(packageName: string, version?: string)
| 14 | export const DEFAULT_NPM_REGISTRY_URL = `https://registry.npmjs.org`; |
| 15 | |
| 16 | export async function fetchAsJson(packageName: string, version?: string) { |
| 17 | const npmRegistryUrl = process.env.COREPACK_NPM_REGISTRY || DEFAULT_NPM_REGISTRY_URL; |
| 18 | |
| 19 | if (process.env.COREPACK_ENABLE_NETWORK === `0`) |
| 20 | throw new UsageError(`Network access disabled by the environment; can't reach npm repository ${npmRegistryUrl}`); |
| 21 | |
| 22 | const headers = {...DEFAULT_HEADERS}; |
| 23 | |
| 24 | if (`COREPACK_NPM_TOKEN` in process.env) { |
| 25 | headers.authorization = `Bearer ${process.env.COREPACK_NPM_TOKEN}`; |
| 26 | } else if (`COREPACK_NPM_USERNAME` in process.env |
| 27 | && `COREPACK_NPM_PASSWORD` in process.env) { |
| 28 | const encodedCreds = Buffer.from(`${process.env.COREPACK_NPM_USERNAME}:${process.env.COREPACK_NPM_PASSWORD}`, `utf8`).toString(`base64`); |
| 29 | headers.authorization = `Basic ${encodedCreds}`; |
| 30 | } |
| 31 | |
| 32 | return httpUtils.fetchAsJson(`${npmRegistryUrl}/${packageName}${version ? `/${version}` : ``}`, {headers}); |
| 33 | } |
| 34 | |
| 35 | export function verifySignature({signatures, integrity, packageName, version}: { |
| 36 | signatures: Array<{keyid: string, sig: string}>; |
no outgoing calls
no test coverage detected
searching dependent graphs…