chore: update versions (6-next) (#2625)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

.babelrc

@@ -7,7 +7,7 @@
         "version": 3, "proposals": true
       },
       "targets": {
-        "node": 12
+        "node": 14
       }
     }
   ],

.changeset/eleven-spoons-matter.md

@@ -0,0 +1,39 @@
+---
+'@verdaccio/api': major
+'@verdaccio/auth': major
+'@verdaccio/cli': major
+'@verdaccio/config': major
+'@verdaccio/core': major
+'@verdaccio/file-locking': major
+'verdaccio-htpasswd': major
+'@verdaccio/readme': major
+'@verdaccio/fastify-migration': major
+'@verdaccio/streams': major
+'@verdaccio/tarball': major
+'@verdaccio/types': major
+'@verdaccio/url': major
+'@verdaccio/hooks': major
+'@verdaccio/loaders': major
+'@verdaccio/logger': major
+'@verdaccio/middleware': major
+'@verdaccio/mock': major
+'@verdaccio/node-api': major
+'@verdaccio/active-directory': major
+'verdaccio-audit': major
+'verdaccio-auth-memory': major
+'verdaccio-aws-s3-storage': major
+'verdaccio-google-cloud': major
+'verdaccio-memory': major
+'@verdaccio/ui-theme': major
+'@verdaccio/server': major
+'@verdaccio/cli-standalone': major
+'@verdaccio/store': major
+'@verdaccio/dev-types': major
+'@verdaccio/utils': major
+'verdaccio': major
+'@verdaccio/web': major
+---
+
+Remove Node 12 support
+
+- We need move to the new `undici` and does not support Node.js 12

.changeset/fuzzy-onions-draw.md

@@ -0,0 +1,10 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/fastify-migration': minor
+'@verdaccio/hooks': minor
+'@verdaccio/logger-prettify': minor
+'@verdaccio/proxy': minor
+'@verdaccio/store': minor
+---
+
+abort search request support for proxy

.changeset/perfect-candles-clap.md

@@ -0,0 +1,35 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/auth': minor
+'@verdaccio/cli': minor
+'@verdaccio/config': minor
+'@verdaccio/core': minor
+'verdaccio-htpasswd': minor
+'@verdaccio/local-storage': minor
+'@verdaccio/fastify-migration': minor
+'@verdaccio/tarball': minor
+'@verdaccio/types': minor
+'@verdaccio/url': minor
+'@verdaccio/hooks': minor
+'@verdaccio/loaders': minor
+'@verdaccio/logger': minor
+'@verdaccio/middleware': minor
+'@verdaccio/mock': minor
+'@verdaccio/node-api': minor
+'@verdaccio/active-directory': minor
+'verdaccio-auth-memory': minor
+'verdaccio-aws-s3-storage': minor
+'verdaccio-google-cloud': minor
+'verdaccio-memory': minor
+'@verdaccio/ui-theme': minor
+'@verdaccio/proxy': minor
+'@verdaccio/server': minor
+'@verdaccio/cli-standalone': minor
+'@verdaccio/store': minor
+'@verdaccio/utils': minor
+'verdaccio': minor
+'@verdaccio/web': minor
+'@verdaccio/e2e-ui': minor
+---
+
+refactor: remove @verdaccio/commons-api in favor @verdaccio/core and remove duplications

.changeset/pre.json

@@ -6,7 +6,6 @@
     "@verdaccio/auth": "6.0.0-alpha.0",
     "@verdaccio/cli": "6.0.0-alpha.0",
     "@verdaccio/config": "6.0.0-alpha.0",
-    "@verdaccio/commons-api": "11.0.0-alpha.0",
     "@verdaccio/file-locking": "11.0.0-alpha.0",
     "verdaccio-htpasswd": "11.0.0-alpha.0",
     "@verdaccio/local-storage": "11.0.0-alpha.0",
@@ -43,16 +42,19 @@
     "@verdaccio/eslint-config": "1.0.0",
     "@verdaccio/benchmark": "1.0.0",
     "@verdaccio/website": "5.1.3",
-    "@verdaccio/core": "6.0.0-next.0"
+    "@verdaccio/core": "6.0.0-next.0",
+    "@verdaccio/helper": "1.0.0"
   },
   "changesets": [
     "afraid-mice-obey",
     "big-lobsters-sin",
     "calm-pants-impress",
     "dry-planes-tap",
+    "eleven-spoons-matter",
     "few-cooks-destroy",
     "few-mangos-grow",
     "fifty-jars-rest",
+    "fuzzy-onions-draw",
     "gentle-parrots-lay",
     "gentle-trains-switch",
     "gold-vans-tease",
@@ -67,6 +69,7 @@
     "modern-spies-tell",
     "neat-toes-report",
     "olive-candles-speak",
+    "perfect-candles-clap",
     "perfect-emus-clean",
     "perfect-kangaroos-agree",
     "plenty-news-remember",
@@ -76,9 +79,12 @@
     "proud-jeans-walk",
     "red-chefs-float",
     "shaggy-carrots-unite",
+    "shaggy-parrots-smash",
     "shiny-chefs-heal",
     "smart-apricots-kneel",
+    "sour-buses-shout",
     "spicy-frogs-press",
+    "ten-parents-breathe",
     "tender-bags-call",
     "three-pots-sit",
     "two-dolls-check",

.changeset/shaggy-parrots-smash.md

@@ -0,0 +1,8 @@
+---
+'@verdaccio/cli': minor
+'@verdaccio/core': minor
+'@verdaccio/logger': minor
+'@verdaccio/node-api': minor
+---
+
+feat: use warning codes for deprecation warnings

.changeset/sour-buses-shout.md

@@ -0,0 +1,11 @@
+---
+'@verdaccio/fastify-migration': minor
+'@verdaccio/store': minor
+'@verdaccio/utils': minor
+'@verdaccio/web': minor
+'@verdaccio/website': minor
+---
+
+feat: migrate web sidebar endpoint to fastify
+
+reuse utils methods between packages

.changeset/ten-parents-breathe.md

@@ -0,0 +1,7 @@
+---
+'@verdaccio/auth': minor
+'@verdaccio/fastify-migration': minor
+'@verdaccio/web': minor
+---
+
+dist tags Implementation on Fastify

.github/workflows/benchmark.yml

@@ -58,7 +58,7 @@ jobs:
           - 3.13.1
           - 4.12.2
           - 5.1.3
-          - 6.0.0-6-next.23
+          - 6.0.0-6-next.24
     name: Benchmark autocannon
     runs-on: ubuntu-latest
     steps:
@@ -119,7 +119,7 @@ jobs:
           - 3.13.1
           - 4.12.2
           - 5.1.3
-          - 6.0.0-6-next.23
+          - 6.0.0-6-next.24
     name: Benchmark hyperfine
     runs-on: ubuntu-latest
     steps:

