-
Notifications
You must be signed in to change notification settings - Fork 41
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Progress towards better Yarn coverage
Signed-off-by: Quinn Turner <quinnturnertech@gmail.com>
- Loading branch information
1 parent
5623ae3
commit 86b5da8
Showing
62 changed files
with
594 additions
and
633 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
import { execSync } from "child_process"; | ||
import semver from "semver"; | ||
|
||
export const MINIMUM_YARN_CLASSIC_VERSION = "1.12.3"; | ||
export const MINIMUM_YARN_BERRY_VERSION = "2.4.0"; | ||
/** | ||
* Change this to the appropriate version when | ||
* yarn audit --registry is supported: | ||
* @see https://github.com/yarnpkg/yarn/issues/7012 | ||
*/ | ||
const MINIMUM_YARN_AUDIT_REGISTRY_VERSION = "99.99.99"; | ||
|
||
export function yarnSupportsClassicAudit(yarnVersion: string | semver.SemVer) { | ||
return semver.satisfies(yarnVersion, `^${MINIMUM_YARN_CLASSIC_VERSION}`); | ||
} | ||
|
||
export function yarnSupportsBerryAudit(yarnVersion: string | semver.SemVer) { | ||
return semver.gte(yarnVersion, MINIMUM_YARN_BERRY_VERSION); | ||
} | ||
|
||
export function yarnSupportsAudit(yarnVersion: string | semver.SemVer) { | ||
return ( | ||
yarnSupportsClassicAudit(yarnVersion) || yarnSupportsBerryAudit(yarnVersion) | ||
); | ||
} | ||
|
||
export function yarnAuditSupportsRegistry(yarnVersion: string | semver.SemVer) { | ||
return semver.gte(yarnVersion, MINIMUM_YARN_AUDIT_REGISTRY_VERSION); | ||
} | ||
|
||
const versionMap = new Map<string, string>(); | ||
export function getYarnVersion(yarnExec = "yarn", cwd?: string) { | ||
const key = `${yarnExec}:${cwd}`; | ||
let version = versionMap.get(key); | ||
if (version) return version; | ||
version = execSync(`${yarnExec} -v`, { cwd }).toString().replace("\n", ""); | ||
versionMap.set(key, version); | ||
return version; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
import path from "path"; | ||
import { SemVer } from "semver"; | ||
import { performAuditTests } from "./yarn-auditor"; | ||
|
||
const version = "1.22.19"; | ||
|
||
const yarnAbsolutePath = path.resolve(__dirname, `./yarn-${version}.cjs`); | ||
|
||
performAuditTests({ | ||
yarnAbsolutePath, | ||
yarnVersion: new SemVer(version), | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-1.22.19.cjs" |
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-1.22.19.cjs" |
2 changes: 1 addition & 1 deletion
2
test/yarn-critical/package.json → test/yarn-1-critical/package.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-1.22.19.cjs" |
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-1.22.19.cjs" |
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-1.22.19.cjs" |
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-1.22.19.cjs" |
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-1.22.19.cjs" |
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-1.22.19.cjs" |
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-1.22.19.cjs" |
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-1.22.19.cjs" |
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
import path from "path"; | ||
import { SemVer } from "semver"; | ||
import { performAuditTests } from "./yarn-auditor"; | ||
|
||
const version = "2.4.0"; | ||
|
||
const yarnAbsolutePath = path.resolve(__dirname, `./yarn-${version}.cjs`); | ||
|
||
performAuditTests({ | ||
yarnAbsolutePath, | ||
yarnVersion: new SemVer(version), | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-2.4.0.cjs" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"name": "audit-ci-yarn-2-critical-vulnerability", | ||
"description": "Test package.json with critical vulnerability", | ||
"dependencies": { | ||
"open": "0.0.5" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# This file is generated by running "yarn install" inside your project. | ||
# Manual changes might be lost - proceed with caution! | ||
|
||
__metadata: | ||
version: 4 | ||
cacheKey: 7 | ||
|
||
"audit-ci-yarn-2-critical-vulnerability@workspace:.": | ||
version: 0.0.0-use.local | ||
resolution: "audit-ci-yarn-2-critical-vulnerability@workspace:." | ||
dependencies: | ||
open: 0.0.5 | ||
languageName: unknown | ||
linkType: soft | ||
|
||
"open@npm:0.0.5": | ||
version: 0.0.5 | ||
resolution: "open@npm:0.0.5" | ||
checksum: 5c974432a245cad8ecf3c10529fc1bce29118ee73cb71dd89bbe1dc89b453b944edd4a5e42aa56915a27d5419c7b29bfb4782f1fc336a863452d8051ec3e00af | ||
languageName: node | ||
linkType: hard |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-2.4.0.cjs" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"name": "audit-ci-yarn-2-high-vulnerability", | ||
"description": "Test package.json with high vulnerability", | ||
"dependencies": { | ||
"cryo": "0.0.6" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# This file is generated by running "yarn install" inside your project. | ||
# Manual changes might be lost - proceed with caution! | ||
|
||
__metadata: | ||
version: 4 | ||
cacheKey: 7 | ||
|
||
"audit-ci-yarn-2-high-vulnerability@workspace:.": | ||
version: 0.0.0-use.local | ||
resolution: "audit-ci-yarn-2-high-vulnerability@workspace:." | ||
dependencies: | ||
cryo: 0.0.6 | ||
languageName: unknown | ||
