Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
return limit(async () => {
// TODO: the http://unix: should be also supported by the fetcher
// but it fails with node-fetch-unix as of v2.3.0
if (url.startsWith('http://unix:')) {
url = url.replace('http://unix:', 'unix:')
}
const response = await fetch(url, {
body: JSON.stringify(body),
headers: { 'Content-Type': 'application/json' },
method: 'POST',
retry: {
retries: 100,
},
})
if (!response.ok) {
throw await response.json()
}
const json = await response.json()
if (json.error) {
throw json.error
}
return json as T
})
} catch (e) {
// ignore
}
}
if (!fetchSpec) {
const httpsUrl = hosted.https({ noGitPlus: true, noCommittish: true })
if (httpsUrl) {
try {
// when git ls-remote private repo, it asks for login credentials.
// use HTTP HEAD request to test whether this is a private repo, to avoid login prompt.
// this is very similar to yarn's behaviour.
// npm instead tries git ls-remote directly which prompts user for login credentials.
// HTTP HEAD on https://domain/user/repo, strip out ".git"
const response = await fetch(httpsUrl.substr(0, httpsUrl.length - 4), { method: 'HEAD', follow: 0 })
if (response.ok) {
fetchSpec = httpsUrl
}
} catch (e) {
// ignore
}
}
}
if (!fetchSpec) {
// use ssh url for likely private repo
fetchSpec = hosted.sshurl({ noCommittish: true })
}
return {
fetchSpec: fetchSpec!,