update

package/node_modules/@npmcli/agent/lib/agents.js

@@ -0,0 +1,206 @@
+'use strict'
+
+const net = require('net')
+const tls = require('tls')
+const { once } = require('events')
+const timers = require('timers/promises')
+const { normalizeOptions, cacheOptions } = require('./options')
+const { getProxy, getProxyAgent, proxyCache } = require('./proxy.js')
+const Errors = require('./errors.js')
+const { Agent: AgentBase } = require('agent-base')
+
+module.exports = class Agent extends AgentBase {
+  #options
+  #timeouts
+  #proxy
+  #noProxy
+  #ProxyAgent
+
+  constructor (options = {}) {
+    const { timeouts, proxy, noProxy, ...normalizedOptions } = normalizeOptions(options)
+
+    super(normalizedOptions)
+
+    this.#options = normalizedOptions
+    this.#timeouts = timeouts
+
+    if (proxy) {
+      this.#proxy = new URL(proxy)
+      this.#noProxy = noProxy
+      this.#ProxyAgent = getProxyAgent(proxy)
+    }
+  }
+
+  get proxy () {
+    return this.#proxy ? { url: this.#proxy } : {}
+  }
+
+  #getProxy (options) {
+    if (!this.#proxy) {
+      return
+    }
+
+    const proxy = getProxy(`${options.protocol}//${options.host}:${options.port}`, {
+      proxy: this.#proxy,
+      noProxy: this.#noProxy,
+    })
+
+    if (!proxy) {
+      return
+    }
+
+    const cacheKey = cacheOptions({
+      ...options,
+      ...this.#options,
+      timeouts: this.#timeouts,
+      proxy,
+    })
+
+    if (proxyCache.has(cacheKey)) {
+      return proxyCache.get(cacheKey)
+    }
+
+    let ProxyAgent = this.#ProxyAgent
+    if (Array.isArray(ProxyAgent)) {
+      ProxyAgent = this.isSecureEndpoint(options) ? ProxyAgent[1] : ProxyAgent[0]
+    }
+
+    const proxyAgent = new ProxyAgent(proxy, {
+      ...this.#options,
+      socketOptions: { family: this.#options.family },
+    })
+    proxyCache.set(cacheKey, proxyAgent)
+
+    return proxyAgent
+  }
+
+  // takes an array of promises and races them against the connection timeout
+  // which will throw the necessary error if it is hit. This will return the
+  // result of the promise race.
+  async #timeoutConnection ({ promises, options, timeout }, ac = new AbortController()) {
+    if (timeout) {
+      const connectionTimeout = timers.setTimeout(timeout, null, { signal: ac.signal })
+        .then(() => {
+          throw new Errors.ConnectionTimeoutError(`${options.host}:${options.port}`)
+        }).catch((err) => {
+          if (err.name === 'AbortError') {
+            return
+          }
+          throw err
+        })
+      promises.push(connectionTimeout)
+    }
+
+    let result
+    try {
+      result = await Promise.race(promises)
+      ac.abort()
+    } catch (err) {
+      ac.abort()
+      throw err
+    }
+    return result
+  }
+
+  async connect (request, options) {
+    // if the connection does not have its own lookup function
+    // set, then use the one from our options
+    options.lookup ??= this.#options.lookup
+
+    let socket
+    let timeout = this.#timeouts.connection
+    const isSecureEndpoint = this.isSecureEndpoint(options)
+
+    const proxy = this.#getProxy(options)
+    if (proxy) {
+      // some of the proxies will wait for the socket to fully connect before
+      // returning so we have to await this while also racing it against the
+      // connection timeout.
+      const start = Date.now()
+      socket = await this.#timeoutConnection({
+        options,
+        timeout,
+        promises: [proxy.connect(request, options)],
+      })
+      // see how much time proxy.connect took and subtract it from
+      // the timeout
+      if (timeout) {
+        timeout = timeout - (Date.now() - start)
+      }
+    } else {
+      socket = (isSecureEndpoint ? tls : net).connect(options)
+    }
+
+    socket.setKeepAlive(this.keepAlive, this.keepAliveMsecs)
+    socket.setNoDelay(this.keepAlive)
+
+    const abortController = new AbortController()
+    const { signal } = abortController
+
+    const connectPromise = socket[isSecureEndpoint ? 'secureConnecting' : 'connecting']
+      ? once(socket, isSecureEndpoint ? 'secureConnect' : 'connect', { signal })
+      : Promise.resolve()
+
+    await this.#timeoutConnection({
+      options,
+      timeout,
+      promises: [
+        connectPromise,
+        once(socket, 'error', { signal }).then((err) => {
+          throw err[0]
+        }),
+      ],
+    }, abortController)
+
+    if (this.#timeouts.idle) {
+      socket.setTimeout(this.#timeouts.idle, () => {
+        socket.destroy(new Errors.IdleTimeoutError(`${options.host}:${options.port}`))
+      })
+    }
+
+    return socket
+  }
+
+  addRequest (request, options) {
+    const proxy = this.#getProxy(options)
+    // it would be better to call proxy.addRequest here but this causes the
+    // http-proxy-agent to call its super.addRequest which causes the request
+    // to be added to the agent twice. since we only support 3 agents
+    // currently (see the required agents in proxy.js) we have manually
+    // checked that the only public methods we need to call are called in the
+    // next block. this could change in the future and presumably we would get
+    // failing tests until we have properly called the necessary methods on
+    // each of our proxy agents
+    if (proxy?.setRequestProps) {
+      proxy.setRequestProps(request, options)
+    }
+
+    request.setHeader('connection', this.keepAlive ? 'keep-alive' : 'close')
+
+    if (this.#timeouts.response) {
+      let responseTimeout
+      request.once('finish', () => {
+        setTimeout(() => {
+          request.destroy(new Errors.ResponseTimeoutError(request, this.#proxy))
+        }, this.#timeouts.response)
+      })
+      request.once('response', () => {
+        clearTimeout(responseTimeout)
+      })
+    }
+
+    if (this.#timeouts.transfer) {
+      let transferTimeout
+      request.once('response', (res) => {
+        setTimeout(() => {
+          res.destroy(new Errors.TransferTimeoutError(request, this.#proxy))
+        }, this.#timeouts.transfer)
+        res.once('close', () => {
+          clearTimeout(transferTimeout)
+        })
+      })
+    }
+
+    return super.addRequest(request, options)
+  }
+}

