From 2bd452281f343276f9fcca7e1ef151b65e0f6ce3 Mon Sep 17 00:00:00 2001
From: Rhys Arkins <rhys@keylocation.sg>
Date: Mon, 24 Jul 2017 06:54:13 +0200
Subject: [PATCH] =?UTF-8?q?fix(npm):=20Run=20npm=20install=20with=20?=
 =?UTF-8?q?=E2=80=94ignore-scripts?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/workers/branch/index.js |  3 +--
 lib/workers/branch/npm.js   | 21 ++++++++++++++++-----
 2 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/lib/workers/branch/index.js b/lib/workers/branch/index.js
index e43d066be3..69ccc38702 100644
--- a/lib/workers/branch/index.js
+++ b/lib/workers/branch/index.js
@@ -68,7 +68,6 @@ async function ensureBranch(config) {
 
   const commitMessage = handlebars.compile(config.commitMessage)(config);
   const api = config.api;
-  const versions = config.versions;
   const cacheFolder = config.yarnCacheFolder;
   const packageFiles = {};
   const commitFiles = [];
@@ -144,7 +143,7 @@ async function ensureBranch(config) {
           packageFiles[packageFile],
           api,
           config.versions.npm,
-          versions.npm
+          logger
         );
         if (packageLockFile) {
           // Add new package-lock.json file too
diff --git a/lib/workers/branch/npm.js b/lib/workers/branch/npm.js
index 9ad32f1a5f..b990c15e7e 100644
--- a/lib/workers/branch/npm.js
+++ b/lib/workers/branch/npm.js
@@ -1,9 +1,10 @@
-const logger = require('../../logger');
 const fs = require('fs');
 const cp = require('child_process');
 const tmp = require('tmp');
 const path = require('path');
 
+let logger = require('../../logger');
+
 module.exports = {
   generateLockFile,
   getLockFile,
@@ -20,12 +21,14 @@ async function generateLockFile(newPackageJson, npmrcContent) {
       fs.writeFileSync(path.join(tmpDir.name, '.npmrc'), npmrcContent);
     }
     logger.debug('Spawning npm install');
-    const result = cp.spawnSync('npm', ['install'], {
+    const result = cp.spawnSync('npm', ['install', '--ignore-scripts'], {
       cwd: tmpDir.name,
       shell: true,
     });
-    logger.debug(String(result.stdout));
-    logger.debug(String(result.stderr));
+    logger.debug(
+      { stdout: String(result.stdout), stderr: String(result.stderr) },
+      'npm install complete'
+    );
     packageLock = fs.readFileSync(path.join(tmpDir.name, 'package-lock.json'));
   } catch (error) /* istanbul ignore next */ {
     try {
@@ -43,7 +46,14 @@ async function generateLockFile(newPackageJson, npmrcContent) {
   return packageLock;
 }
 
-async function getLockFile(packageFile, packageContent, api, npmVersion) {
+async function getLockFile(
+  packageFile,
+  packageContent,
+  api,
+  npmVersion,
+  parentLogger
+) {
+  logger = parentLogger || logger;
   // Detect if a package-lock.json file is in use
   const packageLockFileName = path.join(
     path.dirname(packageFile),
@@ -78,6 +88,7 @@ async function getLockFile(packageFile, packageContent, api, npmVersion) {
 }
 
 async function maintainLockFile(inputConfig) {
+  logger = inputConfig.logger || logger;
   logger.trace({ config: inputConfig }, `maintainLockFile`);
   const packageContent = await inputConfig.api.getFileContent(
     inputConfig.packageFile
-- 
GitLab