feat: show all mismatch keys

cnpm · Jul 9, 2023 · 6add440 · 6add440
1 parent 0728b94
commit 6add440
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 5 deletions.
diff --git a/app/port/controller/package/SavePackageVersionController.ts b/app/port/controller/package/SavePackageVersionController.ts
@@ -179,11 +179,11 @@ export class SavePackageVersionController extends AbstractController {
     if (this.config.cnpmcore.strictValidateTarballPkg) {
       const tarballPkg = await extractPackageJSON(tarballBytes);
       const versionManifest = pkg.versions[tarballPkg.version];
-      const diffKey = STRICT_CHECK_TARBALL_FIELDS.find(key => {
+      const diffKeys = STRICT_CHECK_TARBALL_FIELDS.filter(key => {
         return !isEqual(tarballPkg[key], versionManifest[key]);
       });
-      if (diffKey) {
-        throw new UnprocessableEntityError(`${diffKey} mismatch between tarball and manifest`);
+      if (diffKeys.length > 0) {
+        throw new UnprocessableEntityError(`${diffKeys} mismatch between tarball and manifest`);
       }
     }
 

diff --git a/test/port/controller/package/SavePackageVersionController.test.ts b/test/port/controller/package/SavePackageVersionController.test.ts
@@ -87,9 +87,27 @@ describe('test/port/controller/package/SavePackageVersionController.test.ts', ()
       assert.equal(pkgEntity.registryId, selfRegistry.registryId);
     });
     it('should verify tgz and manifest', async () => {
+      const { pkg, user } = await TestUtil.createPackage({ name: '@cnpm/banana', version: '1.0.0' });
+      const pkg2 = await TestUtil.getFullPackage({ name: pkg.name, version: '0.0.1' });
+
+      pkg2.versions['0.0.1'].name = '@cnpm/orange';
+
+      mock(app.config.cnpmcore, 'strictValidateTarballPkg', true);
+      const res = await app.httpRequest()
+        .put(`/${pkg2.name}`)
+        .set('authorization', user.authorization)
+        .set('user-agent', user.ua)
+        .send(pkg2)
+        .expect(422);
+
+      assert.equal(res.body.error, '[UNPROCESSABLE_ENTITY] name mismatch between tarball and manifest');
+    });
+    it('should verify tgz and manifest with multiple fields', async () => {
       mock(app.config.cnpmcore, 'allowPublishNonScopePackage', true);
       const { pkg, user } = await TestUtil.createPackage({ name: 'non_scope_pkg', version: '1.0.0' });
-      const pkg2 = await TestUtil.getFullPackage({ name: pkg.name, version: '2.0.0' });
+      const pkg2 = await TestUtil.getFullPackage({ name: pkg.name, version: '0.0.1' });
+
+      pkg2.versions['0.0.1'].dependencies = {lodash: 'latest'};
 
       mock(app.config.cnpmcore, 'strictValidateTarballPkg', true);
       const res = await app.httpRequest()
@@ -99,7 +117,7 @@ describe('test/port/controller/package/SavePackageVersionController.test.ts', ()
         .send(pkg2)
         .expect(422);
 
-      assert.equal(res.body.error, '[UNPROCESSABLE_ENTITY] name mismatch between tarball and manifest');
+      assert.equal(res.body.error, '[UNPROCESSABLE_ENTITY] name,dependencies mismatch between tarball and manifest');
     });
 
     it('should add new version success on scoped package', async () => {