4507ce6378
Bumps the npm_and_yarn group with 2 updates in the / directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and [tar](https://github.com/isaacs/node-tar). Updates `vite` from 5.2.8 to 5.2.9 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md">vite's changelog</a>.</em></p> <blockquote> <h2><!-- raw HTML omitted -->5.2.9 (2024-04-15)<!-- raw HTML omitted --></h2> <ul> <li>fix: <code>fsp.rm</code> removing files does not take effect (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16032">#16032</a>) (<a href="https://github.com/vitejs/vite/commit/b05c405">b05c405</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/16032">#16032</a></li> <li>fix: fix accumulated stacks in error overlay (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16393">#16393</a>) (<a href="https://github.com/vitejs/vite/commit/102c2fd">102c2fd</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/16393">#16393</a></li> <li>fix(deps): update all non-major dependencies (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16376">#16376</a>) (<a href="https://github.com/vitejs/vite/commit/58a2938">58a2938</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/16376">#16376</a></li> <li>chore: update region comment (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16380">#16380</a>) (<a href="https://github.com/vitejs/vite/commit/77562c3">77562c3</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/16380">#16380</a></li> <li>perf: reduce size of injected __vite__mapDeps code (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16184">#16184</a>) (<a href="https://github.com/vitejs/vite/commit/c0ec6be">c0ec6be</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/16184">#16184</a></li> <li>perf(css): only replace empty chunk if imported (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16349">#16349</a>) (<a href="https://github.com/vitejs/vite/commit/e2658ad">e2658ad</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/16349">#16349</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="a77707d69c
"><code>a77707d</code></a> release: v5.2.9</li> <li><a href="102c2fd5ad
"><code>102c2fd</code></a> fix: fix accumulated stacks in error overlay (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16393">#16393</a>)</li> <li><a href="58a2938a97
"><code>58a2938</code></a> fix(deps): update all non-major dependencies (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16376">#16376</a>)</li> <li><a href="77562c3ff2
"><code>77562c3</code></a> chore: update region comment (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16380">#16380</a>)</li> <li><a href="b05c405f68
"><code>b05c405</code></a> fix: <code>fsp.rm</code> removing files does not take effect (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16032">#16032</a>)</li> <li><a href="e2658ad6fe
"><code>e2658ad</code></a> perf(css): only replace empty chunk if imported (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16349">#16349</a>)</li> <li><a href="c0ec6bea69
"><code>c0ec6be</code></a> perf: reduce size of injected __vite__mapDeps code (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16184">#16184</a>)</li> <li>See full diff in <a href="https://github.com/vitejs/vite/commits/v5.2.9/packages/vite">compare view</a></li> </ul> </details> <br /> Updates `tar` from 6.2.1 to 7.0.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md">tar's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>7.0</h2> <ul> <li>Rewrite in TypeScript, provide ESM and CommonJS hybrid interface</li> <li>Add tree-shake friendly exports, like <code>import('tar/create')</code> and <code>import('tar/read-entry')</code> to get individual functions or classes.</li> <li>Add <code>chmod</code> option that defaults to false, and deprecate <code>noChmod</code>. That is, reverse the default option regarding explicitly setting file system modes to match tar entry settings.</li> <li>Add <code>processUmask</code> option to avoid having to call <code>process.umask()</code> when <code>chmod: true</code> (or <code>noChmod: false</code>) is set.</li> </ul> <h2>6.2</h2> <ul> <li>Add support for brotli compression</li> <li>Add <code>maxDepth</code> option to prevent extraction into excessively deep folders.