From 2a1bd660bd15f19da8cea50ef7449723ac55bdc5 Mon Sep 17 00:00:00 2001 From: Marco Ippolito Date: Sun, 5 Nov 2023 10:43:08 +0100 Subject: [PATCH] tools: improve update acorn-walk script PR-URL: https://github.com/nodejs/node/pull/50473 Refs: https://github.com/nodejs/security-wg/issues/1037 Reviewed-By: Luigi Pinca Reviewed-By: Paolo Insogna --- tools/dep_updaters/update-acorn-walk.sh | 19 ++++----- tools/dep_updaters/update-acorn.sh | 56 +++++++++++++++++-------- 2 files changed, 47 insertions(+), 28 deletions(-) diff --git a/tools/dep_updaters/update-acorn-walk.sh b/tools/dep_updaters/update-acorn-walk.sh index 33aa76abe24070..844380305d0fe3 100755 --- a/tools/dep_updaters/update-acorn-walk.sh +++ b/tools/dep_updaters/update-acorn-walk.sh @@ -17,7 +17,7 @@ DEPS_DIR="$BASE_DIR/deps" . "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION=$("$NODE" "$NPM" view acorn-walk dist-tags.latest) -CURRENT_VERSION=$("$NODE" -p "require('./deps/acorn/acorn-walk/package.json').version") +CURRENT_VERSION=$("$NODE" "$NPM" --prefix './deps/acorn/acorn-walk/' pkg get version) # This function exit with 0 if new version and current version are the same compare_dependency_version "acorn-walk" "$NEW_VERSION" "$CURRENT_VERSION" @@ -40,11 +40,9 @@ cd "$WORKSPACE" echo "Fetching acorn-walk source archive..." -DIST_URL=$(curl -sL "https://registry.npmjs.org/acorn-walk/$NEW_VERSION" | perl -n -e '/"dist".*?"tarball":"(.*?)"/ && print $1') +"$NODE" "$NPM" pack "acorn-walk@$NEW_VERSION" -ACORN_WALK_TGZ="acorn-walk.tgz" - -curl -sL -o "$ACORN_WALK_TGZ" "$DIST_URL" +ACORN_WALK_TGZ="acorn-walk-$NEW_VERSION.tgz" log_and_verify_sha256sum "acorn-walk" "$ACORN_WALK_TGZ" @@ -52,9 +50,7 @@ rm -r "$DEPS_DIR/acorn/acorn-walk"/* tar -xf "$ACORN_WALK_TGZ" -mv "$WORKSPACE/package"/* "$DEPS_DIR/acorn/acorn-walk" - -rm "$ACORN_WALK_TGZ" +mv package/* "$DEPS_DIR/acorn/acorn-walk" echo "All done!" echo "" @@ -64,6 +60,7 @@ echo "$ git add -A deps/acorn-walk" echo "$ git commit -m \"deps: update acorn-walk to $NEW_VERSION\"" echo "" -# The last line of the script should always print the new version, -# as we need to add it to $GITHUB_ENV variable. -echo "NEW_VERSION=$NEW_VERSION" +# Update the version number on maintaining-dependencies.md +# and print the new version as the last line of the script as we need +# to add it to $GITHUB_ENV variable +finalize_version_update "acorn-walk" "$NEW_VERSION" diff --git a/tools/dep_updaters/update-acorn.sh b/tools/dep_updaters/update-acorn.sh index 53d85156653d9c..6c0f54a5447100 100755 --- a/tools/dep_updaters/update-acorn.sh +++ b/tools/dep_updaters/update-acorn.sh @@ -7,36 +7,53 @@ set -ex -ROOT=$(cd "$(dirname "$0")/../.." && pwd) -[ -z "$NODE" ] && NODE="$ROOT/out/Release/node" +BASE_DIR=$(cd "$(dirname "$0")/../.." && pwd) +[ -z "$NODE" ] && NODE="$BASE_DIR/out/Release/node" [ -x "$NODE" ] || NODE=$(command -v node) -NPM="$ROOT/deps/npm/bin/npm-cli.js" +NPM="$BASE_DIR/deps/npm/bin/npm-cli.js" +DEPS_DIR="$BASE_DIR/deps" # shellcheck disable=SC1091 -. "$ROOT/tools/dep_updaters/utils.sh" +. "$BASE_DIR/tools/dep_updaters/utils.sh" NEW_VERSION=$("$NODE" "$NPM" view acorn dist-tags.latest) -CURRENT_VERSION=$("$NODE" -p "require('./deps/acorn/acorn/package.json').version") +CURRENT_VERSION=$("$NODE" "$NPM" --prefix './deps/acorn/acorn/' pkg get version) # This function exit with 0 if new version and current version are the same compare_dependency_version "acorn" "$NEW_VERSION" "$CURRENT_VERSION" cd "$( dirname "$0" )/../.." || exit -rm -rf deps/acorn/acorn +echo "Making temporary workspace..." -( - rm -rf acorn-tmp - mkdir acorn-tmp - cd acorn-tmp || exit +WORKSPACE=$(mktemp -d 2> /dev/null || mktemp -d -t 'tmp') - "$NODE" "$NPM" init --yes +cleanup () { + EXIT_CODE=$? + [ -d "$WORKSPACE" ] && rm -rf "$WORKSPACE" + exit $EXIT_CODE +} - "$NODE" "$NPM" install --global-style --no-bin-links --ignore-scripts "acorn@$NEW_VERSION" -) +trap cleanup INT TERM EXIT + +cd "$WORKSPACE" + +echo "Fetching acorn source archive..." + +"$NODE" "$NPM" pack "acorn@$NEW_VERSION" + +ACORN_TGZ="acorn-$NEW_VERSION.tgz" + +log_and_verify_sha256sum "acorn" "$ACORN_TGZ" + +rm -r "$DEPS_DIR/acorn/acorn"/* + +tar -xf "$ACORN_TGZ" + +mv package/* "$DEPS_DIR/acorn/acorn" # update version information in src/acorn_version.h -cat > "$ROOT/src/acorn_version.h" < "$BASE_DIR/src/acorn_version.h" < "$ROOT/src/acorn_version.h" <