mirror of
https://github.com/denoland/deno.git
synced 2024-12-11 10:07:54 -05:00
4c8d57db03
Closes https://github.com/denoland/deno/issues/25967 Closes #25968
430 lines
13 KiB
Rust
430 lines
13 KiB
Rust
// Copyright 2018-2024 the Deno authors. All rights reserved. MIT license.
|
|
|
|
use deno_cache_dir::HttpCache;
|
|
use deno_core::serde_json;
|
|
use deno_core::serde_json::json;
|
|
use deno_core::serde_json::Value;
|
|
use deno_lockfile::Lockfile;
|
|
use deno_lockfile::NewLockfileOptions;
|
|
use deno_semver::jsr::JsrDepPackageReq;
|
|
use deno_semver::package::PackageNv;
|
|
use test_util as util;
|
|
use url::Url;
|
|
use util::assert_contains;
|
|
use util::assert_not_contains;
|
|
use util::TestContextBuilder;
|
|
|
|
#[test]
|
|
fn fast_check_cache() {
|
|
let test_context = TestContextBuilder::for_jsr().use_temp_cwd().build();
|
|
let deno_dir = test_context.deno_dir();
|
|
let temp_dir = test_context.temp_dir();
|
|
let type_check_cache_path = deno_dir.path().join("check_cache_v2");
|
|
|
|
temp_dir.write(
|
|
"main.ts",
|
|
r#"import { add } from "jsr:@denotest/add@1";
|
|
const value: number = add(1, 2);
|
|
console.log(value);"#,
|
|
);
|
|
temp_dir.path().join("deno.json").write_json(&json!({
|
|
"vendor": true
|
|
}));
|
|
|
|
test_context
|
|
.new_command()
|
|
.args("check main.ts")
|
|
.run()
|
|
.skip_output_check();
|
|
|
|
type_check_cache_path.remove_file();
|
|
let check_debug_cmd = test_context
|
|
.new_command()
|
|
.args("check --log-level=debug main.ts");
|
|
let output = check_debug_cmd.run();
|
|
assert_contains!(
|
|
output.combined_output(),
|
|
"Using FastCheck cache for: @denotest/add@1.0.0"
|
|
);
|
|
|
|
// modify the file in the vendor folder
|
|
let vendor_dir = temp_dir.path().join("vendor");
|
|
let pkg_dir = vendor_dir.join("http_127.0.0.1_4250/@denotest/add/1.0.0/");
|
|
pkg_dir
|
|
.join("mod.ts")
|
|
.append("\nexport * from './other.ts';");
|
|
let nested_pkg_file = pkg_dir.join("other.ts");
|
|
nested_pkg_file.write("export function other(): string { return ''; }");
|
|
|
|
// invalidated
|
|
let output = check_debug_cmd.run();
|
|
assert_not_contains!(
|
|
output.combined_output(),
|
|
"Using FastCheck cache for: @denotest/add@1.0.0"
|
|
);
|
|
|
|
// ensure cache works
|
|
let output = check_debug_cmd.run();
|
|
assert_contains!(output.combined_output(), "Already type checked.");
|
|
let building_fast_check_msg = "Building fast check graph";
|
|
assert_not_contains!(output.combined_output(), building_fast_check_msg);
|
|
|
|
// now validated
|
|
type_check_cache_path.remove_file();
|
|
let output = check_debug_cmd.run();
|
|
assert_contains!(output.combined_output(), building_fast_check_msg);
|
|
assert_contains!(
|
|
output.combined_output(),
|
|
"Using FastCheck cache for: @denotest/add@1.0.0"
|
|
);
|
|
|
|
// cause a fast check error in the nested package
|
|
nested_pkg_file
|
|
.append("\nexport function asdf(a: number) { let err: number = ''; return Math.random(); }");
|
|
check_debug_cmd.run().skip_output_check();
|
|
|
|
// ensure the cache still picks it up for this file
|
|
type_check_cache_path.remove_file();
|
|
let output = check_debug_cmd.run();
|
|
assert_contains!(output.combined_output(), building_fast_check_msg);
|
|
assert_contains!(
|
|
output.combined_output(),
|
|
"Using FastCheck cache for: @denotest/add@1.0.0"
|
|
);
|
|
|
|
// see that the type checking error in the internal function gets surfaced with --all
|
|
test_context
|
|
.new_command()
|
|
.args("check --all main.ts")
|
|
.run()
|
|
.assert_matches_text(
|
|
"Check file:///[WILDCARD]main.ts
|
|
error: TS2322 [ERROR]: Type 'string' is not assignable to type 'number'.
