------------------------------------------------------------------------------------------------------------\|`
`49`	`49`	\|`NPM_TOKEN`\| Npm token created via[npm token create](https://docs.npmjs.com/getting-started/working_with_tokens#how-to-create-new-tokens)\|
`50`		-\|`NPM_USERNAME`\| Npm username created via[npm adduser](https://docs.npmjs.com/cli/adduser) or on[npmjs.com](https://www.npmjs.com)\|
`51`		-\|`NPM_PASSWORD`\| Password of the npm user.\|
`52`		-\|`NPM_EMAIL`\| Email address associated with the npm user\|
`53`	`50`	\|`NPM_CONFIG_USERCONFIG`\| Path to non-default .npmrc file\|
`54`	`51`
`55`		-Use either`NPM_TOKEN` for token authentication or`NPM_USERNAME`,`NPM_PASSWORD` and`NPM_EMAIL` for legacy authentication
`56`		`-`
`57`	`52`	`###Options`
`58`	`53`
`59`	`54`	`\| Options\| Description\| Default\|`

`‎index.js‎`

Lines changed: 0 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,6 @@`
`1`	`1`	`import{castArray,defaultTo}from"lodash-es";`
`2`	`2`	`importAggregateErrorfrom"aggregate-error";`
`3`	`3`	`import{temporaryFile}from"tempy";`
`4`		`-importsetLegacyTokenfrom"./lib/set-legacy-token.js";`
`5`	`4`	`importgetPkgfrom"./lib/get-pkg.js";`
`6`	`5`	`importverifyNpmConfigfrom"./lib/verify-config.js";`
`7`	`6`	`importverifyNpmAuthfrom"./lib/verify-auth.js";`
`@@ -26,8 +25,6 @@ export async function verifyConditions(pluginConfig, context) {`
`26`	`25`
`27`	`26`	`consterrors=verifyNpmConfig(pluginConfig);`
`28`	`27`
`29`		`-setLegacyToken(context);`
`30`		`-`
`31`	`28`	`try{`
`32`	`29`	`constpkg=awaitgetPkg(pluginConfig,context);`
`33`	`30`
`@@ -49,8 +46,6 @@ export async function verifyConditions(pluginConfig, context) {`
`49`	`46`	`exportasyncfunctionprepare(pluginConfig,context){`
`50`	`47`	`consterrors=verified ?[] :verifyNpmConfig(pluginConfig);`
`51`	`48`
`52`		`-setLegacyToken(context);`
`53`		`-`
`54`	`49`	`try{`
`55`	`50`	`// Reload package.json in case a previous external step updated it`
`56`	`51`	`constpkg=awaitgetPkg(pluginConfig,context);`
`@@ -73,8 +68,6 @@ export async function publish(pluginConfig, context) {`
`73`	`68`	`letpkg;`
`74`	`69`	`consterrors=verified ?[] :verifyNpmConfig(pluginConfig);`
`75`	`70`
`76`		`-setLegacyToken(context);`
`77`		`-`
`78`	`71`	`try{`
`79`	`72`	`// Reload package.json in case a previous external step updated it`
`80`	`73`	`pkg=awaitgetPkg(pluginConfig,context);`
`@@ -100,8 +93,6 @@ export async function addChannel(pluginConfig, context) {`
`100`	`93`	`letpkg;`
`101`	`94`	`consterrors=verified ?[] :verifyNpmConfig(pluginConfig);`
`102`	`95`
`103`		`-setLegacyToken(context);`
`104`		`-`
`105`	`96`	`try{`
`106`	`97`	`// Reload package.json in case a previous external step updated it`
`107`	`98`	`pkg=awaitgetPkg(pluginConfig,context);`

`‎lib/set-legacy-token.js‎`

Lines changed: 0 additions & 6 deletions

This file was deleted.

