From 62fa0c64bb696ba277e8ab8d74775e86ce2791f2 Mon Sep 17 00:00:00 2001 From: LekoArts Date: Tue, 19 Dec 2023 16:15:17 +0100 Subject: [PATCH] fix: Improve publish postfix --- .changeset/heavy-ads-prove.md | 7 +++++++ package.json | 1 + pnpm-lock.yaml | 9 +++++++++ src/verdaccio/index.ts | 5 ++++- src/verdaccio/publish-package.ts | 2 +- 5 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 .changeset/heavy-ads-prove.md diff --git a/.changeset/heavy-ads-prove.md b/.changeset/heavy-ads-prove.md new file mode 100644 index 0000000..85e1d75 --- /dev/null +++ b/.changeset/heavy-ads-prove.md @@ -0,0 +1,7 @@ +--- +"secco": patch +--- + +When secco publishes a package to the local Verdaccio registry it's in the format `@1.0.0-secco-1702997119379` where `1702997119379` is the `Date.now()` timestamp. The postfix got extended by using [`nanoid`](https://github.com/ai/nanoid) to add 4 characters at the end, e.g. `@1.0.0-secco-1702998721042-9hax`. + +The goal of this is to mitigate collisions during publishing when at the same timestamp publishing happens to the instance. diff --git a/package.json b/package.json index a71b336..851318d 100644 --- a/package.json +++ b/package.json @@ -63,6 +63,7 @@ "find-workspaces": "^0.3.0", "fs-extra": "^11.2.0", "lodash-es": "^4.17.21", + "nanoid": "^5.0.4", "node-fetch": "^3.3.2", "nypm": "^0.3.3", "pathe": "^1.1.1", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index c50e58d..c8bca32 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -32,6 +32,9 @@ dependencies: lodash-es: specifier: ^4.17.21 version: 4.17.21 + nanoid: + specifier: ^5.0.4 + version: 5.0.4 node-fetch: specifier: ^3.3.2 version: 3.3.2 @@ -4942,6 +4945,12 @@ packages: hasBin: true dev: true + /nanoid@5.0.4: + resolution: {integrity: sha512-vAjmBf13gsmhXSgBrtIclinISzFFy22WwCYoyilZlsrRXNIHSwgFQ1bEdjRwMT3aoadeIF6HMuDRlOxzfXV8ig==} + engines: {node: ^18 || >=20} + hasBin: true + dev: false + /natural-compare-lite@1.4.0: resolution: {integrity: sha512-Tj+HTDSJJKaZnfiuw+iaF9skdPpTo2GtEly5JHnWV/hfv2Qj/9RKsGISQtLh2ox3l5EAGw487hnBee0sIJ6v2g==} dev: true diff --git a/src/verdaccio/index.ts b/src/verdaccio/index.ts index 456871c..3fccb9e 100644 --- a/src/verdaccio/index.ts +++ b/src/verdaccio/index.ts @@ -1,5 +1,6 @@ import type { Server } from 'node:http' import { runServer } from 'verdaccio' +import { customAlphabet } from 'nanoid/non-secure' import fs from 'fs-extra' import { intersection } from 'lodash-es' import { logger } from '../utils/logger' @@ -8,6 +9,8 @@ import { VERDACCIO_CONFIG } from './verdaccio-config' import { publishPackage } from './publish-package' import { installPackages } from './install-packages' +const nanoid = customAlphabet('0123456789abcdefghijklmnopqrstuvwxyz', 4) + async function startVerdaccio() { let resolved = false @@ -49,7 +52,7 @@ export interface PublishPackagesAndInstallArgs { export async function publishPackagesAndInstall({ packageNamesToFilePath, destinationPackages, ignorePackageJsonChanges, packagesToPublish, source }: PublishPackagesAndInstallArgs) { await startVerdaccio() - const versionPostfix = Date.now() + Math.floor(Math.random() * 1000) + const versionPostfix = `${Date.now()}-${nanoid()}` const newlyPublishedPackageVersions: Record = {} for (const packageName of packagesToPublish) { diff --git a/src/verdaccio/publish-package.ts b/src/verdaccio/publish-package.ts index 85fb12c..b28714a 100644 --- a/src/verdaccio/publish-package.ts +++ b/src/verdaccio/publish-package.ts @@ -107,7 +107,7 @@ function createTempNpmRc({ pathToPkg, sourcePath }: CreateTempNpmRcArgs) { type PublishPackageArgs = Omit & { packageName: string - versionPostfix: number + versionPostfix: string } export async function publishPackage({ packageName, packagesToPublish, packageNamesToFilePath, versionPostfix, source, ignorePackageJsonChanges }: PublishPackageArgs) {