</li> </ul> <h2>6.1</h2> <ul> <li>remove dead link to benchmarks (<a href="https://redirect.github.com/isaacs/node-tar/issues/313">#313</a>) (<a href="https://github.com/yetzt"><code>@yetzt</code></a>)</li> <li>add examples/explanation of using tar.t (<a href="https://github.com/isaacs"><code>@isaacs</code></a>)</li> <li>ensure close event is emited after stream has ended (<a href="https://github.com/webark"><code>@webark</code></a>)</li> <li>replace deprecated String.prototype.substr() (<a href="https://github.com/CommanderRoot"><code>@CommanderRoot</code></a>, <a href="https://github.com/lukekarrys"><code>@lukekarrys</code></a>)</li> </ul> <h2>6.0</h2> <ul> <li>Drop support for node 6 and 8</li> <li>fix symlinks and hardlinks on windows being packed with <code>\</code>-style path targets</li> </ul> <h2>5.0</h2> <ul> <li>Address unpack race conditions using path reservations</li> <li>Change large-numbers errors from TypeError to Error</li> <li>Add <code>TAR_*</code> error codes</li> <li>Raise <code>TAR_BAD_ARCHIVE</code> warning/error when there are no valid entries found in an archive</li> <li>do not treat ignored entries as an invalid archive</li> <li>drop support for node v4</li> <li>unpack: conditionally use a file mapping to write files on Windows</li> <li>Set more portable 'mode' value in portable mode</li> <li>Set <code>portable</code> gzip option in portable mode</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="d99fce38eb
"><code>d99fce3</code></a> 7.0.1</li> <li><a href="af043922c0
"><code>af04392</code></a> Do not apply linkpath,global from global pax header</li> <li><a href="b0fbdea463
"><code>b0fbdea</code></a> 7.0.0</li> <li><a href="957da7506c
"><code>957da75</code></a> remove old lib folder</li> <li><a href="9a260c2dba
"><code>9a260c2</code></a> test verifying <a href="https://redirect.github.com/isaacs/node-tar/issues/398">#398</a> is fixed</li> <li><a href="2d89a4edc3
"><code>2d89a4e</code></a> Properly handle long linkpath in PaxHeader</li> <li><a href="314ec7e642
"><code>314ec7e</code></a> list: close file even if no error thrown</li> <li><a href="b3afdbb264
"><code>b3afdbb</code></a> unpack test: use modern tap features</li> <li><a href="2330416081
"><code>2330416</code></a> test: code style, prefer () to _ for empty fns</li> <li><a href="ae9ce7ec2a
"><code>ae9ce7e</code></a> test: fix normalize-unicode coverage on linux</li> <li>Additional commits viewable in <a href="https://github.com/isaacs/node-tar/compare/v6.2.1...v7.0.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/tldraw/tldraw/network/alerts). </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Mime Čuvalo <mimecuvalo@gmail.com> Co-authored-by: Steve Ruiz <steveruizok@gmail.com>
81 lines
2.2 KiB
TypeScript
81 lines
2.2 KiB
TypeScript
import { writeFileSync } from 'fs'
|
|
import tar from 'tar'
|
|
import tmp from 'tmp'
|
|
import { exec } from './exec'
|
|
import { PackageDetails, getAllPackageDetails } from './publishing'
|
|
|
|
async function hasPackageChanged(pkg: PackageDetails) {
|
|
const dir = tmp.dirSync({ unsafeCleanup: true })
|
|
const dirPath = dir.name
|
|
try {
|
|
const version = pkg.version
|
|
|
|
const unscopedName = pkg.name.replace('@tldraw/', '')
|
|
const url = `https://registry.npmjs.org/${pkg.name}/-/${unscopedName}-${version}.tgz`
|
|
const res = await fetch(url)
|
|
if (res.status >= 400) {
|
|
throw new Error(`Package not found at url ${url}: ${res.status}`)
|
|
}
|
|
const publishedTarballPath = `${dirPath}/published-package.tgz`
|
|
writeFileSync(publishedTarballPath, Buffer.from(await res.arrayBuffer()))
|
|
const publishedManifest = getTarballManifestSync(publishedTarballPath)
|
|
|
|
const localTarballPath = `${dirPath}/local-package.tgz`
|
|
await exec('yarn', ['pack', '--out', localTarballPath], { pwd: pkg.dir })
|
|
|
|
const localManifest = getTarballManifestSync(localTarballPath)
|
|
|
|
return !manifestsAreEqual(publishedManifest, localManifest)
|
|
} finally {
|
|
dir.removeCallback()
|
|
}
|
|
}
|
|
|
|
function manifestsAreEqual(a: Record<string, Buffer>, b: Record<string, Buffer>) {
|
|
const aKeys = Object.keys(a)
|
|
const bKeys = Object.keys(b)
|
|
if (aKeys.length !== bKeys.length) {
|
|
return false
|
|
}
|
|
for (const key of aKeys) {
|
|
if (!bKeys.includes(key)) {
|
|
return false
|
|
}
|
|
if (!a[key].equals(b[key])) {
|
|
return false
|
|
}
|
|
}
|
|
return true
|
|
}
|
|
|
|
function getTarballManifestSync(tarballPath: string) {
|
|
const manifest: Record<string, Buffer> = {}
|
|
tar.list({
|
|
file: tarballPath,
|
|
onentry: (entry) => {
|
|
entry.on('data', (data) => {
|
|
// we could hash these to reduce memory but it's probably fine
|
|
const existing = manifest[entry.path]
|
|
if (existing) {
|
|
manifest[entry.path] = Buffer.concat([existing, data])
|
|
} else {
|
|
manifest[entry.path] = data
|
|
}
|
|
})
|
|
},
|
|
sync: true,
|
|
})
|
|
|
|
return manifest
|
|
}
|
|
|
|
export async function didAnyPackageChange() {
|
|
const details = await getAllPackageDetails()
|
|
for (const pkg of Object.values(details)) {
|
|
if (await hasPackageChanged(pkg)) {
|
|
console.log('Package changed:', pkg.name)
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|