From 41aa799ee562f97d4bef48d0d08be8d4320bb219 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Dec 2024 08:03:32 -0800
Subject: [PATCH 1/3] chore: bump @npmcli/template-oss from 4.23.3 to 4.23.4
(#196)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from
4.23.3 to 4.23.4.
Release notes
Sourced from @npmcli/template-oss's
releases.
v4.23.4
4.23.4
(2024-10-02)
Dependencies
Chores
Changelog
Sourced from @npmcli/template-oss's
changelog.
4.23.4
(2024-10-02)
Dependencies
Chores
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
---------
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: npm CLI robot
---
package.json | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package.json b/package.json
index 80baa3d..d807039 100644
--- a/package.json
+++ b/package.json
@@ -18,7 +18,7 @@
},
"devDependencies": {
"@npmcli/eslint-config": "^5.0.0",
- "@npmcli/template-oss": "4.23.3",
+ "@npmcli/template-oss": "4.23.4",
"tap": "^16.0.1"
},
"scripts": {
@@ -55,7 +55,7 @@
},
"templateOSS": {
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
- "version": "4.23.3",
+ "version": "4.23.4",
"publish": true
}
}
From ea07a6edc71caae4db9342f90e03457edbb7bb24 Mon Sep 17 00:00:00 2001
From: Gar
Date: Tue, 10 Dec 2024 08:23:03 -0800
Subject: [PATCH 2/3] fix: allow for git usernames that start with a number
(#197)
---
lib/npa.js | 5 ++++-
test/github.js | 25 +++++++++++++++++++++++++
2 files changed, 29 insertions(+), 1 deletion(-)
diff --git a/lib/npa.js b/lib/npa.js
index 8094b3e..e926058 100644
--- a/lib/npa.js
+++ b/lib/npa.js
@@ -17,6 +17,7 @@ const hasSlashes = isWindows ? /\\|[/]/ : /[/]/
const isURL = /^(?:git[+])?[a-z]+:/i
const isGit = /^[^@]+@[^:.]+\.[^:]+:.+$/i
const isFilename = /[.](?:tgz|tar.gz|tar)$/i
+const isPortNumber = /:[0-9]+(\/|$)/i
function npa (arg, where) {
let name
@@ -324,7 +325,9 @@ function fromURL (res) {
// git+ssh://git@my.custom.git.com:username/project.git#deadbeef
// ...and various combinations. The username in the beginning is *required*.
const matched = rawSpec.match(/^git\+ssh:\/\/([^:#]+:[^#]+(?:\.git)?)(?:#(.*))?$/i)
- if (matched && !matched[1].match(/:[0-9]+\/?.*$/i)) {
+ // Filter out all-number "usernames" which are really port numbers
+ // They can either be :1234 :1234/ or :1234/path but not :12abc
+ if (matched && !matched[1].match(isPortNumber)) {
res.type = 'git'
setGitAttrs(res, matched[2])
res.fetchSpec = matched[1]
diff --git a/test/github.js b/test/github.js
index f4fa1f0..bd3d2a4 100644
--- a/test/github.js
+++ b/test/github.js
@@ -89,12 +89,37 @@ require('tap').test('basic', function (t) {
raw: 'foo@bar/foo',
},
+ 'git@github.com:12345': {
+ name: undefined,
+ type: 'git',
+ saveSpec: 'git+ssh://git@github.com:12345',
+ fetchSpec: 'ssh://git@github.com:12345',
+ raw: 'git@github.com:12345',
+ },
+
+ 'git@github.com:12345/': {
+ name: undefined,
+ type: 'git',
+ saveSpec: 'git+ssh://git@github.com:12345/',
+ fetchSpec: 'ssh://git@github.com:12345/',
+ raw: 'git@github.com:12345/',
+ },
+
'git@github.com:12345/foo': {
name: undefined,
type: 'git',
saveSpec: 'git+ssh://git@github.com:12345/foo',
+ fetchSpec: 'ssh://git@github.com:12345/foo',
raw: 'git@github.com:12345/foo',
},
+
+ 'git@github.com:12345foo': {
+ name: undefined,
+ type: 'git',
+ saveSpec: 'git+ssh://git@github.com:12345foo',
+ fetchSpec: 'git@github.com:12345foo',
+ raw: 'git@github.com:12345foo',
+ },
}
Object.keys(tests).forEach(function (arg) {
From d45dabcaa432cd99e8a0273158963681a24fccf8 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
<41898282+github-actions[bot]@users.noreply.github.com>
Date: Tue, 10 Dec 2024 08:45:46 -0800
Subject: [PATCH 3/3] chore: release 12.0.1 (#198)
:robot: I have created a release *beep* *boop*
---
##
[12.0.1](https://github.com/npm/npm-package-arg/compare/v12.0.0...v12.0.1)
(2024-12-10)
### Bug Fixes
*
[`ea07a6e`](https://github.com/npm/npm-package-arg/commit/ea07a6edc71caae4db9342f90e03457edbb7bb24)
[#197](https://github.com/npm/npm-package-arg/pull/197) allow for git
usernames that start with a number (#197) (@wraithgar)
### Chores
*
[`41aa799`](https://github.com/npm/npm-package-arg/commit/41aa799ee562f97d4bef48d0d08be8d4320bb219)
[#196](https://github.com/npm/npm-package-arg/pull/196) bump
@npmcli/template-oss from 4.23.3 to 4.23.4 (#196) (@dependabot[bot],
@npm-cli-bot)
---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
---
.release-please-manifest.json | 2 +-
CHANGELOG.md | 6 ++++++
package.json | 2 +-
3 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/.release-please-manifest.json b/.release-please-manifest.json
index 9259d40..6c52422 100644
--- a/.release-please-manifest.json
+++ b/.release-please-manifest.json
@@ -1,3 +1,3 @@
{
- ".": "12.0.0"
+ ".": "12.0.1"
}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 195c3f9..f5e8c2d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
# Changelog
+## [12.0.1](https://github.com/npm/npm-package-arg/compare/v12.0.0...v12.0.1) (2024-12-10)
+### Bug Fixes
+* [`ea07a6e`](https://github.com/npm/npm-package-arg/commit/ea07a6edc71caae4db9342f90e03457edbb7bb24) [#197](https://github.com/npm/npm-package-arg/pull/197) allow for git usernames that start with a number (#197) (@wraithgar)
+### Chores
+* [`41aa799`](https://github.com/npm/npm-package-arg/commit/41aa799ee562f97d4bef48d0d08be8d4320bb219) [#196](https://github.com/npm/npm-package-arg/pull/196) bump @npmcli/template-oss from 4.23.3 to 4.23.4 (#196) (@dependabot[bot], @npm-cli-bot)
+
## [12.0.0](https://github.com/npm/npm-package-arg/compare/v11.0.3...v12.0.0) (2024-09-25)
### ⚠️ BREAKING CHANGES
* `npm-package-arg` now supports node `^18.17.0 || >=20.5.0`
diff --git a/package.json b/package.json
index d807039..ab285eb 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "npm-package-arg",
- "version": "12.0.0",
+ "version": "12.0.1",
"description": "Parse the things that can be arguments to `npm install`",
"main": "./lib/npa.js",
"directories": {