npm-search
npm-search copied to clipboard
Outdated package normalization
Looking into #657, I found npm now allows the repository
property to be a string:
For GitHub, GitHub gist, Bitbucket, or GitLab repositories you can use the same shortcut syntax you use for npm install:
{
"repository": "npm/npm",
"repository": "github:user/repo",
"repository": "gist:11081aaa281",
"repository": "bitbucket:user/repo",
"repository": "gitlab:user/repo"
}
The first case (not sure about others right now) isn't currently handled correctly:
"githubRepo": null, // should not be null
"repository": {
"type": "git",
"url": "npm/security-holder", // probably should be an actual URL?
"project": "security-holder",
"user": "npm",
"host": "github.com",
"path": "",
"branch": "master"
},
Npm's tool normalize-package-data normalizes this to the object format in the latest version. As it turns out, however, nice-package
, which is used in this project, doesn't use normalize-package-data
despite claiming so in the readme, it uses normalize-registry-metadata instead, which seems abandoned.
The reason repository
has at least some information is it goes through hosted-git-info
as well, which handles this format. This is likely not blocking #657 since we can check for repository.project
and repository.user
but still, the normalization library looks fairly outdated and there may be various other cases where it doesn't parse correct data.
Great catch, I wasn't aware that the normalisation has changed
Note that we currently don't handle repository.directory
field because of the old hosted-git-info
version. Might be something to fix on our side if we don't decide to upgrade that package as the field is useful for mono repos: https://github.com/jupyterlab/jupyterlab/issues/6443
Maybe we switch to the new version, but patch the breaking changes?
Maybe we switch to the new version, but patch the breaking changes?
It's an option for sure.