chore: update versions (6-next) (#3511)

moved to another repository

.changeset/brave-seahorses-press.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+fix: markdown ul and img styles

.changeset/dry-planes-tap.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': major
 '@verdaccio/cli': major
 '@verdaccio/config': major
-'@verdaccio/commons-api': major
 '@verdaccio/core': major
 '@verdaccio/local-storage': major
 '@verdaccio/server-fastify': major
@@ -19,7 +18,6 @@
 '@verdaccio/server': major
 '@verdaccio/store': major
 '@verdaccio/eslint-config': major
-'@verdaccio/dev-types': major
 '@verdaccio/utils': major
 'verdaccio': major
 '@verdaccio/web': major

.changeset/eleven-spoons-matter.md

@@ -27,7 +27,6 @@
 '@verdaccio/server': major
 '@verdaccio/cli-standalone': major
 '@verdaccio/store': major
-'@verdaccio/dev-types': major
 '@verdaccio/utils': major
 'verdaccio': major
 '@verdaccio/web': major

.changeset/famous-bikes-kneel.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+chore: improve info regarding using private registries

.changeset/few-cooks-destroy.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': major
 '@verdaccio/cli': major
 '@verdaccio/config': major
-'@verdaccio/commons-api': major
 '@verdaccio/file-locking': major
 'verdaccio-htpasswd': major
 '@verdaccio/local-storage': major
@@ -25,7 +24,6 @@
 '@verdaccio/proxy': major
 '@verdaccio/server': major
 '@verdaccio/store': major
-'@verdaccio/dev-types': major
 '@verdaccio/utils': major
 'verdaccio': major
 '@verdaccio/web': major

.changeset/four-ways-try.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': minor
+---
+
+feat: upgrade to react 18

.changeset/gentle-trains-switch.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': major
 '@verdaccio/cli': major
 '@verdaccio/config': major
-'@verdaccio/commons-api': major
 '@verdaccio/file-locking': major
 'verdaccio-htpasswd': major
 '@verdaccio/local-storage': major
@@ -19,7 +18,6 @@
 '@verdaccio/proxy': major
 '@verdaccio/server': major
 '@verdaccio/store': major
-'@verdaccio/dev-types': major
 '@verdaccio/utils': major
 'verdaccio': major
 '@verdaccio/web': major

.changeset/hip-hounds-destroy.md

@@ -6,7 +6,6 @@
 '@verdaccio/auth': patch
 '@verdaccio/cli': patch
 '@verdaccio/config': patch
-'@verdaccio/commons-api': patch
 '@verdaccio/file-locking': patch
 'verdaccio-htpasswd': patch
 '@verdaccio/readme': patch
@@ -26,7 +25,6 @@
 'verdaccio-memory': patch
 '@verdaccio/proxy': patch
 '@verdaccio/store': patch
-'@verdaccio/dev-types': patch
 '@verdaccio/utils': patch
 'verdaccio': patch
 '@verdaccio/web': patch

.changeset/light-pumas-brake.md

@@ -0,0 +1,7 @@
+---
+'@verdaccio/ui-theme': minor
+'@verdaccio/server-fastify': minor
+'@verdaccio/web': minor
+---
+
+feat: parse and sanitize on ui

.changeset/neat-toes-report.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': minor
 '@verdaccio/cli': minor
 '@verdaccio/config': minor
-'@verdaccio/commons-api': minor
 '@verdaccio/file-locking': minor
 'verdaccio-htpasswd': minor
 '@verdaccio/local-storage': minor
@@ -26,7 +25,6 @@
 '@verdaccio/proxy': minor
 '@verdaccio/server': minor
 '@verdaccio/store': minor
-'@verdaccio/dev-types': minor
 '@verdaccio/utils': minor
 'verdaccio': minor
 '@verdaccio/web': minor

.changeset/plenty-spiders-melt.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': minor
 '@verdaccio/cli': minor
 '@verdaccio/config': minor
-'@verdaccio/commons-api': minor
 '@verdaccio/file-locking': minor
 'verdaccio-htpasswd': minor
 '@verdaccio/local-storage': minor
@@ -19,7 +18,6 @@
 '@verdaccio/proxy': minor
 '@verdaccio/server': minor
 '@verdaccio/store': minor
-'@verdaccio/dev-types': minor
 '@verdaccio/utils': minor
 'verdaccio': minor
 '@verdaccio/web': minor

.changeset/pre.json

@@ -9,7 +9,6 @@
     "@verdaccio/file-locking": "11.0.0-alpha.0",
     "verdaccio-htpasswd": "11.0.0-alpha.0",
     "@verdaccio/local-storage": "11.0.0-alpha.0",
-    "@verdaccio/readme": "11.0.0-alpha.0",
     "@verdaccio/types": "11.0.0-alpha.0",
     "@verdaccio/hooks": "6.0.0-alpha.0",
     "@verdaccio/loaders": "6.0.0-alpha.0",
@@ -36,7 +35,6 @@
     "@verdaccio/url": "11.0.0-alpha.3",
     "@verdaccio/server-fastify": "6.0.0-6-next.9",
     "@verdaccio/eslint-config": "1.0.0",
-    "@verdaccio/benchmark": "1.0.0",
     "@verdaccio/core": "6.0.0-next.0",
     "@verdaccio/test-helper": "1.0.0",
     "docusaurus-plugin-contributors": "1.0.0",
@@ -54,12 +52,14 @@
     "@verdaccio/local-publish": "0.0.1",
     "@verdaccio/e2e-cli-npm9": "1.0.1-6-next.5",
     "@verdaccio/e2e-ui": "2.0.0-6-next.3",
-    "customprefix-auth": "0.0.1"
+    "customprefix-auth": "0.0.1",
+    "@verdaccio/crowdin-translations": "1.0.0"
   },
   "changesets": [
     "afraid-mice-obey",
     "angry-nails-appear",
     "big-lobsters-sin",
+    "brave-seahorses-press",
     "bright-poems-obey",
     "brown-cycles-laugh",
     "brown-pandas-wink",
@@ -73,10 +73,12 @@
     "eleven-brooms-hunt",
     "eleven-spoons-matter",
     "fair-lemons-beam",
+    "famous-bikes-kneel",
     "famous-tigers-doubt",
     "few-cooks-destroy",
     "few-mangos-grow",
     "fifty-jars-rest",
+    "four-ways-try",
     "fuzzy-drinks-taste",
     "fuzzy-onions-draw",
     "gentle-parrots-lay",
@@ -91,6 +93,7 @@
     "kind-bears-nail",
     "late-adults-love",
     "late-parents-act",
+    "light-pumas-brake",
     "light-walls-begin",
     "little-stingrays-rule",
     "loud-shoes-jog",
@@ -114,12 +117,14 @@
     "proud-jobs-hope",
     "red-chefs-float",
     "red-yaks-sell",
+    "rich-badgers-begin",
     "rich-ghosts-rule",
     "shaggy-carrots-unite",
     "shaggy-parrots-smash",
     "shiny-chefs-heal",
     "shy-ducks-cover",
     "slow-carrots-relate",
+    "slow-snails-sniff",
     "smart-apricots-kneel",
     "smart-beds-cross",
     "smooth-owls-pump",
@@ -132,12 +137,14 @@
     "ten-parents-breathe",
     "tender-bags-call",
     "thick-countries-move",
+    "thick-geese-wash",
     "thick-readers-hang",
     "three-moles-drop",
     "three-pots-sit",
     "tiny-seals-join",
     "tricky-taxis-watch",
     "two-dolls-check",
+    "unlucky-hairs-wonder",
     "wild-jokes-beam",
     "witty-ties-speak"
   ]

.changeset/pretty-hounds-tap.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': patch
 '@verdaccio/cli': patch
 '@verdaccio/config': patch
-'@verdaccio/commons-api': patch
 '@verdaccio/file-locking': patch
 'verdaccio-htpasswd': patch
 '@verdaccio/local-storage': patch
@@ -19,7 +18,6 @@
 '@verdaccio/proxy': patch
 '@verdaccio/server': patch
 '@verdaccio/store': patch
-'@verdaccio/dev-types': patch
 '@verdaccio/utils': patch
 'verdaccio': patch
 '@verdaccio/web': patch

.changeset/rich-badgers-begin.md

@@ -0,0 +1,9 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/url': minor
+'@verdaccio/store': minor
+'@verdaccio/test-helper': minor
+'verdaccio': minor
+---
+
+refactor: npm star command support reimplemented

.changeset/rich-ghosts-rule.md

@@ -1,7 +1,6 @@
 ---
 '@verdaccio/types': major
 '@verdaccio/ui-theme': major
-'@verdaccio/dev-types': major
 '@verdaccio/web': major
 '@verdaccio/e2e-ui': major
 ---

.changeset/slow-snails-sniff.md

@@ -0,0 +1,7 @@
+---
+'@verdaccio/api': patch
+'@verdaccio/ui-theme': patch
+'@verdaccio/web': patch
+---
+
+fix: improve abort request search

.changeset/thick-geese-wash.md

@@ -0,0 +1,21 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/auth': minor
+'@verdaccio/config': minor
+'@verdaccio/core': minor
+'@verdaccio/url': minor
+'@verdaccio/middleware': minor
+'@verdaccio/local-storage': minor
+'@verdaccio/web': minor
+---
+
+chore: move improvements from v5 to v6
+
+Migrate improvements form v5 to v6:
+
+- https://github.com/verdaccio/verdaccio/pull/3158
+- https://github.com/verdaccio/verdaccio/pull/3151
+- https://github.com/verdaccio/verdaccio/pull/2271
+- https://github.com/verdaccio/verdaccio/pull/2787
+- https://github.com/verdaccio/verdaccio/pull/2791
+- https://github.com/verdaccio/verdaccio/pull/2205

.changeset/three-pots-sit.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': patch
 '@verdaccio/cli': patch
 '@verdaccio/config': patch
-'@verdaccio/commons-api': patch
 '@verdaccio/file-locking': patch
 'verdaccio-htpasswd': patch
 '@verdaccio/local-storage': patch
@@ -18,7 +17,6 @@
 '@verdaccio/proxy': patch
 '@verdaccio/server': patch
 '@verdaccio/store': patch
-'@verdaccio/dev-types': patch
 '@verdaccio/utils': patch
 'verdaccio': patch
 ---

.changeset/unlucky-hairs-wonder.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+feat: Display publication time on sidebar

.github/workflows/benchmark.yml

@@ -1,174 +0,0 @@
----
-name: ci - benchmark
-
-on:
-  workflow_dispatch:
-  schedule:
-    # 1 time peer week
-    # collecting enough data to draw some graphics
-    - cron: '0 1 * * 1'
-  # push:
-  #   branches:
-  #     - master
-permissions:
-  contents: read
-
-jobs:
-  prepare: 
-    name: Prepare build
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
-      - uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
-        with:
-          node-version: 16.x
-      - name: install pnpm
-        run: sudo npm i pnpm@latest-6 -g
-      - name: set store
-        run: | 
-          mkdir ~/.pnpm-store
-          pnpm config set store-dir ~/.pnpm-store     
-      - name: setup pnpm config registry
-        run: pnpm config set registry https://registry.verdaccio.org
-      - name: install dependencies
-        run: pnpm install
-      - name: Cache .pnpm-store
-        uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-          restore-keys: |
-            pnpm-              
-      - name: build
-        run: pnpm build
-      - name: tar packages
-        run: |      
-          tar -czvf ${{ github.workspace }}/pkg.tar.gz -C ${{ github.workspace }}/packages .
-      - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # tag=v3
-        with:
-          name: verdaccio-artifact
-          path: pkg.tar.gz
-  benchmark-autocannon:
-    needs: prepare
-    strategy:
-      fail-fast: false
-      matrix:
-        benchmark:
-          - info
-          - tarball
-        verdaccioVersion:
-          # - local
-          - 3.13.1
-          - 4.12.2
-          - 5.10.2
-          - 6.0.0-6-next.40
-    name: Benchmark autocannon
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
-      - uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
-        with:
-          node-version: 16.x
-      - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 # tag=v3
-        with:
-          name: verdaccio-artifact
-      - name: untar packages
-        run: tar -xzvf pkg.tar.gz -C ${{ github.workspace }}/packages          
-      - name: install pnpm
-        # require fixed version
-        run: sudo npm i pnpm@latest-6 -g
-      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}   
-      - name: install dependencies
-        run: pnpm install    
-      - name: start registry
-        run: ./scripts/benchmark-prepare.sh ${{matrix.verdaccioVersion}}        
-      - name: benchmark        
-        run: pnpm benchmark:api -- -v ${{matrix.verdaccioVersion}} -f ${{matrix.benchmark}}       
-        shell: bash
-        env:
-          DEBUG: metrics*
-      - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # tag=v3
-        with:
-          name: verdaccio-metrics-api
-          path: ./api-results-${{matrix.verdaccioVersion}}-${{matrix.benchmark}}.json  
-          if-no-files-found: error
-          retention-days: 10 
-      - name: submit metrics
-        run: pnpm benchmark:submit
-        env:
-          DEBUG: metrics
-          METRICS_SOURCE: autocannon
-          METRICS_URL: ${{ secrets.METRICS_URL }}
-          METRICS_TOKEN: ${{ secrets.METRICS_TOKEN }}
-          METRICS_BENCHMARK: ${{matrix.benchmark}}
-          METRICS_VERSION: ${{matrix.verdaccioVersion}}
-          METRICS_COMMIT_HASH: ${{ github.sha }}
-          METRICS_FILE_NAME: 'api-results'   
-  benchmark:
-    needs: prepare
-    strategy:
-      fail-fast: false
-      matrix:
-        benchmark:
-          - info
-          - tarball
-        verdaccioVersion:
-          # future 6.x (wip)
-          # - local (master branch)
-          # old versions to compare same test along previous releases
-          - 3.13.1
-          - 4.12.2
-          - 5.10.2
-          - 6.0.0-6-next.40
-    name: Benchmark hyperfine
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
-      - uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
-        with:
-          node-version: 16.x
-      - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 # tag=v3
-        with:
-          name: verdaccio-artifact
-      - name: untar packages
-        run: tar -xzvf pkg.tar.gz -C ${{ github.workspace }}/packages          
-      - name: install pnpm
-        # require fixed version
-        run: sudo npm i pnpm@latest-6 -g
-      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}   
-      - name: install dependencies
-        run: pnpm install
-      - name: install hyperfine
-        run: |
-          wget https://github.com/sharkdp/hyperfine/releases/download/v1.11.0/hyperfine_1.11.0_amd64.deb
-          sudo dpkg -i hyperfine_1.11.0_amd64.deb
-      - name: start registry
-        run: ./scripts/benchmark-prepare.sh ${{matrix.verdaccioVersion}}
-      - name: benchmark        
-        run: ./scripts/benchmark-run.sh ${{matrix.benchmark}}
-        # https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#using-a-specific-shell
-        shell: bash
-      - name: rename
-        run: mv ./hyper-results.json ./hyper-results-${{matrix.verdaccioVersion}}-${{matrix.benchmark}}.json
-      - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # tag=v3
-        with:
-          name: verdaccio-metrics
-          path: ./hyper-results-${{matrix.verdaccioVersion}}-${{matrix.benchmark}}.json  
-          if-no-files-found: error
-          retention-days: 10 
-      - name: submit metrics
-        run: pnpm benchmark:submit
-        env:
-          DEBUG: metrics
-          METRICS_SOURCE: hyperfine
-          METRICS_URL: ${{ secrets.METRICS_URL }}
-          METRICS_TOKEN: ${{ secrets.METRICS_TOKEN }}
-          METRICS_BENCHMARK: ${{matrix.benchmark}}
-          METRICS_VERSION: ${{matrix.verdaccioVersion}}
-          METRICS_COMMIT_HASH: ${{ github.sha }}

.github/workflows/changesets.yml

@@ -20,12 +20,12 @@ jobs:
     if: github.ref == 'refs/heads/master' && github.repository == 'verdaccio/verdaccio'
     steps:
       - name: checkout code repository
-        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
         with:
           fetch-depth: 0
 
       - name: setup node.js
-        uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
           node-version: 14
           registry-url: 'https://registry.npmjs.org'
@@ -47,8 +47,7 @@ jobs:
         env:
           NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
       - name: crowdin download
-        env:
-          CROWDIN_VERDACCIO_PROJECT_ID: ${{ secrets.CROWDIN_VERDACCIO_PROJECT_ID }}
+        env:          
           CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
           CONTEXT: production
         run: pnpm crowdin:download       

.github/workflows/ci-windows.yml

@@ -0,0 +1,130 @@
+name: CI windows
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '5 0 * * SUN' 
+permissions:
+  contents: read
+jobs:
+  prepare:
+    runs-on: ubuntu-latest
+    name: setup verdaccio
+    services:
+      verdaccio:
+        image: verdaccio/verdaccio:nightly-master
+        ports:
+          - 4873:4873
+        env:
+          NODE_ENV: production          
+    steps:
+    - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+    - name: Node
+      uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      with:
+        node-version-file: '.nvmrc'
+    - name: Install pnpm
+      run: npm i pnpm@6.32.15 -g
+    - name: set store
+      run: |
+        mkdir ~/.pnpm-store
+        pnpm config set store-dir ~/.pnpm-store
+    - name: Install
+      run: pnpm recursive install --frozen-lockfile --registry http://localhost:4873
+    - name: Cache .pnpm-store
+      uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
+      with:
+        path: ~/.pnpm-store
+        key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+        restore-keys: |
+          pnpm-
+  lint:
+    runs-on: windows-latest
+    name: Lint
+    needs: prepare
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - name: Node
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version-file: '.nvmrc'
+      - name: Install pnpm
+        run: npm i pnpm@6.32.15 -g
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
+        with:
+          path: ~/.pnpm-store
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
+      - name: Lint
+        run: pnpm lint
+  format:
+    runs-on: windows-latest
+    name: Format
+    needs: prepare
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - name: Use Node
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version-file: '.nvmrc'
+      - name: Install pnpm
+        run: npm i pnpm@6.32.15 -g
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
+        with:
+          path: ~/.pnpm-store
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
+      - name: Lint
+        run: pnpm format:check
+  build:
+    needs: [format, lint]
+    strategy:
+      fail-fast: true
+      matrix:
+        os: [windows-latest]
+        node_version: [18]
+    name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
+    runs-on: ${{ matrix.os }}
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - name: Use Node ${{ matrix.node_version }}
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version: ${{ matrix.node_version }}
+      - name: Install pnpm
+        run: npm i pnpm@6.32.15 -g
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
+        with:
+          path: ~/.pnpm-store
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
+      - name: build
+        run: pnpm build
+      - name: Test
+        run: pnpm test
+  ci-e2e-ui:
+    needs: [format, lint]
+    runs-on: windows-latest
+    name: UI Test E2E
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version-file: '.nvmrc'
+      - name: Install pnpm
+        run: npm i pnpm@6.32.15 -g
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
+        with:
+          path: ~/.pnpm-store
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --registry http://localhost:4873
+      - name: build
+        run: pnpm build
+      - name: Test UI
+        run: pnpm test:e2e:ui
+        # env:
+        #  DEBUG: verdaccio:e2e*

.github/workflows/ci.yml

@@ -27,13 +27,15 @@ jobs:
         env:
           NODE_ENV: production          
     steps:
-    - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
+    - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
     - name: Node
-      uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
+      uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
       with:
         node-version-file: '.nvmrc'
     - name: Install pnpm
-      run: npm i pnpm@6.32.15 -g
+      run: |
+        corepack enable
+        corepack prepare --activate pnpm@6.32.15
     - name: set store
       run: |
         mkdir ~/.pnpm-store
@@ -41,7 +43,7 @@ jobs:
     - name: Install
       run: pnpm recursive install --frozen-lockfile --registry http://localhost:4873
     - name: Cache .pnpm-store
-      uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+      uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
       with:
         path: ~/.pnpm-store
         key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
@@ -52,14 +54,16 @@ jobs:
     name: Lint
     needs: prepare
     steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
       - name: Node
-        uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
           node-version-file: '.nvmrc'
       - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+        run: |
+          corepack enable
+          corepack prepare --activate pnpm@6.32.15
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
         with:
           path: ~/.pnpm-store
           key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
@@ -72,14 +76,16 @@ jobs:
     name: Format
     needs: prepare
     steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
       - name: Use Node
-        uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
           node-version-file: '.nvmrc'
       - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+        run: |
+          corepack enable
+          corepack prepare --activate pnpm@6.32.15
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
         with:
           path: ~/.pnpm-store
           key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
@@ -87,7 +93,7 @@ jobs:
         run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
       - name: Lint
         run: pnpm format:check
-  build:
+  test:
     needs: [format, lint]
     strategy:
       fail-fast: true
@@ -97,14 +103,16 @@ jobs:
     name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
       - name: Use Node ${{ matrix.node_version }}
-        uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
           node-version: ${{ matrix.node_version }}
       - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+        run: |
+          corepack enable
+          corepack prepare --activate pnpm@6.32.15
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
         with:
           path: ~/.pnpm-store
           key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
@@ -114,42 +122,21 @@ jobs:
         run: pnpm build
       - name: Test
         run: pnpm test
-  ci-e2e-ui:
-    needs: [format, lint]
-    runs-on: ubuntu-latest
-    name: UI Test E2E
-    steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
-      - uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
-        with:
-          node-version-file: '.nvmrc'
-      - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-      - name: Install
-        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --registry http://localhost:4873
-      - name: build
-        run: pnpm build
-      - name: Test UI
-        run: pnpm test:e2e:ui
-        # env:
-        #  DEBUG: verdaccio:e2e*
   sync-translations:
-    needs: [ci-e2e-ui]
+    needs: [test]
     runs-on: ubuntu-latest
     name: synchronize translations
     if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
     steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
-      - uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
           node-version-file: '.nvmrc'
       - name: Install pnpm
-        run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+        run: |
+          corepack enable
+          corepack prepare --activate pnpm@6.32.15
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
         with:
           path: ~/.pnpm-store
           key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
@@ -162,7 +149,6 @@ jobs:
         run: pnpm write-translations --filter ...@verdaccio/website
       - name: sync
         env:
-          CROWDIN_VERDACCIO_PROJECT_ID: ${{ secrets.CROWDIN_VERDACCIO_PROJECT_ID }}
           CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
           CONTEXT: production
         run: pnpm crowdin:sync

