Sha256: 10bf0791505e9a88dbc2498f739029fbff26f41f25b1bd367bb5eb15a1edaae9

Contents?: true

Size: 1.75 KB

Versions: 138

Compression:

Stored size: 1.75 KB

Contents

const fs = require("fs");
const path = require("path");
const npm = require("npm");
const installer = require("npm/lib/install");

const { muteStderr, runAsync } = require("./helpers.js");

async function updateDependencyFile(directory, lockfileName) {
  const readFile = fileName =>
    fs.readFileSync(path.join(directory, fileName)).toString();

  // `force: true` ignores checks for platform (os, cpu) and engines
  // in npm/lib/install/validate-args.js
  // Platform is checked and raised from (EBADPLATFORM):
  // https://github.com/npm/npm-install-checks
  //
  // `'prefer-offline': true` sets fetch() cache key to `force-cache`
  // https://github.com/npm/npm-registry-fetch
  await runAsync(npm, npm.load, [
    {
      loglevel: "silent",
      force: true,
      audit: false,
      "prefer-offline": true
    }
  ]);

  const dryRun = true;
  const initialInstaller = new installer.Installer(directory, dryRun, [], {
    packageLockOnly: true
  });

  // A bug in npm means the initial install will remove any git dependencies
  // from the lockfile. A subsequent install with no arguments fixes this.
  const cleanupInstaller = new installer.Installer(directory, dryRun, [], {
    packageLockOnly: true
  });

  // Skip printing the success message
  initialInstaller.printInstalled = cb => cb();
  cleanupInstaller.printInstalled = cb => cb();

  // There are some hard-to-prevent bits of output.
  // This is horrible, but works.
  const unmute = muteStderr();
  try {
    await runAsync(initialInstaller, initialInstaller.run, []);
    await runAsync(cleanupInstaller, cleanupInstaller.run, []);
  } finally {
    unmute();
  }

  const updatedLockfile = readFile(lockfileName);

  return { [lockfileName]: updatedLockfile };
}

module.exports = { updateDependencyFile };

Version data entries

138 entries across 138 versions & 1 rubygems

Version Path
dependabot-npm_and_yarn-0.98.65 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.64 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.63 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.62 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.61 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.60 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.59 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.58 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.57 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.56 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.55 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.54 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.53 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.52 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.51 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.50 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.49 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.48 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.47 helpers/lib/npm/subdependency-updater.js
dependabot-npm_and_yarn-0.98.46 helpers/lib/npm/subdependency-updater.js