.github/workflows/changesets.yml

@@ -46,7 +46,12 @@ jobs:
         run: pnpm install
         env:
           NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
-
+      - name: crowdin download
+        env:
+          CROWDIN_VERDACCIO_PROJECT_ID: ${{ secrets.CROWDIN_VERDACCIO_PROJECT_ID }}
+          CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
+          CONTEXT: production
+        run: pnpm crowdin:download       
       - name: build
         run: pnpm build
 

.github/workflows/ci.yml

@@ -23,7 +23,7 @@ jobs:
         ports:
           - 4873:4873
     steps:
-    - uses: actions/checkout@v2.3.1
+    - uses: actions/checkout@v2.3.5
     - name: Use Node 14
       uses: actions/setup-node@v1
       with:
@@ -48,7 +48,7 @@ jobs:
     name: Lint
     needs: prepare
     steps:
-      - uses: actions/checkout@v2.3.1
+      - uses: actions/checkout@v2.3.5
       - name: Use Node 16
         uses: actions/setup-node@v1
         with:
@@ -68,7 +68,7 @@ jobs:
     name: Format
     needs: prepare
     steps:
-      - uses: actions/checkout@v2.3.1
+      - uses: actions/checkout@v2.3.5
       - name: Use Node 16
         uses: actions/setup-node@v1
         with:
@@ -89,7 +89,7 @@ jobs:
     name: build
     needs: [format, lint]
     steps:
-      - uses: actions/checkout@v2.3.1
+      - uses: actions/checkout@v2.3.5
       - name: Use Node 16
         uses: actions/setup-node@v1
         with:
@@ -107,7 +107,10 @@ jobs:
           CROWDIN_VERDACCIO_PROJECT_ID: ${{ secrets.CROWDIN_VERDACCIO_PROJECT_ID }}
           CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
           CONTEXT: production
-        run: pnpm crowdin:download        
+        run: pnpm crowdin:download
+        ## this step is optional, translations are not mandatory for PR
+        ## secrets keys are not available on forks, the failure here is guaranteed
+        continue-on-error: true  
       - name: build
         run: pnpm build
       - name: tar packages
@@ -128,7 +131,7 @@ jobs:
     name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v2.3.1
+      - uses: actions/checkout@v2.3.5
       - name: Use Node ${{ matrix.node_version }}
         uses: actions/setup-node@v1
         with:
@@ -153,7 +156,7 @@ jobs:
     runs-on: ubuntu-latest
     name: UI Test E2E Node 14
     steps:
-      - uses: actions/checkout@v2.3.1
+      - uses: actions/checkout@v2.3.5
       - uses: actions/setup-node@v1
         with:
           node-version: 14
@@ -180,7 +183,7 @@ jobs:
     runs-on: ubuntu-latest
     name: CLI Test E2E Node 14
     steps:
-      - uses: actions/checkout@v2.3.1
+      - uses: actions/checkout@v2.3.5
       - uses: actions/setup-node@v1
         with:
           node-version: 14
@@ -207,7 +210,7 @@ jobs:
     runs-on: windows-latest
     name: windows test node 14
     steps:
-      - uses: actions/checkout@v2.3.1
+      - uses: actions/checkout@v2.3.5
       - name: Use Node 14
         uses: actions/setup-node@v1
         with:
@@ -231,7 +234,7 @@ jobs:
     name: synchronize translations
     if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
     steps:
-      - uses: actions/checkout@v2.3.1
+      - uses: actions/checkout@v2.3.5
       - uses: actions/setup-node@v1
         with:
           node-version: 14

.github/workflows/codeql-analysis.yml

@@ -14,7 +14,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2.3.1
+        uses: actions/checkout@v2.3.5
         with:
           # We must fetch at least the immediate parents so that if this is
           # a pull request then we can checkout the head.

.github/workflows/website.yml

@@ -24,7 +24,7 @@ jobs:
     env:
       NODE_OPTIONS: --max_old_space_size=4096
     steps:
-      - uses: actions/checkout@v2.3.1
+      - uses: actions/checkout@v2.3.5
 
       - name: Use Node 14
         uses: actions/setup-node@v2

.prettierrc

@@ -1,11 +0,0 @@
-{
-  "endOfLine": "lf",
-  "useTabs": false,
-  "printWidth": 100,
-  "tabWidth": 2,
-  "singleQuote": true,
-  "bracketSpacing": true,
-  "jsxBracketSameLine": true,
-  "trailingComma": "es5",
-  "semi": true
-}

.vscode/settings.json

@@ -2,7 +2,7 @@
 {
   "files.exclude": {
     "**/.nyc_output": true,
-    "**/build": true,
+    "**/build": false,
     "**/coverage": true,
     ".idea": true,
     "storage_default_storage": true,

CONTRIBUTING.md

@@ -129,9 +129,23 @@ More details in the debug section
 
 ### Running and debugging
 
+> Check the debugging guidelines [here](https://github.com/verdaccio/verdaccio/wiki/Debugging-Verdaccio)
+
 We use [`debug`](https://www.npmjs.com/package/debug) to add helpful debugging
 output to the code. Each package has it owns namespace.
 
+#### Useful Scripts
+
+To run the application from the source code, ensure the project has been built with `pnpm build`, once this is done, there are few commands that helps to run server:
+
+- `pnpm start`: Run the server and the UI with `concurrently`, the
+  server runs in the port `8000` and the UI on the port `4873`. This command
+  is useful if you want to contribute mostly on the UI.
+- `pnpm debug`: Run the server in debug mode `--inspect`, the UI is included but does not have hot reload. For automatic break use `pnpm debug:break`.
+- `pnpm debug:fastify`: To contribute on the [fastify migration](https://github.com/verdaccio/verdaccio/discussions/2155) this is a temporary command for such purpose.
+- `pnpm website`: Build the website, for more commands to run the _website_, run `cd website` and then `pnpm serve`, website will run on port `3000`.
+- `pnpm docker`: Build the docker image. Requires `docker` command available in your system.
+
 #### Debugging compiled code
 
 Currently you can only run pre-compiled packages in debug mode. To enable debug

Dockerfile

@@ -1,4 +1,4 @@
-FROM --platform=${BUILDPLATFORM:-linux/amd64} node:14.17.6-alpine as builder
+FROM --platform=${BUILDPLATFORM:-linux/amd64} node:14.18.1-alpine as builder
 
 ENV NODE_ENV=development \
     VERDACCIO_BUILD_REGISTRY=https://registry.verdaccio.org
@@ -19,7 +19,7 @@ RUN npm -g i pnpm@6.10.3 && \
 # FIXME: need to remove devDependencies from the build
 # RUN pnpm install --prod --ignore-scripts
 
-FROM node:14.17.6-alpine
+FROM node:14.18.1-alpine
 LABEL maintainer="https://github.com/verdaccio/verdaccio"
 
 ENV VERDACCIO_APPDIR=/opt/verdaccio \

README.md

@@ -29,6 +29,8 @@ Google Cloud Storage** or create your own plugin.
 
