ldy26098
/
BMAD-METHOD
mirror of https://github.com/bmad-code-org/BMAD-METHOD.git
1
0
Fork 0
Code Packages Projects Releases Wiki Activity

fix: addressed PR comments

This commit is contained in:
murat 2026-04-24 05:23:27 -05:00
parent b255d9db07
commit 8a44cba042
1 changed files with 38 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
tools/installer/core/manifest.js
View File

@ -1,9 +1,20 @@
const path = require('node:path'); const path = require('node:path');
const https = require('node:https');
const { execFile } = require('node:child_process');
const { promisify } = require('node:util');
const fs = require('../fs-native'); const fs = require('../fs-native');
const crypto = require('node:crypto'); const crypto = require('node:crypto');
const { resolveModuleVersion } = require('../modules/version-resolver'); const { resolveModuleVersion } = require('../modules/version-resolver');
const prompts = require('../prompts'); const prompts = require('../prompts');
const execFileAsync = promisify(execFile);
const NPM_LOOKUP_TIMEOUT_MS = 10_000;
const NPM_PACKAGE_NAME_PATTERN = /^(?:@[a-z0-9][a-z0-9._~-]*\/)?[a-z0-9][a-z0-9._~-]*$/;
function isValidNpmPackageName(packageName) {
return typeof packageName === 'string' && NPM_PACKAGE_NAME_PATTERN.test(packageName);
}
class Manifest { class Manifest {
/** /**
* Create a new manifest * Create a new manifest
@ -362,23 +373,22 @@ class Manifest {
* @returns {string|null} Latest version or null * @returns {string|null} Latest version or null
*/ */
async fetchNpmVersion(packageName) { async fetchNpmVersion(packageName) {
try { if (!isValidNpmPackageName(packageName)) {
const https = require('node:https'); return null;
const { execSync } = require('node:child_process'); }
try {
// Try using npm view first (more reliable) // Try using npm view first (more reliable)
try { try {
const result = execSync(`npm view ${packageName} version`, { const { stdout } = await execFileAsync('npm', ['view', packageName, 'version'], {
encoding: 'utf8', encoding: 'utf8',
stdio: 'pipe', timeout: NPM_LOOKUP_TIMEOUT_MS,
timeout: 10_000,
}); });
return result.trim(); return stdout.trim();
} catch { } catch {
// Fallback to npm registry API // Fallback to npm registry API
return new Promise((resolve, reject) => { return new Promise((resolve) => {
https const request = https.get(`https://registry.npmjs.org/${encodeURIComponent(packageName)}`, (res) => {
.get(`https://registry.npmjs.org/${packageName}`, (res) => {
let data = ''; let data = '';
res.on('data', (chunk) => (data += chunk)); res.on('data', (chunk) => (data += chunk));
res.on('end', () => { res.on('end', () => {
@ -389,8 +399,14 @@ class Manifest {
resolve(null); resolve(null);
} }
}); });
}) });
.on('error', () => resolve(null));
request.setTimeout(NPM_LOOKUP_TIMEOUT_MS, () => {
request.destroy();
resolve(null);
});
request.on('error', () => resolve(null));
}); });
} }
} catch { } catch {