.github/workflows/codeql-analysis.yml

@@ -21,7 +21,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
         with:
           # We must fetch at least the immediate parents so that if this is
           # a pull request then we can checkout the head.
@@ -34,7 +34,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@86f3159a697a097a813ad9bfa0002412d97690a4 # tag=v2
+        uses: github/codeql-action/init@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898 # tag=v2
 
       # Override language selection by uncommenting this and choosing your languages
       # with:
@@ -42,7 +42,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@86f3159a697a097a813ad9bfa0002412d97690a4 # tag=v2
+        uses: github/codeql-action/autobuild@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898 # tag=v2
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
@@ -56,4 +56,4 @@ jobs:
       #   make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@86f3159a697a097a813ad9bfa0002412d97690a4 # tag=v2
+        uses: github/codeql-action/analyze@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898 # tag=v2

.github/workflows/docker-publish.yml

@@ -15,12 +15,16 @@ on:
       - 'master'
     tags:
       - 'v*'
+
+permissions:
+  contents: read  #  to fetch code (actions/checkout)
+
 jobs:
   docker:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
-      - uses: docker/setup-qemu-action@27d0a4f181a40b142cce983c5393082c365d1480 # tag=v1
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # tag=v1
       - uses: docker/setup-buildx-action@v1
         with:
           driver-opts: network=host

.github/workflows/e2e-ci.yml

@@ -15,9 +15,9 @@ jobs:
         env:
           NODE_ENV: production
     steps:
-    - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
+    - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
     - name: Use Node
-      uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
+      uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
       with:
         node-version-file: '.nvmrc'
     - name: Install pnpm
@@ -29,7 +29,7 @@ jobs:
     - name: Install
       run: pnpm recursive install --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
     - name: Cache .pnpm-store
-      uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+      uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
       with:
         path: ~/.pnpm-store
         key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
@@ -39,14 +39,14 @@ jobs:
     needs: [prepare]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
       - name: Use Node 16
-        uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
           node-version-file: '.nvmrc'
       - name: Install pnpm
         run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
         with:
           path: ~/.pnpm-store
           key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
@@ -55,7 +55,7 @@ jobs:
       - name: build
         run: pnpm build
       - name: Cache packages
-        uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+        uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
         id: cache-packages
         with:
           path: ./packages/
@@ -63,7 +63,7 @@ jobs:
           restore-keys: |
             packages-
       # - name: Cache test
-      #   uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+      #   uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
       #   id: cache-test
       #   with:
       #     path: ./e2e/
@@ -79,23 +79,23 @@ jobs:
     name:  ${{ matrix.pkg }} / ${{ matrix.os }}
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
-      - uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
           node-version-file: '.nvmrc'
       - name: Install pnpm
         run: npm i pnpm@6.32.15 -g
-      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
         with:
           path: ~/.pnpm-store
           key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
       - name: Install
         run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
-      - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+      - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
         with:
           path: ./packages/
           key: pkg-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
-      # - uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+      # - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
       #   with:
       #     path: ./e2e/
       #     key: test-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}

.github/workflows/e2e-ui.yml

@@ -0,0 +1,36 @@
+name: E2E UI
+
+on: [pull_request]
+permissions:
+  contents: read
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    name: UI Test E2E
+    services:
+      verdaccio:
+        image: verdaccio/verdaccio:5
+        ports:
+          - 4873:4873
+        env:
+          NODE_ENV: production
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - name: Use Node
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version-file: '.nvmrc'
+      - name: Install pnpm
+        run: |
+         corepack enable
+         corepack prepare --activate pnpm@6.32.15
+      - name: Install
+        run: pnpm install --frozen-lockfile --reporter=silence --registry http://localhost:4873
+      - name: build
+        run: pnpm build
+      - name: Test UI
+        run: pnpm test:e2e:ui
+      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # v3
+        with:
+          name: videos
+          path: /home/runner/work/verdaccio/verdaccio/e2e/ui/cypress/videos

.github/workflows/static-data.yml

@@ -1,5 +1,5 @@
 ---
-name: contributors
+name: static data
 
 on:
   workflow_dispatch:
@@ -10,18 +10,22 @@ on:
   # push:
   #   branches:
   #     - master
+
+permissions:
+  contents: read  #  to fetch code (actions/checkout)
+
 jobs:
   prepare:
     name: Run script
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
         with:
           persist-credentials: false
           fetch-depth: 0
-      - uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
-          node-version: 17.x
+          node-version: 18.x
       - name: install pnpm
         run: sudo npm i pnpm@latest-6 -g
       - name: set store
@@ -32,17 +36,23 @@ jobs:
         run: pnpm config set registry https://registry.verdaccio.org
       - name: install dependencies
         run: pnpm install
+      - name: Build Translations percentage
+        run: pnpm build --filter "@verdaccio/crowdin-translations"
       - name: update contributors
         run: pnpm run contributors
         env:
           TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: update translations
+        run: pnpm run translations
+        env:
+          TOKEN: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}          
       - name: format
         run: pnpm format
       - name: Commit & Push changes
         uses: actions-js/push@a52398fac807b0c1e5f1492c969b477c8560a0ba # tag=v1.3
         with:
           github_token: ${{ secrets.TOKEN_VERDACCIOBOT_GITHUB }}
-          message: "chore: updated contributors list"
+          message: "chore: updated static data"
           branch: master
           author_email: verdaccio.npm@gmail.com
           author_name: verdacciobot

.github/workflows/website.yml

@@ -8,21 +8,30 @@ on:
         - './.github/workflows/website.yml'
   schedule:
     - cron: '0 0 * * *' 
+
+permissions:
+  contents: read  #  to fetch code (actions/checkout)
+
 jobs:
   build:
+    permissions:
+      contents: read  #  to fetch code (actions/checkout)
+      deployments: write
+      pull-requests: write  #  to comment on pull-requests
+
     runs-on: ubuntu-latest
     env:
       NODE_OPTIONS: --max_old_space_size=4096
     steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
 
       - name: Use Node 16
-        uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
           node-version: 16
 
       - name: Cache pnpm modules
-        uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+        uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
         env:
           cache-name: cache-pnpm-modules
         with:
@@ -31,16 +40,18 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-
 
-      - uses: pnpm/action-setup@10693b3829bf86eb2572aef5f3571dcf5ca9287d # tag=v2.2.2
+      - uses: pnpm/action-setup@c3b53f6a16e57305370b4ae5a540c2077a1d50dd # tag=v2.2.4
         with:
           version: 6.32.15
           run_install: |
             - recursive: true
               args: [--frozen-lockfile]
-      - name: Build Plugins
-        run: pnpm build --filter "docusaurus-plugin-contributors"
+      - name: Build 
+        run: pnpm build
+      - name: Build Translations percentage
+        run: pnpm build --filter "@verdaccio/crowdin-translations"
       - name: Cache Docusaurus Build
-        uses: actions/cache@fd5de65bc895cf536527842281bea11763fefd77 # tag=v3
+        uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
         with:
           path: website/node_modules/.cache/webpack
           key: cache/webpack-${{github.ref}}-${{ hashFiles('**/pnpm-lock.yaml') }}
@@ -52,8 +63,8 @@ jobs:
       - name: Build Production
         if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
         env:
-          CROWDIN_VERDACCIO_PROJECT_ID: ${{ secrets.CROWDIN_VERDACCIO_PROJECT_ID }}
           CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
+          SENTRY_KEY: ${{ secrets.SENTRY_KEY }}
           CONTEXT: production
         run: pnpm netlify:build:production --filter ...@verdaccio/website
 
@@ -89,7 +100,7 @@ jobs:
       - name: Audit preview URL with Lighthouse
         if: github.repository == 'verdaccio/verdaccio'
         id: lighthouse_audit
-        uses: treosh/lighthouse-ci-action@b4dfae3eb959c5226e2c5c6afd563d493188bfaf # tag=9.3.0
+        uses: treosh/lighthouse-ci-action@e0fe113967eee84b631d526ed18ce001f35fe9e9 # tag=9.3.1
         with:
           urls: |
             ${{ steps.netlify_preview.outputs.preview-url }}
@@ -98,7 +109,7 @@ jobs:
 
       - name: Format lighthouse score
         id: format_lighthouse_score
-        uses: actions/github-script@c713e510dbd7d213d92d41b7a7805a986f4c5c66 # tag=v6
+        uses: actions/github-script@d556feaca394842dc55e4734bf3bb9f685482fa0 # tag=v6
         with:
           github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
@@ -123,7 +134,7 @@ jobs:
       - name: Add comment to PR
         if: github.repository == 'verdaccio/verdaccio'
         id: comment_to_pr
-        uses: marocchino/sticky-pull-request-comment@39c5b5dc7717447d0cba270cd115037d32d28443 # tag=v2
+        uses: marocchino/sticky-pull-request-comment@fcf6fe9e4a0409cd9316a5011435be0f3327f1e1 # tag=v2
         with:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           number: ${{ github.event.issue.number }}

.gitignore

@@ -49,5 +49,11 @@ api-results*.json
 .clinic/
 
 #docs 
-./api
-**/docs/**
+website/docs/api/**/*.md
+website/docs/api/**/*.yml
+!website/docs/api/index.md
+packages/**/docs
+
+# cypress
+e2e/ui/cypress/videos/**/*
+e2e/ui/cypress/screenshots/**/*

.npmrc

@@ -1,5 +1,4 @@
 always-auth = true
 recursive-install = true
-registry = https://registry.verdaccio.org
 loglevel=info
 fetch-retries="10"

CONTRIBUTING.md

@@ -1,59 +1,33 @@
 # Contributing
 
-> Any change matters, whatever the size, just do it.
+> This guidelines refers to the main (`master`) that host the v6.x, if you want to contribute to `5.x` please read the following [link](https://github.com/verdaccio/verdaccio/blob/5.x/CONTRIBUTING.md).
 
-We're happy that you're considering contributing! To help, we've prepared these
-guidelines for you:
+We're happy that you're considering contributing!
 
-**Table of Contents**
-
-- [Contributing](#contributing)
-  - [How Do I Contribute?](#how-do-i-contribute)
-  - [Development Setup](#development-setup)
-    - [Building the project](#building-the-project)
-    - [Running test](#running-test)
-    - [Running and debugging](#running-and-debugging)
-    - [Debugging compiled code](#debugging-compiled-code)
-  - [Reporting Bugs](#reporting-bugs)
-    - [Read the documentation](#read-the-documentation)
-    - [What's is not considered a bug?](#whats-is-not-considered-a-bug)
-    - [Issue Search](#issue-search)
-    - [Chat](#chat)
-  - [Translations](#translations)
-  - [Request Features](#request-features)
-  - [Contributing Guidelines](#contributing-guidelines)
-    - [Submitting a Pull Request](#submitting-a-pull-request)
-    - [Make Changes and Commit](#make-changes-and-commit)
-      - [Caveats](#caveats)
-      - [Before Commit](#before-commit)
-      - [Commit Guidelines](#commit-guidelines)
-    - [Adding a changeset](#adding-a-changeset)
-    - [Update Tests](#update-tests)
-  - [Develop Plugins](#develop-plugins)
+To help you getting started we've prepared these guidelines for you, any change matter, just do it:
 
 ## How Do I Contribute?
 
 There are many ways to contribute:
 
-- Report a bug
-- Request a feature you think would be great for Verdaccio
-- Fix bugs
-- Test and triage bugs reported by others
-- Work on requested/approved features
-- Improve the codebase (linting, naming, comments, test descriptions, etc...)
+- [Report a bug](#reporting-bugs)
+- [Request a feature you think would be great for Verdaccio](#feature-request)
+- [Fixing bugs](https://github.com/verdaccio/verdaccio/issues?q=is%3Aopen+is%3Aissue+label%3A%22issue%3A+bug%22)
+- [Test and triage bugs reported by others](https://github.com/verdaccio/verdaccio/issues?q=is%3Aopen+is%3Aissue+label%3Aissue_needs_triage)
+- [Working on requested/approved features](https://github.com/verdaccio/verdaccio/issues?q=is%3Aopen+is%3Aissue+label%3A%22topic%3A+feature+request%22+)
+- [Improve the codebase (linting, naming, comments, test descriptions, etc...)](https://github.com/verdaccio/verdaccio/discussions/1461)
+- Improve code coverage for unit testing for every module, [end to end](https://github.com/verdaccio/verdaccio/tree/master/e2e/cli) or [UI test](https://github.com/verdaccio/verdaccio/tree/master/e2e/ui) (with cypress).
 
-The Verdaccio project is split into several areas:
+The Verdaccio project is split into several areas, the first three hosted in the main repository:
 
 - **Core**: The [core](https://github.com/verdaccio/verdaccio) is the main repository, built with **Node.js**.
 - **Website**: we use [**Docusaurus**](https://docusaurus.io/) for the **website** and if you are familiar with this technology, you might become the official webmaster.
 - **User Interface**: The [user Interface](https://github.com/verdaccio/ui) is based in **react** and **material-ui** and looking for front-end contributors.
 - **Kubernetes and Helm**: Ts the official repository for the [**Helm chart**](https://github.com/verdaccio/charts).
 
-> There are other areas to contribute, like documentation, translation which are
-> not hosted on this repo but check the last section of this notes for further
-> information.
+> There are other areas to contribute, like [documentation](https://github.com/verdaccio/verdaccio/tree/master/website/docs) or [translations](#translations}).
 
-## Development Setup
+## Prepare local setup {#local-setup}
 
 Verdaccio uses [pnpm](https://pnpm.io) as the package manager for development in this repository.
 
@@ -144,7 +118,7 @@ To run the application from the source code, ensure the project has been built w
 - `pnpm website`: Build the website, for more commands to run the _website_, run `cd website` and then `pnpm serve`, website will run on port `3000`.
 - `pnpm docker`: Build the docker image. Requires `docker` command available in your system.
 
-#### Debugging compiled code
+#### Debugging compiled code {#debugging-compiled-code}
 
 Currently you can only run pre-compiled packages in debug mode. To enable debug
 while running add the `verdaccio` namespace using the `DEBUG` environment
@@ -164,13 +138,50 @@ DEBUG=verdaccio:plugin:* node packages/verdaccio/debug/bootstrap.js
 The debug code is intended to analyze what is happening under the hood and none
 of the output is sent to the logger module.
 
-## Reporting Bugs
+> [See the full guide how to debug with Verdaccio](https://github.com/verdaccio/verdaccio/wiki/Debugging-Verdaccio)
+
+#### Testing your changes in a local registry {#testing-local-registry}
+
+Once you have perform your changes in the code base, the build and tests passes you can publish a local version:
+
+- Ensure you have build all modules (or the one you have modified)
+- Run `pnpm local:publish:release` to launch a local registry and publish all packages into it. This command will be alive until server is killed (Control Key + C)
+
+```
+pnpm build
+pnpm local:publish:release
+```
+
+The last step consist on install globally the package from the local registry which runs on the default port (4873).
+
+```
+npm i -g verdaccio --registry=http://localhost:4873
+verdaccio
+```
+
+If you perform more changes in the source code, repeat this process, there is not _hot reloading_ support.
+
+## Feature Request {#feature-request}
+
+New feature requests are welcome. Analyse whether the idea fits within scope of the project. Adding in context and the use-case will really help!
+
+**Please provide:**
+
+- Create a [discussion](https://github.com/verdaccio/verdaccio/discussions/new).
+- A detailed description the advantages of your request.
+- Whether or not it's compatible with `npm`, `pnpm` and [_yarn classic_
+  ](https://github.com/yarnpkg/yarn) or [_yarn modern_
+  ](https://github.com/yarnpkg/berry).
+- A potential implementation or design
+- Whatever else is on your mind! 🤓
+
+## Reporting Bugs {#reporting-bugs}
 
 **Bugs are considered features that are not working as described in
 documentation.**
 
 If you've found a bug in Verdaccio **that isn't a security risk**, please file
-a report in our [issue tracker](https://github.com/verdaccio/verdaccio/issues).
+a report in our [issue tracker](https://github.com/verdaccio/verdaccio/issues), if you think a potential vulnerability please read the [security policy](https://verdaccio.org/community/security) .
 
 > **NOTE: Verdaccio still does not support all npm commands. Some were not
 > considered important and others have not been requested yet.**
@@ -189,7 +200,7 @@ a report in our [issue tracker](https://github.com/verdaccio/verdaccio/issues).
 If you intend to report a **security** issue, please follow our [Security policy
 guidelines](https://github.com/verdaccio/verdaccio/security/policy).
 
-### Issue Search
+### Issues {#issues}
 
 Before reporting a bug please:
 
@@ -201,53 +212,21 @@ In case any of those match with your search, up-vote it (using GitHub reactions)
 or add additional helpful details to the existing issue to show that it's
 affecting multiple people.
 
-### Chat
+### Contributing support
 
 Questions can be asked via [Discord](https://discord.gg/7qWJxBf)
 
-**Please use the `#help` channel.**
+**Please use the `#contribute` channel.**
 
-## Translations
+## Development Guidelines {#development-guidelines}
 
-All translations are provided by the `crowdin` platform:
-[https://translate.verdaccio.org/](https://translate.verdaccio.org/)
+It's recommended use a UNIX system for local development, Windows should works fine for development, but is not daily tested could not be perfect. To ensure a fast code review and merge, please follow the next guidelines:
 
-If you want to contribute by adding translations, create an account (GitHub could be used as fast alternative), in the platform you can contribute to two areas, the website or improve User Interface translations.
+Any contribution gives you the right to be part of this organization as _collaborator_ and your avatar will be automatically added to the [contributors page](https://verdaccio.org/contributors).
 
-If a language is not listed, ask for it in the [Discord](https://discord.gg/7qWJxBf) channel #contribute channel.
+## Pull Request {#pull-request}
 
-For adding a new **language** on the UI follow these steps:
-
-1. Ensure the **language** has been enabled, must be visible in the `crowdin` platform.
-2. Find in the explorer the file `en.US.json` in the path `packages/plugins/ui-theme/src/i18n/crowdin/ui.json` and complete the translations, **not need to find approval on this**.
-3. Into the project, add a new field into `packages/plugins/ui-theme/src/i18n/crowdin/ui.json` file, in the section `lng`, the new language, eg: `{ lng: {korean:"Korean"}}`. (This file is English based, once the PR has been merged, this string will be available in crowdin for translate to the targeted language).
-4. Add the language, [flag icon](https://www.npmjs.com/package/country-flag-icons), and the menu key fort he new language eg: `menuKey: 'lng.korean'` to the file `packages/plugins/ui-theme/src/i18n/enabledLanguages.ts`.
-5. For local testing, read `packages/plugins/ui-theme/src/i18n/ABOUT_TRANSLATIONS.md`.
-6. Add a `changeset` file, see more info below.
-
-## Request Features
-
-New feature requests are welcome. Analyse whether the idea fits within scope of
-the project. Adding in context and the use-case will really help!
-
-**Please provide:**
-
-- A detailed description the advantages of your request
-- Whether or not it's compatible with `npm`, `pnpm` and [_yarn classic_
-  ](https://github.com/yarnpkg/yarn) or [_yarn modern_
-  ](https://github.com/yarnpkg/berry).
-- A potential implementation or design
-- Whatever else is on your mind! 🤓
-
-## Contributing Guidelines
-
-It's very exciting to become a Verdaccio contributor 🙌🏼. To ensure a fast code
-review and merge, please follow the next guidelines:
-
-> Any contribution gives you the right to be part of this organization as
-> _collaborator_.
-
-### Submitting a Pull Request
+### Submitting a Pull Request {#submit-pull-request}
 
 The following are the steps you should follow when creating a pull request.
 Subsequent pull requests only need to follow step 3 and beyond.
@@ -275,10 +254,10 @@ Feel free to commit as much times you want in your branch, but keep on mind on
 this repository we `git squash` on merge by default, as we like to maintain a
 clean git history.
 
