Parse the package.json file entirely for NPM uploads
🔭 Context
When NPM packages are published to the NPM GitLab package registry, a background job is kicked. Among other things, it will collect the package.json
file and parse it.
In gitlab-com/gl-infra/production#18253 (closed), we were made aware that the event based parsing that we have for NPM uploads is not working properly.
Given that the file that is parsed is already limited in size, we can fall back to a simpler implementation for parsing: simply parse the entire JSON document (and load it in memory).
🤔 What does this MR do and why?
- Switch NPM
package.json
parsing fromoj
saj parsing toGitlab::Json.parse
. - Update the related specs
🏎 MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
🌈 Screenshots or screen recordings
⚙ How to set up and validate locally
- Have a project and a PAT ready.
- Create a folder with:
-
package.json
:{ "name": "@scope/subkeys", "version": "1.0.0", "description": "", "main": "index.js", "subkeys": { "name": "nop", "version": "nop" }, "scripts": { "test": "echo \"Error: no test specified\" && exit 1" }, "author": "", "license": "ISC" }
-
.npmrc
(replace<pat>
and<project_id>
):
@scope:registry=http://gdk.test:8000/api/v4/projects/<project_id>/packages/npm/ //gdk.test:8000/api/v4/projects/<project_id>/packages/npm/:_authToken="<PAT>"
-
- run
$ npm publish
On master: this fails with
With this MR, the upload succeeds