diff options
Diffstat (limited to 'deps/node/deps/npm/test/tap/legacy-no-auth-leak.js')
-rw-r--r-- | deps/node/deps/npm/test/tap/legacy-no-auth-leak.js | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/deps/node/deps/npm/test/tap/legacy-no-auth-leak.js b/deps/node/deps/npm/test/tap/legacy-no-auth-leak.js new file mode 100644 index 00000000..f8372392 --- /dev/null +++ b/deps/node/deps/npm/test/tap/legacy-no-auth-leak.js @@ -0,0 +1,75 @@ +'use strict' +var test = require('tap').test +var common = require('../common-tap.js') +var path = require('path') +var basepath = path.resolve(__dirname, path.basename(__filename, '.js')) +var Tacks = require('tacks') +var File = Tacks.File +var Dir = Tacks.Dir + +var fixture = new Tacks( + Dir({ + README: File( + 'just an npm test\n' + ), + 'package.json': File({ + name: 'npm-test-no-auth-leak', + version: '0.0.0', + scripts: { + test: 'node test.js' + } + }), + '.npmrc': File( + 'auth=abc', + 'authCrypt=def', + 'password=xyz', + '//registry.npmjs.org/:_authToken=nopenope' + ), + 'test.js': File( + 'var authTokenKeys = Object.keys(process.env)\n' + + ' .filter(function (key) { return /authToken/.test(key) })\n' + + 'console.log(JSON.stringify({\n' + + ' password: process.env.npm_config__password || null,\n' + + ' auth: process.env.npm_config__auth || null,\n' + + ' authCrypt: process.env.npm_config__authCrypt || null ,\n' + + ' authToken: authTokenKeys && process.env[authTokenKeys[0]] || null\n' + + '}))' + ) + }) +) + +test('setup', function (t) { + setup() + t.done() +}) + +test('no-auth-leak', function (t) { + common.npm(['test'], {cwd: basepath}, function (err, code, stdout, stderr) { + if (err) throw err + t.is(code, 0, 'test ran ok') + if (stderr) console.log(stderr) + var matchResult = /^[^{]*(\{(?:.|\n)*\})[^}]*$/ + t.like(stdout, matchResult, 'got results with a JSON chunk in them') + var stripped = stdout.replace(matchResult, '$1') + var result = JSON.parse(stripped) + t.is(result.password, null, 'password') + t.is(result.auth, null, 'auth') + t.is(result.authCrypt, null, 'authCrypt') + t.is(result.authToken, null, 'authToken') + t.end() + }) +}) + +test('cleanup', function (t) { + cleanup() + t.done() +}) + +function setup () { + cleanup() + fixture.create(basepath) +} + +function cleanup () { + fixture.remove(basepath) +} |