2

I have a scenario where I have to run a validation script before npm publish happens and that I have to enforce it at the global level so that all node application run this validation script before it starts publishing.

Like prepublishOnly applied at the global level on linux agent where all our node application run. In validation script, Need to get application name and version.

Can you please suggest

user3142041
  • 63
  • 5
  • It's somewhat unclear exactly what you want. However, If you are wanting to run a specific `prepublishOnly` script when you run `npm publish`, (even when a `prepublishOnly` script IS NOT defined in each projects _package.json_) - then you'll need to override the `npm publish` command at the shell level. My answer [here](https://stackoverflow.com/questions/59934610/run-a-script-like-postinstall-after-npm-installing-a-single-package/60096171#60096171) describes how you can do that for a pseudo `postinstall` script - it would be fairly easy to modify that to run a pseudo `prepublishOnly` script. – RobC Jul 20 '20 at 15:26
  • @RobC ..I have to validate if the publishing registry url is matching 'repository/npm-dev' then only run prepublishOnly script which will have RestAPI calls based on response code, if it is 200 then proceed with publish and postpublish script else exit the execution, aborting the publish. Can we do this with bashrc working on the global level as we are central team, you have to enforce it globally, as it is very difficult to monitor if every application will make changes ? Please suggest – user3142041 Jul 21 '20 at 03:06
  • Here's an example gist. If you add [this npm function](https://paste.ee/p/GDuLX) to your _.bashrc_ file and create a new session for it to become effective, i.e. create a new terminal window. Whenever the `npm publish` command is run in the future (for any project) it will: **1)** Run the `npm config get registry` command **2)** Validate whether the actual registry equals the expected registry. **3)** If the actual registry does not equal the expected registry url an error is shown and publishing is aborted. **4)** When the actual registry does equal expected registry the pkg is published. – RobC Jul 21 '20 at 09:35
  • Thanks @RobC, I am still working on the best possible approach to take, your script was of great help. I will comment here if I am stuck. – user3142041 Jul 22 '20 at 05:45
  • @RobC ..I have put the script under /bin and modifying package.json to execute prepublishOnly and postpublish scripts. Thanks for your suggestion. – user3142041 Aug 05 '20 at 05:06
  • @RobC . Another scenario, registry url can be given from CLI as well. `npm publish --registry=https:company.com/npm-internal` How to read it in the shell script ? I tried using `process.argv`.but could not read the CLI cmd having registry URL as argument. – user3142041 Aug 05 '20 at 05:07
  • `process.argv` is for _node.js_ and not shell script _(bash)_. Take a look at this [revised npm function](https://paste.ee/p/69Kje). Note the `EXPECTED_REGISTRY` variable/value at the top. This example `npm` function will only run the `npm publish` command if either: **a)** The npm config for the registry is set to `https://repository/npm-dev`, or **b)** The user runs `npm publish` with either the `--registry=https://repository/npm-dev` option or the alias option [`-reg`](https://docs.npmjs.com/misc/config#shorthands-and-other-cli-niceties), i.e. `-reg=https://repository/npm-dev` – RobC Aug 05 '20 at 12:40
  • @RobC ..In one of the scenario, I am actually fetching the registry URL even before `npm install` happens. We have .npmrc file placed at the global level so `npm config get registry` will always pick the registry from the global config, in case if you have not defined that in package.json. So I think only approach to get the registry URL if it is passed as the argument for `npm publish`, is to read the commands in the shell script, if it matches `npm publish --registry`, then read the argument. ? is there any other way to do it ? – user3142041 Aug 06 '20 at 05:12
  • You say _"read the commands in the shell script, if it matches `npm publish --registry`, then read the argument."_ - Well, the revised script that I provided in my previous comment does exactly that _(from line no. 26 to 49)_. The comments section of a post should not be used for extended discussion and new questions. I suggest you [Ask a new Question](https://stackoverflow.com/questions/ask) instead, show your code, and explain clearly what you are wanting to do. You can reference this question in your new question if you think it would help readers to better understand your new question. – RobC Aug 07 '20 at 07:50

1 Answers1

-1

I create a repo for your solution, in cause you need anything let us know we'll help you further.

enter image description here

clone the repo:

git clone https://github.com/lifeeric/validate-node-package

and make permissions

# change dir
cd validate-node-package

# Permission
chmod +x npmv

and make it globally

sudo cp npmv /bin
Ericgit
  • 6,089
  • 2
  • 42
  • 53
  • @user3142041 I'm glad that it helped you! please mark the question as answered and please give a star on my Github repo: https://github.com/lifeeric/validate-node-package – Ericgit Jul 20 '20 at 10:10
  • @user3142041 I hope soon I'll update the repo with more features, you can also PR, or add an issue for features! – Ericgit Jul 20 '20 at 10:13
  • For cross platform just run: `node -p "require('./package.json').name"` and/or `node -p "require('./package.json').version"` – RobC Jul 20 '20 at 10:36
  • @RobC Thanks for your endevour, I really like it! – Ericgit Jul 20 '20 at 10:39
  • @BloodyLogic - your grep patterns potentially return unexpected results. For example, let's say we have [standard-version](https://www.npmjs.com/package/standard-version) defined as a dependency in _package.json_. You'll log something like this `"version": "1.0.0", "standard-version": "^8.0.2"`. Similar issues will occur for `name` too. – RobC Jul 20 '20 at 10:47
  • @RobC That really weird! I think I should delete the question and also the source code! – Ericgit Jul 20 '20 at 11:00
  • @BloodyLogic - there's nothing particularly weird about it - [grep](https://ss64.com/bash/grep.html) prints all matching line(s) where the given pattern is found. Using `grep` to parse JSON is never a good idea. If you are wanting to create a _bash_ solution for _*nix_ then consider utilizing e.g. [jq](https://stedolan.github.io/jq/) or [json-tool](https://github.com/trentm/json) to correctly parse the _package.json_. Personally, for the benefit of cross-platform support, I'd utilize node.js instead. – RobC Jul 20 '20 at 11:21
  • @RobC It also works on `standard-version`, check it out on the answer I updated it, I think you need to study grep command. using grep for JSON it best ideas I don't need to go for third party lib, I can do that with `sed` `awk`, and `grep` thanks!! – Ericgit Jul 20 '20 at 12:03
  • @BloodyLogic - You say _"It also works on `standard-version`"_ - yes that's exactly the problem and why your attempted solution potentially returns unexpected results. Try running your _attempted_ solution using this example [package.json](https://paste.ee/p/UrmqA) and tell me whether it logs the correct result for just `version`? The OP states _"Need to get application name and version"_. It doesn't say _"Need to get any line that contains name or version"_. I think you need to study the question again. – RobC Jul 20 '20 at 12:23
  • @RobC You're right he/she want only the version and application and this is what I'm giving (version and name). I update the image! – Ericgit Jul 20 '20 at 12:28
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/218208/discussion-between-robc-and-bloodylogic). – RobC Jul 20 '20 at 12:30
  • @BloodyLogic ..Currently we can only ask nodejs developers to run the script. How can it be enforced at the central level ..For example, for Gradle projects..we can enforce rules having init.gradle under Gradle_User_Home directory irrespective of Gradle versions they use. Do we have anything on the global level for node applications having said that all applications run their own versions. – user3142041 Jul 20 '20 at 18:27