-#### Before Commit
+#### Before Push {#before-push}
 
-Before committing, **you must ensure there are no linting errors and
-all tests pass.** To do this, run these commands before creating the PR:
+Before committing or push, **you must ensure there are no linting errors and
+all tests passes**. To do verify, run these commands before creating the PR:
 
 ```bash
 pnpm lint
@@ -292,40 +271,11 @@ pnpm test
 
 All good? Perfect! You should create the pull request.
 
-#### Commit Guidelines
+#### Commit Guidelines {#commits}
 
-For example:
+On a pull request, commit messages are not important, please focus on document properly the pull request content. The commit message will be taken from the pull request title, it is recommended to use lowercase format.
 
-- `feat: A new feature`
-- `fix: A bug fix`
-
-A commit of the type feat introduces a new feature to the codebase (this
-correlates with MINOR in semantic versioning).
-
-e.g.:
-
-```
-feat: xxxxxxxxxx
-```
-
-A commit of the type fix patches a bug in your codebase (this correlates with
-PATCH in semantic versioning).
-
-e.g.:
-
-```
-fix: xxxxxxxxxxx
-```
-
-Commits types such as as `docs:`,`style:`,`refactor:`,`perf:`,`test:` and
-`chore:` are valid but have no effect on versioning: **please use them!**
-
-All commits message are going to be validated when they are created using
-_husky_ hooks.
-
-> Please try to provide one single commit to help a clean and easy merge process
-
-### Adding a changeset
+### Adding a changeset {#changeset}
 
 We use [changesets](https://github.com/atlassian/changesets) in order to
 generate a detailed Changelog as possible.
@@ -407,7 +357,25 @@ If you need help with how testing works, please [refer to the following guide
 **If you are introducing new features, you MUST include new tests. PRs for
 features without tests will not be merged.**
 
-## Develop Plugins
+## Translations {#translations}
+
+All translations are provided by the **[crowdin](http://crowdin.com)** platform,
+[https://translate.verdaccio.org/](https://translate.verdaccio.org/)
+
+If you want to contribute by adding translations, create an account (GitHub could be used as fast alternative), in the platform you can contribute to two areas, the website or improve User Interface translations.
+
+If a language is not listed, ask for it in the [Discord](https://discord.gg/7qWJxBf) channel #contribute channel.
+
+For adding a new **language** on the UI follow these steps:
+
+1. Ensure the **language** has been enabled, must be visible in the `crowdin` platform.
+2. Find in the explorer the file `en.US.json` in the path `packages/plugins/ui-theme/src/i18n/crowdin/ui.json` and complete the translations, **not need to find approval on this**.
+3. Into the project, add a new field into `packages/plugins/ui-theme/src/i18n/crowdin/ui.json` file, in the section `lng`, the new language, eg: `{ lng: {korean:"Korean"}}`. (This file is English based, once the PR has been merged, this string will be available in crowdin for translate to the targeted language).
+4. Add the language, [flag icon](https://www.npmjs.com/package/country-flag-icons), and the menu key fort he new language eg: `menuKey: 'lng.korean'` to the file `packages/plugins/ui-theme/src/i18n/enabledLanguages.ts`.
+5. For local testing, read `packages/plugins/ui-theme/src/i18n/ABOUT_TRANSLATIONS.md`.
+6. Add a `changeset` file, see more info below.
+
+## Develop Plugins {#develop-plugins}
 
 Plugins are add-ons that extend the functionality of the application.
 
@@ -420,25 +388,3 @@ If you want to develop your own plugin:
 3. You are free to host your plugin in your repository
 4. Provide a detailed description of your plugin to help users understand how to
    use it
-
-## Testing your changes in a local registry
-
-Once you have perform your changes in the code base, the build and tests passes you can publish a local version:
-
-- Ensure you have build all modules (or the one you have modified)
-- Run `pnpm local:publish:release` to launch a local registry and publish all packages into it. This command will be alive until server is killed (Control Key + C)
-
-```
-pnpm build
-pnpm local:publish:release
-```
-
-The last step consist on install globally the package from the local registry.
-
-```
-npm i -g verdaccio --registry=http://localhost:4873
-
-verdaccio
-```
-
-If you perform more changes in the source code, repeat this process, there is not _hot reloading_ support.

CONTRIBUTORS.md

@@ -1,39 +0,0 @@
-<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
-<!-- markdownlint-disable -->
-<table>
-  <tr>
-    <td align="center"><a href="https://www.linkedin.com/in/jotadeveloper/"><img src="https://avatars0.githubusercontent.com/u/558752?v=4" width="100px;" alt=""/><br /><sub><b>Juan Picado</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=juanpicado" title="Documentation">📖</a> <a href="https://github.com/verdaccio/verdaccio/commits?author=juanpicado" title="Code">💻</a> <a href="#infra-juanpicado" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#eventOrganizing-juanpicado" title="Event Organizing">📋</a> <a href="#blog-juanpicado" title="Blogposts">📝</a> <a href="#maintenance-juanpicado" title="Maintenance">🚧</a></td>
-    <td align="center"><a href="https://github.com/sergiohgz"><img src="https://avatars3.githubusercontent.com/u/14012309?v=4" width="100px;" alt=""/><br /><sub><b>Sergio Herrera</b></sub></a><br /><a href="#infra-sergiohgz" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#maintenance-sergiohgz" title="Maintenance">🚧</a></td>
-    <td align="center"><a href="https://daniel-ruf.de/"><img src="https://avatars1.githubusercontent.com/u/827205?v=4" width="100px;" alt=""/><br /><sub><b>Daniel Ruf</b></sub></a><br /><a href="#security-DanielRuf" title="Security">🛡️</a> <a href="#infra-DanielRuf" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#maintenance-DanielRuf" title="Maintenance">🚧</a></td>
-    <td align="center"><a href="https://priscilawebdev.github.io/priscilaoliveira/"><img src="https://avatars1.githubusercontent.com/u/29228205?v=4" width="100px;" alt=""/><br /><sub><b>Priscila Oliveira</b></sub></a><br /><a href="#design-priscilawebdev" title="Design">🎨</a> <a href="https://github.com/verdaccio/verdaccio/commits?author=priscilawebdev" title="Code">💻</a> <a href="#maintenance-priscilawebdev" title="Maintenance">🚧</a></td>
-    <td align="center"><a href="http://ayusharma.github.io/"><img src="https://avatars0.githubusercontent.com/u/6918450?v=4" width="100px;" alt=""/><br /><sub><b>Ayush Sharma</b></sub></a><br /><a href="#infra-ayusharma" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/verdaccio/verdaccio/commits?author=ayusharma" title="Code">💻</a> <a href="#design-ayusharma" title="Design">🎨</a></td>
-    <td align="center"><a href="https://github.com/trentearl"><img src="https://avatars2.githubusercontent.com/u/802857?v=4" width="100px;" alt=""/><br /><sub><b>Trent Earl</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=trentearl" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/jmwilkinson"><img src="https://avatars0.githubusercontent.com/u/17836030?v=4" width="100px;" alt=""/><br /><sub><b>jmwilkinson</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=jmwilkinson" title="Code">💻</a></td>
-  </tr>
-  <tr>
-    <td align="center"><a href="https://github.com/bufferoverflow"><img src="https://avatars2.githubusercontent.com/u/378909?v=4" width="100px;" alt=""/><br /><sub><b>Roger Meier</b></sub></a><br /><a href="#plugin-bufferoverflow" title="Plugin/utility libraries">🔌</a></td>
-    <td align="center"><a href="https://ghuser.io/jamesgeorge007"><img src="https://avatars2.githubusercontent.com/u/25279263?v=4" width="100px;" alt=""/><br /><sub><b>James George</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=jamesgeorge007" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/AvailCat"><img src="https://avatars3.githubusercontent.com/u/19658647?v=4" width="100px;" alt=""/><br /><sub><b>AvailCat</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=AvailCat" title="Code">💻</a> <a href="#infra-AvailCat" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#maintenance-AvailCat" title="Maintenance">🚧</a></td>
-    <td align="center"><a href="https://www.luciusgaitan.com/"><img src="https://avatars0.githubusercontent.com/u/5970350?v=4" width="100px;" alt=""/><br /><sub><b>Lucius Gaitán</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=lgaitan" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/ramonornela"><img src="https://avatars1.githubusercontent.com/u/187946?v=4" width="100px;" alt=""/><br /><sub><b>Ramon Henrique Ornelas</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=ramonornela" title="Code">💻</a></td>
-    <td align="center"><a href="https://people.freebsd.org/~mi/resume/"><img src="https://avatars1.githubusercontent.com/u/1486340?v=4" width="100px;" alt=""/><br /><sub><b>UnitedMarsupials-zz</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=UnitedMarsupials-zz" title="Code">💻</a></td>
-    <td align="center"><a href="http://www.codingintrigue.co.uk/"><img src="https://avatars0.githubusercontent.com/u/9048902?v=4" width="100px;" alt=""/><br /><sub><b>Ryan Graham</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=ryan-codingintrigue" title="Code">💻</a></td>
-  </tr>
-  <tr>
-    <td align="center"><a href="https://github.com/coolsp"><img src="https://avatars1.githubusercontent.com/u/1246647?v=4" width="100px;" alt=""/><br /><sub><b>coolsp</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=coolsp" title="Code">💻</a></td>
-    <td align="center"><a href="http://ashishsurana.in/"><img src="https://avatars0.githubusercontent.com/u/5610944?v=4" width="100px;" alt=""/><br /><sub><b>Ashish Surana</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=ashishsurana" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/buffaybu"><img src="https://avatars3.githubusercontent.com/u/2025661?v=4" width="100px;" alt=""/><br /><sub><b>Wang Yifei</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=buffaybu" title="Code">💻</a></td>
-    <td align="center"><a href="https://twitter.com/liran_tal"><img src="https://avatars1.githubusercontent.com/u/316371?v=4" width="100px;" alt=""/><br /><sub><b>Liran Tal</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=lirantal" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/brenordr"><img src="https://avatars2.githubusercontent.com/u/19731692?v=4" width="100px;" alt=""/><br /><sub><b>Breno Rodrigues</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=brenordr" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/jachstet-sea"><img src="https://avatars0.githubusercontent.com/u/7993508?v=4" width="100px;" alt=""/><br /><sub><b>jachstet-sea</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=jachstet-sea" title="Code">💻</a></td>
-    <td align="center"><a href="https://patrik.votocek.cz/"><img src="https://avatars1.githubusercontent.com/u/112567?v=4" width="100px;" alt=""/><br /><sub><b>Patrik Votoček</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=Vrtak-CZ" title="Code">💻</a></td>
-  </tr>
-  <tr>
-    <td align="center"><a href="https://github.com/monkeywithacupcake"><img src="https://avatars3.githubusercontent.com/u/7316730?v=4" width="100px;" alt=""/><br /><sub><b>jess</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=monkeywithacupcake" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/toolsofraj"><img src="https://avatars0.githubusercontent.com/u/2507152?v=4" width="100px;" alt=""/><br /><sub><b>toolsofraj</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=toolsofraj" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/ddhp"><img src="https://avatars1.githubusercontent.com/u/1715380?v=4" width="100px;" alt=""/><br /><sub><b>Jian-Chen Chen (jesse)</b></sub></a><br /><a href="#translation-ddhp" title="Translation">🌍</a> <a href="https://github.com/verdaccio/verdaccio/commits?author=ddhp" title="Code">💻</a></td>
-  </tr>
-</table>
-
-<!-- markdownlint-enable -->
-<!-- ALL-CONTRIBUTORS-LIST:END -->

Dockerfile

@@ -6,8 +6,8 @@ ENV NODE_ENV=development \
 RUN apk --no-cache add openssl ca-certificates wget && \
     apk --no-cache add g++ gcc libgcc libstdc++ linux-headers make python3 && \
     wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub && \
-    wget -q https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.25-r0/glibc-2.25-r0.apk && \
-    apk add glibc-2.25-r0.apk
+    wget -q https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.35-r0/glibc-2.35-r0.apk && \
+    apk add --force-overwrite glibc-2.35-r0.apk
 
 WORKDIR /opt/verdaccio-build
 COPY . .

crowdin.yaml

@@ -1,20 +1,19 @@
-project_id_env: CROWDIN_VERDACCIO_PROJECT_ID
+project_id: 295539
 api_token_env: CROWDIN_VERDACCIO_API_KEY
+# token local testing
+# api_token: token_secret
 
 preserve_hierarchy: true
 
 files:
-  [
-    {
-      source: 'packages/plugins/ui-theme/src/i18n/crowdin/**/*',
-      translation: '/packages/plugins/ui-theme/src/i18n/download_translations/%locale%/**/%original_file_name%',
-    },
-    {
-      source: '/website/i18n/en/**/*',
-      translation: '/website/i18n/%locale%/**/%original_file_name%',
-    },
-    {
-      source: '/website/docs/**/*',
-      translation: '/website/i18n/%locale%/docusaurus-plugin-content-docs/current/**/%original_file_name%',
-    }
-  ]
+  - source: /packages/plugins/ui-theme/src/i18n/crowdin/*.json
+    translation: '/packages/plugins/ui-theme/src/i18n/download_translations/%locale%/%original_file_name%'
+  - source: /website/i18n/en/**/*
+    translation: '/website/i18n/%locale%/**/%original_file_name%'
+  - source: /website/docs/**/*
+    translation: '/website/i18n/%locale%/docusaurus-plugin-content-docs/current/**/%original_file_name%'
+    ignore: [/website/docs/api/**/*]
+  - source: /website/versioned_docs/**/*
+    translation: /website/i18n/%locale%/docusaurus-plugin-content-docs/**/%original_file_name%
+    ignore: [/website/versioned_docs/version-5.x/api/**/*]
+   

docker-examples/v4/plugins/docker-extend/Dockerfile

@@ -4,7 +4,7 @@ USER root
 
 ENV NODE_ENV=production
 
-RUN npm i && npm install verdaccio-aws-s3-storage
+RUN npm i && npm -g install verdaccio-aws-s3-storage
 
 USER verdaccio
 

docker-examples/v5/plugins/docker-build-install-plugin/Dockerfile

@@ -1,25 +1,7 @@
-# Docs based on https://github.com/xlts-dev/verdaccio-prometheus-middleware#installation
-
-# Docker multi-stage build - https://docs.docker.com/develop/develop-images/multistage-build/
-# Use an alpine node image to install the plugin
-FROM node:lts-alpine as builder
-
-# Install the metrics middleware plugin
-# npm docs
-# --global-style https://docs.npmjs.com/cli/v7/commands/npm-install#global-style
-# --no-bin-links https://docs.npmjs.com/cli/v7/commands/npm-install#bin-links
-# --omit=optional 
-RUN mkdir -p /verdaccio/plugins \
-  && cd /verdaccio/plugins \
-  && npm install --global-style --no-bin-links --omit=optional verdaccio-auth-memory@latest
-
 # The final built image will be based on the standard Verdaccio docker image.
 FROM verdaccio/verdaccio:5
-
-# Copy the plugin files over from the 'builder' node image.
-# The `$VERDACCIO_USER_UID` env variable is defined in the base `verdaccio/verdaccio` image.
-# Refer to: https://github.com/verdaccio/verdaccio/blob/v5.2.0/Dockerfile#L32
 ADD docker.yaml /verdaccio/conf/config.yaml  
-COPY --chown=$VERDACCIO_USER_UID:root --from=builder \
-  /verdaccio/plugins/node_modules/verdaccio-auth-memory \
-  /verdaccio/plugins/verdaccio-auth-memory
+USER root
+RUN npm install --global verdaccio-static-token \
+  && npm install --global verdaccio-auth-memory
+USER $VERDACCIO_USER_UID

docker-examples/v5/plugins/docker-build-install-plugin/README.md

@@ -38,9 +38,11 @@ FROM verdaccio/verdaccio:5
 
 # copy your modified config.yaml into the image
 ADD docker.yaml /verdaccio/conf/config.yaml
-
-COPY --chown=$VERDACCIO_USER_UID:root --from=builder \
-  /verdaccio/plugins/node_modules/verdaccio-auth-memory \
-  /verdaccio/plugins/verdaccio-auth-memory
-
+# need it for install global plugins
+USER root
+# install plugins with npm global
+RUN npm install --global verdaccio-static-token \
+  && npm install --global verdaccio-auth-memory
+# back to original user
+USER $VERDACCIO_USER_UID
 ```

docker-examples/v5/plugins/docker-build-install-plugin/docker.yaml

@@ -176,6 +176,13 @@ server:
 middlewares:
   audit:
     enabled: true
+  static-token:
+    - token: mySecureToken
+      user: systemUser
+      password: systemPassword
+    - token: ABCD1234
+      user: uncle
+      password: tom
 
 # https://verdaccio.org/docs/logger
 # log settings

docker-examples/v6/plugins/docker-build-install-plugin/docker.yaml

@@ -176,6 +176,13 @@ server:
 middlewares:
   audit:
     enabled: true
+  static-token:
+    - token: mySecureToken
+      user: systemUser
+      password: systemPassword
+    - token: ABCD1234
+      user: uncle
+      password: tom
 
 # https://verdaccio.org/docs/logger
 # log settings

docs/plugins.md

@@ -0,0 +1,3 @@
+## Developing plugins
+
+TBA

e2e/README.md

@@ -3,4 +3,4 @@
 This folder is composed of two strategies:
 
 - E2E for CLI
-- E2E for the UI (puppeteer)
+- E2E for the UI (cypress)

e2e/cli/README.md

@@ -19,6 +19,8 @@
 | deprecate | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
 | ping      | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
 | search    | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
+| star      | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
+| stars     | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ⛔    | ⛔    | ⛔    | ⛔    |
 | dist-tag  | ✅   | ✅   | ✅   | ✅   | ✅    | ✅    | ✅    | ❌    | ❌    | ❌    |
 
 > notes:

e2e/cli/cli-commons/package.json

@@ -5,11 +5,11 @@
   "main": "./build/index.js",
   "types": "./build/index.d.ts",
   "devDependencies": {
-    "verdaccio": "workspace:6.0.0-6-next.48",
-    "@verdaccio/core": "workspace:6.0.0-6-next.48",
-    "@verdaccio/config": "workspace:6.0.0-6-next.48",
+    "verdaccio": "workspace:6.0.0-6-next.52",
+    "@verdaccio/core": "workspace:6.0.0-6-next.52",
+    "@verdaccio/config": "workspace:6.0.0-6-next.52",
     "@verdaccio/types": "workspace:11.0.0-6-next.17",
-    "yaml": "2.1.1",
+    "yaml": "2.1.3",
     "debug": "4.3.4",
     "fs-extra": "10.1.0",
     "got": "11.8.5",

e2e/cli/e2e-npm6/star.spec.ts

@@ -0,0 +1,85 @@
+import {
+  addRegistry,
+  initialSetup,
+  npmUtils,
+  prepareGenericEmptyProject,
+} from '@verdaccio/test-cli-commons';
+
+import { npm } from './utils';
+
+describe('star a package', () => {
+  jest.setTimeout(20000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test.each([['@verdaccio/foo']])('should star a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    const resp = await npm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+  });
+
+  test.each([['@verdaccio/bar']])('should unstar a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    const resp = await npm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+
+    const resp1 = await npm(
+      { cwd: tempFolder },
+      'unstar',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp1.stdout).toEqual(`☆  ${pkgName}`);
+  });
+
+  test('should list stars of a user %s', async () => {
+    const pkgName = '@verdaccio/stars';
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    await npm({ cwd: tempFolder }, 'star', pkgName, ...addRegistry(registry.getRegistryUrl()));
+    const resp = await npm({ cwd: tempFolder }, 'stars', ...addRegistry(registry.getRegistryUrl()));
+    // side effects: this result is affected the the package published in the previous step
+    expect(resp.stdout).toEqual(`@verdaccio/foo@verdaccio/stars`);
+  });
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});

e2e/cli/e2e-npm7/star.spec.ts

@@ -0,0 +1,85 @@
+import {
+  addRegistry,
+  initialSetup,
+  npmUtils,
+  prepareGenericEmptyProject,
+} from '@verdaccio/test-cli-commons';
+
+import { npm } from './utils';
+
+describe('star a package', () => {
+  jest.setTimeout(20000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test.each([['@verdaccio/foo']])('should star a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    const resp = await npm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+  });
+
+  test.each([['@verdaccio/bar']])('should unstar a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    const resp = await npm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+
+    const resp1 = await npm(
+      { cwd: tempFolder },
+      'unstar',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp1.stdout).toEqual(`☆  ${pkgName}`);
+  });
+
+  test('should list stars of a user %s', async () => {
+    const pkgName = '@verdaccio/stars';
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    await npm({ cwd: tempFolder }, 'star', pkgName, ...addRegistry(registry.getRegistryUrl()));
+    const resp = await npm({ cwd: tempFolder }, 'stars', ...addRegistry(registry.getRegistryUrl()));
+    // side effects: this result is affected the the package published in the previous step
+    expect(resp.stdout).toEqual(`@verdaccio/foo@verdaccio/stars`);
+  });
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});

e2e/cli/e2e-npm8/package.json

@@ -4,7 +4,7 @@
   "version": "1.0.1-6-next.5",
   "dependencies": {
     "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
-    "npm": "8.19.2"
+    "npm": "8.19.3"
   },
   "scripts": {
     "test": "jest"

e2e/cli/e2e-npm8/star.spec.ts

@@ -0,0 +1,85 @@
+import {
+  addRegistry,
+  initialSetup,
+  npmUtils,
+  prepareGenericEmptyProject,
+} from '@verdaccio/test-cli-commons';
+
+import { npm } from './utils';
+
+describe('star a package', () => {
+  jest.setTimeout(20000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test.each([['@verdaccio/foo']])('should star a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    const resp = await npm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+  });
+
+  test.each([['@verdaccio/bar']])('should unstar a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    const resp = await npm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+
+    const resp1 = await npm(
+      { cwd: tempFolder },
+      'unstar',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp1.stdout).toEqual(`☆  ${pkgName}`);
+  });
+
+  test('should list stars of a user %s', async () => {
+    const pkgName = '@verdaccio/stars';
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    await npm({ cwd: tempFolder }, 'star', pkgName, ...addRegistry(registry.getRegistryUrl()));
+    const resp = await npm({ cwd: tempFolder }, 'stars', ...addRegistry(registry.getRegistryUrl()));
+    // side effects: this result is affected the the package published in the previous step
+    expect(resp.stdout).toEqual(`@verdaccio/foo@verdaccio/stars`);
+  });
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});

