Skip to content

Commit bc3f066

Browse files
travitravi
committed
test(unit): backfill unit tests for existing verify-auth behaviors
this prepares for changes that will be needed for #958
1 parent 1e5ad5e commit bc3f066

File tree

3 files changed

+178
-2
lines changed

3 files changed

+178
-2
lines changed

package-lock.json

Lines changed: 114 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,8 @@
4747
"semantic-release": "24.2.9",
4848
"sinon": "21.0.0",
4949
"stream-buffers": "3.0.3",
50-
"strip-ansi": "7.1.2"
50+
"strip-ansi": "7.1.2",
51+
"testdouble": "3.20.2"
5152
},
5253
"engines": {
5354
"node": ">=20.8.1"

test/verify-auth.test.js

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
import test from "ava";
2+
import * as td from "testdouble";
3+
4+
let execa, verifyAuth, getRegistry, setNpmrcAuth;
5+
const DEFAULT_NPM_REGISTRY = "https://registry.npmjs.org/";
6+
const npmrc = 'npmrc contents';
7+
const pkg = {};
8+
const otherEnvVars = {foo: 'bar'}
9+
const env = {DEFAULT_NPM_REGISTRY, ...otherEnvVars};
10+
const cwd = "./path/to/current/working/directory";
11+
const context = {env, cwd};
12+
13+
test.beforeEach(async (t) => {
14+
({ execa } = await td.replaceEsm("execa"));
15+
({ default: getRegistry } = await td.replaceEsm("../lib/get-registry.js"));
16+
({ default: setNpmrcAuth } = await td.replaceEsm("../lib/set-npmrc-auth.js"));
17+
18+
({ default: verifyAuth } = await import("../lib/verify-auth.js"));
19+
});
20+
21+
test.afterEach.always((t) => {
22+
td.reset();
23+
});
24+
25+
test.serial("that the provided token is verified with `npm whoami` when trusted publishing is not established for the official registry", async (t) => {
26+
td.when(getRegistry(pkg, context)).thenReturn(DEFAULT_NPM_REGISTRY);
27+
td.when(execa("npm", ["whoami", "--userconfig", npmrc, "--registry", DEFAULT_NPM_REGISTRY], {
28+
cwd,
29+
env: otherEnvVars,
30+
preferLocal: true,
31+
})).thenReturn({
32+
stdout: { pipe: () => undefined },
33+
stderr: { pipe: () => undefined }
34+
});
35+
36+
await t.notThrowsAsync(verifyAuth(npmrc, pkg, context));
37+
});
38+
39+
test.serial("that the auth context for the official registry is considered invalid when no token is provided and trusted publishing is not established", async (t) => {
40+
td.when(getRegistry(pkg, context)).thenReturn(DEFAULT_NPM_REGISTRY);
41+
td.when(execa("npm", ["whoami", "--userconfig", npmrc, "--registry", DEFAULT_NPM_REGISTRY], {
42+
cwd,
43+
env: otherEnvVars,
44+
preferLocal: true,
45+
})).thenThrow(new Error());
46+
47+
const {
48+
errors: [error],
49+
} = await t.throwsAsync(verifyAuth(npmrc, pkg, context));
50+
51+
t.is(error.name, "SemanticReleaseError");
52+
t.is(error.code, "EINVALIDNPMTOKEN");
53+
t.is(error.message, "Invalid npm token.");
54+
});
55+
56+
// since alternative registries are not consistent in implementing `npm whoami`,
57+
// we do not attempt to verify the provided token when publishing to them
58+
test.serial("that `npm whoami` is not invoked when publishing to a custom registry", async (t) => {
59+
td.when(getRegistry(pkg, context)).thenReturn("https://other.registry.org");
60+
61+
await t.notThrowsAsync(verifyAuth(npmrc, pkg, context));
62+
});

0 commit comments

Comments
 (0)