diff --git a/__tests__/commands/install/integration.js b/__tests__/commands/install/integration.js index fc35aadf9e..0a05a4028b 100644 --- a/__tests__/commands/install/integration.js +++ b/__tests__/commands/install/integration.js @@ -1165,3 +1165,102 @@ test('install skips the scripts if the yarnrc specifies skip-scripts true', () = const ignoredScriptsMessage = reporter.lang('ignoredScripts'); expect(stdout).toMatch(ignoredScriptsMessage); })); + +describe('Cache', () => { + test('install should cache package without integrity prefix if no integrity field present', () => + runInstall({}, 'install-update-auth-no-integrity-field', async config => { + const pkgCacheDir = path.join( + config.cwd, + '.yarn-cache', + `v${constants.CACHE_VERSION}`, + 'npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853', + ); + + expect(await fs.exists(pkgCacheDir)).toEqual(true); + })); + + test('install should cache package with integrity suffix if integrity field present', () => + runInstall({}, 'install-update-auth-sha512', async config => { + const pkgCacheDir = path.join( + config.cwd, + '.yarn-cache', + `v${constants.CACHE_VERSION}`, + 'npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity', + ); + + expect(await fs.exists(pkgCacheDir)).toEqual(true); + })); + + test('install should store cached sha1 + sha512 integrity when lockfile has sha1 integrity field', () => + runInstall({}, 'install-update-auth-sha1-safebuffer', async config => { + const pkgCacheDir = path.join( + config.cwd, + '.yarn-cache', + `v${constants.CACHE_VERSION}`, + 'npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity', + ); + const pkgCacheMetaData = JSON.parse( + await fs.readFile(path.join(pkgCacheDir, 'node_modules', 'safe-buffer', constants.METADATA_FILENAME)), + ); + expect(pkgCacheMetaData.remote.cacheIntegrity).toBe( + // eslint-disable-next-line max-len + 'sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg== sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=', + ); + })); + + test('install should store cached sha1 + sha512 integrity when lockfile has sha512 integrity field', () => + runInstall({}, 'install-update-auth-sha512', async config => { + const pkgCacheDir = path.join( + config.cwd, + '.yarn-cache', + `v${constants.CACHE_VERSION}`, + 'npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity', + ); + const pkgCacheMetaData = JSON.parse( + await fs.readFile(path.join(pkgCacheDir, 'node_modules', 'safe-buffer', constants.METADATA_FILENAME)), + ); + expect(pkgCacheMetaData.remote.cacheIntegrity).toBe( + // eslint-disable-next-line max-len + 'sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg== sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=', + ); + })); + + test('install should store cached sha1 + sha512 integrity when lockfile has no integrity field', () => + runInstall({}, 'install-update-auth-no-integrity-field', async config => { + const pkgCacheDir = path.join( + config.cwd, + '.yarn-cache', + `v${constants.CACHE_VERSION}`, + 'npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853', + ); + const pkgCacheMetaData = JSON.parse( + await fs.readFile(path.join(pkgCacheDir, 'node_modules', 'safe-buffer', constants.METADATA_FILENAME)), + ); + + expect(pkgCacheMetaData.remote.cacheIntegrity).toBe( + // eslint-disable-next-line max-len + 'sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg== sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=', + ); + })); + + test('install should fail when cached package integrity does not match lockfile integrity field', () => + expect(runInstall({}, 'install-update-auth-invalid-cache-integrity')).rejects.toThrow( + // eslint-disable-next-line max-len + 'Incorrect integrity when fetching from the cache for "safe-buffer". Cache has "sha512-foo sha1-bar" and remote has "sha1-iTMSr2myEj3vcfV4iQAWce6yyFM="', + )); + + test('install should fail when cached package hash does not match remote hash', () => + expect(runInstall({}, 'install-update-auth-invalid-cache-hash')).rejects.toThrow( + // eslint-disable-next-line max-len + 'Incorrect hash when fetching from the cache for "safe-buffer". Cache has "bad-hash" and remote has "893312af69b2123def71f57889001671eeb2c853"', + )); + + test('install should not fail cache integrity validation when lockfile has sha1 integrity field', () => + expect(runInstall({}, 'install-update-auth-sha1-with-cache')).resolves.toBeUndefined()); + + test('install should not fail cache integrity validation when lockfile has sha512 integrity field', () => + expect(runInstall({}, 'install-update-auth-sha512-with-cache')).resolves.toBeUndefined()); + + test('install should not fail cache integrity validation when lockfile has no integrity field', () => + expect(runInstall({}, 'install-update-auth-no-integrity-field-with-cache')).resolves.toBeUndefined()); +}); diff --git a/__tests__/fixtures/install/install-update-auth-cached-sha1/package.json b/__tests__/fixtures/install/install-update-auth-cached-sha1/package.json new file mode 100644 index 0000000000..9de32f63f4 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-cached-sha1/package.json @@ -0,0 +1,14 @@ +{ + "name": "install-update-auth-cached-sha1", + "version": "1.0.0", + "description": "", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "", + "license": "ISC", + "dependencies": { + "safe-buffer": "^5.1.1" + } +} diff --git a/__tests__/fixtures/install/install-update-auth-cached-sha1/yarn.lock b/__tests__/fixtures/install/install-update-auth-cached-sha1/yarn.lock new file mode 100644 index 0000000000..852a1f4378 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-cached-sha1/yarn.lock @@ -0,0 +1,8 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +safe-buffer@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" + integrity "sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=" diff --git a/__tests__/fixtures/install/install-update-auth-cached-sha512/package.json b/__tests__/fixtures/install/install-update-auth-cached-sha512/package.json new file mode 100644 index 0000000000..9de32f63f4 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-cached-sha512/package.json @@ -0,0 +1,14 @@ +{ + "name": "install-update-auth-cached-sha1", + "version": "1.0.0", + "description": "", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "", + "license": "ISC", + "dependencies": { + "safe-buffer": "^5.1.1" + } +} diff --git a/__tests__/fixtures/install/install-update-auth-cached-sha512/yarn.lock b/__tests__/fixtures/install/install-update-auth-cached-sha512/yarn.lock new file mode 100644 index 0000000000..923cd9ada0 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-cached-sha512/yarn.lock @@ -0,0 +1,8 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +safe-buffer@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" + integrity "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg==" diff --git a/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json b/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json new file mode 100644 index 0000000000..185b68ab60 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json @@ -0,0 +1,19 @@ +{ + "manifest": { + "name": "safe-buffer", + "version": "5.1.1" + }, + "artifacts": [], + "remote": { + "resolved": "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#bad-hash", + "type": "tarball", + "reference": "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz", + "hash": "bad-hash", + "integrity": "sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=", + "registry": "npm", + "packageName": "safe-buffer", + "cacheIntegrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg== sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=" + }, + "registry": "npm", + "hash": "bad-hash" +} diff --git a/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json b/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json new file mode 100644 index 0000000000..c129437073 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json @@ -0,0 +1,4 @@ +{ + "name": "safe-buffer", + "version": "5.1.1" +} diff --git a/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/package.json b/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/package.json new file mode 100644 index 0000000000..8eede4b5ce --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/package.json @@ -0,0 +1,14 @@ +{ + "name": "install-update-auth-invalid-cache-integrity", + "version": "1.0.0", + "description": "", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "", + "license": "ISC", + "dependencies": { + "safe-buffer": "^5.1.1" + } +} diff --git a/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/yarn.lock b/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/yarn.lock new file mode 100644 index 0000000000..852a1f4378 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-invalid-cache-hash/yarn.lock @@ -0,0 +1,8 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +safe-buffer@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" + integrity "sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=" diff --git a/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json b/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json new file mode 100644 index 0000000000..4ccfbabb09 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json @@ -0,0 +1,19 @@ +{ + "manifest": { + "name": "safe-buffer", + "version": "5.1.1" + }, + "artifacts": [], + "remote": { + "resolved": "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853", + "type": "tarball", + "reference": "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz", + "hash": "893312af69b2123def71f57889001671eeb2c853", + "integrity": "sha1-bar", + "registry": "npm", + "packageName": "safe-buffer", + "cacheIntegrity": "sha512-foo sha1-bar" + }, + "registry": "npm", + "hash": "893312af69b2123def71f57889001671eeb2c853" +} diff --git a/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json b/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json new file mode 100644 index 0000000000..c129437073 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json @@ -0,0 +1,4 @@ +{ + "name": "safe-buffer", + "version": "5.1.1" +} diff --git a/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/package.json b/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/package.json new file mode 100644 index 0000000000..8eede4b5ce --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/package.json @@ -0,0 +1,14 @@ +{ + "name": "install-update-auth-invalid-cache-integrity", + "version": "1.0.0", + "description": "", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "", + "license": "ISC", + "dependencies": { + "safe-buffer": "^5.1.1" + } +} diff --git a/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/yarn.lock b/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/yarn.lock new file mode 100644 index 0000000000..852a1f4378 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-invalid-cache-integrity/yarn.lock @@ -0,0 +1,8 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +safe-buffer@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" + integrity "sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=" diff --git a/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853/node_modules/safe-buffer/.yarn-metadata.json