e2e/cli/e2e-npm9/package.json

@@ -4,7 +4,7 @@
   "version": "1.0.1-6-next.5",
   "dependencies": {
     "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
-    "npm": "9.0.0-pre.2"
+    "npm": "9.1.2"
   },
   "scripts": {
     "test": "jest"

e2e/cli/e2e-npm9/star.spec.ts

@@ -0,0 +1,85 @@
+import {
+  addRegistry,
+  initialSetup,
+  npmUtils,
+  prepareGenericEmptyProject,
+} from '@verdaccio/test-cli-commons';
+
+import { npm } from './utils';
+
+describe('star a package', () => {
+  jest.setTimeout(20000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test.each([['@verdaccio/foo']])('should star a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    const resp = await npm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+  });
+
+  test.each([['@verdaccio/bar']])('should unstar a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    const resp = await npm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+
+    const resp1 = await npm(
+      { cwd: tempFolder },
+      'unstar',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp1.stdout).toEqual(`☆  ${pkgName}`);
+  });
+
+  test('should list stars of a user %s', async () => {
+    const pkgName = '@verdaccio/stars';
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+    await npmUtils.publish(npm, tempFolder, pkgName, registry);
+    await npm({ cwd: tempFolder }, 'star', pkgName, ...addRegistry(registry.getRegistryUrl()));
+    const resp = await npm({ cwd: tempFolder }, 'stars', ...addRegistry(registry.getRegistryUrl()));
+    // side effects: this result is affected the the package published in the previous step
+    expect(resp.stdout).toEqual(`@verdaccio/foo@verdaccio/stars`);
+  });
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});

e2e/cli/e2e-pnpm6/star.spec.ts

@@ -0,0 +1,89 @@
+import {
+  addRegistry,
+  initialSetup,
+  pnpmUtils,
+  prepareGenericEmptyProject,
+} from '@verdaccio/test-cli-commons';
+
+import { pnpm } from './utils';
+
+describe('star a package', () => {
+  jest.setTimeout(20000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test.each([['@verdaccio/foo']])('should star a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    const resp = await pnpm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+  });
+
+  test.each([['@verdaccio/bar']])('should unstar a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    const resp = await pnpm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+
+    const resp1 = await pnpm(
+      { cwd: tempFolder },
+      'unstar',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp1.stdout).toEqual(`☆  ${pkgName}`);
+  });
+
+  test('should list stars of a user %s', async () => {
+    const pkgName = '@verdaccio/stars';
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    await pnpm({ cwd: tempFolder }, 'star', pkgName, ...addRegistry(registry.getRegistryUrl()));
+    const resp = await pnpm(
+      { cwd: tempFolder },
+      'stars',
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    // side effects: this result is affected the the package published in the previous step
+    expect(resp.stdout).toEqual(`@verdaccio/foo@verdaccio/stars`);
+  });
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});

e2e/cli/e2e-pnpm7/star.spec.ts

@@ -0,0 +1,89 @@
+import {
+  addRegistry,
+  initialSetup,
+  pnpmUtils,
+  prepareGenericEmptyProject,
+} from '@verdaccio/test-cli-commons';
+
+import { pnpm } from './utils';
+
+describe('star a package', () => {
+  jest.setTimeout(20000);
+  let registry;
+
+  beforeAll(async () => {
+    const setup = await initialSetup();
+    registry = setup.registry;
+    await registry.init();
+  });
+
+  test.each([['@verdaccio/foo']])('should star a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    const resp = await pnpm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+  });
+
+  test.each([['@verdaccio/bar']])('should unstar a package %s', async (pkgName) => {
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    const resp = await pnpm(
+      { cwd: tempFolder },
+      'star',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp.stdout).toEqual(`★  ${pkgName}`);
+
+    const resp1 = await pnpm(
+      { cwd: tempFolder },
+      'unstar',
+      pkgName,
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    expect(resp1.stdout).toEqual(`☆  ${pkgName}`);
+  });
+
+  test('should list stars of a user %s', async () => {
+    const pkgName = '@verdaccio/stars';
+    const { tempFolder } = await prepareGenericEmptyProject(
+      pkgName,
+      '1.0.0-patch',
+      registry.port,
+      registry.getToken(),
+      registry.getRegistryUrl()
+    );
+    await pnpmUtils.publish(pnpm, tempFolder, pkgName, registry);
+    await pnpm({ cwd: tempFolder }, 'star', pkgName, ...addRegistry(registry.getRegistryUrl()));
+    const resp = await pnpm(
+      { cwd: tempFolder },
+      'stars',
+      ...addRegistry(registry.getRegistryUrl())
+    );
+    // side effects: this result is affected the the package published in the previous step
+    expect(resp.stdout).toEqual(`@verdaccio/foo@verdaccio/stars`);
+  });
+
+  afterAll(async () => {
+    registry.stop();
+  });
+});

e2e/cli/e2e-yarn3/package.json

@@ -4,7 +4,7 @@
   "version": "1.0.1-6-next.5",
   "dependencies": {
     "@verdaccio/test-cli-commons": "workspace:1.0.1-6-next.5",
-    "@yarnpkg/cli-dist": "3.2.3"
+    "@yarnpkg/cli-dist": "3.3.0"
   },
   "scripts": {
     "test": "jest"

e2e/ui/.eslintrc

@@ -1,9 +0,0 @@
-{
-  "globals": {
-    "VERDACCIO_API_URL": true,
-    "__DEBUG__": true
-  },
-  "env": {
-    "browser": true
-  }
-}

e2e/ui/CHANGELOG.md

@@ -1,29 +0,0 @@
-# @verdaccio/e2e-ui
-
-## 2.0.0-6-next.3
-
-### Major Changes
-
-- 000d4374: feat: upgrade to material ui 5
-
-## 1.1.0-6-next.2
-
-### Minor Changes
-
-- 154b2ecd: refactor: remove @verdaccio/commons-api in favor @verdaccio/core and remove duplications
-
-## 1.1.0-6-next.1
-
-### Minor Changes
-
-- 1b217fd3: Some verdaccio modules depend on 'mkdirp' library which provides recursive directory creation functionality.
-  NodeJS can do this out of the box since v.10.12. The last commit in 'mkdirp' was made in early 2016, and it's mid 2021 now.
-  Time to stick with a built-in library solution!
-
-  - All 'mkdirp' calls are replaced with appropriate 'fs' calls.
-
-## 1.0.1-alpha.0
-
-### Patch Changes
-
-- fecbb9be: chore: add release step to private regisry on merge changeset pr

e2e/ui/README.md

@@ -7,3 +7,7 @@
   - Check navigation
   - Check sidebar
   - Check protected packages works
+
+## Contribute
+
+More tests could be added to verify UI works as expected.

e2e/ui/basic.spec.js

@@ -1,64 +0,0 @@
-const { join } = require('path');
-const { fileUtils } = require('@verdaccio/core');
-const { parseConfigFile } = require('@verdaccio/config');
-const { Registry, ServerQuery } = require('verdaccio');
-
-describe('basic functionality', () => {
-  let registry1;
-  let page;
-  beforeAll(async () => {
-    const configProtected = parseConfigFile(join(__dirname, './config/config.yaml'));
-    const registry1storage = await fileUtils.createTempStorageFolder('storage-1');
-    const protectedRegistry = await Registry.fromConfigToPath({
-      ...configProtected,
-      storage: registry1storage,
-    });
-    registry1 = new Registry(protectedRegistry.configPath);
-    await registry1.init();
-
-    const query1 = new ServerQuery(registry1.getRegistryUrl());
-    await query1.createUser('test', 'test');
-
-    page = await global.__BROWSER__.newPage();
-    await page.goto(`http://0.0.0.0:${registry1.getPort()}`);
-    // eslint-disable-next-line no-console
-    page.on('console', (msg) => console.log('PAGE LOG:', msg.text()));
-  });
-
-  afterAll(async () => {
-    await page.close();
-    registry1.stop();
-  });
-
-  // this might be increased based on the delays included in all test
-  jest.setTimeout(20000);
-
-  test('should display title', async () => {
-    const text = await page.title();
-    await page.waitForTimeout(1000);
-
-    expect(text).toContain('verdaccio-server-e2e');
-  });
-
-  test('should match title with no packages published', async () => {
-    const text = await page.evaluate(() => document.querySelector('#help-card__title').textContent);
-    expect(text).toMatch('No Package Published Yet.');
-  });
-
-  test('should match title with first step', async () => {
-    const text = await page.evaluate(() => document.querySelector('#help-card').textContent);
-    expect(text).toContain(`npm adduser --registry http://0.0.0.0:${registry1.getPort()}`);
-  });
-
-  test('should match title with second step', async () => {
-    const text = await page.evaluate(() => document.querySelector('#help-card').textContent);
-    expect(text).toContain(`npm publish --registry http://0.0.0.0:${registry1.getPort()}`);
-  });
-
-  test('should go to 404 page', async () => {
-    await page.goto(`http://0.0.0.0:${registry1.getPort()}/-/web/detail/@verdaccio/not-found`);
-    await page.waitForTimeout(500);
-    const text = await page.evaluate(() => document.querySelector('.not-found-text').textContent);
-    expect(text).toMatch("Sorry, we couldn't find it...");
-  });
-});

e2e/ui/config/config.yaml

@@ -3,18 +3,26 @@ web:
   title: verdaccio-server-e2e
   login: true
 
-log: { type: stdout, format: pretty, level: debug }
+log: { type: stdout, format: json, level: info }
+
+uplinks:
+  npmjs:
+    url: https://registry.npmjs.org/
 
 auth:
   htpasswd:
     file: ./htpasswd
 
 packages:
+  '@verdaccio/*':
+    access: $all
+    publish: $authenticated
   '@*/*':
     access: $all
     publish: $authenticated
+    proxy: npmjs
   '**':
     access: $all
     publish: $authenticated
-
+    proxy: npmjs
 _debug: true

e2e/ui/cypress.config.ts

@@ -0,0 +1,60 @@
+import { defineConfig } from 'cypress';
+import { join } from 'path';
+import { Registry, ServerQuery } from 'verdaccio';
+
+import { parseConfigFile } from '@verdaccio/config';
+import { HEADERS, fileUtils } from '@verdaccio/core';
+import { generatePackageMetadata } from '@verdaccio/test-helper';
+
+let registry1;
+export default defineConfig({
+  e2e: {
+    setupNodeEvents(on) {
+      on('before:run', async () => {
+        const configProtected = parseConfigFile(join(__dirname, './config/config.yaml'));
+        const registry1storage = await fileUtils.createTempStorageFolder('storage-1');
+        const protectedRegistry = await Registry.fromConfigToPath({
+          ...configProtected,
+          storage: registry1storage,
+        });
+        registry1 = new Registry(protectedRegistry.configPath, {
+          createUser: true,
+          credentials: { user: 'test', password: 'test' },
+        });
+        await registry1.init();
+      });
+
+      on('after:run', async () => {
+        registry1.stop();
+      });
+
+      on('task', {
+        publishScoped({ pkgName }) {
+          const scopedPackageMetadata = generatePackageMetadata(pkgName, '1.0.6');
+          const server = new ServerQuery(registry1.getRegistryUrl());
+          server
+            .putPackage(scopedPackageMetadata.name, scopedPackageMetadata, {
+              [HEADERS.AUTHORIZATION]: `Bearer ${registry1.getToken()}`,
+            })
+            .then(() => {});
+          return null;
+        },
+        publishProtected({ pkgName }) {
+          const protectedPackageMetadata = generatePackageMetadata(pkgName, '5.0.5');
+          const server = new ServerQuery(registry1.getRegistryUrl());
+          server
+            .putPackage(protectedPackageMetadata.name, protectedPackageMetadata, {
+              [HEADERS.AUTHORIZATION]: `Bearer ${registry1.getToken()}`,
+            })
+            .then(() => {});
+        },
+        registry() {
+          return {
+            registryUrl: registry1.getRegistryUrl(),
+            port: registry1.getPort(),
+          };
+        },
+      });
+    },
+  },
+});

e2e/ui/cypress/e2e/home.cy.ts

@@ -0,0 +1,30 @@
+describe('home spec', () => {
+  let ctx: any = {};
+  beforeEach(async () => {
+    // @ts-expect-error
+    const registry = await cy.task('registry');
+    ctx.url = registry.registryUrl;
+  });
+
+  it('title should be correct', () => {
+    cy.visit(ctx.url);
+    cy.location('pathname').should('include', '/');
+    cy.title().should('eq', 'verdaccio-server-e2e');
+  });
+
+  it('should match title with no packages published', () => {
+    cy.visit(ctx.url);
+    cy.getByTestId('help-card').contains('No Package Published Yet.');
+  });
+
+  it('should display instructions on help card', () => {
+    cy.visit(ctx.url);
+    cy.getByTestId('help-card').contains(`npm adduser --registry ${ctx.url}`);
+    cy.getByTestId('help-card').contains(`npm publish --registry ${ctx.url}`);
+  });
+
+  it('should go to 404 page', () => {
+    cy.visit(`${ctx.url}/-/web/detail/@verdaccio/not-found`);
+    cy.getByTestId('404').contains(`Sorry, we couldn't find it.`);
+  });
+});

e2e/ui/cypress/e2e/publish.cy.ts

@@ -0,0 +1,90 @@
+describe('publish spec', () => {
+  let ctx: any = {};
+  const credentials = { user: 'test', password: 'test' };
+  beforeEach(async () => {
+    // @ts-expect-error
+    const registry = await cy.task('registry');
+    ctx.url = registry.registryUrl;
+    const pkgName = `@verdaccio/pkg-scoped`;
+    cy.intercept('POST', '/-/verdaccio/sec/login').as('sign');
+    cy.intercept('GET', '/-/verdaccio/data/packages').as('pkgs');
+    cy.intercept('GET', `/-/verdaccio/data/sidebar/${pkgName}`).as('sidebar');
+    cy.intercept('GET', `/-/verdaccio/data/package/readme/${pkgName}`).as('readme');
+    cy.task('publishScoped', { pkgName });
+  });
+
+  it('should have one published package', () => {
+    cy.visit(ctx.url);
+    cy.login(credentials.user, credentials.password);
+    cy.wait('@sign');
+    // cy.getByTestId('package-title').should('have.length', 1);
+  });
+
+  it('should navigate to page detail', () => {
+    cy.visit(ctx.url);
+    cy.login(credentials.user, credentials.password);
+    cy.wait('@sign');
+    cy.wait('@pkgs');
+    cy.wait(300);
+    cy.getByTestId('package-title').first().click();
+  });
+
+  it('should have readme content', () => {
+    cy.visit(ctx.url);
+    cy.login(credentials.user, credentials.password);
+    cy.wait('@sign');
+    cy.wait('@pkgs');
+    cy.getByTestId('package-title').first().click();
+    cy.wait('@readme');
+    cy.wait('@sidebar');
+    cy.get('.markdown-body').should('have.length', 1);
+    cy.contains('.markdown-body', /test/);
+  });
+
+  it('should click on dependencies tab', () => {
+    cy.visit(ctx.url);
+    cy.login(credentials.user, credentials.password);
+    cy.wait('@sign');
+    cy.wait('@pkgs');
+    cy.wait(300);
+    cy.getByTestId('package-title').first().click();
+    cy.wait('@readme');
+    cy.wait('@sidebar');
+    cy.getByTestId('dependencies-tab').click();
+    cy.wait(100);
+    cy.getByTestId('dependencies').should('have.length', 1);
+    cy.getByTestId('verdaccio')
+      .children()
+      .invoke('text')
+      .should('match', /verdaccio/);
+    cy.screenshot();
+  });
+
+  it('should click on versions tab', () => {
+    cy.visit(ctx.url);
+    cy.login(credentials.user, credentials.password);
+    cy.wait('@sign');
+    cy.wait('@pkgs');
+    cy.wait(300);
+    cy.getByTestId('package-title').first().click();
+    cy.wait('@readme');
+    cy.wait('@sidebar');
+    cy.getByTestId('versions-tab').click();
+    cy.getByTestId('tag-latest').children().invoke('text').should('match', /1.0.6/);
+    cy.screenshot();
+  });
+
+  it('should click on uplinks tab', () => {
+    cy.visit(ctx.url);
+    cy.login(credentials.user, credentials.password);
+    cy.wait('@sign');
+    cy.wait('@pkgs');
+    cy.wait(300);
+    cy.getByTestId('package-title').first().click();
+    cy.wait('@readme');
+    cy.wait('@sidebar');
+    cy.getByTestId('uplinks-tab').click();
+    cy.getByTestId('no-uplinks').should('be.visible');
+    cy.screenshot();
+  });
+});

e2e/ui/cypress/e2e/signin.cy.ts

@@ -0,0 +1,32 @@
+describe('sign spec', () => {
+  let ctx: any = {};
+  const credentials = { user: 'test', password: 'test' };
+  beforeEach(async () => {
+    // @ts-expect-error
+    const registry = await cy.task('registry');
+    ctx.url = registry.registryUrl;
+    cy.intercept('POST', '/-/verdaccio/sec/login').as('sign');
+  });
+
+  it('should login user', () => {
+    cy.visit(ctx.url);
+    cy.login(credentials.user, credentials.password);
+    cy.wait('@sign');
+    cy.getByTestId('logInDialogIcon').click();
+    cy.wait(100);
+    cy.getByTestId('greetings-label').contains(credentials.user);
+  });
+
+  it('should logout an user', () => {
+    cy.visit(ctx.url);
+    cy.login(credentials.user, credentials.password);
+    cy.wait('@sign');
+    cy.getByTestId('logInDialogIcon').click();
+    cy.wait(100);
+    cy.getByTestId('logOutDialogIcon').click();
+    cy.screenshot();
+    cy.wait(200);
+    cy.getByTestId('header--button-login').contains('Login');
+    cy.screenshot();
+  });
+});

e2e/ui/cypress/support/commands.ts

@@ -0,0 +1,40 @@
+/* eslint-disable no-undef */
+// / <reference types="cypress" />;
+
+Cypress.Commands.add('getByTestId', (selector, ...args) => {
+  return cy.get(`[data-testid=${selector}]`, ...args);
+});
+
+// -- This is a parent command --
+Cypress.Commands.add('login', (user, password) => {
+  cy.getByTestId('header--button-login').click();
+  cy.wait(300);
+  cy.get('#login--dialog-username').type(user);
+  cy.wait(200);
+  cy.get('#login--dialog-password').type(password);
+  cy.wait(500);
+  cy.get('#login--dialog-button-submit').click();
+});
+//
+//
+// -- This is a child command --
+// Cypress.Commands.add('drag', { prevSubject: 'element'}, (subject, options) => { ... })
+//
+//
+// -- This is a dual command --
+// Cypress.Commands.add('dismiss', { prevSubject: 'optional'}, (subject, options) => { ... })
+//
+//
+// -- This will overwrite an existing command --
+// Cypress.Commands.overwrite('visit', (originalFn, url, options) => { ... })
+//
+// declare global {
+//   namespace Cypress {
+//     interface Chainable {
+//       login(email: string, password: string): Chainable<void>
+//       drag(subject: string, options?: Partial<TypeOptions>): Chainable<Element>
+//       dismiss(subject: string, options?: Partial<TypeOptions>): Chainable<Element>
+//       visit(originalFn: CommandOriginalFn, url: string, options: Partial<VisitOptions>): Chainable<Element>
+//     }
+//   }
+// }

e2e/ui/cypress/support/e2e.ts

@@ -0,0 +1,19 @@
+// ***********************************************************
+// This example support/e2e.ts is processed and
+// loaded automatically before your test files.
+//
+// This is a great place to put global configuration and
+// behavior that modifies Cypress.
+//
+// You can change the location of this file or turn off
+// automatically serving support files with the
+// 'supportFile' configuration option.
+//
+// You can read more here:
+// https://on.cypress.io/configuration
+// ***********************************************************
+// Import commands.js using ES2015 syntax:
+import './commands';
+
+// Alternatively you can use CommonJS syntax:
+// require('./commands')

e2e/ui/helper.ts

@@ -1,36 +0,0 @@
-export const credentials = { user: 'test', password: 'test' };
-
-export const clickElement = async function (page, selector, options = { delay: 100 }) {
-  const button = await page.$(selector);
-  await button.focus();
-  await button.click(options);
-};
-
-export const evaluateSignIn = async function (page, matchText = 'Login') {
-  const text = await page.evaluate(() => {
-    return document.querySelector('button[data-testid="header--button-login"]')?.textContent;
-  });
-
-  expect(text).toMatch(matchText);
-};
-
-export const getPackages = async function (page) {
-  return await page.$$('.package-title');
-};
-
-export const logIn = async function (page) {
-  await clickElement(page, 'div[data-testid="dialogContentLogin"]');
-  const userInput = await page.$('#login--dialog-username');
-  expect(userInput).not.toBeNull();
-  const passInput = await page.$('#login--dialog-password');
-  expect(passInput).not.toBeNull();
-  await userInput.type(credentials.user, { delay: 100 });
-  await passInput.type(credentials.password, { delay: 100 });
-  await passInput.dispose();
-  // click on log in
-  const loginButton = await page.$('#login--dialog-button-submit');
-  expect(loginButton).toBeDefined();
-  await loginButton.focus();
-  await loginButton.click({ delay: 100 });
-  await page.waitForTimeout(500);
-};