linkType: soft | ||
|
||
"cryo@npm:0.0.6": | ||
version: 0.0.6 | ||
resolution: "cryo@npm:0.0.6" | ||
checksum: d4faaa6bcbc68c60d940aa546d292fe37aec3ec55760113e9da662a265ccd84173b269419e1a6bb789349732432a45f414ddcee379a03b2d63a9c0a584fb68a4 | ||
languageName: node | ||
linkType: hard |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
import path from "path"; | ||
import { SemVer } from "semver"; | ||
import { performAuditTests } from "./yarn-auditor"; | ||
|
||
const version = "3.3.1"; | ||
|
||
const yarnAbsolutePath = path.resolve(__dirname, `./yarn-${version}.cjs`); | ||
|
||
performAuditTests({ | ||
yarnAbsolutePath, | ||
yarnVersion: new SemVer(version), | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-3.3.1.cjs" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"name": "audit-ci-yarn-3-critical-vulnerability", | ||
"description": "Test package.json with critical vulnerability", | ||
"dependencies": { | ||
"open": "0.0.5" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# This file is generated by running "yarn install" inside your project. | ||
# Manual changes might be lost - proceed with caution! | ||
|
||
__metadata: | ||
version: 6 | ||
cacheKey: 8 | ||
|
||
"audit-ci-yarn-3-critical-vulnerability@workspace:.": | ||
version: 0.0.0-use.local | ||
resolution: "audit-ci-yarn-3-critical-vulnerability@workspace:." | ||
dependencies: | ||
open: 0.0.5 | ||
languageName: unknown | ||
linkType: soft | ||
|
||
"open@npm:0.0.5": | ||
version: 0.0.5 | ||
resolution: "open@npm:0.0.5" | ||
checksum: 2a1a5a0accea9a361a8ba8cf298f7d330f5197a98a0752105084c4a3442a3a174700f661d2f8d5b62eaefe52d192f89492774be32da4541b080eba1c8196951e | ||
languageName: node | ||
linkType: hard |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-3.3.1.cjs" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"name": "audit-ci-yarn-3-high-vulnerability", | ||
"description": "Test package.json with high vulnerability", | ||
"dependencies": { | ||
"cryo": "0.0.6" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# This file is generated by running "yarn install" inside your project. | ||
# Manual changes might be lost - proceed with caution! | ||
|
||
__metadata: | ||
version: 6 | ||
cacheKey: 8 | ||
|
||
"audit-ci-yarn-3-high-vulnerability@workspace:.": | ||
version: 0.0.0-use.local | ||
resolution: "audit-ci-yarn-3-high-vulnerability@workspace:." | ||
dependencies: | ||
cryo: 0.0.6 | ||
languageName: unknown | ||
linkType: soft | ||
|
||
"cryo@npm:0.0.6": | ||
version: 0.0.6 | ||
resolution: "cryo@npm:0.0.6" | ||
checksum: 8ff3a0355e60301cd9ca1ac19ba0637813e3cfe0f145a115e0ab1fe8a1b13b84e131ad3c10a4ec27c9e7a1f4f1a259f74d5d9f05f0c16967bdef5fe26fa3e479 | ||
languageName: node | ||
linkType: hard |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
import path from "path"; | ||
import { SemVer } from "semver"; | ||
import { performAuditTests } from "./yarn-auditor"; | ||
|
||
const version = "4.0.0-rc.35"; | ||
|
||
const yarnAbsolutePath = path.resolve(__dirname, `./yarn-${version}.cjs`); | ||
|
||
performAuditTests({ | ||
yarnAbsolutePath, | ||
yarnVersion: new SemVer(version), | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-4.0.0-rc.35.cjs" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"name": "audit-ci-yarn-4-critical-vulnerability", | ||
"description": "Test package.json with critical vulnerability", | ||
"dependencies": { | ||
"open": "0.0.5" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# This file is generated by running "yarn install" inside your project. | ||
# Manual changes might be lost - proceed with caution! | ||
|
||
__metadata: | ||
version: 7 | ||
cacheKey: 9 | ||
|
||
"audit-ci-yarn-4-critical-vulnerability@workspace:.": | ||
version: 0.0.0-use.local | ||
resolution: "audit-ci-yarn-4-critical-vulnerability@workspace:." | ||
dependencies: | ||
open: "npm:0.0.5" | ||
languageName: unknown | ||
linkType: soft | ||
|
||
"open@npm:0.0.5": | ||
version: 0.0.5 | ||
resolution: "open@npm:0.0.5" | ||
checksum: 0eb72096c395ef9a8f9540cf83d120f87920ba67c7c7efebe1e581f740bf43e27b16d7ab922379fc7afa5662ea941ee9ee7cbb51a459dc8092eec9f3949b057d | ||
languageName: node | ||
linkType: hard |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
yarnPath: "../yarn-4.0.0-rc.35.cjs" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"name": "audit-ci-yarn-4-high-vulnerability", | ||
"description": "Test package.json with high vulnerability", | ||
"dependencies": { | ||
"cryo": "0.0.6" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# This file is generated by running "yarn install" inside your project. | ||
# Manual changes might be lost - proceed with caution! | ||
|
||
__metadata: | ||
version: 7 | ||
cacheKey: 9 | ||
|
||
"audit-ci-yarn-4-high-vulnerability@workspace:.": | ||
version: 0.0.0-use.local | ||
resolution: "audit-ci-yarn-4-high-vulnerability@workspace:." | ||
dependencies: | ||
cryo: "npm:0.0.6" | ||
languageName: unknown | ||
linkType: soft | ||
|
||
"cryo@npm:0.0.6": | ||
version: 0.0.6 | ||
resolution: "cryo@npm:0.0.6" | ||
checksum: d6bea1dcad60fc06d2c52d0ba061036e24af675299285fc0705c2623a19fedd7d9e0a2d5d04f4730d8eb75be6d321aeca954f3389c9e93bec83ef777c06b4a91 | ||
languageName: node | ||
linkType: hard |
Oops, something went wrong.