 ## Install
 
+> Latest Node.js v14
+
 Install with npm:
 
 ```bash

docs/env.variables.md

@@ -51,4 +51,4 @@ By default, the storage is taken from config file, but using this variable allow
 
 #### VERDACCIO_STORAGE_NAME
 
-The database name for `@verdaccio/local-storge` is by default `.verdaccio-db.json`, but this can be update by using this variable.
+The database name for `@verdaccio/local-storage` is by default `.verdaccio-db.json`, but this can be update by using this variable.

docs/migration-v5-to-v6.md

@@ -74,3 +74,7 @@ Introduce environment variables for legacy tokens.
 
 - `VERDACCIO_LEGACY_ALGORITHM`: Allows to define the specific algorithm for the token signature which by default is `aes-256-ctr`
 - `VERDACCIO_LEGACY_ENCRYPTION_KEY`: By default, the token stores in the database, but using this variable allows to get it from memory
+
+#### @verdaccio/commons-api migration
+
+The package has been removed in favor of `@verdaccio/core` with a similar API, check API documentation for further details.

docs/warnings.md

@@ -0,0 +1,29 @@
+# Warning Codes
+
+## VERWAR001
+
+Verdaccio doesn't need superuser privileges. Don't run it under root.
+
+## VERWAR002
+
+logger is not defined
+
+## VERWAR003
+
+'rotating-file type is not longer supported, consider use [logrotate] instead'
+
+## VERWAR004
+
+invalid address - xxxxxx, we expect a port (e.g. "4873"),
+
+## VERDEP001
+
+'config.logs is deprecated, rename configuration to "config.log" in singular'
+
+## VERDEP002
+
+'deprecate: multiple logger configuration is deprecated, please check the migration guide.'
+
+## VERDEP003
+
+'multiple addresses will be deprecated in the next major, only use one'

package.json

@@ -15,25 +15,25 @@
     "url": "https://opencollective.com/verdaccio"
   },
   "devDependencies": {
-    "@babel/cli": "7.15.4",
-    "@babel/core": "7.15.5",
-    "@babel/node": "7.15.4",
+    "@babel/cli": "7.15.7",
+    "@babel/core": "7.15.8",
+    "@babel/node": "7.15.8",
     "@babel/plugin-proposal-class-properties": "7.14.5",
-    "@babel/plugin-proposal-decorators": "7.15.4",
+    "@babel/plugin-proposal-decorators": "7.15.8",
     "@babel/plugin-proposal-export-namespace-from": "7.14.5",
     "@babel/plugin-proposal-function-sent": "7.14.5",
     "@babel/plugin-proposal-json-strings": "7.14.5",
     "@babel/plugin-proposal-nullish-coalescing-operator": "7.14.5",
     "@babel/plugin-proposal-numeric-separator": "7.14.5",
-    "@babel/plugin-proposal-object-rest-spread": "7.14.7",
+    "@babel/plugin-proposal-object-rest-spread": "7.15.6",
     "@babel/plugin-proposal-optional-chaining": "7.14.5",
     "@babel/plugin-proposal-throw-expressions": "7.14.5",
     "@babel/plugin-syntax-dynamic-import": "7.8.3",
     "@babel/plugin-syntax-import-meta": "7.10.4",
     "@babel/plugin-transform-async-to-generator": "7.14.5",
     "@babel/plugin-transform-classes": "7.15.4",
-    "@babel/plugin-transform-runtime": "7.15.0",
-    "@babel/preset-env": "7.15.4",
+    "@babel/plugin-transform-runtime": "7.15.8",
+    "@babel/preset-env": "7.15.8",
     "@babel/preset-react": "7.14.5",
     "@babel/preset-typescript": "7.15.0",
     "@babel/register": "7.15.3",
@@ -41,65 +41,66 @@
     "@changesets/changelog-github": "0.2.8",
     "@changesets/cli": "2.15.0",
     "@changesets/get-dependents-graph": "1.2.2",
-    "@crowdin/cli": "3.6.5",
+    "@crowdin/cli": "3.7.1",
+    "@trivago/prettier-plugin-sort-imports": "3.0.0",
     "@types/async": "3.2.7",
     "@types/autocannon": "4.1.1",
     "@types/autosuggest-highlight": "3.1.1",
-    "@types/express": "4.17.6",
+    "@types/express": "4.17.13",
     "@types/http-errors": "1.8.1",
-    "@types/jest": "27.0.1",
-    "@types/lodash": "4.14.172",
+    "@types/jest": "27.0.2",
+    "@types/lodash": "4.14.176",
     "@types/mime": "2.0.3",
     "@types/minimatch": "3.0.5",
     "@types/node": "14.6.0",
     "@types/request": "2.48.7",
-    "@types/semver": "7.3.8",
+    "@types/semver": "7.3.9",
     "@types/supertest": "2.0.11",
     "@types/testing-library__jest-dom": "5.14.1",
-    "@types/validator": "13.6.3",
+    "@types/validator": "13.6.6",
     "@types/webpack": "5.28.0",
-    "@types/webpack-env": "1.16.2",
-    "@typescript-eslint/eslint-plugin": "4.30.0",
-    "@typescript-eslint/parser": "4.30.0",
+    "@types/webpack-env": "1.16.3",
+    "@typescript-eslint/eslint-plugin": "4.33.0",
+    "@typescript-eslint/parser": "4.33.0",
     "@verdaccio/benchmark": "workspace:*",
     "@verdaccio/eslint-config": "workspace:*",
     "@verdaccio/types": "workspace:*",
     "@verdaccio/ui-theme": "workspace:*",
-    "autocannon": "7.4.0",
+    "autocannon": "7.5.0",
     "babel-core": "7.0.0-bridge.0",
     "babel-eslint": "10.1.0",
-    "babel-jest": "27.1.0",
+    "babel-jest": "27.3.1",
     "babel-plugin-dynamic-import-node": "2.3.3",
     "babel-plugin-emotion": "10.2.2",
     "codecov": "3.8.3",
-    "concurrently": "6.2.1",
+    "concurrently": "6.3.0",
     "core-js": "3.17.2",
     "cross-env": "7.0.3",
     "debug": "4.3.2",
     "detect-secrets": "1.0.6",
     "eslint": "7.32.0",
     "fs-extra": "10.0.0",
-    "husky": "7.0.2",
+    "husky": "7.0.4",
     "in-publish": "2.0.1",
-    "jest": "27.1.0",
-    "jest-environment-jsdom": "27.1.0",
+    "jest": "27.3.1",
+    "jest-environment-jsdom": "27.3.1",
     "jest-environment-jsdom-global": "3.0.0",
-    "jest-environment-node": "27.1.0",
-    "jest-junit": "12.2.0",
+    "jest-environment-node": "27.3.1",
+    "jest-junit": "12.3.0",
     "kleur": "3.0.3",
     "lint-staged": "11.1.2",
     "nock": "12.0.3",
     "node-fetch": "3.0.0-beta.6-exportfix",
-    "nodemon": "2.0.12",
+    "nodemon": "2.0.14",
     "npm-run-all": "4.1.5",
     "prettier": "2.3.2",
     "rimraf": "3.0.2",
     "selfsigned": "1.10.11",
     "supertest": "6.1.6",
     "ts-node": "10.2.1",
-    "typescript": "4.4.2",
-    "update-ts-references": "2.4.0",
-    "verdaccio": "5.1.3",