package/node_modules/@npmcli/agent/lib/dns.js

@@ -0,0 +1,53 @@
+'use strict'
+
+const { LRUCache } = require('lru-cache')
+const dns = require('dns')
+
+// this is a factory so that each request can have its own opts (i.e. ttl)
+// while still sharing the cache across all requests
+const cache = new LRUCache({ max: 50 })
+
+const getOptions = ({
+  family = 0,
+  hints = dns.ADDRCONFIG,
+  all = false,
+  verbatim = undefined,
+  ttl = 5 * 60 * 1000,
+  lookup = dns.lookup,
+}) => ({
+  // hints and lookup are returned since both are top level properties to (net|tls).connect
+  hints,
+  lookup: (hostname, ...args) => {
+    const callback = args.pop() // callback is always last arg
+    const lookupOptions = args[0] ?? {}
+
+    const options = {
+      family,
+      hints,
+      all,
+      verbatim,
+      ...(typeof lookupOptions === 'number' ? { family: lookupOptions } : lookupOptions),
+    }
+
+    const key = JSON.stringify({ hostname, ...options })
+
+    if (cache.has(key)) {
+      const cached = cache.get(key)
+      return process.nextTick(callback, null, ...cached)
+    }
+
+    lookup(hostname, options, (err, ...result) => {
+      if (err) {
+        return callback(err)
+      }
+
+      cache.set(key, result, { ttl })
+      return callback(null, ...result)
+    })
+  },
+})
+
+module.exports = {
+  cache,
+  getOptions,
+}