e2e/ui/jest.config.js

@@ -1,8 +0,0 @@
-const config = require('../../jest/config');
-
-module.exports = Object.assign({}, config, {
-  verbose: false,
-  collectCoverage: false,
-  globalSetup: './pre-setup.js',
-  globalTeardown: './teardown.js',
-});

e2e/ui/package.json

@@ -3,17 +3,15 @@
   "name": "@verdaccio/e2e-ui",
   "version": "2.0.0-6-next.3",
   "devDependencies": {
-    "verdaccio": "workspace:6.0.0-6-next.48",
-    "@verdaccio/core": "workspace:6.0.0-6-next.48",
-    "@verdaccio/config": "workspace:6.0.0-6-next.48",
-    "@verdaccio/test-helper": "workspace:2.0.0-6-next.5",
+    "verdaccio": "workspace:6.0.0-6-next.52",
+    "@verdaccio/core": "workspace:6.0.0-6-next.52",
+    "@verdaccio/config": "workspace:6.0.0-6-next.52",
+    "@verdaccio/test-helper": "workspace:2.0.0-6-next.6",
     "debug": "4.3.4",
-    "colorette": "2.0.19",
-    "lodash": "^4.17.21",
-    "puppeteer": "17.1.3",
-    "rimraf": "3.0.2"
+    "cypress": "11.1.0"
   },
   "scripts": {
-    "test": "jest --runInBand"
+    "cypress:open": "cypress open",
+    "test": "cypress run"
   }
 }

e2e/ui/publish.spec.js

@@ -1,118 +0,0 @@
-const { join } = require('path');
-const { generatePackageMetadata } = require('@verdaccio/test-helper');
-const { fileUtils, HEADERS } = require('@verdaccio/core');
-const { parseConfigFile } = require('@verdaccio/config');
-const { Registry, ServerQuery } = require('verdaccio');
-const { getPackages } = require('./helper');
-
-const protectedPackageMetadata = generatePackageMetadata('pkg-protected', '5.0.5');
-const scopedPackageMetadata = generatePackageMetadata('pkg-scoped', '1.0.6');
-
-describe('publish package', () => {
-  let registry1;
-  let page;
-  beforeAll(async () => {
-    const configProtected = parseConfigFile(join(__dirname, './config/config.yaml'));
-    const registry1storage = await fileUtils.createTempStorageFolder('storage-1');
-    const protectedRegistry = await Registry.fromConfigToPath({
-      ...configProtected,
-      storage: registry1storage,
-    });
-    registry1 = new Registry(protectedRegistry.configPath, { createUser: true });
-    await registry1.init();
-
-    const query1 = new ServerQuery(registry1.getRegistryUrl());
-    await query1.createUser('test', 'test');
-
-    page = await global.__BROWSER__.newPage();
-    await page.goto(`http://0.0.0.0:${registry1.getPort()}`);
-    // eslint-disable-next-line no-console
-    page.on('console', (msg) => console.log('PAGE LOG:', msg.text()));
-  });
-
-  afterAll(async () => {
-    await page.close();
-    registry1.stop();
-  });
-
-  // this might be increased based on the delays included in all test
-  jest.setTimeout(20000);
-
-  test('should publish a package', async () => {
-    const server = new ServerQuery(registry1.getRegistryUrl());
-    await server.putPackage(scopedPackageMetadata.name, scopedPackageMetadata, {
-      [HEADERS.AUTHORIZATION]: `Bearer ${registry1.getToken()}`,
-    });
-    await page.waitForTimeout(1000);
-    await page.reload();
-    await page.waitForTimeout(1000);
-    const packagesList = await getPackages(page);
-    expect(packagesList).toHaveLength(1);
-  });
-  //
-
-  test('should navigate to the package detail', async () => {
-    const packagesList = await getPackages(page);
-    const firstPackage = packagesList[0];
-    await firstPackage.click({ delay: 200 });
-    await page.waitForTimeout(1000);
-    const readmeText = await page.evaluate(
-      () => document.querySelector('.markdown-body').textContent
-    );
-
-    expect(readmeText).toMatch('test');
-  });
-
-  test('should contains last sync information', async () => {
-    const versionList = await page.$$('.sidebar-info .detail-info');
-    expect(versionList).toHaveLength(1);
-  });
-
-  test('should display dependencies tab', async () => {
-    const dependenciesTab = await page.$$('#dependencies-tab');
-    expect(dependenciesTab).toHaveLength(1);
-    await dependenciesTab[0].click({ delay: 200 });
-    await page.waitForTimeout(1000);
-    const tags = await page.$$('.dep-tag');
-    const tag = tags[0];
-    const label = await page.evaluate((el) => el.innerText, tag);
-    expect(label).toMatch('verdaccio@');
-  });
-
-  test('should display version tab', async () => {
-    const versionsTab = await page.$$('#versions-tab');
-    expect(versionsTab).toHaveLength(1);
-    await versionsTab[0].click({ delay: 200 });
-    await page.waitForTimeout(1000);
-    const versionItems = await page.$$('.version-item');
-    expect(versionItems).toHaveLength(2);
-  });
-
-  test('should display uplinks tab', async () => {
-    const upLinksTab = await page.$$('#uplinks-tab');
-    expect(upLinksTab).toHaveLength(1);
-    await upLinksTab[0].click({ delay: 200 });
-    await page.waitForTimeout(1000);
-  });
-
-  test('should display readme tab', async () => {
-    const readmeTab = await page.$$('#readme-tab');
-    expect(readmeTab).toHaveLength(1);
-    await readmeTab[0].click({ delay: 200 });
-    await page.waitForTimeout(1000);
-  });
-
-  test('should publish a second package', async () => {
-    await page.goto(`http://0.0.0.0:${registry1.getPort()}`);
-    await page.waitForTimeout(500);
-    const server = new ServerQuery(registry1.getRegistryUrl());
-    await server.putPackage(protectedPackageMetadata.name, protectedPackageMetadata, {
-      [HEADERS.AUTHORIZATION]: `Bearer ${registry1.getToken()}`,
-    });
-    await page.waitForTimeout(500);
-    await page.reload();
-    await page.waitForTimeout(500);
-    const packagesList = await getPackages(page);
-    expect(packagesList).toHaveLength(2);
-  });
-});

e2e/ui/sigin.spec.js

@@ -1,80 +0,0 @@
-const { join } = require('path');
-const { fileUtils } = require('@verdaccio/core');
-const { parseConfigFile } = require('@verdaccio/config');
-const { Registry, ServerQuery } = require('verdaccio');
-const { clickElement, logIn } = require('./helper');
-
-describe('sign in user', () => {
-  let registry1;
-  let page;
-  beforeAll(async () => {
-    const configProtected = parseConfigFile(join(__dirname, './config/config.yaml'));
-    const registry1storage = await fileUtils.createTempStorageFolder('storage-1');
-    const protectedRegistry = await Registry.fromConfigToPath({
-      ...configProtected,
-      storage: registry1storage,
-    });
-    registry1 = new Registry(protectedRegistry.configPath);
-    await registry1.init();
-
-    const query1 = new ServerQuery(registry1.getRegistryUrl());
-    await query1.createUser('test', 'test');
-
-    page = await global.__BROWSER__.newPage();
-    await page.goto(`http://0.0.0.0:${registry1.getPort()}`);
-    // eslint-disable-next-line no-console
-    page.on('console', (msg) => console.log('PAGE LOG:', msg.text()));
-  });
-
-  afterAll(async () => {
-    await page.close();
-    registry1.stop();
-  });
-
-  // this might be increased based on the delays included in all test
-  jest.setTimeout(20000);
-
-  const evaluateSignIn = async function (matchText = 'Login') {
-    const text = await page.evaluate(() => {
-      return document.querySelector('button[data-testid="header--button-login"]').textContent;
-    });
-
-    expect(text).toMatch(matchText);
-  };
-
-  test('should match button Login to sign in', async () => {
-    await evaluateSignIn();
-  });
-
-  test('should click on sign in button', async () => {
-    const signInButton = await page.$('button[data-testid="header--button-login"]');
-    await signInButton.click();
-    await page.waitForTimeout(1000);
-    const signInDialog = await page.$('#login--dialog');
-    expect(signInDialog).not.toBeNull();
-    const closeButton = await page.$('button[data-testid="close-login-dialog-button"]');
-    await closeButton.click();
-    await page.waitForTimeout(500);
-  });
-
-  test('should log in an user', async () => {
-    // we open the dialog
-    await logIn(page);
-    // verify if logged in
-    const accountButton = await page.$('#header--button-account');
-    expect(accountButton).toBeDefined();
-    // check whether user is logged
-    const buttonLogout = await page.$('#logOutDialogIcon');
-    expect(buttonLogout).toBeDefined();
-  });
-
-  test('should logout an user', async () => {
-    await page.waitForTimeout(10000);
-    // we assume the user is logged already
-    await clickElement(page, '#header--button-account', { delay: 500 });
-    await page.waitForTimeout(1000);
-    await clickElement(page, '#logOutDialogIcon > span', { delay: 500 });
-    await page.waitForTimeout(1000);
-    await evaluateSignIn();
-  });
-});

e2e/ui/tsconfig.json

@@ -0,0 +1,18 @@
+{
+  "extends": "../../tsconfig.reference.json",
+  "include": ["./cypress/**/*.ts", "./*.ts"],
+  "references": [
+    {
+      "path": "../../packages/core/core"
+    },
+    {
+      "path": "../../packages/verdaccio"
+    },
+    {
+      "path": "../../packages/config"
+    },
+    {
+      "path": "../../packages/tools/helpers"
+    }
+  ]
+}

jest/config.js

@@ -10,7 +10,7 @@ module.exports = {
   coveragePathIgnorePatterns: ['node_modules', 'fixtures'],
   coverageThreshold: {
     global: {
-      lines: 90,
+      lines: 85,
     },
   },
 };

package.json

@@ -15,92 +15,93 @@
     "url": "https://opencollective.com/verdaccio"
   },
   "devDependencies": {
-    "@babel/cli": "7.18.10",
-    "@babel/core": "7.19.1",
-    "@babel/node": "7.19.1",
+    "@babel/cli": "7.19.3",
+    "@babel/core": "7.20.2",
+    "@babel/node": "7.20.2",
     "@babel/plugin-proposal-class-properties": "7.18.6",
-    "@babel/plugin-proposal-decorators": "7.19.1",
+    "@babel/plugin-proposal-decorators": "7.20.2",
     "@babel/plugin-proposal-export-namespace-from": "7.18.9",
     "@babel/plugin-proposal-function-sent": "7.18.6",
     "@babel/plugin-proposal-json-strings": "7.18.6",
     "@babel/plugin-proposal-nullish-coalescing-operator": "7.18.6",
     "@babel/plugin-proposal-numeric-separator": "7.18.6",
-    "@babel/plugin-proposal-object-rest-spread": "7.18.9",
+    "@babel/plugin-proposal-object-rest-spread": "7.20.2",
     "@babel/plugin-proposal-optional-chaining": "7.18.9",
     "@babel/plugin-proposal-throw-expressions": "7.18.6",
     "@babel/plugin-syntax-dynamic-import": "7.8.3",
     "@babel/plugin-syntax-import-meta": "7.10.4",
     "@babel/plugin-transform-async-to-generator": "7.18.6",
-    "@babel/plugin-transform-classes": "7.19.0",
-    "@babel/plugin-transform-runtime": "7.19.1",
-    "@babel/preset-env": "7.19.1",
+    "@babel/plugin-transform-classes": "7.20.2",
+    "@babel/plugin-transform-runtime": "7.19.6",
+    "@babel/preset-env": "7.20.2",
     "@babel/preset-react": "7.18.6",
     "@babel/preset-typescript": "7.18.6",
     "@babel/register": "7.18.9",
-    "@babel/runtime": "7.19.0",
+    "@babel/runtime": "7.20.1",
     "@dianmora/contributors": "5.0.0",
-    "@changesets/changelog-github": "0.4.6",
+    "@changesets/changelog-github": "0.4.7",
     "@changesets/cli": "2.24.4",
-    "@changesets/get-dependents-graph": "1.3.3",
-    "@crowdin/cli": "3.8.1",
-    "@trivago/prettier-plugin-sort-imports": "3.3.0",
+    "@changesets/get-dependents-graph": "1.3.4",
+    "@crowdin/cli": "3.9.1",
+    "@trivago/prettier-plugin-sort-imports": "3.4.0",
     "@types/async": "3.2.15",
-    "@types/autocannon": "4.1.1",
     "@types/express": "4.17.14",
     "@types/http-errors": "1.8.2",
     "@types/jest": "27.5.2",
-    "@types/lodash": "4.14.185",
+    "@types/lodash": "4.14.189",
     "@types/mime": "2.0.3",
     "@types/minimatch": "3.0.5",
-    "@types/node": "16.11.60",
+    "@types/node": "16.18.3",
     "@types/jsonwebtoken": "8.5.9",
     "@types/request": "2.48.8",
-    "@types/semver": "7.3.12",
+    "@types/semver": "7.3.13",
     "@types/node-fetch": "2.6.2",
     "@types/supertest": "2.0.12",
     "@types/testing-library__jest-dom": "5.14.5",
-    "@types/validator": "13.7.6",
+    "@types/validator": "13.7.10",
     "@types/webpack": "5.28.0",
     "@types/webpack-env": "1.18.0",
-    "@typescript-eslint/eslint-plugin": "5.37.0",
-    "@typescript-eslint/parser": "5.37.0",
-    "@verdaccio/benchmark": "workspace:*",
+    "@types/react": "18.0.25",
+    "@types/react-dom": "18.0.9",
+    "@types/react-router-dom": "5.3.3",
+    "@types/react-virtualized": "9.21.21",
+    "@typescript-eslint/eslint-plugin": "5.41.0",
+    "@typescript-eslint/parser": "5.41.0",
+    "@verdaccio/crowdin-translations": "workspace:*",
     "@verdaccio/eslint-config": "workspace:*",
     "@verdaccio/types": "workspace:*",
     "@verdaccio/ui-theme": "workspace:*",
-    "autocannon": "7.10.0",
     "babel-core": "7.0.0-bridge.0",
     "babel-eslint": "10.1.0",
-    "babel-jest": "29.0.3",
+    "babel-jest": "29.3.1",
     "babel-plugin-dynamic-import-node": "2.3.3",
     "babel-plugin-emotion": "10.2.2",
     "concurrently": "6.5.1",
-    "core-js": "3.25.2",
+    "core-js": "3.26.1",
     "cross-env": "7.0.3",
     "debug": "4.3.4",
     "detect-secrets": "1.0.6",
-    "jest-diff": "29.0.3",
-    "eslint": "8.23.1",
+    "jest-diff": "29.3.1",
+    "eslint": "8.26.0",
     "fs-extra": "10.1.0",
     "husky": "7.0.4",
     "in-publish": "2.0.1",
-    "jest": "29.0.3",
-    "jest-environment-jsdom": "29.0.3",
+    "jest": "29.3.1",
+    "jest-environment-jsdom": "29.3.1",
     "jest-environment-jsdom-global": "3.1.2",
-    "jest-environment-node": "29.0.3",
+    "jest-environment-node": "29.3.1",
     "jest-junit": "12.3.0",
     "kleur": "3.0.3",
     "lint-staged": "11.2.6",
     "nock": "13.2.9",
-    "node-fetch": "cjs",
     "nodemon": "2.0.20",
     "npm-run-all": "4.1.5",
     "prettier": "2.7.1",
     "rimraf": "3.0.2",
     "selfsigned": "1.10.14",
-    "supertest": "6.2.4",
+    "supertest": "6.3.1",
     "ts-node": "10.9.1",
-    "typescript": "4.8.3",
+    "typescript": "4.9.3",
     "update-ts-references": "2.4.1",
     "verdaccio-audit": "workspace:*",
     "verdaccio-auth-memory": "workspace:*",
@@ -110,7 +111,7 @@
   "scripts": {
     "prepare": "husky install",
     "husky:pre-commit": "lint-staged",
-    "clean": "pnpm run clean",
+    "clean": "pnpm run clean --filter=./packages",
     "build": "pnpm run build --filter=./packages && pnpm run build --filter=./e2e",
     "docker": "docker build -t verdaccio/verdaccio:local . --no-cache",
     "format": "prettier --write \"**/*.{js,jsx,ts,tsx,json,yml,yaml,md}\"",
@@ -120,9 +121,6 @@
     "test:e2e:cli": "pnpm test --filter ...@verdaccio/e2e-cli-* -- --coverage=false",
     "test:e2e:ui": "pnpm test --filter ...@verdaccio/e2e-ui",
     "start": "concurrently --kill-others \"pnpm _start:server\" \"pnpm _start:web\"",
-    "benchmark:hyper": "verdaccio-benchmark hyper -r ./hyper-results.json",
-    "benchmark:api": "verdaccio-benchmark api",
-    "benchmark:submit": "pnpm ts-node ./scripts/submit-metrics.ts",
     "contributors": "ts-node ./scripts/contributors-update.ts",
     "start:watch": "concurrently --kill-others \"pnpm _build:watch\" \"pnpm _start:server\" \"pnpm _debug:reload\"",
     "_build:watch": "pnpm run --parallel watch --filter ./packages",
@@ -141,6 +139,7 @@
     "ci:publish": "changeset publish",
     "ts:ref": "update-ts-references --discardComments",
     "website": "pnpm build --filter ...@verdaccio/website",
+    "translations": "local-crowdin-api translations",
     "crowdin:upload": "crowdin upload sources --auto-update --config ./crowdin.yaml",
     "crowdin:download": "crowdin download --verbose --config ./crowdin.yaml",
     "crowdin:sync": "pnpm crowdin:upload && pnpm crowdin:download --verbose",
@@ -149,6 +148,12 @@
     "local:publish": "cross-env npm_config_registry=http://localhost:4873 pnpm ci:publish",
     "local:publish:release": "concurrently \"pnpm local:registry\" \"pnpm local:publish\""
   },
+  "pnpm": {
+    "overrides": {
+      "got": "11.8.5",
+      "p-cancelable": "2.1.1"
+    }
+  },
   "engines": {
     "node": ">=16.5",
     "pnpm": ">=6.32.3 <7.0.0"

packages/api/CHANGELOG.md

@@ -1,5 +1,73 @@
 # @verdaccio/api
 
+## 6.0.0-6-next.35
+
+### Patch Changes
+
+- @verdaccio/core@6.0.0-6-next.52
+- @verdaccio/config@6.0.0-6-next.52
+- @verdaccio/auth@6.0.0-6-next.31
+- @verdaccio/logger@6.0.0-6-next.20
+- @verdaccio/middleware@6.0.0-6-next.31
+- @verdaccio/store@6.0.0-6-next.32
+- @verdaccio/utils@6.0.0-6-next.20
+
+## 6.0.0-6-next.34
+
+### Minor Changes
+
+- 4b29d715: chore: move improvements from v5 to v6
+
+  Migrate improvements form v5 to v6:
+
+  - https://github.com/verdaccio/verdaccio/pull/3158
+  - https://github.com/verdaccio/verdaccio/pull/3151
+  - https://github.com/verdaccio/verdaccio/pull/2271
+  - https://github.com/verdaccio/verdaccio/pull/2787
+  - https://github.com/verdaccio/verdaccio/pull/2791
+  - https://github.com/verdaccio/verdaccio/pull/2205
+
+### Patch Changes
+
+- Updated dependencies [4b29d715]
+  - @verdaccio/auth@6.0.0-6-next.30
+  - @verdaccio/config@6.0.0-6-next.51
+  - @verdaccio/core@6.0.0-6-next.51
+  - @verdaccio/middleware@6.0.0-6-next.30
+  - @verdaccio/store@6.0.0-6-next.31
+  - @verdaccio/logger@6.0.0-6-next.19
+  - @verdaccio/utils@6.0.0-6-next.19
+
+## 6.0.0-6-next.33
+
+### Patch Changes
+
+- b4cc8001: fix: improve abort request search
+  - @verdaccio/core@6.0.0-6-next.50
+  - @verdaccio/config@6.0.0-6-next.50
+  - @verdaccio/auth@6.0.0-6-next.29
+  - @verdaccio/logger@6.0.0-6-next.18
+  - @verdaccio/middleware@6.0.0-6-next.29
+  - @verdaccio/store@6.0.0-6-next.30
+  - @verdaccio/utils@6.0.0-6-next.18
+
+## 6.0.0-6-next.32
+
+### Minor Changes
+
+- ce013d2f: refactor: npm star command support reimplemented
+
+### Patch Changes
+
+- Updated dependencies [ce013d2f]
+  - @verdaccio/store@6.0.0-6-next.29
+  - @verdaccio/core@6.0.0-6-next.49
+  - @verdaccio/config@6.0.0-6-next.49
+  - @verdaccio/auth@6.0.0-6-next.28
+  - @verdaccio/logger@6.0.0-6-next.17
+  - @verdaccio/middleware@6.0.0-6-next.28
+  - @verdaccio/utils@6.0.0-6-next.17
+
 ## 6.0.0-6-next.31
 