+    "typescript": "4.4.4",
+    "update-ts-references": "2.4.1",
+    "verdaccio": "5.2.0",
     "verdaccio-audit": "workspace:*",
     "verdaccio-auth-memory": "workspace:*",
     "verdaccio-htpasswd": "workspace:*",
@@ -112,7 +113,7 @@
     "docker": "docker build -t verdaccio/verdaccio:local . --no-cache",
     "format": "prettier --write \"**/*.{js,jsx,ts,tsx,json,yml,yaml,md}\"",
     "format:check": "prettier --check \"**/*.{js,jsx,ts,tsx,json,yml,yaml,md}\"",
-    "lint": "eslint  --max-warnings 60 \"**/*.{js,jsx,ts,tsx}\"",
+    "lint": "eslint  --max-warnings 46 \"**/*.{js,jsx,ts,tsx}\"",
     "test": "pnpm recursive test --filter ./packages",
     "test:e2e:cli": "pnpm test --filter ...@verdaccio/e2e-cli",
     "test:e2e:ui": "pnpm test --filter ...@verdaccio/e2e-ui",
@@ -127,6 +128,7 @@
     "_debug:reload": "nodemon -d 3 packages/verdaccio/debug/bootstrap.js",
     "start:ts": "ts-node packages/verdaccio/src/start.ts -- --listen 8000",
     "debug": "node --trace-warnings --trace-uncaught --inspect packages/verdaccio/debug/bootstrap.js",
+    "debug:fastify": "node --trace-warnings --trace-uncaught --inspect packages/verdaccio/debug/bootstrap.js -- fastify-server",
     "debug:break": "node --trace-warnings --trace-uncaught --inspect-brk packages/verdaccio/debug/bootstrap.js",
     "changeset": "changeset",
     "changeset:check": "changeset status --since-master",

packages/api/CHANGELOG.md

@@ -1,5 +1,62 @@
 # @verdaccio/api
 
+## 6.0.0-6-next.18
+
+### Patch Changes
+
+- Updated dependencies [f86c31ed]
+- Updated dependencies [20c9e43e]
+  - @verdaccio/store@6.0.0-6-next.16
+  - @verdaccio/utils@6.0.0-6-next.9
+  - @verdaccio/auth@6.0.0-6-next.15
+  - @verdaccio/config@6.0.0-6-next.11
+  - @verdaccio/tarball@11.0.0-6-next.10
+  - @verdaccio/middleware@6.0.0-6-next.15
+  - @verdaccio/hooks@6.0.0-6-next.9
+
+## 6.0.0-6-next.17
+
+### Patch Changes
+
+- Updated dependencies [6c1eb021]
+  - @verdaccio/core@6.0.0-6-next.3
+  - @verdaccio/logger@6.0.0-6-next.7
+  - @verdaccio/auth@6.0.0-6-next.14
+  - @verdaccio/config@6.0.0-6-next.10
+  - @verdaccio/tarball@11.0.0-6-next.9
+  - @verdaccio/hooks@6.0.0-6-next.9
+  - @verdaccio/middleware@6.0.0-6-next.14
+  - @verdaccio/store@6.0.0-6-next.15
+  - @verdaccio/utils@6.0.0-6-next.8
+
+## 6.0.0-6-next.16
+
+### Major Changes
+
+- 794af76c: Remove Node 12 support
+
+  - We need move to the new `undici` and does not support Node.js 12
+
+### Minor Changes
+
+- b702ea36: abort search request support for proxy
+- 154b2ecd: refactor: remove @verdaccio/commons-api in favor @verdaccio/core and remove duplications
+
+### Patch Changes
+
+- Updated dependencies [794af76c]
+- Updated dependencies [b702ea36]
+- Updated dependencies [154b2ecd]
+  - @verdaccio/auth@6.0.0-6-next.13
+  - @verdaccio/config@6.0.0-6-next.9
+  - @verdaccio/core@6.0.0-6-next.2
+  - @verdaccio/tarball@11.0.0-6-next.8
+  - @verdaccio/hooks@6.0.0-6-next.8
+  - @verdaccio/logger@6.0.0-6-next.6
+  - @verdaccio/middleware@6.0.0-6-next.13
+  - @verdaccio/store@6.0.0-6-next.14
+  - @verdaccio/utils@6.0.0-6-next.7
+
 ## 6.0.0-6-next.15
 
 ### Patch Changes

packages/api/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@verdaccio/api",
-  "version": "6.0.0-6-next.15",
+  "version": "6.0.0-6-next.18",
   "description": "loaders logic",
   "main": "./build/index.js",
   "types": "build/index.d.ts",
@@ -25,7 +25,7 @@
     "verdaccio"
   ],
   "engines": {
-    "node": ">=10",
+    "node": ">=14",
     "npm": ">=6"
   },
   "scripts": {
@@ -39,16 +39,16 @@
   },
   "license": "MIT",
   "dependencies": {
-    "@verdaccio/auth": "workspace:6.0.0-6-next.12",
-    "@verdaccio/commons-api": "workspace:11.0.0-6-next.4",
-    "@verdaccio/config": "workspace:6.0.0-6-next.8",
-    "@verdaccio/core": "workspace:6.0.0-6-next.1",
-    "@verdaccio/hooks": "workspace:6.0.0-6-next.7",
-    "@verdaccio/logger": "workspace:6.0.0-6-next.5",
-    "@verdaccio/middleware": "workspace:6.0.0-6-next.12",
-    "@verdaccio/store": "workspace:6.0.0-6-next.13",
-    "@verdaccio/tarball": "workspace:11.0.0-6-next.7",
-    "@verdaccio/utils": "workspace:6.0.0-6-next.6",
+    "@verdaccio/auth": "workspace:6.0.0-6-next.15",
+    "@verdaccio/config": "workspace:6.0.0-6-next.11",
+    "@verdaccio/core": "workspace:6.0.0-6-next.3",
+    "@verdaccio/hooks": "workspace:6.0.0-6-next.9",
+    "@verdaccio/logger": "workspace:6.0.0-6-next.7",
+    "@verdaccio/middleware": "workspace:6.0.0-6-next.15",
+    "@verdaccio/store": "workspace:6.0.0-6-next.16",
+    "@verdaccio/tarball": "workspace:11.0.0-6-next.10",
+    "@verdaccio/utils": "workspace:6.0.0-6-next.9",
+    "abortcontroller-polyfill": "1.7.3",
     "cookies": "0.8.0",
     "debug": "4.3.2",
     "express": "4.17.1",
@@ -57,9 +57,10 @@
     "semver": "7.3.5"
   },
   "devDependencies": {
-    "@types/node": "16.9.1",
-    "@verdaccio/server": "workspace:6.0.0-6-next.20",
-    "@verdaccio/types": "workspace:11.0.0-6-next.8",
+    "@types/node": "16.11.6",
+    "@verdaccio/server": "workspace:6.0.0-6-next.23",
+    "@verdaccio/types": "workspace:11.0.0-6-next.9",
+    "@verdaccio/helper": "1.0.0",
     "body-parser": "1.19.0",
     "lodash": "4.17.21",
     "supertest": "6.1.6"

packages/api/src/dist-tags.ts

@@ -1,12 +1,13 @@
-import mime from 'mime';
-import _ from 'lodash';
 import { Router } from 'express';
+import _ from 'lodash';
+import mime from 'mime';
 
-import { media, allow } from '@verdaccio/middleware';
-import { API_MESSAGE, HTTP_STATUS, DIST_TAGS, VerdaccioError } from '@verdaccio/commons-api';
-import { Package } from '@verdaccio/types';
-import { Storage } from '@verdaccio/store';
 import { IAuth } from '@verdaccio/auth';
+import { VerdaccioError, constants } from '@verdaccio/core';
+import { allow, media } from '@verdaccio/middleware';
+import { Storage } from '@verdaccio/store';
+import { Package } from '@verdaccio/types';
+
 import { $NextFunctionVer, $RequestExtend, $ResponseExtend } from '../types/custom';
 
