fix: Handle NPM 7+'s message (error) response (#258)

IBM · May 17, 2022 · ea8bc44 · ea8bc44
1 parent 543fbe8
commit ea8bc44
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 8 deletions.
diff --git a/lib/npm-auditer.ts b/lib/npm-auditer.ts
@@ -119,6 +119,8 @@ export async function audit(config: AuditCiConfig, reporter = reportAudit) {
   if ("error" in parsedOutput) {
     const { code, summary } = parsedOutput.error;
     throw new Error(`code ${code}: ${summary}`);
+  } else if ("message" in parsedOutput) {
+    throw new Error(parsedOutput.message);
   }
   return report(parsedOutput, config, reporter);
 }
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -62,7 +62,7 @@
     "@types/yargs": "^17.0.9",
     "@typescript-eslint/eslint-plugin": "^5.14.0",
     "@typescript-eslint/parser": "^5.14.0",
-    "audit-types": "^0.5.0",
+    "audit-types": "^0.5.1",
     "chai": "^4.3.6",
     "eslint": "^8.11.0",
     "eslint-config-prettier": "^8.5.0",

diff --git a/test/npm7-auditer.spec.js b/test/npm7-auditer.spec.js
@@ -277,6 +277,20 @@ describe("npm7-auditer", () => {
       done();
     });
   });
+  it("fails with error code ECONNREFUSED on a live site with no registry", (done) => {
+    audit(
+      config({
+        directory: testDirectory("npm-low"),
+        levels: { low: true },
+        registry: "http://localhost",
+      })
+    )
+      .catch((error) => {
+        expect(error.message).to.include("ECONNREFUSED");
+        done();
+      })
+      .catch((error) => done(error));
+  });
   it("reports summary with no vulnerabilities when critical devDependency and skip-dev is true", () => {
     const summary = report(
       reportNpmSkipDevelopment,