71 lines
2.6 KiB
JavaScript
71 lines
2.6 KiB
JavaScript
const { resolve, basename } = require('path')
|
|
const { unlink } = require('fs').promises
|
|
const Arborist = require('@npmcli/arborist')
|
|
const log = require('../utils/log-shim')
|
|
const BaseCommand = require('../base-command.js')
|
|
class Shrinkwrap extends BaseCommand {
|
|
static description = 'Lock down dependency versions for publication'
|
|
static name = 'shrinkwrap'
|
|
|
|
async exec () {
|
|
// if has a npm-shrinkwrap.json, nothing to do
|
|
// if has a package-lock.json, rename to npm-shrinkwrap.json
|
|
// if has neither, load the actual tree and save that as npm-shrinkwrap.json
|
|
//
|
|
// loadVirtual, fall back to loadActual
|
|
// rename shrinkwrap file type, and tree.meta.save()
|
|
if (this.npm.config.get('global')) {
|
|
const er = new Error('`npm shrinkwrap` does not work for global packages')
|
|
er.code = 'ESHRINKWRAPGLOBAL'
|
|
throw er
|
|
}
|
|
|
|
const path = this.npm.prefix
|
|
const sw = resolve(path, 'npm-shrinkwrap.json')
|
|
const arb = new Arborist({ ...this.npm.flatOptions, path })
|
|
const tree = await arb.loadVirtual().catch(() => arb.loadActual())
|
|
const { meta } = tree
|
|
const newFile = meta.hiddenLockfile || !meta.loadedFromDisk
|
|
const oldFilename = meta.filename
|
|
const notSW = !newFile && basename(oldFilename) !== 'npm-shrinkwrap.json'
|
|
|
|
// The computed lockfile version of a hidden lockfile is always 3
|
|
// even if the actual value of the property is a different.
|
|
// When shrinkwrap is run with only a hidden lockfile we want to
|
|
// set the shrinkwrap lockfile version as whatever was explicitly
|
|
// requested with a fallback to the actual value from the hidden
|
|
// lockfile.
|
|
if (meta.hiddenLockfile) {
|
|
meta.lockfileVersion = arb.options.lockfileVersion ||
|
|
meta.originalLockfileVersion
|
|
}
|
|
meta.hiddenLockfile = false
|
|
meta.filename = sw
|
|
await meta.save()
|
|
|
|
const updatedVersion = meta.originalLockfileVersion !== meta.lockfileVersion
|
|
? meta.lockfileVersion
|
|
: null
|
|
|
|
if (newFile) {
|
|
let message = 'created a lockfile as npm-shrinkwrap.json'
|
|
if (updatedVersion) {
|
|
message += ` with version ${updatedVersion}`
|
|
}
|
|
log.notice('', message)
|
|
} else if (notSW) {
|
|
await unlink(oldFilename)
|
|
let message = 'package-lock.json has been renamed to npm-shrinkwrap.json'
|
|
if (updatedVersion) {
|
|
message += ` and updated to version ${updatedVersion}`
|
|
}
|
|
log.notice('', message)
|
|
} else if (updatedVersion) {
|
|
log.notice('', `npm-shrinkwrap.json updated to version ${updatedVersion}`)
|
|
} else {
|
|
log.notice('', 'npm-shrinkwrap.json up to date')
|
|
}
|
|
}
|
|
}
|
|
module.exports = Shrinkwrap
|