`‎lib/set-npmrc-auth.js‎`

Lines changed: 2 additions & 12 deletions

Original file line number	Diff line number	Diff line change
`@@ -6,11 +6,7 @@ import nerfDart from "nerf-dart";`
`6`	`6`	`importAggregateErrorfrom"aggregate-error";`
`7`	`7`	`importgetErrorfrom"./get-error.js";`
`8`	`8`
`9`		`-exportdefaultasyncfunction(`
`10`		`-npmrc,`
`11`		`-registry,`
`12`		`-{ cwd,env:{NPM_TOKEN,NPM_CONFIG_USERCONFIG,NPM_USERNAME,NPM_PASSWORD,NPM_EMAIL}, logger}`
`13`		`-){`
	`9`	`+exportdefaultasyncfunction(npmrc,registry,{ cwd,env:{NPM_TOKEN,NPM_CONFIG_USERCONFIG}, logger}){`
`14`	`10`	`logger.log("Verify authentication for registry %s",registry);`
`15`	`11`	`const{ configs, ...rcConfig}=rc(`
`16`	`12`	`"npm",`
`@@ -29,13 +25,7 @@ export default async function (`
`29`	`25`	`return;`
`30`	`26`	`}`
`31`	`27`
`32`		`-if(NPM_USERNAME&&NPM_PASSWORD&&NPM_EMAIL){`
`33`		`-awaitfs.outputFile(`
`34`		`-npmrc,`
`35`		-`${currentConfig ?`${currentConfig}\n` :""}_auth = \${LEGACY_TOKEN}\nemail = \${NPM_EMAIL}`
`36`		`-);`
`37`		-logger.log(`Wrote NPM_USERNAME, NPM_PASSWORD and NPM_EMAIL to${npmrc}`);
`38`		`-}elseif(NPM_TOKEN){`
	`28`	`+if(NPM_TOKEN){`
`39`	`29`	`awaitfs.outputFile(`
`40`	`30`	`npmrc,`
`41`	`31`	`${currentConfig ?`${currentConfig}\n` :""}${nerfDart(registry)}:_authToken = \${NPM_TOKEN}`

`‎test/helpers/npm-registry.js‎`

Lines changed: 14 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@ import path from "path";`
`7`	`7`	`importdelayfrom"delay";`
`8`	`8`	`importpRetryfrom"p-retry";`
`9`	`9`
`10`		`-constIMAGE="verdaccio/verdaccio:4";`
	`10`	`+constIMAGE="verdaccio/verdaccio:5";`
`11`	`11`	`constREGISTRY_PORT=4873;`
`12`	`12`	`constREGISTRY_HOST="localhost";`
`13`	`13`	`constNPM_USERNAME="integration";`
`@@ -16,7 +16,7 @@ const NPM_EMAIL = "integration@test.com";`
`16`	`16`	`constdocker=newDocker();`
`17`	`17`	`const__dirname=dirname(fileURLToPath(import.meta.url));`
`18`	`18`
`19`		`-letcontainer;`
	`19`	`+letcontainer,npmToken;`
`20`	`20`
`21`	`21`	`/**`
`22`	`22`	* Download the `npm-registry-docker` Docker image, create a new container and start it.
`@@ -57,16 +57,23 @@ export async function start() {`
`57`	`57`	`email:NPM_EMAIL,`
`58`	`58`	`},`
`59`	`59`	`});`
	`60`	`+`
	`61`	`+// Create token for user`
	`62`	+({token:npmToken}=awaitgot(`http://${REGISTRY_HOST}:${REGISTRY_PORT}/-/npm/v1/tokens`,{
	`63`	`+username:NPM_USERNAME,`
	`64`	`+password:NPM_PASSWORD,`
	`65`	`+method:"POST",`
	`66`	`+headers:{"content-type":"application/json"},`
	`67`	`+json:{password:NPM_PASSWORD,readonly:false,cidr_whitelist:[]},`
	`68`	`+}).json());`
`60`	`69`	`}`
`61`	`70`
`62`	`71`	exportconsturl=`http://${REGISTRY_HOST}:${REGISTRY_PORT}/`;
`63`	`72`
`64`		`-exportconstauthEnv={`
	`73`	`+exportconstauthEnv=()=>({`
`65`	`74`	`npm_config_registry:url,// eslint-disable-line camelcase`
`66`		`-NPM_USERNAME,`
`67`		`-NPM_PASSWORD,`
`68`		`-NPM_EMAIL,`
`69`		`-};`
	`75`	`+NPM_TOKEN:npmToken,`
	`76`	`+});`
`70`	`77`
`71`	`78`	`/**`
`72`	`79`	* Stop and remove the `npm-registry-docker` Docker container.