 export default function (route: Router, auth: IAuth, storage: Storage): void {
@@ -26,8 +27,8 @@ export default function (route: Router, auth: IAuth, storage: Storage): void {
       if (err) {
         return next(err);
       }
-      res.status(HTTP_STATUS.CREATED);
-      return next({ ok: API_MESSAGE.TAG_ADDED });
+      res.status(constants.HTTP_STATUS.CREATED);
+      return next({ ok: constants.API_MESSAGE.TAG_ADDED });
     });
   };
 
@@ -58,9 +59,9 @@ export default function (route: Router, auth: IAuth, storage: Storage): void {
         if (err) {
           return next(err);
         }
-        res.status(HTTP_STATUS.CREATED);
+        res.status(constants.HTTP_STATUS.CREATED);
         return next({
-          ok: API_MESSAGE.TAG_REMOVED,
+          ok: constants.API_MESSAGE.TAG_REMOVED,
         });
       });
     }
@@ -79,7 +80,7 @@ export default function (route: Router, auth: IAuth, storage: Storage): void {
             return next(err);
           }
 
-          next(info[DIST_TAGS]);
+          next(info[constants.DIST_TAGS]);
         },
       });
     }
@@ -96,9 +97,9 @@ export default function (route: Router, auth: IAuth, storage: Storage): void {
           if (err) {
             return next(err);
           }
-          res.status(HTTP_STATUS.CREATED);
+          res.status(constants.HTTP_STATUS.CREATED);
           return next({
-            ok: API_MESSAGE.TAG_UPDATED,
+            ok: constants.API_MESSAGE.TAG_UPDATED,
           });
         }
       );

packages/api/src/index.ts

@@ -1,27 +1,33 @@
+import bodyParser from 'body-parser';
 import express, { Router } from 'express';
+import semver from 'semver';
+
+import { IAuth } from '@verdaccio/auth';
 import {
+  antiLoop,
+  encodeScopePackage,
   match,
   validateName,
   validatePackage,
-  encodeScopePackage,
-  antiLoop,
 } from '@verdaccio/middleware';
-import { IAuth } from '@verdaccio/auth';
 import { Storage } from '@verdaccio/store';
 import { Config } from '@verdaccio/types';
-import bodyParser from 'body-parser';
 
-import whoami from './whoami';
-import ping from './ping';
-import user from './user';
 import distTags from './dist-tags';
+import pkg from './package';
+import ping from './ping';
 import publish from './publish';
 import search from './search';
-import pkg from './package';
 import stars from './stars';
+import user from './user';
 import profile from './v1/profile';
-import token from './v1/token';
 import v1Search from './v1/search';
+import token from './v1/token';
+import whoami from './whoami';
+
+if (semver.lte(process.version, 'v15.0.0')) {
+  global.AbortController = require('abortcontroller-polyfill/dist/cjs-ponyfill').AbortController;
+}
 
 export default function (config: Config, auth: IAuth, storage: Storage): Router {
   /* eslint new-cap:off */

packages/api/src/package.ts

@@ -1,15 +1,16 @@
-import _ from 'lodash';
-import { Router } from 'express';
 import buildDebug from 'debug';
+import { Router } from 'express';
+import _ from 'lodash';
 
-import { allow } from '@verdaccio/middleware';
-import { getVersion, ErrorCode } from '@verdaccio/utils';
-import { HEADERS, DIST_TAGS, API_ERROR } from '@verdaccio/commons-api';
-import { Config, Package } from '@verdaccio/types';
 import { IAuth } from '@verdaccio/auth';
+import { API_ERROR, DIST_TAGS, HEADERS, errorUtils } from '@verdaccio/core';
+import { allow } from '@verdaccio/middleware';
 import { Storage } from '@verdaccio/store';
 import { convertDistRemoteToLocalTarballUrls } from '@verdaccio/tarball';
-import { $RequestExtend, $ResponseExtend, $NextFunctionVer } from '../types/custom';
+import { Config, Package } from '@verdaccio/types';
+import { getVersion } from '@verdaccio/utils';
+
+import { $NextFunctionVer, $RequestExtend, $ResponseExtend } from '../types/custom';
 
 const debug = buildDebug('verdaccio:api:package');
 
@@ -40,7 +41,7 @@ export default function (route: Router, auth: IAuth, storage: Storage, config: C
   route.get(
     '/:package/:version?',
     can('access'),
-    function (req: $RequestExtend, res: $ResponseExtend, next: $NextFunctionVer): void {
+    function (req: $RequestExtend, _res: $ResponseExtend, next: $NextFunctionVer): void {
       debug('init package by version');
       const name = req.params.package;
       const getPackageMetaCallback = function (err, metadata: Package): void {
@@ -49,7 +50,11 @@ export default function (route: Router, auth: IAuth, storage: Storage, config: C
           return next(err);
         }
         debug('convert dist remote to local with prefix %o', config?.url_prefix);
-        metadata = convertDistRemoteToLocalTarballUrls(metadata, req, config?.url_prefix);
+        metadata = convertDistRemoteToLocalTarballUrls(
+          metadata,
+          { protocol: req.protocol, headers: req.headers as any, host: req.host },
+          config?.url_prefix
+        );
 
         let queryVersion = req.params.version;
         debug('query by param version: %o', queryVersion);
@@ -80,7 +85,7 @@ export default function (route: Router, auth: IAuth, storage: Storage, config: C
         }
 
         debug('package version not found %o', queryVersion);
-        return next(ErrorCode.getNotFound(`${API_ERROR.VERSION_NOT_EXIST}: ${queryVersion}`));
+        return next(errorUtils.getNotFound(`${API_ERROR.VERSION_NOT_EXIST}: ${queryVersion}`));
       };
 
       debug('get package name %o', name);

packages/api/src/ping.ts

@@ -1,5 +1,6 @@
 import { Router } from 'express';
-import { $RequestExtend, $ResponseExtend, $NextFunctionVer } from '../types/custom';
+
+import { $NextFunctionVer, $RequestExtend, $ResponseExtend } from '../types/custom';
 
 export default function (route: Router): void {
   route.get(

packages/api/src/publish.ts

@@ -1,19 +1,26 @@
-import Path from 'path';
+import buildDebug from 'debug';
+import { Router } from 'express';
 import _ from 'lodash';
