Skip to content
Snippets Groups Projects
Select Git revision
  • 6d688412b4762b8ee41b86a9d867f553901d41f1
  • main default protected
  • renovate/main-renovatebot-github-action-43.x
  • next
  • feat/gnupg
  • fix/36615b-branch-reuse-no-cache
  • renovate/main-redis-5.x
  • chore/punycode
  • refactor/pin-new-value
  • feat/36219--git-x509-signing
  • feat/structured-logger
  • hotfix/39.264.1
  • feat/skip-dangling
  • gh-readonly-queue/next/pr-36034-7a061c4ca1024a19e2c295d773d9642625d1c2be
  • hotfix/39.238.3
  • refactor/gitlab-auto-approve
  • feat/template-strings
  • gh-readonly-queue/next/pr-35654-137d934242c784e0c45d4b957362214f0eade1d7
  • fix/32307-global-extends-merging
  • fix/32307-global-extends-repositories
  • gh-readonly-queue/next/pr-35009-046ebf7cb84ab859f7fefceb5fa53a54ce9736f8
  • 41.45.0
  • 41.44.0
  • 41.43.7
  • 41.43.6
  • 41.43.5
  • 41.43.4
  • 41.43.3
  • 41.43.2
  • 41.43.1
  • 41.43.0
  • 41.42.12
  • 41.42.11
  • 41.42.10
  • 41.42.9
  • 41.42.8
  • 41.42.7
  • 41.42.6
  • 41.42.5
  • 41.42.4
  • 41.42.3
41 results

npm.js

Blame
    • user avatar
    fix: parse/stringify lockfile error messages (#622)
    Rhys Arkins authored and GitHub committed
    6d688412
    History
    user avatar 6d688412
    History
    npm.js 3.71 KiB 
    const fs = require('fs');
const cp = require('child_process');
const tmp = require('tmp');
const path = require('path');

module.exports = {
  generateLockFile,
  getLockFile,
  maintainLockFile,
};

async function generateLockFile(newPackageJson, npmrcContent, logger) {
  logger.debug('Generating new package-lock.json file');
  const tmpDir = tmp.dirSync({ unsafeCleanup: true });
  let packageLock;
  let result = {};
  try {
    fs.writeFileSync(path.join(tmpDir.name, 'package.json'), newPackageJson);
    if (npmrcContent) {
      fs.writeFileSync(path.join(tmpDir.name, '.npmrc'), npmrcContent);
    }
    logger.debug('Spawning npm install');
    result = cp.spawnSync('npm', ['install', '--ignore-scripts'], {
      cwd: tmpDir.name,
      shell: true,
      env: { ...process.env, ...{ NODE_ENV: 'dev' } },
    });
    logger.debug(
      { stdout: String(result.stdout), stderr: String(result.stderr) },
      'npm install complete'
    );
    packageLock = fs.readFileSync(path.join(tmpDir.name, 'package-lock.json'));
  } catch (err) /* istanbul ignore next */ {
    logger.warn(
      {
        err,
        packageJson: JSON.parse(newPackageJson),
        npmrc: npmrcContent,
        stdout: String(result.stdout),
        stderr: String(result.stderr),
      },
      'Error generating package-lock.json'
    );
    try {
      tmpDir.removeCallback();
    } catch (err2) {
      logger.warn(`Failed to remove tmpDir ${tmpDir.name}`);
    }
    throw Error('Error generating lock file');
  }
  try {
    tmpDir.removeCallback();
  } catch (err2) {
    logger.warn(`Failed to remove tmpDir ${tmpDir.name}`);
  }
  return packageLock;
}

async function getLockFile(packageFile, packageContent, api, npmVersion) {
  // Detect if a package-lock.json file is in use
  const packageLockFileName = path.join(
    path.dirname(packageFile),
    'package-lock.json'
  );
  if (!await api.getFileContent(packageLockFileName)) {
    return null;
  }
  if (npmVersion === '') {
    throw new Error(
      'Need to generate package-lock.json but npm is not installed'
        );
  }
  // TODO: have a more forwards-compatible check
  if (npmVersion[0] !== '5') {
    throw new Error(
      `Need to generate package-lock.json but npm version is "${npmVersion}"`
    );
  }
  // Copy over custom config commitFiles
  const npmrcContent = await api.getFileContent('.npmrc');
  // Generate package-lock.json using shell command
  const newPackageLockContent = await module.exports.generateLockFile(
    packageContent,
    npmrcContent
  );
  // Return file object
  return {
    name: packageLockFileName,
    contents: newPackageLockContent,
  };
}

async function maintainLockFile(inputConfig) {
  const logger = inputConfig.logger;
  logger.trace({ config: inputConfig }, `maintainLockFile`);
  const packageContent = await inputConfig.api.getFileContent(
    inputConfig.packageFile
  );
  const packageLockFileName = path.join(
    path.dirname(inputConfig.packageFile),
    'package-lock.json'
  );
  logger.debug(`Checking for ${packageLockFileName}`);
  const existingPackageLock = await inputConfig.api.getFileContent(
    packageLockFileName
  );
  logger.trace(`existingPackageLock:\n${existingPackageLock}`);
  if (!existingPackageLock) {
    return null;
  }
  logger.debug('Found existing package-lock.json file');
  const newPackageLock = await module.exports.getLockFile(
    inputConfig.packageFile,
    packageContent,
    inputConfig.api,
    inputConfig.versions.npm,
    logger
  );
  logger.trace(`newPackageLock:\n${newPackageLock.contents}`);
  if (existingPackageLock.toString() === newPackageLock.contents.toString()) {
    logger.debug('npm lock file does not need updating');
    return null;
  }
  logger.debug('npm lock needs updating');
  return newPackageLock;
}