`‎test/integration.test.js‎`

Lines changed: 26 additions & 27 deletions

Original file line number	Diff line number	Diff line change
`@@ -10,18 +10,17 @@ import * as npmRegistry from "./helpers/npm-registry.js";`
`10`	`10`	`/* eslint camelcase: ["error", {properties: "never"}] */`
`11`	`11`
`12`	`12`	`// Environment variables used only for the local npm command used to do verification`
`13`		`-consttestEnv={`
`14`		`- ...process.env,`
`15`		`- ...npmRegistry.authEnv,`
`16`		`-npm_config_registry:npmRegistry.url,`
`17`		-LEGACY_TOKEN:Buffer.from(`${npmRegistry.authEnv.NPM_USERNAME}:${npmRegistry.authEnv.NPM_PASSWORD}`,"utf8").toString(
`18`		`-"base64"`
`19`		`-),`
`20`		`-};`
	`13`	`+lettestEnv;`
`21`	`14`
`22`	`15`	`test.before(async()=>{`
`23`	`16`	`// Start the local NPM registry`
`24`	`17`	`awaitnpmRegistry.start();`
	`18`	`+`
	`19`	`+testEnv={`
	`20`	`+ ...process.env,`
	`21`	`+ ...npmRegistry.authEnv(),`
	`22`	`+npm_config_registry:npmRegistry.url,`
	`23`	`+};`
`25`	`24`	`});`
`26`	`25`
`27`	`26`	`test.after.always(async()=>{`
`@@ -131,7 +130,7 @@ test("Verify npm auth and package", async (t) => {`
`131`	`130`	`{},`
`132`	`131`	`{`
`133`	`132`	`cwd,`
`134`		`-env:npmRegistry.authEnv,`
	`133`	`+env:npmRegistry.authEnv(),`
`135`	`134`	`options:{},`
`136`	`135`	`stdout:t.context.stdout,`
`137`	`136`	`stderr:t.context.stderr,`
`@@ -150,7 +149,7 @@ test("Verify npm auth and package from a sub-directory", async (t) => {`
`150`	`149`	`{pkgRoot:"dist"},`
`151`	`150`	`{`
`152`	`151`	`cwd,`
`153`		`-env:npmRegistry.authEnv,`
	`152`	`+env:npmRegistry.authEnv(),`
`154`	`153`	`options:{},`
`155`	`154`	`stdout:t.context.stdout,`
`156`	`155`	`stderr:t.context.stderr,`
`@@ -169,7 +168,7 @@ test('Verify npm auth and package with "npm_config_registry" env var set by yarn`
`169`	`168`	`{},`
`170`	`169`	`{`
`171`	`170`	`cwd,`
`172`		`-env:{ ...npmRegistry.authEnv,npm_config_registry:"https://registry.yarnpkg.com"},`
	`171`	`+env:{ ...npmRegistry.authEnv(),npm_config_registry:"https://registry.yarnpkg.com"},`
`173`	`172`	`options:{publish:[]},`
`174`	`173`	`stdout:t.context.stdout,`
`175`	`174`	`stderr:t.context.stderr,`
`@@ -216,7 +215,7 @@ test("Throw SemanticReleaseError Array if config option are not valid in verifyC`
`216`	`215`
`217`	`216`	`test("Publish the package",async(t)=>{`
`218`	`217`	`constcwd=temporaryDirectory();`
`219`		`-constenv=npmRegistry.authEnv;`
	`218`	`+constenv=npmRegistry.authEnv();`
`220`	`219`	`constpkg={name:"publish",version:"0.0.0",publishConfig:{registry:npmRegistry.url}};`
`221`	`220`	`awaitfs.outputJson(path.resolve(cwd,"package.json"),pkg);`
`222`	`221`
`@@ -241,7 +240,7 @@ test("Publish the package", async (t) => {`
`241`	`240`
`242`	`241`	`test("Publish the package on a dist-tag",async(t)=>{`
`243`	`242`	`constcwd=temporaryDirectory();`
`244`		`-constenv={ ...npmRegistry.authEnv,DEFAULT_NPM_REGISTRY:npmRegistry.url};`
	`243`	`+constenv={ ...npmRegistry.authEnv(),DEFAULT_NPM_REGISTRY:npmRegistry.url};`
`245`	`244`	`constpkg={name:"publish-tag",version:"0.0.0",publishConfig:{registry:npmRegistry.url,tag:"next"}};`
`246`	`245`	`awaitfs.outputJson(path.resolve(cwd,"package.json"),pkg);`
`247`	`246`
`@@ -270,7 +269,7 @@ test("Publish the package on a dist-tag", async (t) => {`
`270`	`269`
`271`	`270`	`test("Publish the package from a sub-directory",async(t)=>{`
`272`	`271`	`constcwd=temporaryDirectory();`
`273`		`-constenv=npmRegistry.authEnv;`
	`272`	`+constenv=npmRegistry.authEnv();`