 import mime from 'mime';
-import { Router } from 'express';
-import buildDebug from 'debug';
+import Path from 'path';
 
-import { API_MESSAGE, HEADERS, DIST_TAGS, API_ERROR, HTTP_STATUS } from '@verdaccio/commons-api';
-import { validateMetadata, isObject, ErrorCode, hasDiffOneKey } from '@verdaccio/utils';
-import { media, expectJson, allow } from '@verdaccio/middleware';
-import { notify } from '@verdaccio/hooks';
-import { Config, Callback, MergeTags, Version, Package, CallbackAction } from '@verdaccio/types';
-import { logger } from '@verdaccio/logger';
 import { IAuth } from '@verdaccio/auth';
+import {
+  API_ERROR,
+  API_MESSAGE,
+  DIST_TAGS,
+  HEADERS,
+  HTTP_STATUS,
+  errorUtils,
+} from '@verdaccio/core';
+import { notify } from '@verdaccio/hooks';
+import { logger } from '@verdaccio/logger';
+import { allow, expectJson, media } from '@verdaccio/middleware';
 import { Storage } from '@verdaccio/store';
-import { $RequestExtend, $ResponseExtend, $NextFunctionVer } from '../types/custom';
+import { Callback, CallbackAction, Config, MergeTags, Package, Version } from '@verdaccio/types';
+import { hasDiffOneKey, isObject, validateMetadata } from '@verdaccio/utils';
 
+import { $NextFunctionVer, $RequestExtend, $ResponseExtend } from '../types/custom';
 import star from './star';
 import { isPublishablePackage, isRelatedToDeprecation } from './utils';
 
@@ -224,7 +231,7 @@ export function publishPackage(storage: Storage, config: Config, auth: IAuth): a
         // if this happens in normal circumstances, report it as a bug
         debug('invalid body format');
         logger.info({ packageName }, `wrong package format on publish a package @{packageName}`);
-        return next(ErrorCode.getBadRequest(API_ERROR.UNSUPORTED_REGISTRY_CALL));
+        return next(errorUtils.getBadRequest(API_ERROR.UNSUPORTED_REGISTRY_CALL));
       }
 
       if (error && error.status !== HTTP_STATUS.CONFLICT) {
@@ -322,7 +329,7 @@ export function publishPackage(storage: Storage, config: Config, auth: IAuth): a
     } catch (error: any) {
       debug('error on publish, bad package format %o', packageName);
       logger.error({ packageName }, 'error on publish, bad package data for @{packageName}');
-      return next(ErrorCode.getBadData(API_ERROR.BAD_PACKAGE_DATA));
+      return next(errorUtils.getBadData(API_ERROR.BAD_PACKAGE_DATA));
     }
   };
 }

packages/api/src/search.ts

@@ -1,4 +1,4 @@
-import { HTTP_STATUS } from '@verdaccio/commons-api';
+import { HTTP_STATUS } from '@verdaccio/core';
 import { logger } from '@verdaccio/logger';
 
 export default function (route): void {

packages/api/src/star.ts

@@ -1,10 +1,11 @@
-import { USERS, HTTP_STATUS } from '@verdaccio/commons-api';
+import buildDebug from 'debug';
 import { Response } from 'express';
 import _ from 'lodash';
-import buildDebug from 'debug';
 
+import { HTTP_STATUS, USERS } from '@verdaccio/core';
 import { Storage } from '@verdaccio/store';
-import { $RequestExtend, $NextFunctionVer } from '../types/custom';
+
+import { $NextFunctionVer, $RequestExtend } from '../types/custom';
 
 const debug = buildDebug('verdaccio:api:publish:star');
 

packages/api/src/stars.ts

@@ -1,11 +1,11 @@
-import _ from 'lodash';
 import { Response, Router } from 'express';
+import _ from 'lodash';
 
-import { USERS, HTTP_STATUS } from '@verdaccio/commons-api';
+import { HTTP_STATUS, USERS } from '@verdaccio/core';
+import { Storage } from '@verdaccio/store';
 import { Package } from '@verdaccio/types';
 
-import { Storage } from '@verdaccio/store';
-import { $RequestExtend, $NextFunctionVer } from '../types/custom';
+import { $NextFunctionVer, $RequestExtend } from '../types/custom';
 
 type Packages = Package[];
 

packages/api/src/user.ts

@@ -1,16 +1,16 @@
-import _ from 'lodash';
-import { Response, Router } from 'express';
 import buildDebug from 'debug';
+import { Response, Router } from 'express';
+import _ from 'lodash';
 
-import { getAuthenticatedMessage, validatePassword, ErrorCode } from '@verdaccio/utils';
 import { getApiToken } from '@verdaccio/auth';
-import { logger } from '@verdaccio/logger';
-import { createRemoteUser } from '@verdaccio/config';
-
-import { Config, RemoteUser } from '@verdaccio/types';
 import { IAuth } from '@verdaccio/auth';
-import { API_ERROR, API_MESSAGE, HTTP_STATUS } from '@verdaccio/commons-api';
-import { $RequestExtend, $NextFunctionVer } from '../types/custom';
+import { createRemoteUser } from '@verdaccio/config';
+import { API_ERROR, API_MESSAGE, HTTP_STATUS, errorUtils } from '@verdaccio/core';
+import { logger } from '@verdaccio/logger';
+import { Config, RemoteUser } from '@verdaccio/types';
+import { getAuthenticatedMessage, validatePassword } from '@verdaccio/utils';
+
+import { $NextFunctionVer, $RequestExtend } from '../types/custom';
 
 const debug = buildDebug('verdaccio:api:user');
 
@@ -47,7 +47,7 @@ export default function (route: Router, auth: IAuth, config: Config): void {
                 'authenticating for user @{username} failed. Error: @{err.message}'
               );
               return next(
-                ErrorCode.getCode(HTTP_STATUS.UNAUTHORIZED, API_ERROR.BAD_USERNAME_PASSWORD)
+                errorUtils.getCode(HTTP_STATUS.UNAUTHORIZED, API_ERROR.BAD_USERNAME_PASSWORD)
               );
             }
 
@@ -55,7 +55,7 @@ export default function (route: Router, auth: IAuth, config: Config): void {
             const token = await getApiToken(auth, config, restoredRemoteUser, password);
             debug('login: new token');
             if (!token) {
-              return next(ErrorCode.getUnauthorized());
+              return next(errorUtils.getUnauthorized());
             }
 
             res.status(HTTP_STATUS.CREATED);
@@ -73,7 +73,7 @@ export default function (route: Router, auth: IAuth, config: Config): void {
         if (validatePassword(password) === false) {
           debug('adduser: invalid password');