b/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853/node_modules/safe-buffer/.yarn-metadata.json new file mode 100644 index 0000000000..463bded466 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853/node_modules/safe-buffer/.yarn-metadata.json @@ -0,0 +1,17 @@ +{ + "manifest": { + "name": "safe-buffer", + "version": "5.1.1" + }, + "remote": { + "resolved": "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853", + "type": "tarball", + "reference": "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz", + "hash": "893312af69b2123def71f57889001671eeb2c853", + "registry": "npm", + "packageName": "safe-buffer", + "cacheIntegrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg== sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=" + }, + "registry": "npm", + "hash": "893312af69b2123def71f57889001671eeb2c853" +} diff --git a/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853/node_modules/safe-buffer/package.json b/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853/node_modules/safe-buffer/package.json new file mode 100644 index 0000000000..c129437073 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853/node_modules/safe-buffer/package.json @@ -0,0 +1,4 @@ +{ + "name": "safe-buffer", + "version": "5.1.1" +} diff --git a/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/package.json b/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/package.json new file mode 100644 index 0000000000..308b3bb6df --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/package.json @@ -0,0 +1,9 @@ +{ + "name": "install-update-auth-no-integrity-field", + "version": "1.0.0", + "main": "index.js", + "license": "MIT", + "dependencies": { + "safe-buffer": "^5.1.1" + } +} diff --git a/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/yarn.lock b/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/yarn.lock new file mode 100644 index 0000000000..2cb9827a12 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-no-integrity-field-with-cache/yarn.lock @@ -0,0 +1,7 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +safe-buffer@^5.1.1: + version "5.1.1" + resolved "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" diff --git a/__tests__/fixtures/install/install-update-auth-sha1-safebuffer/package.json b/__tests__/fixtures/install/install-update-auth-sha1-safebuffer/package.json new file mode 100644 index 0000000000..baea96337e --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-sha1-safebuffer/package.json @@ -0,0 +1,14 @@ +{ + "name": "install-update-auth-sha512", + "version": "1.0.0", + "description": "", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "", + "license": "ISC", + "dependencies": { + "safe-buffer": "^5.1.1" + } +} diff --git a/__tests__/fixtures/install/install-update-auth-sha1-safebuffer/yarn.lock b/__tests__/fixtures/install/install-update-auth-sha1-safebuffer/yarn.lock new file mode 100644 index 0000000000..b852d6c68a --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-sha1-safebuffer/yarn.lock @@ -0,0 +1,8 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +safe-buffer@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" + integrity sha1-iTMSr2myEj3vcfV4iQAWce6yyFM= diff --git a/__tests__/fixtures/install/install-update-auth-sha1-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json b/__tests__/fixtures/install/install-update-auth-sha1-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json new file mode 100644 index 0000000000..631b0f084a --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-sha1-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json @@ -0,0 +1,19 @@ +{ + "manifest": { + "name": "safe-buffer", + "version": "5.1.1" + }, + "artifacts": [], + "remote": { + "resolved": "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853", + "type": "tarball", + "reference": "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz", + "hash": "893312af69b2123def71f57889001671eeb2c853", + "integrity": "sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=", + "registry": "npm", + "packageName": "safe-buffer", + "cacheIntegrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg== sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=" + }, + "registry": "npm", + "hash": "893312af69b2123def71f57889001671eeb2c853" +} diff --git a/__tests__/fixtures/install/install-update-auth-sha1-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json b/__tests__/fixtures/install/install-update-auth-sha1-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json new file mode 100644 index 0000000000..c129437073 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-sha1-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json @@ -0,0 +1,4 @@ +{ + "name": "safe-buffer", + "version": "5.1.1" +} diff --git a/__tests__/fixtures/install/install-update-auth-sha1-with-cache/package.json b/__tests__/fixtures/install/install-update-auth-sha1-with-cache/package.json new file mode 100644 index 0000000000..baea96337e --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-sha1-with-cache/package.json @@ -0,0 +1,14 @@ +{ + "name": "install-update-auth-sha512", + "version": "1.0.0", + "description": "", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "", + "license": "ISC", + "dependencies": { + "safe-buffer": "^5.1.1" + } +} diff --git a/__tests__/fixtures/install/install-update-auth-sha1-with-cache/yarn.lock b/__tests__/fixtures/install/install-update-auth-sha1-with-cache/yarn.lock new file mode 100644 index 0000000000..b852d6c68a --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-sha1-with-cache/yarn.lock @@ -0,0 +1,8 