Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: throw 403 for forbidden major/minor versions #2

Closed
wants to merge 1 commit into from
Closed

fix: throw 403 for forbidden major/minor versions #2

wants to merge 1 commit into from

Conversation

claudiahdz
Copy link

✏️ Changes

This PR fixes a bug where target was not being resolved correctly for major/minor versions. Since elements are removed from the versions object of the packument by the proxy the algorithm had trouble finding a satisfying version to resolve the target to. This led to a null target which was interpreted as a not found. Adding an extra check on the policyRestrictions.versions object allows us to correctly resolve the target and later check if it's a forbidden target or not.

Ex. npm install lodash@1

🔗 References

Card: https://npmjsinc.leankit.com/card/891629888

🔍 Testing

Automated testing

  • Checks if E403 if version when forbidden, provided a minor version
  • Checks if E403 if version when forbidden, provided a major version
    ✅ This change has unit test coverage

@shanisebarona
fix: throw 403 for forbidden major/minor versions
e00ea63 
Co-authored-by: @claudiahdz
Co-authored-by: @emyl3
Co-authored-by: @rrconey
emyl3
emyl3 approved these changes Aug 27, 2019
View reviewed changes
Copy link

@emyl3 emyl3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@emyl3 emyl3 requested review from AKimZ and darcyclarke August 27, 2019 14:42
shanisebarona
shanisebarona reviewed Aug 27, 2019
View reviewed changes
Copy link

@shanisebarona shanisebarona left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@isaacs isaacs closed this in 003286e Aug 28, 2019
@isaacs
Copy link

isaacs commented Aug 28, 2019

Landed and published as v3.0.1. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shanisebarona shanisebarona shanisebarona left review comments

@darcyclarke darcyclarke darcyclarke approved these changes

@emyl3 emyl3 emyl3 approved these changes

@AKimZ AKimZ Awaiting requested review from AKimZ

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@claudiahdz @isaacs @darcyclarke @shanisebarona @emyl3