package/node_modules/@npmcli/agent/lib/errors.js

@@ -0,0 +1,61 @@
+'use strict'
+
+class InvalidProxyProtocolError extends Error {
+  constructor (url) {
+    super(`Invalid protocol \`${url.protocol}\` connecting to proxy \`${url.host}\``)
+    this.code = 'EINVALIDPROXY'
+    this.proxy = url
+  }
+}
+
+class ConnectionTimeoutError extends Error {
+  constructor (host) {
+    super(`Timeout connecting to host \`${host}\``)
+    this.code = 'ECONNECTIONTIMEOUT'
+    this.host = host
+  }
+}
+
+class IdleTimeoutError extends Error {
+  constructor (host) {
+    super(`Idle timeout reached for host \`${host}\``)
+    this.code = 'EIDLETIMEOUT'
+    this.host = host
+  }
+}
+
+class ResponseTimeoutError extends Error {
+  constructor (request, proxy) {
+    let msg = 'Response timeout '
+    if (proxy) {
+      msg += `from proxy \`${proxy.host}\` `
+    }
+    msg += `connecting to host \`${request.host}\``
+    super(msg)
+    this.code = 'ERESPONSETIMEOUT'
+    this.proxy = proxy
+    this.request = request
+  }
+}
+
+class TransferTimeoutError extends Error {
+  constructor (request, proxy) {
+    let msg = 'Transfer timeout '
+    if (proxy) {
+      msg += `from proxy \`${proxy.host}\` `
+    }
+    msg += `for \`${request.host}\``
+    super(msg)
+    this.code = 'ETRANSFERTIMEOUT'
+    this.proxy = proxy
+    this.request = request
+  }
+}
+
+module.exports = {
+  InvalidProxyProtocolError,
+  ConnectionTimeoutError,
+  IdleTimeoutError,
+  ResponseTimeoutError,
+  TransferTimeoutError,
+}

package/node_modules/@npmcli/agent/lib/index.js

@@ -0,0 +1,56 @@
+'use strict'
+
+const { LRUCache } = require('lru-cache')
+const { normalizeOptions, cacheOptions } = require('./options')
+const { getProxy, proxyCache } = require('./proxy.js')
+const dns = require('./dns.js')
+const Agent = require('./agents.js')
+
+const agentCache = new LRUCache({ max: 20 })
+
+const getAgent = (url, { agent, proxy, noProxy, ...options } = {}) => {
+  // false has meaning so this can't be a simple truthiness check
+  if (agent != null) {
+    return agent
+  }
+
+  url = new URL(url)
+
+  const proxyForUrl = getProxy(url, { proxy, noProxy })
+  const normalizedOptions = {
+    ...normalizeOptions(options),
+    proxy: proxyForUrl,
+  }
+
+  const cacheKey = cacheOptions({
+    ...normalizedOptions,
+    secureEndpoint: url.protocol === 'https:',
+  })
+
+  if (agentCache.has(cacheKey)) {
+    return agentCache.get(cacheKey)
+  }
+
+  const newAgent = new Agent(normalizedOptions)
+  agentCache.set(cacheKey, newAgent)
+
+  return newAgent
+}
+
+module.exports = {
+  getAgent,
+  Agent,
+  // these are exported for backwards compatability
+  HttpAgent: Agent,
+  HttpsAgent: Agent,
+  cache: {
+    proxy: proxyCache,
+    agent: agentCache,
+    dns: dns.cache,
+    clear: () => {
+      proxyCache.clear()
+      agentCache.clear()
+      dns.cache.clear()
+    },
+  },
+}