|
|
export function asdf(a: number) { let err: number = ''; return Math.random(); }
|
|
~~~
|
|
at http://127.0.0.1:4250/@denotest/add/1.0.0/other.ts:2:39
|
|
",
|
|
)
|
|
.assert_exit_code(1);
|
|
|
|
// now fix the package
|
|
nested_pkg_file.write("export function test() {}");
|
|
let output = check_debug_cmd.run();
|
|
assert_contains!(output.combined_output(), building_fast_check_msg);
|
|
assert_not_contains!(
|
|
output.combined_output(),
|
|
"Using FastCheck cache for: @denotest/add@1.0.0"
|
|
);
|
|
|
|
// finally ensure it uses the cache
|
|
type_check_cache_path.remove_file();
|
|
let output = check_debug_cmd.run();
|
|
assert_contains!(output.combined_output(), building_fast_check_msg);
|
|
assert_contains!(
|
|
output.combined_output(),
|
|
"Using FastCheck cache for: @denotest/add@1.0.0"
|
|
);
|
|
}
|
|
|
|
#[test]
|
|
fn specifiers_in_lockfile() {
|
|
let test_context = TestContextBuilder::for_jsr().use_temp_cwd().build();
|
|
let temp_dir = test_context.temp_dir();
|
|
|
|
temp_dir.write(
|
|
"main.ts",
|
|
r#"import version from "jsr:@denotest/no-module-graph@0.1";
|
|
|
|
console.log(version);"#,
|
|
);
|
|
temp_dir.write("deno.json", "{}"); // to automatically create a lockfile
|
|
|
|
test_context
|
|
.new_command()
|
|
.args("run --quiet main.ts")
|
|
.run()
|
|
.assert_matches_text("0.1.1\n");
|
|
|
|
let lockfile_path = temp_dir.path().join("deno.lock");
|
|
let mut lockfile = Lockfile::new(NewLockfileOptions {
|
|
file_path: lockfile_path.to_path_buf(),
|
|
content: &lockfile_path.read_to_string(),
|
|
overwrite: false,
|
|
})
|
|
.unwrap();
|
|
*lockfile
|
|
.content
|
|
.packages
|
|
.specifiers
|
|
.get_mut(
|
|
&JsrDepPackageReq::from_str("jsr:@denotest/no-module-graph@0.1").unwrap(),
|
|
)
|
|
.unwrap() = "0.1.0".to_string();
|
|
lockfile_path.write(lockfile.as_json_string());
|
|
|
|
test_context
|
|
.new_command()
|
|
.args("run --quiet main.ts")
|
|
.run()
|
|
.assert_matches_text("0.1.0\n");
|
|
}
|
|
|
|
#[test]
|
|
fn reload_info_not_found_cache_but_exists_remote() {
|
|
fn remove_version(registry_json: &mut Value, version: &str) {
|
|
registry_json
|
|
.as_object_mut()
|
|
.unwrap()
|
|
.get_mut("versions")
|
|
.unwrap()
|
|
.as_object_mut()
|
|
.unwrap()
|
|
.remove(version);
|
|
}
|
|
|
|
fn remove_version_for_package(
|
|
deno_dir: &util::TempDir,
|
|
package: &str,
|
|
version: &str,
|
|
) {
|
|
let specifier =
|
|
Url::parse(&format!("http://127.0.0.1:4250/{}/meta.json", package))
|
|
.unwrap();
|
|
let cache = deno_cache_dir::GlobalHttpCache::new(
|
|
deno_dir.path().join("remote").to_path_buf(),
|
|
deno_cache_dir::TestRealDenoCacheEnv,
|
|
);
|
|
let entry = cache
|
|
.get(&cache.cache_item_key(&specifier).unwrap(), None)
|
|
.unwrap()
|
|
.unwrap();
|
|
let mut registry_json: serde_json::Value =
|
|
serde_json::from_slice(&entry.content).unwrap();
|
|
remove_version(&mut registry_json, version);
|
|
cache
|
|
.set(
|
|
&specifier,
|
|
entry.metadata.headers.clone(),
|
|
registry_json.to_string().as_bytes(),
|
|
)
|
|
.unwrap();
|
|
}
|
|
|
|
// This tests that when a local machine doesn't have a version
|
|
// specified in a dependency that exists in the npm registry
|
|
let test_context = TestContextBuilder::for_jsr().use_temp_cwd().build();
