mirror of
https://github.com/Microsoft/vscode
synced 2024-09-13 21:55:38 +00:00
npm: avoid invalid lookups
This commit is contained in:
parent
a58fa935d7
commit
88664e267a
|
@ -249,7 +249,27 @@ export class PackageJSONContribution implements IJSONContribution {
|
|||
return null;
|
||||
}
|
||||
|
||||
private isValidNPMName(name: string): boolean {
|
||||
// following rules from https://github.com/npm/validate-npm-package-name
|
||||
if (!name || name.length > 214 || name.match(/^[_.]/)) {
|
||||
return false;
|
||||
}
|
||||
const match = name.match(/^(?:@([^/]+?)[/])?([^/]+?)$/);
|
||||
if (match) {
|
||||
const scope = match[1];
|
||||
if (scope && encodeURIComponent(scope) !== scope) {
|
||||
return false;
|
||||
}
|
||||
const name = match[2];
|
||||
return encodeURIComponent(name) === name;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
private async fetchPackageInfo(pack: string): Promise<ViewPackageInfo | undefined> {
|
||||
if (!this.isValidNPMName(pack)) {
|
||||
return undefined; // avoid unnecessary lookups
|
||||
}
|
||||
let info: ViewPackageInfo | undefined;
|
||||
if (this.canRunNPM) {
|
||||
info = await this.npmView(pack);
|
||||
|
@ -260,7 +280,6 @@ export class PackageJSONContribution implements IJSONContribution {
|
|||
return info;
|
||||
}
|
||||
|
||||
|
||||
private npmView(pack: string): Promise<ViewPackageInfo | undefined> {
|
||||
return new Promise((resolve, _reject) => {
|
||||
const command = 'npm view --json ' + pack + ' description dist-tags.latest homepage version';
|
||||
|
|
Loading…
Reference in a new issue