`274`	`273`	`constpkg={name:"publish-sub-dir",version:"0.0.0",publishConfig:{registry:npmRegistry.url}};`
`275`	`274`	`awaitfs.outputJson(path.resolve(cwd,"dist/package.json"),pkg);`
`276`	`275`
`@@ -295,7 +294,7 @@ test("Publish the package from a sub-directory", async (t) => {`
`295`	`294`
`296`	`295`	`test('Create the package and skip publish ("npmPublish" is false)',async(t)=>{`
`297`	`296`	`constcwd=temporaryDirectory();`
`298`		`-constenv=npmRegistry.authEnv;`
	`297`	`+constenv=npmRegistry.authEnv();`
`299`	`298`	`constpkg={name:"skip-publish",version:"0.0.0",publishConfig:{registry:npmRegistry.url}};`
`300`	`299`	`awaitfs.outputJson(path.resolve(cwd,"package.json"),pkg);`
`301`	`300`
`@@ -320,7 +319,7 @@ test('Create the package and skip publish ("npmPublish" is false)', async (t) =>`
`320`	`319`
`321`	`320`	`test('Create the package and skip publish ("package.private" is true)',async(t)=>{`
`322`	`321`	`constcwd=temporaryDirectory();`
`323`		`-constenv=npmRegistry.authEnv;`
	`322`	`+constenv=npmRegistry.authEnv();`
`324`	`323`	`constpkg={`
`325`	`324`	`name:"skip-publish-private",`
`326`	`325`	`version:"0.0.0",`
`@@ -350,7 +349,7 @@ test('Create the package and skip publish ("package.private" is true)', async (t`
`350`	`349`
`351`	`350`	`test('Create the package and skip publish from a sub-directory ("npmPublish" is false)',async(t)=>{`
`352`	`351`	`constcwd=temporaryDirectory();`
`353`		`-constenv=npmRegistry.authEnv;`
	`352`	`+constenv=npmRegistry.authEnv();`
`354`	`353`	`constpkg={name:"skip-publish-sub-dir",version:"0.0.0",publishConfig:{registry:npmRegistry.url}};`
`355`	`354`	`awaitfs.outputJson(path.resolve(cwd,"dist/package.json"),pkg);`
`356`	`355`
`@@ -375,7 +374,7 @@ test('Create the package and skip publish from a sub-directory ("npmPublish" is`
`375`	`374`
`376`	`375`	`test('Create the package and skip publish from a sub-directory ("package.private" is true)',async(t)=>{`
`377`	`376`	`constcwd=temporaryDirectory();`
`378`		`-constenv=npmRegistry.authEnv;`
	`377`	`+constenv=npmRegistry.authEnv();`
`379`	`378`	`constpkg={`
`380`	`379`	`name:"skip-publish-sub-dir-private",`
`381`	`380`	`version:"0.0.0",`
`@@ -440,7 +439,7 @@ test("Throw SemanticReleaseError Array if config option are not valid in publish`
`440`	`439`
`441`	`440`	`test("Prepare the package",async(t)=>{`
`442`	`441`	`constcwd=temporaryDirectory();`
`443`		`-constenv=npmRegistry.authEnv;`
	`442`	`+constenv=npmRegistry.authEnv();`
`444`	`443`	`constpkg={name:"prepare",version:"0.0.0",publishConfig:{registry:npmRegistry.url}};`
`445`	`444`	`awaitfs.outputJson(path.resolve(cwd,"package.json"),pkg);`
`446`	`445`
`@@ -463,7 +462,7 @@ test("Prepare the package", async (t) => {`
`463`	`462`
`464`	`463`	`test("Prepare the package from a sub-directory",async(t)=>{`
`465`	`464`	`constcwd=temporaryDirectory();`
`466`		`-constenv=npmRegistry.authEnv;`
	`465`	`+constenv=npmRegistry.authEnv();`
`467`	`466`	`constpkg={name:"prepare-sub-dir",version:"0.0.0",publishConfig:{registry:npmRegistry.url}};`
`468`	`467`	`awaitfs.outputJson(path.resolve(cwd,"dist/package.json"),pkg);`
`469`	`468`
`@@ -521,7 +520,7 @@ test("Throw SemanticReleaseError Array if config option are not valid in prepare`
`521`	`520`
`522`	`521`	`test("Publish the package and add to default dist-tag",async(t)=>{`
`523`	`522`	`constcwd=temporaryDirectory();`
`524`		`-constenv=npmRegistry.authEnv;`
	`523`	`+constenv=npmRegistry.authEnv();`
