bitbake: fetch2/npm: refactor the npm fetcher - linux/poky.git

diff options

author	Jean-Marie LEMETAYER <jean-marie.lemetayer@savoirfairelinux.com>	2020-01-24 18:08:11 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2020-01-27 16:48:10 +0000
commit	d842e9e738e14fc54c21434755033d6eb6b6f3f2 (patch)
tree	4d65e83f4dc962b38c2d7eb92959de5419a4be24 /meta/classes
parent	b9ce68a5d7beca817d0370e89b178dbc9ff6ccbc (diff)
download	poky-d842e9e738e14fc54c21434755033d6eb6b6f3f2.tar.gz

bitbake: fetch2/npm: refactor the npm fetcher

This commit refactors the npm fetcher to improve some points and fix others: - The big change is that the fetcher is only fetching the package source and no more the dependencies. Thus the npm fetcher act as the other fetchers e.g git, wget. The dependencies will be handled later. - The fetcher only resolves the url of the package using 'npm view' and then forwards it to a proxy fetcher. - This commit also fixes a lot of issues with the package names (exotic characters, scoped packages) which were badly handled. - The validation files - lockdown.json and npm-shrinkwrap.json - are no longer used by the fetcher. Instead, the downloaded tarball is verified with the 'integrity' and 'shasum' provided in the 'npm view' of the package [1][2]. 1: https://docs.npmjs.com/files/package-lock.json#integrity 2: https://www.w3.org/TR/SRI (Bitbake rev: 0f451cdc43130d503ada53ed1b4fc5a24943f6ef) Signed-off-by: Jean-Marie LEMETAYER <jean-marie.lemetayer@savoirfairelinux.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/classes')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: