Skip to content

Commit

Permalink
audit: add test to make sure dev: true is preserved
Browse files Browse the repository at this point in the history
  • Loading branch information
@zkat
zkat committed Jun 1, 2018
1 parent 7ba3fca commit ecc7560
Showing 1 changed file with 160 additions and 0 deletions.
160 changes: 160 additions & 0 deletions test/tap/audit-fix.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -664,6 +664,166 @@ test('nothing to fix', t => {
})
})

test('preserves deep deps dev: true', t => {
const fixture = new Tacks(new Dir({
'package.json': new File({
name: 'foo',
version: '1.0.0',
devDependencies: {
gooddep: '^1.0.0'
}
})
}))
fixture.create(testDir)
return tmock(t).then(srv => {
srv.filteringRequestBody(req => 'ok')
srv.post('/-/npm/v1/security/audits/quick', 'ok').reply(200, 'yeah')
srv.get('/baddep').reply(200, {
name: 'baddep',
'dist-tags': {
'latest': '1.0.0'
},
versions: {
'1.0.0': {
name: 'baddep',
version: '1.0.0',
_hasShrinkwrap: false,
dist: {
shasum: 'c0ffee',
integrity: 'sha1-c0ffee',
tarball: common.registry + '/baddep/-/baddep-1.0.0.tgz'
}
},
'1.2.3': {
name: 'baddep',
version: '1.2.3',
_hasShrinkwrap: false,
dist: {
shasum: 'bada55',
integrity: 'sha1-bada55',
tarball: common.registry + '/baddep/-/baddep-1.2.3.tgz'
}
}
}
})

srv.get('/gooddep').reply(200, {
name: 'gooddep',
'dist-tags': {
'latest': '1.0.0'
},
versions: {
'1.0.0': {
name: 'gooddep',
version: '1.0.0',
dependencies: {
baddep: '^1.0.0'
},
_hasShrinkwrap: false,
dist: {
shasum: '1234',
tarball: common.registry + '/gooddep/-/gooddep-1.0.0.tgz'
}
},
'1.2.3': {
name: 'gooddep',
version: '1.2.3',
_hasShrinkwrap: false,
dependencies: {
baddep: '^1.0.0'
},
dist: {
shasum: '123456',
tarball: common.registry + '/gooddep/-/gooddep-1.2.3.tgz'
}
}
}
})

return common.npm([
'install',
'--audit',
'--json',
'--global-style',
'--package-lock-only',
'--registry', common.registry,
'--cache', path.join(testDir, 'npm-cache')
], EXEC_OPTS).then(([code, stdout, stderr]) => {
t.equal(code, 0, 'exited OK')
t.comment(stderr)
t.similar(JSON.parse(stdout), {
added: [{
action: 'add',
name: 'baddep',
version: '1.0.0'
}, {
action: 'add',
name: 'gooddep',
version: '1.0.0'
}]
}, 'installed bad version')
srv.filteringRequestBody(req => 'ok')
srv.post('/-/npm/v1/security/audits', 'ok').reply(200, {
actions: [{
action: 'update',
module: 'baddep',
target: '1.2.3',
resolves: [{path: 'gooddep>baddep'}]
}],
metadata: {
vulnerabilities: {
critical: 1
}
}
})
return common.npm([
'audit', 'fix',
'--package-lock-only',
'--offline',
'--json',
'--global-style',
'--registry', common.registry,
'--cache', path.join(testDir, 'npm-cache')
], EXEC_OPTS).then(([code, stdout, stderr]) => {
t.equal(code, 0, 'exited OK')
t.comment(stderr)
t.similar(JSON.parse(stdout), {
added: [{
action: 'add',
name: 'baddep',
version: '1.2.3'
}, {
action: 'add',
name: 'gooddep',
version: '1.0.0'
}]
}, 'reported dependency update')
t.similar(JSON.parse(fs.readFileSync(path.join(testDir, 'package-lock.json'), 'utf8')), {
dependencies: {
gooddep: {
dev: true,
version: '1.0.0',
resolved: common.registry + '/gooddep/-/gooddep-1.0.0.tgz',
integrity: 'sha1-EjQ=',
requires: {
baddep: '^1.0.0'
},
dependencies: {
baddep: {
dev: true,
version: '1.2.3',
resolved: common.registry + '/baddep/-/baddep-1.2.3.tgz',
integrity: 'sha1-bada55'
}
}
}
}
}, 'pkglock updated correctly')
})
})
})
})

test('cleanup', t => {
return rimraf(testDir)
})

0 comments on commit ecc7560

Please sign in to comment.