 ### Major Changes

packages/api/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@verdaccio/api",
-  "version": "6.0.0-6-next.31",
+  "version": "6.0.0-6-next.35",
   "description": "loaders logic",
   "main": "./build/index.js",
   "types": "build/index.d.ts",
@@ -39,28 +39,28 @@
   },
   "license": "MIT",
   "dependencies": {
-    "@verdaccio/auth": "workspace:6.0.0-6-next.27",
-    "@verdaccio/config": "workspace:6.0.0-6-next.48",
-    "@verdaccio/core": "workspace:6.0.0-6-next.48",
-    "@verdaccio/logger": "workspace:6.0.0-6-next.16",
-    "@verdaccio/middleware": "workspace:6.0.0-6-next.27",
-    "@verdaccio/store": "workspace:6.0.0-6-next.28",
-    "@verdaccio/utils": "workspace:6.0.0-6-next.16",
-    "abortcontroller-polyfill": "1.7.3",
+    "@verdaccio/auth": "workspace:6.0.0-6-next.31",
+    "@verdaccio/config": "workspace:6.0.0-6-next.52",
+    "@verdaccio/core": "workspace:6.0.0-6-next.52",
+    "@verdaccio/logger": "workspace:6.0.0-6-next.20",
+    "@verdaccio/middleware": "workspace:6.0.0-6-next.31",
+    "@verdaccio/store": "workspace:6.0.0-6-next.32",
+    "@verdaccio/utils": "workspace:6.0.0-6-next.20",
+    "abortcontroller-polyfill": "1.7.5",
     "cookies": "0.8.0",
     "debug": "4.3.4",
-    "body-parser": "1.20.0",
-    "express": "4.18.1",
+    "body-parser": "1.20.1",
+    "express": "4.18.2",
     "lodash": "4.17.21",
     "mime": "2.6.0",
-    "semver": "7.3.7"
+    "semver": "7.3.8"
   },
   "devDependencies": {
-    "@types/node": "16.11.60",
-    "@verdaccio/server": "workspace:6.0.0-6-next.37",
+    "@types/node": "16.18.3",
+    "@verdaccio/server": "workspace:6.0.0-6-next.41",
     "@verdaccio/types": "workspace:11.0.0-6-next.17",
-    "@verdaccio/test-helper": "workspace:2.0.0-6-next.5",
-    "supertest": "6.2.4",
+    "@verdaccio/test-helper": "workspace:2.0.0-6-next.6",
+    "supertest": "6.3.1",
     "nock": "13.2.9",
     "mockdate": "3.0.5"
   },

packages/api/src/dist-tags.ts

@@ -2,14 +2,14 @@ import { Router } from 'express';
 import _ from 'lodash';
 import mime from 'mime';
 
-import { IAuth } from '@verdaccio/auth';
+import { Auth } from '@verdaccio/auth';
 import { constants, errorUtils } from '@verdaccio/core';
 import { allow, media } from '@verdaccio/middleware';
 import { Storage } from '@verdaccio/store';
 
 import { $NextFunctionVer, $RequestExtend, $ResponseExtend } from '../types/custom';
 
-export default function (route: Router, auth: IAuth, storage: Storage): void {
+export default function (route: Router, auth: Auth, storage: Storage): void {
   const can = allow(auth);
   const addTagPackageVersionMiddleware = async function (
     req: $RequestExtend,
@@ -98,24 +98,4 @@ export default function (route: Router, auth: IAuth, storage: Storage): void {
       }
     }
   );
-
-  route.post(
-    '/-/package/:package/dist-tags',
-    can('publish'),
-    async function (
-      req: $RequestExtend,
-      res: $ResponseExtend,
-      next: $NextFunctionVer
-    ): Promise<void> {
-      try {
-        await storage.mergeTagsNext(req.params.package, req.body);
-        res.status(constants.HTTP_STATUS.CREATED);
-        return next({
-          ok: constants.API_MESSAGE.TAG_UPDATED,
-        });
-      } catch (err) {
-        next(err);
-      }
-    }
-  );
 }

packages/api/src/index.ts

@@ -1,7 +1,7 @@
 import bodyParser from 'body-parser';
 import express, { Router } from 'express';
 
-import { IAuth } from '@verdaccio/auth';
+import { Auth } from '@verdaccio/auth';
 import {
   antiLoop,
   encodeScopePackage,
@@ -24,7 +24,7 @@ import v1Search from './v1/search';
 import token from './v1/token';
 import whoami from './whoami';
 
-export default function (config: Config, auth: IAuth, storage: Storage): Router {
+export default function (config: Config, auth: Auth, storage: Storage): Router {
   /* eslint new-cap:off */
   const app = express.Router();
   /* eslint new-cap:off */

packages/api/src/package.ts

@@ -1,7 +1,7 @@
 import buildDebug from 'debug';
 import { Router } from 'express';
 
-import { IAuth } from '@verdaccio/auth';
+import { Auth } from '@verdaccio/auth';
 import { HEADERS, HEADER_TYPE, stringUtils } from '@verdaccio/core';
 import { allow } from '@verdaccio/middleware';
 import { Storage } from '@verdaccio/store';
@@ -10,7 +10,7 @@ import { $NextFunctionVer, $RequestExtend, $ResponseExtend } from '../types/cust
 
 const debug = buildDebug('verdaccio:api:package');
 
-export default function (route: Router, auth: IAuth, storage: Storage): void {
+export default function (route: Router, auth: Auth, storage: Storage): void {
   const can = allow(auth);
 
   route.get(

packages/api/src/publish.ts

@@ -2,7 +2,7 @@ import buildDebug from 'debug';
 import { Router } from 'express';
 import mime from 'mime';
 
-import { IAuth } from '@verdaccio/auth';
+import { Auth } from '@verdaccio/auth';
 import { API_MESSAGE, HTTP_STATUS } from '@verdaccio/core';
 import { logger } from '@verdaccio/logger';
 import { allow, expectJson, media } from '@verdaccio/middleware';
@@ -11,7 +11,6 @@ import { Storage } from '@verdaccio/store';
 import { $NextFunctionVer, $RequestExtend, $ResponseExtend } from '../types/custom';
 
 // import star from './star';
-// import { isPublishablePackage, isRelatedToDeprecation } from './utils';
 
 const debug = buildDebug('verdaccio:api:publish');
 
@@ -93,7 +92,7 @@ const debug = buildDebug('verdaccio:api:publish');
 	}
    *
    */
-export default function publish(router: Router, auth: IAuth, storage: Storage): void {
+export default function publish(router: Router, auth: Auth, storage: Storage): void {
   const can = allow(auth);
   router.put(
     '/:package',
@@ -177,17 +176,17 @@ export default function publish(router: Router, auth: IAuth, storage: Storage):
 export function publishPackage(storage: Storage): any {
   return async function (
     req: $RequestExtend,
-    _res: $ResponseExtend,
+    res: $ResponseExtend,
     next: $NextFunctionVer
   ): Promise<void> {
     const ac = new AbortController();
     const packageName = req.params.package;
     const { revision } = req.params;
     const metadata = req.body;
+    const username = req?.remote_user?.name;
 
     try {
-      debug('publishing %s', packageName);
-      await storage.updateManifest(metadata, {
+      const message = await storage.updateManifest(metadata, {
         name: packageName,
         revision,
         signal: ac.signal,
@@ -196,16 +195,15 @@ export function publishPackage(storage: Storage): any {
           protocol: req.protocol,
           // @ts-ignore
           headers: req.headers,
+          username,
         },
       });
-      _res.status(HTTP_STATUS.CREATED);
+
+      res.status(HTTP_STATUS.CREATED);
 
       return next({
-        // TODO: this could be also Package Updated based on the
-        // action, deprecate, star, publish new version, or create a package
-        // the message some return from the method
-        ok: API_MESSAGE.PKG_CREATED,
         success: true,
+        ok: message,
       });
     } catch (err: any) {
       // TODO: review if we need the abort controller here

packages/api/src/star.ts

@@ -1,88 +0,0 @@
-/* eslint-disable @typescript-eslint/no-unused-vars */
-import buildDebug from 'debug';
-import { Response } from 'express';
-import _ from 'lodash';
-
-import { HTTP_STATUS, USERS } from '@verdaccio/core';
-import { Storage } from '@verdaccio/store';
-
-import { $NextFunctionVer, $RequestExtend } from '../types/custom';
-
-const debug = buildDebug('verdaccio:api:publish:star');
-
-export default function (
-  storage: Storage
-): (req: $RequestExtend, res: Response, next: $NextFunctionVer) => void {
-  const validateInputs = (newUsers, localUsers, username, isStar): boolean => {
-    const isExistlocalUsers = _.isNil(localUsers[username]) === false;
-    if (isStar && isExistlocalUsers && localUsers[username]) {
-      return true;
-    } else if (!isStar && isExistlocalUsers) {
-      return false;
-    } else if (!isStar && !isExistlocalUsers) {
-      return true;
-    }
-    return false;
-  };
-
-  return (req: $RequestExtend, res: Response, next: $NextFunctionVer): void => {
-    const name = req.params.package;
-    debug('starring a package for %o', name);
-    // const afterChangePackage = function (err?: Error) {
-    //   if (err) {
-    //     debug('error on update package for %o', name);
-    //     return next(err);
-    //   }
-
-    //   debug('succes update package for %o', name);
-    //   res.status(HTTP_STATUS.OK);
-    //   next({
-    //     success: true,
-    //   });
-    // };
-
-    debug('get package info package for %o', name);
-    // @ts-ignore
-    // storage.getPackage({
-    //   name,
-    //   req,
-    //   callback: function (err, info) {
-    //     if (err) {
-    //       debug('error on get package info package for %o', name);
-    //       return next(err);
-    //     }
-    //     const newStarUser = req.body[USERS];
-    //     const remoteUsername = req.remote_user.name;
-    //     const localStarUsers = info[USERS];
-    //     // Check is star or unstar
-    //     const isStar = Object.keys(newStarUser).includes(remoteUsername);
-    //     debug('is start? %o', isStar);
-    //     if (
-    //       _.isNil(localStarUsers) === false &&
-    //       validateInputs(newStarUser, localStarUsers, remoteUsername, isStar)
-    //     ) {
-    //       return afterChangePackage();
-    //     }
-    //     const users = isStar
-    //       ? {
-    //           ...localStarUsers,
-    //           [remoteUsername]: true,
-    //         }
-    //       : _.reduce(
-    //           localStarUsers,
-    //           (users, value, key) => {
-    //             if (key !== remoteUsername) {
-    //               users[key] = value;
-    //             }
-    //             return users;
-    //           },
-    //           {}
-    //         );
-    //     debug('update package for  %o', name);
-    //     storage.changePackage(name, { ...info, users }, req.body._rev, function (err) {
-    //       afterChangePackage(err);
-    //     });
-    //   },
-    // });
-  };
-}

packages/api/src/stars.ts

@@ -1,7 +1,7 @@
 import { Response, Router } from 'express';
 import _ from 'lodash';
 
-import { HTTP_STATUS, USERS } from '@verdaccio/core';
+import { HTTP_STATUS, USERS, errorUtils } from '@verdaccio/core';
 import { Storage } from '@verdaccio/store';
 import { Version } from '@verdaccio/types';
 
@@ -11,13 +11,15 @@ export default function (route: Router, storage: Storage): void {
   route.get(
     '/-/_view/starredByUser',
     async (req: $RequestExtend, res: Response, next: $NextFunctionVer): Promise<void> => {
-      const remoteUsername = req.remote_user.name;
+      const query: { key: string } = req.query;
+      if (typeof query?.key !== 'string') {
+        return next(errorUtils.getBadRequest('missing query key username'));
+      }
 
       try {
-        const localPackages: Version[] = await storage.getLocalDatabaseNext();
-
+        const localPackages: Version[] = await storage.getLocalDatabase();
         const filteredPackages: Version[] = localPackages.filter((localPackage: Version) =>
-          _.keys(localPackage[USERS]).includes(remoteUsername)
+          _.keys(localPackage[USERS]).includes(query?.key.toString().replace(/['"]+/g, ''))
         );
 
         res.status(HTTP_STATUS.OK);

packages/api/src/user.ts

@@ -2,9 +2,16 @@ import buildDebug from 'debug';
 import { Response, Router } from 'express';
 
 import { getApiToken } from '@verdaccio/auth';
-import { IAuth } from '@verdaccio/auth';
+import { Auth } from '@verdaccio/auth';
 import { createRemoteUser } from '@verdaccio/config';
-import { API_ERROR, API_MESSAGE, HTTP_STATUS, errorUtils, validatioUtils } from '@verdaccio/core';
+import {
+  API_ERROR,
+  API_MESSAGE,
+  HEADERS,
+  HTTP_STATUS,
+  errorUtils,
+  validatioUtils,
+} from '@verdaccio/core';
 import { logger } from '@verdaccio/logger';
 import { Config, RemoteUser } from '@verdaccio/types';
 import { getAuthenticatedMessage, mask } from '@verdaccio/utils';
@@ -13,7 +20,7 @@ import { $NextFunctionVer, $RequestExtend } from '../types/custom';
 
 const debug = buildDebug('verdaccio:api:user');
 
-export default function (route: Router, auth: IAuth, config: Config): void {
+export default function (route: Router, auth: Auth, config: Config): void {
   route.get(
     '/-/user/:org_couchdb_user',
     function (req: $RequestExtend, res: Response, next: $NextFunctionVer): void {
@@ -41,7 +48,7 @@ export default function (route: Router, auth: IAuth, config: Config): void {
  * 
  * @export
  * @param {Router} route
- * @param {IAuth} auth
+ * @param {Auth} auth
  * @param {Config} config
  */
   route.put(
@@ -67,7 +74,7 @@ export default function (route: Router, auth: IAuth, config: Config): void {
               );
             }
 
-            const restoredRemoteUser: RemoteUser = createRemoteUser(name, user.groups || []);
+            const restoredRemoteUser: RemoteUser = createRemoteUser(name, user?.groups || []);
             const token = await getApiToken(auth, config, restoredRemoteUser, password);
             debug('login: new token');
             if (!token) {
@@ -75,6 +82,7 @@ export default function (route: Router, auth: IAuth, config: Config): void {
             }
 
             res.status(HTTP_STATUS.CREATED);
+            res.set(HEADERS.CACHE_CONTROL, 'no-cache, no-store');
 
             const message = getAuthenticatedMessage(req.remote_user.name);
             debug('login: created user message %o', message);
@@ -112,7 +120,9 @@ export default function (route: Router, auth: IAuth, config: Config): void {
           }
 
           const token =
-            name && password ? await getApiToken(auth, config, user, password) : undefined;
+            name && password
+              ? await getApiToken(auth, config, user as RemoteUser, password)
+              : undefined;
           if (token) {
             debug('adduser: new token %o', mask(token as string, 4));
           }
@@ -122,6 +132,7 @@ export default function (route: Router, auth: IAuth, config: Config): void {
 
           req.remote_user = user;
           res.status(HTTP_STATUS.CREATED);
+          res.set(HEADERS.CACHE_CONTROL, 'no-cache, no-store');
           debug('adduser: user has been created');
           return next({
             ok: `user '${req.body.name}' created`,

packages/api/src/v1/profile.ts

@@ -1,7 +1,7 @@
 import { Response, Router } from 'express';
 import _ from 'lodash';
 
-import { IAuth } from '@verdaccio/auth';
+import { Auth } from '@verdaccio/auth';
 import {
   API_ERROR,
   APP_ERROR,
@@ -25,7 +25,7 @@ export interface Profile {
   fullname: string;
 }
 
-export default function (route: Router, auth: IAuth, config: Config): void {
+export default function (route: Router, auth: Auth, config: Config): void {
   function buildProfile(name: string): Profile {
     return {
       tfa: false,

packages/api/src/v1/search.ts

@@ -1,7 +1,7 @@
 import buildDebug from 'debug';
 import _ from 'lodash';
 
-import { IAuth } from '@verdaccio/auth';
+import { Auth } from '@verdaccio/auth';
 import { HTTP_STATUS, searchUtils } from '@verdaccio/core';
 import { logger } from '@verdaccio/logger';
 import { Storage } from '@verdaccio/store';
@@ -15,7 +15,7 @@ const debug = buildDebug('verdaccio:api:search');
  *  - {"objects":[],"total":0,"time":"Sun Jul 25 2021 14:09:11 GMT+0000 (Coordinated Universal Time)"}
  * req: 'GET /-/v1/search?text=react&size=20&frpom=0&quality=0.65&popularity=0.98&maintenance=0.5'
  */
-export default function (route, auth: IAuth, storage: Storage): void {
+export default function (route, auth: Auth, storage: Storage): void {
   function checkAccess(pkg: any, auth: any, remoteUser): Promise<Manifest | null> {
     return new Promise((resolve, reject) => {
       auth.allow_access({ packageName: pkg?.package?.name }, remoteUser, function (err, allowed) {
@@ -41,7 +41,8 @@ export default function (route, auth: IAuth, storage: Storage): void {
     let data;
     const abort = new AbortController();
 
-    req.on('aborted', () => {
+    req.socket.on('close', function () {
+      debug('search web aborted');
       abort.abort();
     });
 

packages/api/src/v1/token.ts

@@ -2,8 +2,8 @@ import { Response, Router } from 'express';
 import _ from 'lodash';
 
 import { getApiToken } from '@verdaccio/auth';
-import { IAuth } from '@verdaccio/auth';
-import { HTTP_STATUS, SUPPORT_ERRORS, errorUtils } from '@verdaccio/core';
+import { Auth } from '@verdaccio/auth';
+import { HEADERS, HTTP_STATUS, SUPPORT_ERRORS, errorUtils } from '@verdaccio/core';
 import { logger } from '@verdaccio/logger';
 import { Storage } from '@verdaccio/store';
 import { Config, RemoteUser, Token } from '@verdaccio/types';
@@ -23,7 +23,7 @@ function normalizeToken(token: Token): NormalizeToken {
 }
 
 // https://github.com/npm/npm-profile/blob/latest/lib/index.js
-export default function (route: Router, auth: IAuth, storage: Storage, config: Config): void {
+export default function (route: Router, auth: Auth, storage: Storage, config: Config): void {
   route.get(
     '/-/npm/v1/tokens',
     async function (req: $RequestExtend, res: Response, next: $NextFunctionVer) {
@@ -61,7 +61,7 @@ export default function (route: Router, auth: IAuth, storage: Storage, config: C
         return next(errorUtils.getCode(HTTP_STATUS.BAD_DATA, SUPPORT_ERRORS.PARAMETERS_NOT_VALID));
       }
 
-      auth.authenticate(name, password, async (err, user: RemoteUser) => {
+      auth.authenticate(name, password, async (err, user?: RemoteUser) => {
         if (err) {
           const errorCode = err.message ? HTTP_STATUS.UNAUTHORIZED : HTTP_STATUS.INTERNAL_ERROR;
           return next(errorUtils.getCode(errorCode, err.message));
@@ -76,7 +76,7 @@ export default function (route: Router, auth: IAuth, storage: Storage, config: C
         }
 
         try {
-          const token = await getApiToken(auth, config, user, password);
+          const token = await getApiToken(auth, config, user as RemoteUser, password);
           if (!token) {
             throw errorUtils.getInternalError();
           }
@@ -102,6 +102,7 @@ export default function (route: Router, auth: IAuth, storage: Storage, config: C
 
           await storage.saveToken(saveToken);
           logger.debug({ key, name }, 'token @{key} was created for user @{name}');
+          res.set(HEADERS.CACHE_CONTROL, 'no-cache, no-store');
           return next(
             normalizeToken({
               token,

packages/api/test/integration/_helper.ts

@@ -11,7 +11,7 @@ import {
   generatePackageMetadata,
   initializeServer as initializeServerHelper,
 } from '@verdaccio/test-helper';
-import { GenericBody } from '@verdaccio/types';
+import { GenericBody, PackageUsers } from '@verdaccio/types';
 import { buildToken, generateRandomHexString } from '@verdaccio/utils';
 
 import apiMiddleware from '../../src';
@@ -39,6 +39,7 @@ export function createUser(app, name: string, password: string): supertest.Test
       password: password,
     })
     .expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
+    .expect(HEADERS.CACHE_CONTROL, 'no-cache, no-store')
     .expect(HTTP_STATUS.CREATED);
 }
 
@@ -91,16 +92,54 @@ export function publishVersion(
   app,
   pkgName: string,
   version: string,
-  distTags?: GenericBody
+  distTags?: GenericBody,
+  token?: string
 ): supertest.Test {
   const pkgMetadata = generatePackageMetadata(pkgName, version, distTags);
 