`525`	`524`	`constpkg={name:"add-channel",version:"0.0.0",publishConfig:{registry:npmRegistry.url}};`
`526`	`525`	`awaitfs.outputJson(path.resolve(cwd,"package.json"),pkg);`
`527`	`526`
`@@ -557,7 +556,7 @@ test("Publish the package and add to default dist-tag", async (t) => {`
`557`	`556`
`558`	`557`	`test("Publish the package and add to lts dist-tag",async(t)=>{`
`559`	`558`	`constcwd=temporaryDirectory();`
`560`		`-constenv=npmRegistry.authEnv;`
	`559`	`+constenv=npmRegistry.authEnv();`
`561`	`560`	`constpkg={name:"add-channel-legacy",version:"1.0.0",publishConfig:{registry:npmRegistry.url}};`
`562`	`561`	`awaitfs.outputJson(path.resolve(cwd,"package.json"),pkg);`
`563`	`562`
`@@ -596,7 +595,7 @@ test("Publish the package and add to lts dist-tag", async (t) => {`
`596`	`595`
`597`	`596`	`test('Skip adding the package to a channel ("npmPublish" is false)',async(t)=>{`
`598`	`597`	`constcwd=temporaryDirectory();`
`599`		`-constenv=npmRegistry.authEnv;`
	`598`	`+constenv=npmRegistry.authEnv();`
`600`	`599`	`constpkg={name:"skip-add-channel",version:"0.0.0",publishConfig:{registry:npmRegistry.url}};`
`601`	`600`	`awaitfs.outputJson(path.resolve(cwd,"package.json"),pkg);`
`602`	`601`
`@@ -619,7 +618,7 @@ test('Skip adding the package to a channel ("npmPublish" is false)', async (t) =`
`619`	`618`
`620`	`619`	`test('Skip adding the package to a channel ("package.private" is true)',async(t)=>{`
`621`	`620`	`constcwd=temporaryDirectory();`
`622`		`-constenv=npmRegistry.authEnv;`
	`621`	`+constenv=npmRegistry.authEnv();`
`623`	`622`	`constpkg={`
`624`	`623`	`name:"skip-add-channel-private",`
`625`	`624`	`version:"0.0.0",`
`@@ -647,7 +646,7 @@ test('Skip adding the package to a channel ("package.private" is true)', async (`
`647`	`646`
`648`	`647`	`test("Create the package in addChannel step",async(t)=>{`
`649`	`648`	`constcwd=temporaryDirectory();`
`650`		`-constenv=npmRegistry.authEnv;`
	`649`	`+constenv=npmRegistry.authEnv();`
`651`	`650`	`constpkg={name:"add-channel-pkg",version:"0.0.0",publishConfig:{registry:npmRegistry.url}};`
`652`	`651`	`awaitfs.outputJson(path.resolve(cwd,"package.json"),pkg);`
`653`	`652`
`@@ -670,7 +669,7 @@ test("Create the package in addChannel step", async (t) => {`
`670`	`669`
`671`	`670`	`test("Throw SemanticReleaseError Array if config option are not valid in addChannel",async(t)=>{`
`672`	`671`	`constcwd=temporaryDirectory();`
`673`		`-constenv=npmRegistry.authEnv;`
	`672`	`+constenv=npmRegistry.authEnv();`
`674`	`673`	`constpkg={publishConfig:{registry:npmRegistry.url}};`
`675`	`674`	`awaitfs.outputJson(path.resolve(cwd,"package.json"),pkg);`
`676`	`675`	`constnpmPublish=42;`
`@@ -706,7 +705,7 @@ test("Throw SemanticReleaseError Array if config option are not valid in addChan`
`706`	`705`
`707`	`706`	`test("Verify token and set up auth only on the fist call, then prepare on prepare call only",async(t)=>{`
`708`	`707`	`constcwd=temporaryDirectory();`
`709`		`-constenv=npmRegistry.authEnv;`
	`708`	`+constenv=npmRegistry.authEnv();`
`710`	`709`	`constpkg={name:"test-module",version:"0.0.0-dev",publishConfig:{registry:npmRegistry.url}};`
`711`	`710`	`awaitfs.outputJson(path.resolve(cwd,"package.json"),pkg);`
`712`	`711`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit51ab3c8

File tree

7 files changed

7 files changed

`‎README.md‎`

`‎index.js‎`

`‎lib/set-legacy-token.js‎`

`‎lib/set-npmrc-auth.js‎`

`‎test/helpers/npm-registry.js‎`

`‎test/integration.test.js‎`

0 commit comments