MCPcopy Index your code
hub / github.com/npmx-dev/npmx.dev / transformPackument

Function transformPackument

app/composables/npm/usePackage.ts:14–125  ·  view source on GitHub ↗
(
  pkg: Packument,
  requestedVersion?: string | null,
)

Source from the content-addressed store, hash-verified

12 * - Stripping unnecessary fields from version objects
13 */
14export function transformPackument(
15 pkg: Packument,
16 requestedVersion?: string | null,
17): SlimPackument {
18 // Get versions pointed to by dist-tags
19 const distTagVersions = new Set(Object.values(pkg['dist-tags'] ?? {}))
20
21 // Get 5 most recent versions by publish time
22 const recentVersions = Object.keys(pkg.versions)
23 .filter(v => pkg.time[v])
24 .sort((a, b) => {
25 const timeA = pkg.time[a]
26 const timeB = pkg.time[b]
27 if (!timeA || !timeB) return 0
28 return Date.parse(timeB) - Date.parse(timeA)
29 })
30 .slice(0, RECENT_VERSIONS_COUNT)
31
32 // Combine: recent versions + dist-tag versions + requested version (deduplicated)
33 const includedVersions = new Set([...recentVersions, ...distTagVersions])
34
35 // Add the requested version if it exists in the package
36 if (requestedVersion && pkg.versions[requestedVersion]) {
37 includedVersions.add(requestedVersion)
38 }
39
40 // Build security metadata for all versions, but only include in payload
41 // when the package has mixed trust levels (i.e. a downgrade could exist)
42 const securityVersionEntries = Object.entries(pkg.versions).map(([version, metadata]) => {
43 const trustStatus = getTrustStatus(metadata)
44 return {
45 version,
46 time: pkg.time[version],
47 trustStatus,
48 deprecated: metadata.deprecated,
49 }
50 })
51
52 const trustLevels = new Set(securityVersionEntries.map(v => getTrustLevel(v.trustStatus)))
53 const hasMixedTrust = trustLevels.size > 1
54 const securityVersions = hasMixedTrust ? securityVersionEntries : undefined
55
56 // Build filtered versions object with install scripts info per version
57 const filteredVersions: Record<string, SlimVersion> = {}
58 let versionData: SlimPackumentVersion | null = null
59 for (const v of includedVersions) {
60 const version = pkg.versions[v]
61 if (version) {
62 const versionLicense = normalizeLicense(version.license)
63 if (version.version === requestedVersion) {
64 // Strip readme from each version, extract install scripts info
65 const { readme: _readme, scripts, ...slimVersion } = version
66
67 // Extract install scripts info (which scripts exist + npx deps)
68 const installScripts = scripts ? extractInstallScriptsInfo(scripts) : null
69 versionData = {
70 ...slimVersion,
71 license: versionLicense,

Callers 2

usePackageFunction · 0.85

Calls 2

normalizeLicenseFunction · 0.90

Tested by

no test coverage detected