-  return supertest(app)
+  const test = supertest(app)
     .put(`/${encodeURIComponent(pkgName)}`)
     .set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
     .send(JSON.stringify(pkgMetadata))
     .set('accept', HEADERS.GZIP)
     .set(HEADER_TYPE.ACCEPT_ENCODING, HEADERS.JSON);
+
+  if (typeof token === 'string') {
+    test.set(HEADERS.AUTHORIZATION, buildToken(TOKEN_BEARER, token));
+  }
+
+  return test;
+}
+
+export function starPackage(
+  app,
+  options: {
+    users: PackageUsers;
+    name: string;
+    _rev: string;
+    _id?: string;
+  },
+  token?: string
+): supertest.Test {
+  const { _rev, _id, users } = options;
+  const starManifest = {
+    _rev,
+    _id,
+    users,
+  };
+
+  const test = supertest(app)
+    .put(`/${encodeURIComponent(options.name)}`)
+    .set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
+    .send(JSON.stringify(starManifest))
+    .set('accept', HEADERS.GZIP)
+    .set(HEADER_TYPE.ACCEPT_ENCODING, HEADERS.JSON);
+
+  if (typeof token === 'string') {
+    test.set(HEADERS.AUTHORIZATION, buildToken(TOKEN_BEARER, token));
+  }
+
+  return test;
 }
 
 export function getDisTags(app, pkgName) {

packages/api/test/integration/config/star.yaml

@@ -0,0 +1,26 @@
+auth:
+  htpasswd:
+    file: ./htpasswd-star
+web:
+  enable: true
+  title: verdaccio
+
+uplinks:
+  npmjs:
+    url: https://registry.npmjs.org/
+
+log: { type: stdout, format: pretty, level: info }
+
+packages:
+  '@*/*':
+    access: $all
+    publish: $authenticated
+    unpublish: $authenticated
+    proxy: npmjs
+  '**':
+    access: $all
+    publish: $authenticated
+    unpublish: $authenticated
+    proxy: npmjs
+
+_debug: true

packages/api/test/integration/publish.spec.ts

@@ -6,38 +6,8 @@ import { HTTP_STATUS } from '@verdaccio/core';
 import { API_ERROR, API_MESSAGE, HEADERS, HEADER_TYPE } from '@verdaccio/core';
 import { generatePackageMetadata, generateRemotePackageMetadata } from '@verdaccio/test-helper';
 
-import { $RequestExtend, $ResponseExtend } from '../../types/custom';
 import { getPackage, initializeServer, publishVersion } from './_helper';
 
-const mockApiJWTmiddleware = jest.fn(
-  () =>
-    (req: $RequestExtend, res: $ResponseExtend, _next): void => {
-      req.remote_user = { name: 'foo', groups: [], real_groups: [] };
-      _next();
-    }
-);
-
-jest.mock('@verdaccio/auth', () => ({
-  Auth: class {
-    apiJWTmiddleware() {
-      return mockApiJWTmiddleware();
-    }
-    init() {
-      return Promise.resolve();
-    }
-    allow_access(_d, f_, cb) {
-      cb(null, true);
-    }
-    allow_publish(_d, f_, cb) {
-      cb(null, true);
-    }
-
-    allow_unpublish(_d, f_, cb) {
-      cb(null, true);
-    }
-  },
-}));
-
 describe('publish', () => {
   describe('handle errors', () => {
     const pkgName = 'test';
@@ -80,6 +50,22 @@ describe('publish', () => {
           });
       });
     });
+
+    test.each([['foo', '@scope/foo']])(
+      'should fails on publish a duplicated package',
+      async (pkgName) => {
+        const app = await initializeServer('publish.yaml');
+        await publishVersion(app, pkgName, '1.0.0');
+        return new Promise((resolve) => {
+          publishVersion(app, pkgName, '1.0.0')
+            .expect(HTTP_STATUS.CONFLICT)
+            .then((response) => {
+              expect(response.body.error).toEqual(API_ERROR.PACKAGE_EXIST);
+              resolve(response);
+            });
+        });
+      }
+    );
   });
 
   describe('publish a package', () => {
@@ -141,6 +127,7 @@ describe('publish', () => {
         });
       });
     });
+
     describe('proxies setup', () => {
       test.each([['foo', '@scope%2Ffoo']])(
         'should publish a a patch package that already exist on a remote',
@@ -160,34 +147,18 @@ describe('publish', () => {
             decodeURIComponent(pkgName),
             '1.0.1-patch'
           ).expect(HTTP_STATUS.CREATED);
-          expect(response.body.ok).toEqual(API_MESSAGE.PKG_CREATED);
+          expect(response.body.ok).toEqual(API_MESSAGE.PKG_CHANGED);
           const response2 = await publishVersion(
             app,
             decodeURIComponent(pkgName),
             '1.0.2-patch'
           ).expect(HTTP_STATUS.CREATED);
-          expect(response2.body.ok).toEqual(API_MESSAGE.PKG_CREATED);
+          expect(response2.body.ok).toEqual(API_MESSAGE.PKG_CHANGED);
         }
       );
     });
   });
 
-  test.each([['foo', '@scope/foo']])(
-    'should fails on publish a duplicated package',
-    async (pkgName) => {
-      const app = await initializeServer('publish.yaml');
-      await publishVersion(app, pkgName, '1.0.0');
-      return new Promise((resolve) => {
-        publishVersion(app, pkgName, '1.0.0')
-          .expect(HTTP_STATUS.CONFLICT)
-          .then((response) => {
-            expect(response.body.error).toEqual(API_ERROR.PACKAGE_EXIST);
-            resolve(response);
-          });
-      });
-    }
-  );
-
   describe('unpublish a package', () => {
     test.each([['foo', '@scope/foo']])('should unpublish entirely a package', async (pkgName) => {
       const app = await initializeServer('publish.yaml');
@@ -257,6 +228,4 @@ describe('publish', () => {
       }
     );
   });
-
-  describe('star a package', () => {});
 });

packages/api/test/integration/star.spec.ts

@@ -0,0 +1,73 @@
+import nock from 'nock';
+import supertest from 'supertest';
+
+import { HTTP_STATUS } from '@verdaccio/core';
+import { HEADERS, HEADER_TYPE } from '@verdaccio/core';
+
+import { getNewToken, getPackage, initializeServer, publishVersion, starPackage } from './_helper';
+
+describe('star', () => {
+  test.each([['foo', '@scope%2Ffoo']])(
+    'should list stared packages for an user',
+    async (pkgName) => {
+      const userLogged = 'jota_token';
+      nock('https://registry.npmjs.org').get(`/${pkgName}`).reply(404);
+      const app = await initializeServer('star.yaml');
+      const token = await getNewToken(app, { name: userLogged, password: 'secretPass' });
+      await publishVersion(app, pkgName, '1.0.0', undefined, token).expect(HTTP_STATUS.CREATED);
+      await publishVersion(app, 'pkg-1', '1.0.0', undefined, token).expect(HTTP_STATUS.CREATED);
+      await publishVersion(app, 'pkg-2', '1.0.0', undefined, token).expect(HTTP_STATUS.CREATED);
+      const manifest = await getPackage(app, '', decodeURIComponent(pkgName));
+      await starPackage(
+        app,
+        {
+          _rev: manifest.body._rev,
+          _id: manifest.body.id,
+          name: pkgName,
+          users: { [userLogged]: true },
+        },
+        token
+      ).expect(HTTP_STATUS.CREATED);
+      await starPackage(
+        app,
+        {
+          _rev: manifest.body._rev,
+          _id: manifest.body.id,
+          name: 'pkg-1',
+          users: { [userLogged]: true },
+        },
+        token
+      ).expect(HTTP_STATUS.CREATED);
+      await starPackage(
+        app,
+        {
+          _rev: manifest.body._rev,
+          _id: manifest.body.id,
+          name: 'pkg-2',
+          users: { [userLogged]: true },
+        },
+        token
+      ).expect(HTTP_STATUS.CREATED);
+      const resp = await supertest(app)
+        .get(`/-/_view/starredByUser?key=%22jota_token%22`)
+        .set('Accept', HEADERS.JSON)
+        .expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
+        .expect(HTTP_STATUS.OK);
+      expect(resp.body.rows).toHaveLength(3);
+      expect(resp.body.rows).toEqual([{ value: 'foo' }, { value: 'pkg-1' }, { value: 'pkg-2' }]);
+    }
+  );
+
+  test.each([['foo']])('should requires parameters', async (pkgName) => {
+    const userLogged = 'jota_token';
+    nock('https://registry.npmjs.org').get(`/${pkgName}`).reply(404);
+    const app = await initializeServer('star.yaml');
+    const token = await getNewToken(app, { name: userLogged, password: 'secretPass' });
+    await publishVersion(app, pkgName, '1.0.0', undefined, token).expect(HTTP_STATUS.CREATED);
+    return supertest(app)
+      .get(`/-/_view/starredByUser?key_xxxxx=other`)
+      .set('Accept', HEADERS.JSON)
+      .expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
+      .expect(HTTP_STATUS.BAD_REQUEST);
+  });
+});

packages/api/types/custom.d.ts

@@ -2,7 +2,7 @@ import { NextFunction, Request, Response } from 'express';
 
 import { Logger, RemoteUser } from '@verdaccio/types';
 
-export type $RequestExtend = Request & { remote_user?: any; log: Logger };
+export type $RequestExtend = Request & { remote_user?: any; log: Logger; query?: { key: string } };
 export type $ResponseExtend = Response & { cookies?: any };
 export type $NextFunctionVer = NextFunction & any;
 

packages/auth/CHANGELOG.md

@@ -1,5 +1,63 @@
 # @verdaccio/auth
 
+## 6.0.0-6-next.31
+
+### Patch Changes
+
+- @verdaccio/core@6.0.0-6-next.52
+- @verdaccio/config@6.0.0-6-next.52
+- @verdaccio/loaders@6.0.0-6-next.21
+- @verdaccio/logger@6.0.0-6-next.20
+- verdaccio-htpasswd@11.0.0-6-next.22
+- @verdaccio/utils@6.0.0-6-next.20
+
+## 6.0.0-6-next.30
+
+### Minor Changes
+
+- 4b29d715: chore: move improvements from v5 to v6
+
+  Migrate improvements form v5 to v6:
+
+  - https://github.com/verdaccio/verdaccio/pull/3158
+  - https://github.com/verdaccio/verdaccio/pull/3151
+  - https://github.com/verdaccio/verdaccio/pull/2271
+  - https://github.com/verdaccio/verdaccio/pull/2787
+  - https://github.com/verdaccio/verdaccio/pull/2791
+  - https://github.com/verdaccio/verdaccio/pull/2205
+
+### Patch Changes
+
+- Updated dependencies [4b29d715]
+  - @verdaccio/config@6.0.0-6-next.51
+  - @verdaccio/core@6.0.0-6-next.51
+  - @verdaccio/loaders@6.0.0-6-next.20
+  - verdaccio-htpasswd@11.0.0-6-next.21
+  - @verdaccio/logger@6.0.0-6-next.19
+  - @verdaccio/utils@6.0.0-6-next.19
+
+## 6.0.0-6-next.29
+
+### Patch Changes
+
+- @verdaccio/core@6.0.0-6-next.50
+- @verdaccio/config@6.0.0-6-next.50
+- @verdaccio/loaders@6.0.0-6-next.19
+- @verdaccio/logger@6.0.0-6-next.18
+- verdaccio-htpasswd@11.0.0-6-next.20
+- @verdaccio/utils@6.0.0-6-next.18
+
+## 6.0.0-6-next.28
+
+### Patch Changes
+
+- @verdaccio/core@6.0.0-6-next.49
+- @verdaccio/config@6.0.0-6-next.49
+- @verdaccio/loaders@6.0.0-6-next.18
+- @verdaccio/logger@6.0.0-6-next.17
+- verdaccio-htpasswd@11.0.0-6-next.19
+- @verdaccio/utils@6.0.0-6-next.17
+
 ## 6.0.0-6-next.27
 
 ### Major Changes

packages/auth/package.json

@@ -1,9 +1,9 @@
 {
   "name": "@verdaccio/auth",
-  "version": "6.0.0-6-next.27",
+  "version": "6.0.0-6-next.31",
   "description": "logger",
   "main": "./build/index.js",
-  "types": "build/index.d.ts",
+  "types": "./build/index.d.ts",
   "author": {
     "name": "Juan Picado",
     "email": "juanpicado19@gmail.com"
@@ -39,16 +39,16 @@
   },
   "license": "MIT",
   "dependencies": {
-    "@verdaccio/core": "workspace:6.0.0-6-next.48",
-    "@verdaccio/config": "workspace:6.0.0-6-next.48",
-    "@verdaccio/loaders": "workspace:6.0.0-6-next.17",
-    "@verdaccio/logger": "workspace:6.0.0-6-next.16",
-    "@verdaccio/utils": "workspace:6.0.0-6-next.16",
+    "@verdaccio/core": "workspace:6.0.0-6-next.52",
+    "@verdaccio/config": "workspace:6.0.0-6-next.52",
+    "@verdaccio/loaders": "workspace:6.0.0-6-next.21",
+    "@verdaccio/logger": "workspace:6.0.0-6-next.20",
+    "@verdaccio/utils": "workspace:6.0.0-6-next.20",
     "debug": "4.3.4",
-    "express": "4.18.1",
+    "express": "4.18.2",
     "jsonwebtoken": "8.5.1",
     "lodash": "4.17.21",
-    "verdaccio-htpasswd": "workspace:11.0.0-6-next.18"
+    "verdaccio-htpasswd": "workspace:11.0.0-6-next.22"
   },
   "devDependencies": {
     "@verdaccio/types": "workspace:11.0.0-6-next.17"

packages/auth/src/auth.ts

@@ -1,5 +1,5 @@
 import buildDebug from 'debug';
-import { NextFunction, Request, Response } from 'express';
+import { NextFunction, Request, RequestHandler, Response } from 'express';
 import _ from 'lodash';
 import { HTPasswd } from 'verdaccio-htpasswd';
 
@@ -11,18 +11,17 @@ import {
   TOKEN_BEARER,
   VerdaccioError,
   errorUtils,
+  pluginUtils,
 } from '@verdaccio/core';
 import { asyncLoadPlugin } from '@verdaccio/loaders';
+import { logger } from '@verdaccio/logger';
 import {
   AllowAccess,
-  AuthPluginPackage,
   Callback,
   Config,
-  IPluginAuth,
   JWTSignOptions,
   Logger,
   PackageAccess,
-  PluginOptions,
   RemoteUser,
   Security,
 } from '@verdaccio/types';
@@ -41,20 +40,8 @@ import {
   verifyJWTPayload,
 } from './utils';
 
-/* eslint-disable @typescript-eslint/no-var-requires */
-const LoggerApi = require('@verdaccio/logger');
-
 const debug = buildDebug('verdaccio:auth');
 
-export interface IBasicAuth<T> {
-  config: T & Config;
-  authenticate(user: string, password: string, cb: Callback): void;
-  invalidateToken?(token: string): Promise<void>;
-  changePassword(user: string, password: string, newPassword: string, cb: Callback): void;
-  allow_access(pkg: AuthPluginPackage, user: RemoteUser, callback: Callback): void;
-  add_user(user: string, password: string, cb: Callback): any;
-}
-
 export interface TokenEncryption {
   jwtEncrypt(user: RemoteUser, signOptions: JWTSignOptions): Promise<string>;
   aesEncrypt(buf: string): string | void;
@@ -64,36 +51,22 @@ export interface AESPayload {
   user: string;
   password: string;
 }
-
-export type $RequestExtend = Request & { remote_user?: any; log: Logger };
-export type $ResponseExtend = Response & { cookies?: any };
-export type $NextFunctionVer = NextFunction & any;
-
 export interface IAuthMiddleware {
   apiJWTmiddleware(): $NextFunctionVer;
   webUIJWTmiddleware(): $NextFunctionVer;
 }
 
-export interface IAuth extends IBasicAuth<Config>, IAuthMiddleware, TokenEncryption {
-  config: Config;
-  logger: Logger;
-  secret: string;
-  // eslint-disable-next-line @typescript-eslint/no-explicit-any
-  plugins: any[];
-  allow_unpublish(pkg: AuthPluginPackage, user: RemoteUser, callback: Callback): void;
-  invalidateToken(token: string): Promise<void>;
-  init(): Promise<void>;
-}
+export type $RequestExtend = Request & { remote_user?: any; log: Logger };
+export type $ResponseExtend = Response & { cookies?: any };
+export type $NextFunctionVer = NextFunction & any;
 
-class Auth implements IAuth {
+class Auth implements IAuthMiddleware, TokenEncryption, pluginUtils.IBasicAuth {
   public config: Config;
-  public logger: Logger;
   public secret: string;
-  public plugins: IPluginAuth<Config>[];
+  public plugins: pluginUtils.Auth<Config>[];
 
   public constructor(config: Config) {
     this.config = config;
-    this.logger = LoggerApi.logger.child({ sub: 'auth' });
     this.secret = config.secret;
     this.plugins = [];
     if (!this.secret) {
@@ -102,7 +75,7 @@ class Auth implements IAuth {
   }
 
   public async init() {
-    let plugins = await this.loadPlugin();
+    let plugins = (await this.loadPlugin()) as pluginUtils.Auth<unknown>[];
     debug('auth plugins found %s', plugins.length);
     if (!plugins || plugins.length === 0) {
       plugins = this.loadDefaultPlugin();
@@ -114,33 +87,40 @@ class Auth implements IAuth {
 
   private loadDefaultPlugin() {
     debug('load default auth plugin');
-    const pluginOptions: PluginOptions = {
+    const pluginOptions: pluginUtils.PluginOptions = {
       config: this.config,
-      logger: this.logger,
+      logger,
     };
     let authPlugin;
     try {
-      authPlugin = new HTPasswd({ file: './htpasswd' }, pluginOptions as any as PluginOptions);
+      authPlugin = new HTPasswd(
+        { file: './htpasswd' },
+        pluginOptions as any as pluginUtils.PluginOptions
+      );
     } catch (error: any) {
       debug('error on loading auth htpasswd plugin stack: %o', error);
+      logger.info({}, 'no auth plugin has been found');
       return [];
     }
 
     return [authPlugin];
   }
 
-  private async loadPlugin(): Promise<IPluginAuth<Config>[]> {
-    return asyncLoadPlugin<IPluginAuth<Config>>(
+  private async loadPlugin() {
+    return asyncLoadPlugin<pluginUtils.Auth<unknown>>(
       this.config.auth,
       {
         config: this.config,
-        logger: this.logger,
+        logger,
       },
-      (plugin: IPluginAuth<Config>): boolean => {
+      (plugin): boolean => {
         const { authenticate, allow_access, allow_publish } = plugin;
 
-        // @ts-ignore
-        return authenticate || allow_access || allow_publish;
+        return (
+          typeof authenticate !== 'undefined' ||
+          typeof allow_access !== 'undefined' ||
+          typeof allow_publish !== 'undefined'
+        );
       },
       this.config?.serverSettings?.pluginPrefix
     );
@@ -148,7 +128,7 @@ class Auth implements IAuth {
 
   private _applyDefaultPlugins(): void {
     // TODO: rename to applyFallbackPluginMethods
-    this.plugins.push(getDefaultPlugins(this.logger));
+    this.plugins.push(getDefaultPlugins(logger));
   }
 
   public changePassword(
@@ -171,7 +151,7 @@ class Auth implements IAuth {
         debug('updating password for %o', username);
         plugin.changePassword!(username, password, newPassword, (err, profile): void => {
           if (err) {
-            this.logger.error(
+            logger.error(
               { username, err },
               `An error has been produced
             updating the password for @{username}. Error: @{err.message}`
@@ -192,17 +172,21 @@ class Auth implements IAuth {
     return Promise.resolve();
   }
 
-  public authenticate(username: string, password: string, cb: Callback): void {
+  public authenticate(
+    username: string,
+    password: string,
+    cb: (error: VerdaccioError | null, user?: RemoteUser) => void
+  ): void {
     const plugins = this.plugins.slice(0);
     (function next(): void {
-      const plugin = plugins.shift() as IPluginAuth<Config>;
+      const plugin = plugins.shift() as pluginUtils.Auth<Config>;
 
       if (isFunction(plugin.authenticate) === false) {
         return next();
       }
 
       debug('authenticating %o', username);
-      plugin.authenticate(username, password, function (err, groups): void {
+      plugin.authenticate(username, password, function (err: VerdaccioError | null, groups): void {
         if (err) {
           debug('authenticating for user %o failed. Error: %o', username, err?.message);
           return cb(err);
@@ -233,37 +217,42 @@ class Auth implements IAuth {
     })();
   }
 
-  public add_user(user: string, password: string, cb: Callback): void {
+  public add_user(
+    user: string,
+    password: string,
+    cb: (error: VerdaccioError | null, user?: RemoteUser) => void
+  ): void {
     const self = this;
     const plugins = this.plugins.slice(0);
     debug('add user %o', user);
 
     (function next(): void {
-      const plugin = plugins.shift() as IPluginAuth<Config>;
-      let method = 'adduser';
-      if (isFunction(plugin[method]) === false) {
-        method = 'add_user';
-        self.logger.warn(
-          'the plugin method add_user in the auth plugin is deprecated and will' +
-            ' be removed in next major release, notify to the plugin author'
-        );
-      }
-
-      if (isFunction(plugin[method]) === false) {
+      const plugin = plugins.shift() as pluginUtils.Auth<Config>;
+      if (typeof plugin.adduser !== 'function') {
         next();
       } else {
-        // p.add_user() execution
-        plugin[method](user, password, function (err, ok): void {
-          if (err) {
-            debug('the user  %o could not being added. Error: %o', user, err?.message);
-            return cb(err);
+        // @ts-expect-error future major (7.x) should remove this section
+        if (typeof plugin.adduser === 'undefined' && typeof plugin.add_user === 'function') {
+          throw errorUtils.getInternalError(
+            'add_user method not longer supported, rename to adduser'
+          );
+        }
+
+        plugin.adduser(
+          user,
+          password,
+          function (err: VerdaccioError | null, ok?: boolean | string): void {
+            if (err) {
+              debug('the user  %o could not being added. Error: %o', user, err?.message);
+              return cb(err);
+            }
+            if (ok) {
+              debug('the user %o has been added', user);
+              return self.authenticate(user, password, cb);
+            }
+            next();
           }
-          if (ok) {
-            debug('the user %o has been added', user);
-            return self.authenticate(user, password, cb);
-          }
-          next();
-        });
+        );
       }
     })();
   }
@@ -272,27 +261,27 @@ class Auth implements IAuth {
    * Allow user to access a package.
    */
   public allow_access(
-    { packageName, packageVersion }: AuthPluginPackage,
+    { packageName, packageVersion }: pluginUtils.AuthPluginPackage,
     user: RemoteUser,
-    callback: Callback
+    callback: pluginUtils.AccessCallback
   ): void {
     const plugins = this.plugins.slice(0);
-    const pkgAllowAcces: AllowAccess = { name: packageName, version: packageVersion };
+    const pkgAllowAccess: AllowAccess = { name: packageName, version: packageVersion };
     const pkg = Object.assign(
       {},
-      pkgAllowAcces,
+      pkgAllowAccess,
       getMatchedPackagesSpec(packageName, this.config.packages)
     ) as AllowAccess & PackageAccess;
     debug('allow access for %o', packageName);
 