package/node_modules/@npmcli/agent/lib/options.js

@@ -0,0 +1,86 @@
+'use strict'
+
+const dns = require('./dns')
+
+const normalizeOptions = (opts) => {
+  const family = parseInt(opts.family ?? '0', 10)
+  const keepAlive = opts.keepAlive ?? true
+
+  const normalized = {
+    // nodejs http agent options. these are all the defaults
+    // but kept here to increase the likelihood of cache hits
+    // https://nodejs.org/api/http.html#new-agentoptions
+    keepAliveMsecs: keepAlive ? 1000 : undefined,
+    maxSockets: opts.maxSockets ?? 15,
+    maxTotalSockets: Infinity,
+    maxFreeSockets: keepAlive ? 256 : undefined,
+    scheduling: 'fifo',
+    // then spread the rest of the options
+    ...opts,
+    // we already set these to their defaults that we want
+    family,
+    keepAlive,
+    // our custom timeout options
+    timeouts: {
+      // the standard timeout option is mapped to our idle timeout
+      // and then deleted below
+      idle: opts.timeout ?? 0,
+      connection: 0,
+      response: 0,
+      transfer: 0,
+      ...opts.timeouts,
+    },
+    // get the dns options that go at the top level of socket connection
+    ...dns.getOptions({ family, ...opts.dns }),
+  }
+
+  // remove timeout since we already used it to set our own idle timeout
+  delete normalized.timeout
+
+  return normalized
+}
+
+const createKey = (obj) => {
+  let key = ''
+  const sorted = Object.entries(obj).sort((a, b) => a[0] - b[0])
+  for (let [k, v] of sorted) {
+    if (v == null) {
+      v = 'null'
+    } else if (v instanceof URL) {
+      v = v.toString()
+    } else if (typeof v === 'object') {
+      v = createKey(v)
+    }
+    key += `${k}:${v}:`
+  }
+  return key
+}
+
+const cacheOptions = ({ secureEndpoint, ...options }) => createKey({
+  secureEndpoint: !!secureEndpoint,
+  // socket connect options
+  family: options.family,
+  hints: options.hints,
+  localAddress: options.localAddress,
+  // tls specific connect options
+  strictSsl: secureEndpoint ? !!options.rejectUnauthorized : false,
+  ca: secureEndpoint ? options.ca : null,
+  cert: secureEndpoint ? options.cert : null,
+  key: secureEndpoint ? options.key : null,
+  // http agent options
+  keepAlive: options.keepAlive,
+  keepAliveMsecs: options.keepAliveMsecs,
+  maxSockets: options.maxSockets,
+  maxTotalSockets: options.maxTotalSockets,
+  maxFreeSockets: options.maxFreeSockets,
+  scheduling: options.scheduling,
+  // timeout options
+  timeouts: options.timeouts,
+  // proxy
+  proxy: options.proxy,
+})
+
+module.exports = {
+  normalizeOptions,
+  cacheOptions,
+}

package/node_modules/@npmcli/agent/lib/proxy.js

@@ -0,0 +1,88 @@
+'use strict'
+
+const { HttpProxyAgent } = require('http-proxy-agent')
+const { HttpsProxyAgent } = require('https-proxy-agent')
+const { SocksProxyAgent } = require('socks-proxy-agent')
+const { LRUCache } = require('lru-cache')
+const { InvalidProxyProtocolError } = require('./errors.js')
+
+const PROXY_CACHE = new LRUCache({ max: 20 })
+
+const SOCKS_PROTOCOLS = new Set(SocksProxyAgent.protocols)
+
+const PROXY_ENV_KEYS = new Set(['https_proxy', 'http_proxy', 'proxy', 'no_proxy'])
+
+const PROXY_ENV = Object.entries(process.env).reduce((acc, [key, value]) => {
+  key = key.toLowerCase()
+  if (PROXY_ENV_KEYS.has(key)) {
+    acc[key] = value
+  }
+  return acc
+}, {})
+
+const getProxyAgent = (url) => {
+  url = new URL(url)
+
+  const protocol = url.protocol.slice(0, -1)
+  if (SOCKS_PROTOCOLS.has(protocol)) {
+    return SocksProxyAgent
+  }
+  if (protocol === 'https' || protocol === 'http') {
+    return [HttpProxyAgent, HttpsProxyAgent]
+  }
+
+  throw new InvalidProxyProtocolError(url)
+}
+
+const isNoProxy = (url, noProxy) => {
+  if (typeof noProxy === 'string') {
+    noProxy = noProxy.split(',').map((p) => p.trim()).filter(Boolean)
+  }
+
+  if (!noProxy || !noProxy.length) {
+    return false
+  }
+
+  const hostSegments = url.hostname.split('.').reverse()
+
+  return noProxy.some((no) => {
+    const noSegments = no.split('.').filter(Boolean).reverse()
+    if (!noSegments.length) {
+      return false
+    }
+
+    for (let i = 0; i < noSegments.length; i++) {
+      if (hostSegments[i] !== noSegments[i]) {
+        return false
+      }
+    }
+
+    return true
+  })
+}
+
+const getProxy = (url, { proxy, noProxy }) => {
+  url = new URL(url)
+
+  if (!proxy) {
+    proxy = url.protocol === 'https:'
+      ? PROXY_ENV.https_proxy
+      : PROXY_ENV.https_proxy || PROXY_ENV.http_proxy || PROXY_ENV.proxy
+  }
+
+  if (!noProxy) {
+    noProxy = PROXY_ENV.no_proxy
+  }
+
+  if (!proxy || isNoProxy(url, noProxy)) {
+    return null
+  }
+
+  return new URL(proxy)
+}
+
+module.exports = {
+  getProxyAgent,
+  getProxy,
+  proxyCache: PROXY_CACHE,
+}