           // eslint-disable-next-line new-cap
-          return next(ErrorCode.getCode(HTTP_STATUS.BAD_REQUEST, API_ERROR.PASSWORD_SHORT()));
+          return next(errorUtils.getCode(HTTP_STATUS.BAD_REQUEST, API_ERROR.PASSWORD_SHORT()));
         }
 
         auth.add_user(name, password, async function (err, user): Promise<void> {
@@ -84,7 +84,7 @@ export default function (route: Router, auth: IAuth, config: Config): void {
               // and npm accepts only an 409 error.
               // So, changing status code here.
               return next(
-                ErrorCode.getCode(err.status, err.message) || ErrorCode.getConflict(err.message)
+                errorUtils.getCode(err.status, err.message) || errorUtils.getConflict(err.message)
               );
             }
             return next(err);
@@ -94,7 +94,7 @@ export default function (route: Router, auth: IAuth, config: Config): void {
             name && password ? await getApiToken(auth, config, user, password) : undefined;
           debug('adduser: new token %o', token);
           if (!token) {
-            return next(ErrorCode.getUnauthorized());
+            return next(errorUtils.getUnauthorized());
           }
 
           req.remote_user = user;

packages/api/src/utils.ts

@@ -1,6 +1,7 @@
-import { Package } from '@verdaccio/types';
 import _ from 'lodash';
 
+import { Package } from '@verdaccio/types';
+
 /**
  * Check whether the package metadta has enough data to be published
  * @param pkg metadata

packages/api/src/v1/profile.ts

@@ -1,10 +1,11 @@
-import _ from 'lodash';
 import { Response, Router } from 'express';
+import _ from 'lodash';
 
-import { API_ERROR, APP_ERROR, HTTP_STATUS, SUPPORT_ERRORS } from '@verdaccio/commons-api';
-import { ErrorCode, validatePassword } from '@verdaccio/utils';
 import { IAuth } from '@verdaccio/auth';
-import { $RequestExtend, $NextFunctionVer } from '../../types/custom';
+import { API_ERROR, APP_ERROR, HTTP_STATUS, SUPPORT_ERRORS, errorUtils } from '@verdaccio/core';
+import { validatePassword } from '@verdaccio/utils';
+
+import { $NextFunctionVer, $RequestExtend } from '../../types/custom';
 
 export interface Profile {
   tfa: boolean;
@@ -61,7 +62,7 @@ export default function (route: Router, auth: IAuth): void {
       if (_.isNil(password) === false) {
         if (validatePassword(password.new) === false) {
           /* eslint new-cap:off */
-          return next(ErrorCode.getCode(HTTP_STATUS.UNAUTHORIZED, API_ERROR.PASSWORD_SHORT()));
+          return next(errorUtils.getCode(HTTP_STATUS.UNAUTHORIZED, API_ERROR.PASSWORD_SHORT()));
           /* eslint new-cap:off */
         }
 
@@ -72,22 +73,22 @@ export default function (route: Router, auth: IAuth): void {
           (err, isUpdated): $NextFunctionVer => {
             if (_.isNull(err) === false) {
               return next(
-                ErrorCode.getCode(err.status, err.message) || ErrorCode.getConflict(err.message)
+                errorUtils.getCode(err.status, err.message) || errorUtils.getConflict(err.message)
               );
             }
 
             if (isUpdated) {
               return next(buildProfile(req.remote_user.name));
             }
-            return next(ErrorCode.getInternalError(API_ERROR.INTERNAL_SERVER_ERROR));
+            return next(errorUtils.getInternalError(API_ERROR.INTERNAL_SERVER_ERROR));
           }
         );
       } else if (_.isNil(tfa) === false) {
         return next(
-          ErrorCode.getCode(HTTP_STATUS.SERVICE_UNAVAILABLE, SUPPORT_ERRORS.TFA_DISABLED)
+          errorUtils.getCode(HTTP_STATUS.SERVICE_UNAVAILABLE, SUPPORT_ERRORS.TFA_DISABLED)
         );
       } else {
-        return next(ErrorCode.getCode(HTTP_STATUS.INTERNAL_ERROR, APP_ERROR.PROFILE_ERROR));
+        return next(errorUtils.getCode(HTTP_STATUS.INTERNAL_ERROR, APP_ERROR.PROFILE_ERROR));
       }
     }
   );

packages/api/src/v1/search.ts

@@ -1,9 +1,9 @@
-import _ from 'lodash';
 import buildDebug from 'debug';
-import { logger } from '@verdaccio/logger';
+import _ from 'lodash';
+
 import { IAuth } from '@verdaccio/auth';
-import { searchUtils } from '@verdaccio/core';
-import { HTTP_STATUS } from '@verdaccio/commons-api';
+import { HTTP_STATUS, searchUtils } from '@verdaccio/core';
+import { logger } from '@verdaccio/logger';
 import { Storage } from '@verdaccio/store';
 import { Package } from '@verdaccio/types';
 
@@ -36,16 +36,23 @@ export default function (route, auth: IAuth, storage: Storage): void {
   }
 
   route.get('/-/v1/search', async (req, res, next) => {
-    let [size, from] = ['size', 'from'].map((k) => req.query[k]);
+    const { query, url } = req;
+    let [size, from] = ['size', 'from'].map((k) => query[k]);
     let data;
+    const abort = new AbortController();
+
+    req.on('aborted', () => {
+      abort.abort();
+    });
 
     size = parseInt(size, 10) || 20;
     from = parseInt(from, 10) || 0;
 
     try {
       data = await storage.searchManager?.search({
-        query: req.query,
-        url: req.url,
+        query,
+        url,
+        abort,
       });
       debug('stream finish');
       const checkAccessPromises: searchUtils.SearchItemPkg[] = await Promise.all(

packages/api/src/v1/token.ts

@@ -1,14 +1,15 @@
-import _ from 'lodash';
-import { HTTP_STATUS, SUPPORT_ERRORS, getInternalError } from '@verdaccio/commons-api';
-import { ErrorCode, stringToMD5, mask } from '@verdaccio/utils';
-import { getApiToken } from '@verdaccio/auth';
-import { logger } from '@verdaccio/logger';
 import { Response, Router } from 'express';
+import _ from 'lodash';
 
-import { Config, RemoteUser, Token } from '@verdaccio/types';
+import { getApiToken } from '@verdaccio/auth';
 import { IAuth } from '@verdaccio/auth';
+import { HTTP_STATUS, SUPPORT_ERRORS, errorUtils } from '@verdaccio/core';
+import { logger } from '@verdaccio/logger';
 import { Storage } from '@verdaccio/store';