|
|
let deno_dir = test_context.deno_dir();
|
|
let temp_dir = test_context.temp_dir();
|
|
temp_dir.write(
|
|
"main.ts",
|
|
"import { add } from 'jsr:@denotest/add@1'; console.log(add(1, 2));",
|
|
);
|
|
|
|
// cache successfully to the deno_dir
|
|
let output = test_context.new_command().args("cache main.ts").run();
|
|
output.assert_matches_text(concat!(
|
|
"Download http://127.0.0.1:4250/@denotest/add/meta.json\n",
|
|
"Download http://127.0.0.1:4250/@denotest/add/1.0.0_meta.json\n",
|
|
"Download http://127.0.0.1:4250/@denotest/add/1.0.0/mod.ts\n",
|
|
));
|
|
|
|
// modify the package information in the cache to remove the latest version
|
|
remove_version_for_package(deno_dir, "@denotest/add", "1.0.0");
|
|
|
|
// should error when `--cache-only` is used now because the version is not in the cache
|
|
let output = test_context
|
|
.new_command()
|
|
.args("run --cached-only main.ts")
|
|
.run();
|
|
output.assert_exit_code(1);
|
|
output.assert_matches_text("error: JSR package manifest for '@denotest/add' failed to load. Could not resolve version constraint using only cached data. Try running again without --cached-only
|
|
at file:///[WILDCARD]main.ts:1:21
|
|
");
|
|
|
|
// now try running without it, it should download the package now
|
|
test_context
|
|
.new_command()
|
|
.args("run main.ts")
|
|
.run()
|
|
.assert_matches_text(concat!(
|
|
"Download http://127.0.0.1:4250/@denotest/add/meta.json\n",
|
|
"Download http://127.0.0.1:4250/@denotest/add/1.0.0_meta.json\n",
|
|
"3\n",
|
|
))
|
|
.assert_exit_code(0);
|
|
}
|
|
|
|
#[test]
|
|
fn lockfile_bad_package_integrity() {
|
|
let test_context = TestContextBuilder::for_jsr().use_temp_cwd().build();
|
|
let temp_dir = test_context.temp_dir();
|
|
|
|
temp_dir.write(
|
|
"main.ts",
|
|
r#"import version from "jsr:@denotest/no-module-graph@0.1";
|
|
|
|
console.log(version);"#,
|
|
);
|
|
temp_dir.write("deno.json", "{}"); // to automatically create a lockfile
|
|
|
|
test_context
|
|
.new_command()
|
|
.args("run --quiet main.ts")
|
|
.run()
|
|
.assert_matches_text("0.1.1\n");
|
|
|
|
let lockfile_path = temp_dir.path().join("deno.lock");
|
|
let mut lockfile = Lockfile::new(NewLockfileOptions {
|
|
file_path: lockfile_path.to_path_buf(),
|
|
content: &lockfile_path.read_to_string(),
|
|
overwrite: false,
|
|
})
|
|
.unwrap();
|
|
let pkg_nv = "@denotest/no-module-graph@0.1.1";
|
|
let original_integrity = get_lockfile_pkg_integrity(&lockfile, pkg_nv);
|
|
set_lockfile_pkg_integrity(&mut lockfile, pkg_nv, "bad_integrity");
|
|
lockfile_path.write(lockfile.as_json_string());
|
|
|
|
let actual_integrity =
|
|
test_context.get_jsr_package_integrity("@denotest/no-module-graph/0.1.1");
|
|
let integrity_check_failed_msg = format!("[WILDCARD]Integrity check failed for package. The source code is invalid, as it does not match the expected hash in the lock file.
|
|
|
|
Package: @denotest/no-module-graph@0.1.1
|
|
Actual: {}
|
|
Expected: bad_integrity
|
|
|
|
This could be caused by:
|
|
* the lock file may be corrupt
|
|
* the source itself may be corrupt
|
|
|
|
Investigate the lockfile; delete it to regenerate the lockfile or --reload to reload the source code from the server.