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +safe-buffer@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" + integrity sha1-iTMSr2myEj3vcfV4iQAWce6yyFM= diff --git a/__tests__/fixtures/install/install-update-auth-sha512-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json b/__tests__/fixtures/install/install-update-auth-sha512-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json new file mode 100644 index 0000000000..631b0f084a --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-sha512-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/.yarn-metadata.json @@ -0,0 +1,19 @@ +{ + "manifest": { + "name": "safe-buffer", + "version": "5.1.1" + }, + "artifacts": [], + "remote": { + "resolved": "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853", + "type": "tarball", + "reference": "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz", + "hash": "893312af69b2123def71f57889001671eeb2c853", + "integrity": "sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=", + "registry": "npm", + "packageName": "safe-buffer", + "cacheIntegrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg== sha1-iTMSr2myEj3vcfV4iQAWce6yyFM=" + }, + "registry": "npm", + "hash": "893312af69b2123def71f57889001671eeb2c853" +} diff --git a/__tests__/fixtures/install/install-update-auth-sha512-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json b/__tests__/fixtures/install/install-update-auth-sha512-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json new file mode 100644 index 0000000000..c129437073 --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-sha512-with-cache/.yarn-cache/v6/npm-safe-buffer-5.1.1-893312af69b2123def71f57889001671eeb2c853-integrity/node_modules/safe-buffer/package.json @@ -0,0 +1,4 @@ +{ + "name": "safe-buffer", + "version": "5.1.1" +} diff --git a/__tests__/fixtures/install/install-update-auth-sha512-with-cache/package.json b/__tests__/fixtures/install/install-update-auth-sha512-with-cache/package.json new file mode 100644 index 0000000000..baea96337e --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-sha512-with-cache/package.json @@ -0,0 +1,14 @@ +{ + "name": "install-update-auth-sha512", + "version": "1.0.0", + "description": "", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "", + "license": "ISC", + "dependencies": { + "safe-buffer": "^5.1.1" + } +} diff --git a/__tests__/fixtures/install/install-update-auth-sha512-with-cache/yarn.lock b/__tests__/fixtures/install/install-update-auth-sha512-with-cache/yarn.lock new file mode 100644 index 0000000000..ab73b927de --- /dev/null +++ b/__tests__/fixtures/install/install-update-auth-sha512-with-cache/yarn.lock @@ -0,0 +1,8 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +safe-buffer@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" + integrity sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg== diff --git a/src/fetchers/tarball-fetcher.js b/src/fetchers/tarball-fetcher.js index 19fc5b912b..8d1a452262 100644 --- a/src/fetchers/tarball-fetcher.js +++ b/src/fetchers/tarball-fetcher.js @@ -352,7 +352,7 @@ export default class TarballFetcher extends BaseFetcher { return {integrity: null, algorithms}; } - const algorithms = new Set(['sha512']); + const algorithms = new Set(['sha512', 'sha1']); const integrity = {}; for (const algorithm of expectedIntegrityAlgorithms) { if (isHashAlgorithmSupported(algorithm)) { diff --git a/src/package-fetcher.js b/src/package-fetcher.js index 077f4c6d2a..0582dc6c57 100644 --- a/src/package-fetcher.js +++ b/src/package-fetcher.js @@ -4,7 +4,7 @@ import type {FetchedMetadata, Manifest, PackageRemote} from './types.js'; import type {Fetchers} from './fetchers/index.js'; import type PackageReference from './package-reference.js'; import type Config from './config.js'; -import {MessageError} from './errors.js'; +import {MessageError, SecurityError} from './errors.js'; import * as fetchers from './fetchers/index.js'; import * as fs from './util/fs.js'; import * as promise from './util/promise.js'; @@ -25,15 +25,15 @@ async function fetchCache( if (remote.integrity) { if (!cacheIntegrity || !ssri.parse(cacheIntegrity).match(remote.integrity)) { - // eslint-disable-next-line yarn-internal/warn-language - throw new MessageError('Incorrect integrity when fetching from the cache'); + throw new SecurityError( + config.reporter.lang('fetchBadIntegrityCache', pkg.name, cacheIntegrity, remote.integrity), + ); } } if (remote.hash) { if (!cacheHash || cacheHash !== remote.hash) { - // eslint-disable-next-line yarn-internal/warn-language - throw new MessageError('Incorrect integrity when fetching from the cache'); + throw new SecurityError(config.reporter.lang('fetchBadHashCache', pkg.name, cacheHash, remote.hash)); } } diff --git a/src/reporters/lang/en.js b/src/reporters/lang/en.js index 410aca85e3..100c1692e9 100644 --- a/src/reporters/lang/en.js +++ b/src/reporters/lang/en.js @@ -346,6 +346,10 @@ const messages = { requestError: 'Request $0 returned a $1', requestFailed: 'Request failed $0', tarballNotInNetworkOrCache: '$0: Tarball is not in network and can not be located in cache ($1)', + fetchBadIntegrityCache: + 'Incorrect integrity when fetching from the cache for $0. Cache has $1 and remote has $2. Run `yarn cache clean` to fix the problem', + fetchBadHashCache: + 'Incorrect hash when fetching from the cache for $0. Cache has $1 and remote has $2. Run `yarn cache clean` to fix the problem', fetchBadHashWithPath: "Integrity check failed for $0 (computed integrity doesn't match our records, got $2)", fetchBadIntegrityAlgorithm: 'Integrity checked failed for $0 (none of the specified algorithms are supported)', fetchErrorCorrupt: