Merge branch 'master' into ianc/fixing-gcb-package-json

iclanton · iclanton · commit 421a0263a9d1 · 2017-07-04T16:15:27.000-07:00
diff --git a/apps/rush-lib/CHANGELOG.json b/apps/rush-lib/CHANGELOG.json
@@ -1,6 +1,18 @@
 {
   "name": "@microsoft/rush-lib",
   "entries": [
+    {
+      "version": "3.0.11",
+      "tag": "@microsoft/rush-lib_v3.0.11",
+      "date": "Mon, Jul  3, 2017 10:53:12 PM",
+      "comments": {
+        "patch": [
+          {
+            "comment": "Rush 3.0.11 was released."
+          }
+        ]
+      }
+    },
     {
       "version": "3.0.10",
       "tag": "@microsoft/rush-lib_v3.0.10",
diff --git a/apps/rush-lib/CHANGELOG.md b/apps/rush-lib/CHANGELOG.md
@@ -1,6 +1,13 @@
 # Change Log - @microsoft/rush-lib
 
-This log was last generated on Tue, 27 Jun 2017 21:49:51 GMT and should not be manually modified.
+This log was last generated on Mon, 03 Jul 2017 22:58:11 GMT and should not be manually modified.
+
+## 3.0.11
+Mon, Jul  3, 2017 10:53:12 PM
+
+### Patches
+
+- Rush 3.0.11 was released.
 
 ## 3.0.10
 Tue, 27 Jun 2017 21:44:50 GMT
diff --git a/apps/rush-lib/package.json b/apps/rush-lib/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@microsoft/rush-lib",
-  "version": "3.0.10",
+  "version": "3.0.11",
   "description": "A library for writing scripts that interact with the Rush tool",
   "repository": {
     "type": "git",
diff --git a/apps/rush/CHANGELOG.json b/apps/rush/CHANGELOG.json
@@ -1,6 +1,18 @@
 {
   "name": "@microsoft/rush",
   "entries": [
+    {
+      "version": "3.0.11",
+      "tag": "@microsoft/rush_v3.0.11",
+      "date": "Mon, Jul  3, 2017 10:53:12 PM",
+      "comments": {
+        "patch": [
+          {
+            "comment": "Add support for non-SemVer dependency specifiers in package.json; for example, \"github:gulpjs/gulp#4.0\" or \"git://github.com/user/project.git#commit-ish\""
+          }
+        ]
+      }
+    },
     {
       "version": "3.0.10",
       "tag": "@microsoft/rush_v3.0.10",
diff --git a/apps/rush/CHANGELOG.md b/apps/rush/CHANGELOG.md
@@ -1,6 +1,13 @@
 # Change Log - @microsoft/rush
 
-This log was last generated on Tue, 27 Jun 2017 21:49:51 GMT and should not be manually modified.
+This log was last generated on Mon, 03 Jul 2017 22:58:11 GMT and should not be manually modified.
+
+## 3.0.11
+Mon, Jul  3, 2017 10:53:12 PM
+
+### Patches
+
+- Add support for non-SemVer dependency specifiers in package.json; for example, "github:gulpjs/gulp#4.0" or "git://github.com/user/project.git#commit-ish"
 
 ## 3.0.10
 Tue, 27 Jun 2017 21:44:50 GMT
diff --git a/apps/rush/package.json b/apps/rush/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@microsoft/rush",
-  "version": "3.0.10",
+  "version": "3.0.11",
   "description": "The professional solution for consolidating all your JavaScript projects in one Git repo",
   "keywords": [
     "install",
@@ -29,7 +29,7 @@
   "license": "MIT",
   "dependencies": {
     "@microsoft/package-deps-hash": "~2.0.5",
-    "@microsoft/rush-lib": "3.0.10",
+    "@microsoft/rush-lib": "3.0.11",
     "@microsoft/stream-collator": "~2.0.2",
     "@microsoft/ts-command-line": "~2.0.2",
     "builtins": "~1.0.3",
@@ -41,6 +41,7 @@
     "inquirer": "~1.2.1",
     "lodash": "~4.15.0",
     "minimatch": "~3.0.2",
+    "npm-package-arg": "~5.1.2",
     "read-package-tree": "~5.1.5",
     "semver": "~5.3.0",
     "wordwrap": "~1.0.0"
diff --git a/apps/rush/src/utilities/ShrinkwrapFile.ts b/apps/rush/src/utilities/ShrinkwrapFile.ts
@@ -1,9 +1,12 @@
 // Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license.
 // See LICENSE in the project root for license information.
 
+import * as colors from 'colors';
 import * as fsx from 'fs-extra';
 import * as os from 'os';
 import * as semver from 'semver';
+import npmPackageArg = require('npm-package-arg');
+
 import { Utilities, RushConstants } from '@microsoft/rush-lib';
 
 interface IShrinkwrapDependencyJson {
@@ -24,6 +27,7 @@ interface IShrinkwrapJson {
  */
 export default class ShrinkwrapFile {
   private _shrinkwrapJson: IShrinkwrapJson;
+  private _alreadyWarnedSpecs: Set<string> = new Set<string>();
 
   public static loadFromFile(shrinkwrapJsonFilename: string): ShrinkwrapFile | undefined {
     let data: string = undefined;
@@ -107,8 +111,20 @@ export default class ShrinkwrapFile {
       return false;
     }
 
-    // If we found it, the version must be compatible
-    return semver.satisfies(dependencyJson.version, versionRange);
+    const result: npmPackageArg.IResult = npmPackageArg.resolve(dependencyName, versionRange);
+    switch (result.type) {
+      case 'version':
+      case 'range':
+        // If it's a SemVer pattern, then require that the shrinkwrapped version must be compatible
+        return semver.satisfies(dependencyJson.version, versionRange);
+      default:
+        // Only warn once for each spec
+        if (!this._alreadyWarnedSpecs.has(result.rawSpec)) {
+          this._alreadyWarnedSpecs.add(result.rawSpec);
+          console.log(colors.yellow(`WARNING: Not validating ${result.type}-based specifier: "${result.rawSpec}"`));
+        }
+        return true;
+    }
   }
 
   private constructor(shrinkwrapJson: IShrinkwrapJson) {
diff --git a/apps/rush/typings/npm-package-arg/npm-package-arg.d.ts b/apps/rush/typings/npm-package-arg/npm-package-arg.d.ts
@@ -0,0 +1,108 @@
+// Type definitions for npm-package-arg 5.1.2
+// Project: https://github.com/npm/npm-package-arg
+// Definitions by: pgonzal
+
+declare module 'npm-package-arg' {
+  namespace npmPackageArg {
+    interface IResult {
+      /**
+       * Indicates the type of dependency reference.  For example 'version' indicates
+       * a normal SemVer pattern.  See the package README.md for full docs.
+       *
+       * git - a git repository
+       * tag - a tagged version, e.g. "example@latest"
+       * version - A specific version number, e.g. "example@1.2.3"
+       * range - A version range, e.g. "example@2.x"
+       * file - A local .tar.gz, .tar or .tgz file
+       * directory - A local directory
+       * remote - An HTTP url to a .tar.gz, .tar or .tgz file
+       */
+      type: 'git' | 'tag' | 'version' | 'range' | 'file' | 'directory' | 'remote';
+
+      /**
+       * True for tag, version and range types.
+       */
+      registry: boolean | undefined;
+
+      /**
+       * If known, the "name" field expected in the package.
+       */
+      name: string | null;
+
+      /**
+       * For scoped NPM packages, the scope name; otherwise the value will be null.
+       */
+      scope: string | null | undefined;
+
+      /**
+       * An escaped name for use when making requests to the NPM registry.
+       */
+      escapedName: string | null;
+
+      /**
+       * The original specifier passed to npmPackageArg.resolve(), or the specifier part of the
+       * argument for npmPackageArg().
+       */
+      rawSpec: string;
+
+      /**
+       * The specifier, as normalized by NPM for saving in a package.json file.
+       */
+      saveSpec: string | null;
+
+      /**
+       * The specifier, as normalized by NPM for fetching a resource.  For example, a "directory"
+       * type dependency, this will be the folder path.
+       */
+      fetchSpec: string | null;
+
+      /**
+       * For Git dependencies, if the committish includes a "semver:" prefix, then this is
+       * the range part.
+       * Example: For "mochajs/mocha#semver:1.2.3", the value would be "1.2.3"
+       */
+      gitRange: string | null | undefined;
+
+      /**
+       * For Git dependencies, the committish part of the specifier, or "master" if omitted.
+       * Example: For "mochajs/mocha#4727d357ea", the value would be "4727d357ea"
+       */
+      gitCommittish: string | null | undefined;
+
+      /**
+       * The original input that was provided.  For npmPackageArg.resolve(), the name and
+       * spec parameters will be combined, e.g. "example" and "1.2" will be combined as "example@1.2".
+       */
+      raw: string;
+    }
+
+    /**
+     * Parses a package dependency, based on a package name and version specifier as might appear
+     * in a package.json file.  An Error object will be thrown if the input is invalid.
+     *
+     * @param name - The name of an NPM package, possibly including a scope
+     * @param spec - A version specifier, e.g. "^1.2.3", "git://github.com/user/project.git#commit-ish", etc.
+     * @param where - a path that file paths will be resolved relative to; otherwise, process.cwd()
+     *   is used
+     * @returns an object containing parsed information.
+     *
+     * @see {@link https://docs.npmjs.com/files/package.json#dependencies} for full syntax.
+     */
+    function resolve(name: string, spec: string, where?: string): npmPackageArg.IResult;
+  }
+
+  /**
+   * Parses a package dependency, based on a combined package name and version specifier
+   * as might be passed to "npm install".  An Error object will be thrown if the input is invalid.
+   *
+   * @param arg - a string such as "example@1.2", "bitbucket:user/example", "file:../example", etc.
+   * @param where - a path that file paths will be resolved relative to; otherwise, process.cwd()
+   *   is used
+   * @returns an object containing parsed information.
+   *
+   * @see {@link https://docs.npmjs.com/files/package.json#dependencies} for full syntax.
+   */
+  function npmPackageArg(arg: string, where?: string): npmPackageArg.IResult;
+
+  export = npmPackageArg;
+}
diff --git a/apps/rush/typings/read-package-tree/read-package-tree.d.ts b/apps/rush/typings/read-package-tree/read-package-tree.d.ts
@@ -1,6 +1,6 @@
 // Type definitions for read-package-tree 5.1.2
 // Project: https://github.com/npm/read-package-tree
-// Definitions by: Pete Gonzalez
+// Definitions by: pgonzal
 
 declare module 'read-package-tree' {
   namespace readPackageTree {
diff --git a/apps/rush/typings/tsd.d.ts b/apps/rush/typings/tsd.d.ts
@@ -5,6 +5,7 @@
 /// <reference path="colors/colors.d.ts" />
 /// <reference path="git-repo-info/git-repo-info.d.ts" />
 /// <reference path="glob-escape/glob-escape.d.ts" />
+/// <reference path="inquirer/inquirer.d.ts" />
+/// <reference path="npm-package-arg/npm-package-arg.d.ts" />
 /// <reference path="read-package-tree/read-package-tree.d.ts" />
 /// <reference path="wordwrap/wordwrap.d.ts" />
-/// <reference path="inquirer/inquirer.d.ts" />
diff --git a/common/config/rush/nonbrowser-approved-packages.json b/common/config/rush/nonbrowser-approved-packages.json
@@ -301,6 +301,10 @@
       "name": "node-notifier",
       "allowedCategories": [ "libraries" ]
     },
+    {
+      "name": "npm-package-arg",
+      "allowedCategories": [ "libraries" ]
+    },
     {
       "name": "object-assign",
       "allowedCategories": [ "libraries" ]
diff --git a/common/config/rush/npm-shrinkwrap.json b/common/config/rush/npm-shrinkwrap.json
diff --git a/core-build/gulp-core-build-karma/CHANGELOG.json b/core-build/gulp-core-build-karma/CHANGELOG.json
diff --git a/core-build/gulp-core-build-karma/CHANGELOG.md b/core-build/gulp-core-build-karma/CHANGELOG.md
diff --git a/core-build/gulp-core-build-karma/package.json b/core-build/gulp-core-build-karma/package.json
diff --git a/core-build/web-library-build/package.json b/core-build/web-library-build/package.json

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@microsoft/rush-lib",`
`3`		`- "version": "3.0.10",`
	`3`	`+ "version": "3.0.11",`
`4`	`4`	`"description": "A library for writing scripts that interact with the Rush tool",`
`5`	`5`	`"repository": {`
`6`	`6`	`"type": "git",`