1
0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-24 21:15:51 +01:00

fix: Fix the name validation of a package tarball (#2242)

Co-authored-by: Juan Picado <juanpicado19@gmail.com>
This commit is contained in:
Leonardo Metzger 2021-05-15 11:58:06 -03:00 committed by GitHub
parent 2924ffa235
commit d2c65da9c7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 13 additions and 1 deletions

@ -0,0 +1,5 @@
---
'@verdaccio/utils': patch
---
Fixed the validation of the name when searching for a tarball that have scoped package name

@ -25,8 +25,14 @@ export function validateName(name: string): boolean {
if (_.isString(name) === false) {
return false;
}
let normalizedName: string = name.toLowerCase();
const normalizedName: string = name.toLowerCase();
const isScoped: boolean = name.startsWith('@') && name.includes('/');
const scopedName = name.split('/', 2)[1];
if (isScoped && !_.isUndefined(scopedName)) {
normalizedName = scopedName.toLowerCase();
}
/**
* Some context about the first regex

@ -118,6 +118,7 @@ describe('Utilities', () => {
expect(validateName('old-package@0.1.2.tgz')).toBeTruthy();
// fix https://github.com/verdaccio/verdaccio/issues/1400
expect(validateName('-build-infra')).toBeTruthy();
expect(validateName('@pkg-scoped/without-extension')).toBeTruthy();
});
test('should be valid using uppercase', () => {