|
|
", actual_integrity);
|
|
test_context
|
|
.new_command()
|
|
.args("run --quiet main.ts")
|
|
.run()
|
|
.assert_matches_text(&integrity_check_failed_msg)
|
|
.assert_exit_code(10);
|
|
|
|
// now try with a vendor folder
|
|
temp_dir
|
|
.path()
|
|
.join("deno.json")
|
|
.write_json(&json!({ "vendor": true }));
|
|
|
|
// should fail again
|
|
test_context
|
|
.new_command()
|
|
.args("run --quiet main.ts")
|
|
.run()
|
|
.assert_matches_text(&integrity_check_failed_msg)
|
|
.assert_exit_code(10);
|
|
|
|
// now update to the correct integrity
|
|
set_lockfile_pkg_integrity(&mut lockfile, pkg_nv, &original_integrity);
|
|
lockfile_path.write(lockfile.as_json_string());
|
|
|
|
// should pass now
|
|
test_context
|
|
.new_command()
|
|
.args("run --quiet main.ts")
|
|
.run()
|
|
.assert_matches_text("0.1.1\n")
|
|
.assert_exit_code(0);
|
|
|
|
// now update to a bad integrity again
|
|
set_lockfile_pkg_integrity(&mut lockfile, pkg_nv, "bad_integrity");
|
|
lockfile_path.write(lockfile.as_json_string());
|
|
|
|
// shouldn't matter because we have a vendor folder
|
|
test_context
|
|
.new_command()
|
|
.args("run --quiet main.ts")
|
|
.run()
|
|
.assert_matches_text("0.1.1\n")
|
|
.assert_exit_code(0);
|
|
|
|
// now remove the vendor dir and it should fail again
|
|
temp_dir.path().join("vendor").remove_dir_all();
|
|
|
|
test_context
|
|
.new_command()
|
|
.args("run --quiet main.ts")
|
|
.run()
|
|
.assert_matches_text(&integrity_check_failed_msg)
|
|
.assert_exit_code(10);
|
|
}
|
|
|
|
#[test]
|
|
fn bad_manifest_checksum() {
|
|
let test_context = TestContextBuilder::for_jsr().use_temp_cwd().build();
|
|
let temp_dir = test_context.temp_dir();
|
|
|
|
temp_dir.write(
|
|
"main.ts",
|
|
r#"import { add } from "jsr:@denotest/bad-manifest-checksum@1.0.0";
|
|
console.log(add);"#,
|
|
);
|
|
|
|
// test it properly checks the checksum on download
|
|
test_context
|
|
.new_command()
|
|
.args("run main.ts")
|
|
.run()
|
|
.assert_matches_text(
|
|
"Download http://127.0.0.1:4250/@denotest/bad-manifest-checksum/meta.json
|
|
Download http://127.0.0.1:4250/@denotest/bad-manifest-checksum/1.0.0_meta.json
|
|
Download http://127.0.0.1:4250/@denotest/bad-manifest-checksum/1.0.0/mod.ts
|
|
error: Integrity check failed in package. The package may have been tampered with.
|
|
|
|
Specifier: http://127.0.0.1:4250/@denotest/bad-manifest-checksum/1.0.0/mod.ts
|
|
Actual: 9a30ac96b5d5c1b67eca69e1e2cf0798817d9578c8d7d904a81a67b983b35cba
|
|
Expected: bad-checksum
|
|
|
|
If you modified your global cache, run again with the --reload flag to restore its state. If you want to modify dependencies locally run again with the --vendor flag or specify `\"vendor\": true` in a deno.json then modify the contents of the vendor/ folder.
|
|
",
|
|
)
|
|
.assert_exit_code(10);
|
|
|
|
// test it properly checks the checksum when loading from the cache
|
|
test_context
|
|
.new_command()
|
|
.args("run main.ts")
|
|
.run()
|
|
.assert_matches_text(
|
|
"error: Integrity check failed in package. The package may have been tampered with.
|
|
|
|
Specifier: http://127.0.0.1:4250/@denotest/bad-manifest-checksum/1.0.0/mod.ts
|
|
Actual: 9a30ac96b5d5c1b67eca69e1e2cf0798817d9578c8d7d904a81a67b983b35cba
|
|
Expected: bad-checksum
|
|
|
|
If you modified your global cache, run again with the --reload flag to restore its state. If you want to modify dependencies locally run again with the --vendor flag or specify `\"vendor\": true` in a deno.json then modify the contents of the vendor/ folder.
|
|
",
|
|
)
|
|
.assert_exit_code(10);
|
|
}
|
|
|
|
fn get_lockfile_pkg_integrity(lockfile: &Lockfile, pkg_nv: &str) -> String {
|
|
lockfile
|
|
.content
|
|
.packages
|
|
.jsr
|
|
.get(&PackageNv::from_str(pkg_nv).unwrap())
|
|
.unwrap()
|
|
.integrity
|
|
.clone()
|
|
}
|
|
|
|
fn set_lockfile_pkg_integrity(
|
|
lockfile: &mut Lockfile,
|
|
pkg_nv: &str,
|
|
integrity: &str,
|
|
) {
|
|
lockfile
|
|
.content
|
|
.packages
|
|
.jsr
|
|
.get_mut(&PackageNv::from_str(pkg_nv).unwrap())
|
|
.unwrap()
|
|
.integrity = integrity.to_string();
|
|
}
|