fix: don’t massage encrypted npm token (#760)

pull/761/head v9.53.1
Rhys Arkins 2017-09-01 07:43:49 +02:00 committed by GitHub
parent 6c0d50703f
commit c889f2eec0
4 changed files with 17 additions and 4 deletions

View File

@ -18,13 +18,19 @@ function decryptConfig(
if (privateKey) {
for (const encryptedKey of Object.keys(val)) {
try {
decryptedConfig[encryptedKey] = crypto
const decryptedStr = crypto
.privateDecrypt(
privateKey,
new Buffer(val[encryptedKey], 'base64')
)
.toString();
logger.debug(`Decrypted ${encryptedKey}`);
logger.info(`Decrypted ${encryptedKey}`);
if (encryptedKey === 'npmToken') {
logger.info('Migrating npmToken to npmrc');
decryptedConfig.npmrc = `//registry.npmjs.org/:_authToken=${decryptedStr}\n`;
} else {
decryptedConfig[encryptedKey] = decryptedStr;
}
} catch (err) {
logger.warn({ err }, `Error decrypting ${encryptedKey}`);
}
@ -47,6 +53,7 @@ function decryptConfig(
}
}
delete decryptedConfig.encrypted;
logger.trace({ config: decryptedConfig }, 'decryptedConfig');
return decryptedConfig;
}

View File

@ -18,7 +18,7 @@ function massageConfig(config) {
const val = config[key];
if (allowedStrings.includes(key) && typeof val === 'string') {
massagedConfig[key] = [val];
} else if (key === 'npmToken') {
} else if (key === 'npmToken' && val.length < 30) {
massagedConfig.npmrc = `//registry.npmjs.org/:_authToken=${val}\n`;
delete massagedConfig.npmToken;
} else if (isObject(val)) {

View File

@ -15,7 +15,7 @@ function validateConfig(config) {
let warnings = [];
function isIgnored(key) {
const ignoredNodes = ['api', 'depType'];
const ignoredNodes = ['api', 'depType', 'npmToken'];
return ignoredNodes.indexOf(key) !== -1;
}

View File

@ -44,6 +44,8 @@ describe('config/massage', () => {
encrypted: {
branchPrefix:
'FLA9YHIzpE7YetAg/P0X46npGRCMqn7hgyzwX5ZQ9wYgu9BRRbTiBVsUIFTyM5BuP1Q22slT2GkWvFvum7GU236Y6QiT7Nr8SLvtsJn2XUuq8H7REFKzdy3+wqyyWbCErYTFyY1dcPM7Ht+CaGDWdd8u/FsoX7AdMRs/X1jNUo6iSmlUiyGlYDKF+QMnCJom1VPVgZXWsGKdjI2MLny991QMaiv0VajmFIh4ENv4CtXOl/1twvIl/6XTXAaqpJJKDTPZEuydi+PHDZmal2RAOfrkH4m0UURa7SlfpUlIg+EaqbNGp85hCYXLwRcEET1OnYr3rH1oYkcYJ40any1tvQ==',
npmToken:
'FLA9YHIzpE7YetAg/P0X46npGRCMqn7hgyzwX5ZQ9wYgu9BRRbTiBVsUIFTyM5BuP1Q22slT2GkWvFvum7GU236Y6QiT7Nr8SLvtsJn2XUuq8H7REFKzdy3+wqyyWbCErYTFyY1dcPM7Ht+CaGDWdd8u/FsoX7AdMRs/X1jNUo6iSmlUiyGlYDKF+QMnCJom1VPVgZXWsGKdjI2MLny991QMaiv0VajmFIh4ENv4CtXOl/1twvIl/6XTXAaqpJJKDTPZEuydi+PHDZmal2RAOfrkH4m0UURa7SlfpUlIg+EaqbNGp85hCYXLwRcEET1OnYr3rH1oYkcYJ40any1tvQ==',
},
},
},
@ -54,6 +56,10 @@ describe('config/massage', () => {
expect(res.packageFiles[0].devDependencies.branchPrefix).toEqual(
'abcdef-ghijklm-nopqf-stuvwxyz'
);
expect(res.packageFiles[0].devDependencies.npmToken).not.toBeDefined();
expect(res.packageFiles[0].devDependencies.npmrc).toEqual(
'//registry.npmjs.org/:_authToken=abcdef-ghijklm-nopqf-stuvwxyz\n'
);
});
});
});