     (function next(): void {
-      const plugin: IPluginAuth<Config> = plugins.shift() as IPluginAuth<Config>;
+      const plugin: pluginUtils.Auth<unknown> = plugins.shift() as pluginUtils.Auth<unknown>;
 
       if (_.isNil(plugin) || isFunction(plugin.allow_access) === false) {
         return next();
       }
 
-      plugin.allow_access!(user, pkg, function (err, ok: boolean): void {
+      plugin.allow_access!(user, pkg, function (err: VerdaccioError | null, ok?: boolean): void {
         if (err) {
           debug('forbidden access for %o. Error: %o', packageName, err?.message);
           return callback(err);
@@ -309,7 +298,7 @@ class Auth implements IAuth {
   }
 
   public allow_unpublish(
-    { packageName, packageVersion }: AuthPluginPackage,
+    { packageName, packageVersion }: pluginUtils.AuthPluginPackage,
     user: RemoteUser,
     callback: Callback
   ): void {
@@ -354,7 +343,7 @@ class Auth implements IAuth {
    * Allow user to publish a package.
    */
   public allow_publish(
-    { packageName, packageVersion }: AuthPluginPackage,
+    { packageName, packageVersion }: pluginUtils.AuthPluginPackage,
     user: RemoteUser,
     callback: Callback
   ): void {
@@ -362,42 +351,35 @@ class Auth implements IAuth {
     const pkg = Object.assign(
       { name: packageName, version: packageVersion },
       getMatchedPackagesSpec(packageName, this.config.packages)
-    );
+    ) as any;
     debug('allow publish for %o init | plugins: %o', packageName, plugins.length);
 
     (function next(): void {
       const plugin = plugins.shift();
 
-      if (isFunction(plugin?.allow_publish) === false) {
+      if (typeof plugin?.allow_publish !== 'function') {
         debug('allow publish for %o plugin does not implement allow_publish', packageName);
         return next();
       }
 
-      // @ts-ignore
-      plugin.allow_publish(
-        user,
-        // @ts-ignore
-        pkg,
-        // @ts-ignore
-        (err: VerdaccioError, ok: boolean): void => {
-          if (_.isNil(err) === false && _.isError(err)) {
-            debug('forbidden publish for %o', packageName);
-            return callback(err);
-          }
-
-          if (ok) {
-            debug('allowed publish for %o', packageName);
-            return callback(null, ok);
-          }
-
-          debug('allow publish skip validation for %o', packageName);
-          next(); // cb(null, false) causes next plugin to roll
+      plugin.allow_publish(user, pkg, (err: VerdaccioError | null, ok?: boolean): void => {
+        if (_.isNil(err) === false && _.isError(err)) {
+          debug('forbidden publish for %o', packageName);
+          return callback(err);
         }
-      );
+
+        if (ok) {
+          debug('allowed publish for %o', packageName);
+          return callback(null, ok);
+        }
+
+        debug('allow publish skip validation for %o', packageName);
+        next(); // cb(null, false) causes next plugin to roll
+      });
     })();
   }
 
-  public apiJWTmiddleware(): Function {
+  public apiJWTmiddleware(): RequestHandler {
     debug('jwt middleware');
     const plugins = this.plugins.slice(0);
     const helpers = { createAnonymousRemoteUser, createRemoteUser };
@@ -407,10 +389,11 @@ class Auth implements IAuth {
       }
     }
 
-    return (req: $RequestExtend, res: $ResponseExtend, _next: NextFunction): void => {
+    // @ts-ignore
+    return (req: $RequestExtend, res: $ResponseExtend, _next: NextFunction) => {
       req.pause();
 
-      const next = function (err: VerdaccioError | void): void {
+      const next = function (err?: VerdaccioError): any {
         req.resume();
         // uncomment this to reject users with bad auth headers
         // return _next.apply(null, arguments)
@@ -419,6 +402,7 @@ class Auth implements IAuth {
         if (err) {
           req.remote_user.error = err.message;
         }
+
         return _next();
       };
 
@@ -469,7 +453,7 @@ class Auth implements IAuth {
       const credentials = convertPayloadToBase64(token).toString();
       const { user, password } = parseBasicPayload(credentials) as AESPayload;
       debug('authenticating %o', user);
-      this.authenticate(user, password, (err, user): void => {
+      this.authenticate(user, password, (err: VerdaccioError | null, user): void => {
         if (!err) {
           debug('generating a remote user');
           req.remote_user = user;
@@ -529,14 +513,15 @@ class Auth implements IAuth {
     }
   }
 
-  private _isRemoteUserValid(remote_user: RemoteUser): boolean {
-    return _.isUndefined(remote_user) === false && _.isUndefined(remote_user.name) === false;
+  private _isRemoteUserValid(remote_user?: RemoteUser): boolean {
+    return _.isUndefined(remote_user) === false && _.isUndefined(remote_user?.name) === false;
   }
 
   /**
    * JWT middleware for WebUI
    */
-  public webUIJWTmiddleware(): Function {
+  public webUIJWTmiddleware(): RequestHandler {
+    // @ts-ignore
     return (req: $RequestExtend, res: $ResponseExtend, _next: NextFunction): void => {
       if (this._isRemoteUserValid(req.remote_user)) {
         return _next();
@@ -567,7 +552,7 @@ class Auth implements IAuth {
         return next();
       }
 
-      let credentials;
+      let credentials: RemoteUser | undefined;
       try {
         credentials = verifyJWTPayload(token, this.config.secret);
       } catch (err: any) {
@@ -575,9 +560,8 @@ class Auth implements IAuth {
       }
 
       if (this._isRemoteUserValid(credentials)) {
-        const { name, groups } = credentials;
-        // $FlowFixMe
-        req.remote_user = createRemoteUser(name, groups);
+        const { name, groups } = credentials as RemoteUser;
+        req.remote_user = createRemoteUser(name as string, groups);
       } else {
         req.remote_user = createAnonymousRemoteUser();
       }
@@ -590,7 +574,9 @@ class Auth implements IAuth {
     const { real_groups, name, groups } = user;
     debug('jwt encrypt %o', name);
     const realGroupsValidated = _.isNil(real_groups) ? [] : real_groups;
-    const groupedGroups = _.isNil(groups) ? real_groups : groups.concat(realGroupsValidated);
+    const groupedGroups = _.isNil(groups)
+      ? real_groups
+      : Array.from(new Set([...groups.concat(realGroupsValidated)]));
     const payload: RemoteUser = {
       real_groups: realGroupsValidated,
       name,

packages/auth/src/index.ts

@@ -1,4 +1,4 @@
-export { Auth, IAuth, TokenEncryption, IBasicAuth } from './auth';
+export { Auth, TokenEncryption } from './auth';
 export * from './utils';
 export * from './legacy-token';
 export * from './jwt-token';

packages/auth/src/utils.ts

@@ -9,15 +9,9 @@ import {
   TOKEN_BEARER,
   VerdaccioError,
   errorUtils,
+  pluginUtils,
 } from '@verdaccio/core';
-import {
-  AuthPackageAllow,
-  Callback,
-  Config,
-  IPluginAuth,
-  RemoteUser,
-  Security,
-} from '@verdaccio/types';
+import { AuthPackageAllow, Config, Logger, RemoteUser, Security } from '@verdaccio/types';
 
 import { AESPayload, TokenEncryption } from './auth';
 import { verifyPayload } from './jwt-token';
@@ -161,13 +155,18 @@ export function isAuthHeaderValid(authorization: string): boolean {
   return authorization.split(' ').length === 2;
 }
 
-export function getDefaultPlugins(logger: any): IPluginAuth<Config> {
+/**
+ * Return a default configuration for authentication if none is provided.
+ * @param logger {Logger}
+ * @returns object of default implementations.
+ */
+export function getDefaultPlugins(logger: Logger): pluginUtils.Auth<Config> {
   return {
-    authenticate(user: string, password: string, cb: Callback): void {
+    authenticate(_user: string, _password: string, cb: pluginUtils.AuthCallback): void {
       cb(errorUtils.getForbidden(API_ERROR.BAD_USERNAME_PASSWORD));
     },
 
-    adduser(user: string, password: string, cb: Callback): void {
+    adduser(_user: string, _password: string, cb: pluginUtils.AuthUserCallback): void {
       return cb(errorUtils.getConflict(API_ERROR.BAD_USERNAME_PASSWORD));
     },
 
@@ -182,7 +181,7 @@ export function getDefaultPlugins(logger: any): IPluginAuth<Config> {
 
 export type ActionsAllowed = 'publish' | 'unpublish' | 'access';
 
-export function allow_action(action: ActionsAllowed, logger): AllowAction {
+export function allow_action(action: ActionsAllowed, logger: Logger): AllowAction {
   return function allowActionCallback(
     user: RemoteUser,
     pkg: AuthPackageAllow,
@@ -217,7 +216,7 @@ export function allow_action(action: ActionsAllowed, logger): AllowAction {
 /**
  *
  */
-export function handleSpecialUnpublish(logger): any {
+export function handleSpecialUnpublish(logger: Logger): any {
   return function (user: RemoteUser, pkg: AuthPackageAllow, callback: AllowActionCallback): void {
     const action = 'unpublish';
     // verify whether the unpublish prop has been defined

packages/auth/test/auth-utils.spec.ts

@@ -24,7 +24,6 @@ import type { AllowActionCallbackResponse } from '@verdaccio/utils';
 import {
   ActionsAllowed,
   Auth,
-  IAuth,
   aesDecrypt,
   allow_action,
   getApiToken,
@@ -70,7 +69,7 @@ describe('Auth utilities', () => {
     methodNotBeenCalled: string
   ): Promise<string> {
     const config: Config = getConfig(configFileName, secret);
-    const auth: IAuth = new Auth(config);
+    const auth: Auth = new Auth(config);
     await auth.init();
     // @ts-ignore
     const spy = jest.spyOn(auth, methodToSpy);
@@ -78,8 +77,8 @@ describe('Auth utilities', () => {
     const spyNotCalled = jest.spyOn(auth, methodNotBeenCalled);
     const user: RemoteUser = {
       name: username,
-      real_groups: [],
-      groups: [],
+      real_groups: ['test', '$all', '$authenticated', '@all', '@authenticated', 'all'],
+      groups: ['company-role1', 'company-role2'],
     };
     const token = await getApiToken(auth, config, user, password);
     expect(spy).toHaveBeenCalled();
@@ -94,7 +93,25 @@ describe('Auth utilities', () => {
     const payload = verifyPayload(token, secret);
     expect(payload.name).toBe(user);
     expect(payload.groups).toBeDefined();
+    expect(payload.groups).toEqual([
+      'company-role1',
+      'company-role2',
+      'test',
+      '$all',
+      '$authenticated',
+      '@all',
+      '@authenticated',
+      'all',
+    ]);
     expect(payload.real_groups).toBeDefined();
+    expect(payload.real_groups).toEqual([
+      'test',
+      '$all',
+      '$authenticated',
+      '@all',
+      '@authenticated',
+      'all',
+    ]);
   };
 
   const verifyAES = (token: string, user: string, password: string, secret: string) => {
@@ -220,6 +237,30 @@ describe('Auth utilities', () => {
     });
   });
 
+  describe('createRemoteUser', () => {
+    test('create remote user', () => {
+      expect(createRemoteUser('test', [])).toEqual({
+        name: 'test',
+        real_groups: [],
+        groups: ['$all', '$authenticated', '@all', '@authenticated', 'all'],
+      });
+    });
+    test('create remote user with groups', () => {
+      expect(createRemoteUser('test', ['group1', 'group2'])).toEqual({
+        name: 'test',
+        real_groups: ['group1', 'group2'],
+        groups: ['group1', 'group2', '$all', '$authenticated', '@all', '@authenticated', 'all'],
+      });
+    });
+    test('create anonymous remote user', () => {
+      expect(createAnonymousRemoteUser()).toEqual({
+        name: undefined,
+        real_groups: [],
+        groups: ['$all', '$anonymous', '@all', '@anonymous'],
+      });
+    });
+  });
+
   describe('getApiToken test', () => {
     test('should sign token with aes and security missing', async () => {
       const token = await getTokenByConfiguration(
@@ -409,7 +450,7 @@ describe('Auth utilities', () => {
       test.concurrent('should return empty credential corrupted payload', async () => {
         const secret = 'b2df428b9929d3ace7c598bbf4e496b2';
         const config: Config = getConfig('security-legacy', secret);
-        const auth: IAuth = new Auth(config);
+        const auth: Auth = new Auth(config);
         await auth.init();
         const token = auth.aesEncrypt(null);
         const security: Security = config.security;
@@ -446,15 +487,13 @@ describe('Auth utilities', () => {
           security,
           '12345',
           buildToken(TOKEN_BEARER, 'fakeToken')
-        );
+        ) as RemoteUser;
 
         expect(credentials).toBeDefined();
-        // @ts-ignore
         expect(credentials.name).not.toBeDefined();
-        // @ts-ignore
         expect(credentials.real_groups).toBeDefined();
-        // @ts-ignore
-        expect(credentials.real_groups).toEqual([]);
+
+        expect(credentials.groups).toEqual(['$all', '$anonymous', '@all', '@anonymous']);
       });
 
       test('should return anonymous whether token and scheme are corrupted', () => {
@@ -486,14 +525,29 @@ describe('Auth utilities', () => {
           security,
           secret,
           buildToken(TOKEN_BEARER, token)
-        );
+        ) as RemoteUser;
         expect(credentials).toBeDefined();
-        // @ts-ignore
+
         expect(credentials.name).toEqual(user);
-        // @ts-ignore
         expect(credentials.real_groups).toBeDefined();
-        // @ts-ignore
-        expect(credentials.real_groups).toEqual([]);
+        expect(credentials.real_groups).toEqual([
+          'test',
+          '$all',
+          '$authenticated',
+          '@all',
+          '@authenticated',
+          'all',
+        ]);
+        expect(credentials.groups).toEqual([
+          'company-role1',
+          'company-role2',
+          'test',
+          '$all',
+          '$authenticated',
+          '@all',
+          '@authenticated',
+          'all',
+        ]);
       });
     });
   });

packages/auth/test/auth.spec.ts

@@ -1,6 +1,5 @@
 import path from 'path';
 
-import { IAuth } from '@verdaccio/auth';
 import { Config as AppConfig, ROLES, getDefaultConfig } from '@verdaccio/config';
 import { errorUtils } from '@verdaccio/core';
 import { setup } from '@verdaccio/logger';
@@ -9,14 +8,14 @@ import { Config } from '@verdaccio/types';
 import { Auth } from '../src';
 import { authPluginFailureConf, authPluginPassThrougConf, authProfileConf } from './helper/plugin';
 
-setup([]);
+setup({});
 
 describe('AuthTest', () => {
   test('should init correctly', async () => {
     const config: Config = new AppConfig({ ...authProfileConf });
     config.checkSecretKey('12345');
 
-    const auth: IAuth = new Auth(config);
+    const auth: Auth = new Auth(config);
     await auth.init();
     expect(auth).toBeDefined();
   });
@@ -25,7 +24,7 @@ describe('AuthTest', () => {
     const config: Config = new AppConfig({ ...authProfileConf, auth: undefined });
     config.checkSecretKey('12345');
 
-    const auth: IAuth = new Auth(config);
+    const auth: Auth = new Auth(config);
     await auth.init();
     expect(auth).toBeDefined();
   });
@@ -35,7 +34,7 @@ describe('AuthTest', () => {
       test('should be a success login', async () => {
         const config: Config = new AppConfig({ ...authProfileConf });
         config.checkSecretKey('12345');
-        const auth: IAuth = new Auth(config);
+        const auth: Auth = new Auth(config);
         await auth.init();
         expect(auth).toBeDefined();
 
@@ -62,7 +61,7 @@ describe('AuthTest', () => {
       test('should be a fail on login', async () => {
         const config: Config = new AppConfig(authPluginFailureConf);
         config.checkSecretKey('12345');
-        const auth: IAuth = new Auth(config);
+        const auth: Auth = new Auth(config);
         await auth.init();
         expect(auth).toBeDefined();
 
@@ -81,7 +80,7 @@ describe('AuthTest', () => {
       test('should skip falsy values', async () => {
         const config: Config = new AppConfig({ ...authPluginPassThrougConf });
         config.checkSecretKey('12345');
-        const auth: IAuth = new Auth(config);
+        const auth: Auth = new Auth(config);
         await auth.init();
         expect(auth).toBeDefined();
 
@@ -101,7 +100,7 @@ describe('AuthTest', () => {
       test('should error truthy non-array', async () => {
         const config: Config = new AppConfig({ ...authPluginPassThrougConf });
         config.checkSecretKey('12345');
-        const auth: IAuth = new Auth(config);
+        const auth: Auth = new Auth(config);
         await auth.init();
         expect(auth).toBeDefined();
 
@@ -119,7 +118,7 @@ describe('AuthTest', () => {
       test('should skip empty array', async () => {
         const config: Config = new AppConfig({ ...authPluginPassThrougConf });
         config.checkSecretKey('12345');
-        const auth: IAuth = new Auth(config);
+        const auth: Auth = new Auth(config);
         await auth.init();
         expect(auth).toBeDefined();
 
@@ -136,7 +135,7 @@ describe('AuthTest', () => {
       test('should accept valid array', async () => {
         const config: Config = new AppConfig({ ...authPluginPassThrougConf });
         config.checkSecretKey('12345');
-        const auth: IAuth = new Auth(config);
+        const auth: Auth = new Auth(config);
         await auth.init();
         expect(auth).toBeDefined();
 
@@ -165,7 +164,7 @@ describe('AuthTest', () => {
         },
       });
       config.checkSecretKey('12345');
-      const auth: IAuth = new Auth(config);
+      const auth: Auth = new Auth(config);
       await auth.init();
 
       return new Promise((resolve) => {

packages/auth/tsconfig.build.json

@@ -2,8 +2,8 @@
   "extends": "../../tsconfig.base.json",
   "compilerOptions": {
     "rootDir": "./src",
-    "outDir": "./build"
+    "outDir": "./build",
+    "noImplicitAny": false
   },
-  "include": ["src/**/*"],
-  "exclude": ["src/**/*.test.ts"]
+  "include": ["src/**/*"]
 }

packages/auth/tsconfig.json

@@ -2,16 +2,19 @@
   "extends": "../../tsconfig.reference",
   "compilerOptions": {
     "rootDir": "./src",
-    "outDir": "./build"
+    "outDir": "./build",
+    "noImplicitAny": true
   },
   "include": ["src/**/*.ts"],
-  "exclude": ["src/**/*.test.ts"],
   "references": [
     {
       "path": "../config"
     },
     {
-      "path": "../core/htpasswd"
+      "path": "../plugins/htpasswd"
+    },
+    {
+      "path": "../core/core"
     },
     {
       "path": "../loaders"
@@ -19,9 +22,6 @@
     {
       "path": "../logger"
     },
-    {
-      "path": "../mock"
-    },
     {
       "path": "../utils"
     }

packages/cli/CHANGELOG.md

@@ -1,5 +1,42 @@
 # @verdaccio/cli
 
+## 6.0.0-6-next.52
+
+### Patch Changes
+
+- @verdaccio/core@6.0.0-6-next.52
+- @verdaccio/config@6.0.0-6-next.52
+- @verdaccio/node-api@6.0.0-6-next.52
+- @verdaccio/logger@6.0.0-6-next.20
+
+## 6.0.0-6-next.51
+
+### Patch Changes
+
+- Updated dependencies [4b29d715]
+  - @verdaccio/config@6.0.0-6-next.51
+  - @verdaccio/core@6.0.0-6-next.51
+  - @verdaccio/node-api@6.0.0-6-next.51
+  - @verdaccio/logger@6.0.0-6-next.19
+
+## 6.0.0-6-next.50
+
+### Patch Changes
+
+- @verdaccio/node-api@6.0.0-6-next.50
+- @verdaccio/core@6.0.0-6-next.50
+- @verdaccio/config@6.0.0-6-next.50
+- @verdaccio/logger@6.0.0-6-next.18
+
+## 6.0.0-6-next.49
+
+### Patch Changes
+
+- @verdaccio/node-api@6.0.0-6-next.49
+- @verdaccio/core@6.0.0-6-next.49
+- @verdaccio/config@6.0.0-6-next.49
+- @verdaccio/logger@6.0.0-6-next.17
+
 ## 6.0.0-6-next.48
 
 ### Patch Changes