-import { $RequestExtend, $NextFunctionVer } from '../../types/custom';
+import { Config, RemoteUser, Token } from '@verdaccio/types';
+import { mask, stringToMD5 } from '@verdaccio/utils';
+
+import { $NextFunctionVer, $RequestExtend } from '../../types/custom';
 
 export type NormalizeToken = Token & {
   created: string;
@@ -43,10 +44,10 @@ export default function (route: Router, auth: IAuth, storage: Storage, config: C
           });
         } catch (error: any) {
           logger.error({ error: error.msg }, 'token list has failed: @{error}');
-          return next(ErrorCode.getCode(HTTP_STATUS.INTERNAL_ERROR, error.message));
+          return next(errorUtils.getCode(HTTP_STATUS.INTERNAL_ERROR, error.message));
         }
       }
-      return next(ErrorCode.getUnauthorized());
+      return next(errorUtils.getUnauthorized());
     }
   );
 
@@ -57,27 +58,27 @@ export default function (route: Router, auth: IAuth, storage: Storage, config: C
       const { name } = req.remote_user;
 
       if (!_.isBoolean(readonly) || !_.isArray(cidr_whitelist)) {
-        return next(ErrorCode.getCode(HTTP_STATUS.BAD_DATA, SUPPORT_ERRORS.PARAMETERS_NOT_VALID));
+        return next(errorUtils.getCode(HTTP_STATUS.BAD_DATA, SUPPORT_ERRORS.PARAMETERS_NOT_VALID));
       }
 
       auth.authenticate(name, password, async (err, user: RemoteUser) => {
         if (err) {
           const errorCode = err.message ? HTTP_STATUS.UNAUTHORIZED : HTTP_STATUS.INTERNAL_ERROR;
-          return next(ErrorCode.getCode(errorCode, err.message));
+          return next(errorUtils.getCode(errorCode, err.message));
         }
 
         req.remote_user = user;
 
         if (!_.isFunction(storage.saveToken)) {
           return next(
-            ErrorCode.getCode(HTTP_STATUS.NOT_IMPLEMENTED, SUPPORT_ERRORS.STORAGE_NOT_IMPLEMENT)
+            errorUtils.getCode(HTTP_STATUS.NOT_IMPLEMENTED, SUPPORT_ERRORS.STORAGE_NOT_IMPLEMENT)
           );
         }
 
         try {
           const token = await getApiToken(auth, config, user, password);
           if (!token) {
-            throw getInternalError();
+            throw errorUtils.getInternalError();
           }
 
           const key = stringToMD5(token);
@@ -113,7 +114,7 @@ export default function (route: Router, auth: IAuth, storage: Storage, config: C
           );
         } catch (error: any) {
           logger.error({ error: error.msg }, 'token creation has failed: @{error}');
-          return next(ErrorCode.getCode(HTTP_STATUS.INTERNAL_ERROR, error.message));
+          return next(errorUtils.getInternalError(error.message));
         }
       });
     }
@@ -135,10 +136,10 @@ export default function (route: Router, auth: IAuth, storage: Storage, config: C
           return next({});
         } catch (error: any) {
           logger.error({ error: error.msg }, 'token creation has failed: @{error}');
-          return next(ErrorCode.getCode(HTTP_STATUS.INTERNAL_ERROR, error.message));
+          return next(errorUtils.getCode(HTTP_STATUS.INTERNAL_ERROR, error.message));
         }
       }
-      return next(ErrorCode.getUnauthorized());
+      return next(errorUtils.getUnauthorized());
     }
   );
 }

packages/api/src/whoami.ts

@@ -1,7 +1,7 @@
-import { Response, Router } from 'express';
 import buildDebug from 'debug';
-import { $RequestExtend, $NextFunctionVer } from '../types/custom';
-// import { getUnauthorized } from '@verdaccio/commons-api';
+import { Response, Router } from 'express';
+
+import { $NextFunctionVer, $RequestExtend } from '../types/custom';
 
 const debug = buildDebug('verdaccio:api:user');
 

packages/api/test/integration/_helper.ts

@@ -1,13 +1,15 @@
-import path from 'path';
-import express, { Application } from 'express';
-import supertest from 'supertest';
 import bodyParser from 'body-parser';
+import express, { Application } from 'express';
+import path from 'path';
+import supertest from 'supertest';
 
-import { Config, parseConfigFile } from '@verdaccio/config';
-import { Storage } from '@verdaccio/store';
-import { final, handleError, errorReportingMiddleware } from '@verdaccio/middleware';
 import { Auth, IAuth } from '@verdaccio/auth';
-import { HEADERS, HEADER_TYPE, HTTP_STATUS, generatePackageMetadata } from '@verdaccio/commons-api';
+import { Config, parseConfigFile } from '@verdaccio/config';
+import { HEADERS, HEADER_TYPE, HTTP_STATUS } from '@verdaccio/core';
+import { generatePackageMetadata } from '@verdaccio/helper';
+import { errorReportingMiddleware, final, handleError } from '@verdaccio/middleware';
+import { Storage } from '@verdaccio/store';
+
 import apiEndpoints from '../../src';
 
 const getConf = (conf) => {

packages/api/test/integration/package.spec.ts

@@ -1,7 +1,8 @@
 import supertest from 'supertest';
 
-import { HEADER_TYPE, HEADERS, HTTP_STATUS } from '@verdaccio/commons-api';
-import { $ResponseExtend, $RequestExtend } from '../../types/custom';
+import { HEADERS, HEADER_TYPE, HTTP_STATUS } from '@verdaccio/core';
+
+import { $RequestExtend, $ResponseExtend } from '../../types/custom';
 import { initializeServer, publishTaggedVersion, publishVersion } from './_helper';
 
 const mockApiJWTmiddleware = jest.fn(

packages/api/test/integration/ping.spec.ts

@@ -1,6 +1,7 @@
 import supertest from 'supertest';
 
-import { HEADER_TYPE, HEADERS, HTTP_STATUS } from '@verdaccio/commons-api';
+import { HEADERS, HEADER_TYPE, HTTP_STATUS } from '@verdaccio/core';
+
 import { initializeServer } from './_helper';
 
 describe('ping', () => {

packages/api/test/integration/publish.spec.ts

@@ -1,13 +1,10 @@
-import { HTTP_STATUS } from '@verdaccio/commons-api';
 import supertest from 'supertest';
-import {
-  API_ERROR,
-  API_MESSAGE,
-  generatePackageMetadata,
-  HEADER_TYPE,
-  HEADERS,
-} from '@verdaccio/commons-api';
-import { $ResponseExtend, $RequestExtend } from '../../types/custom';
+
+import { HTTP_STATUS } from '@verdaccio/core';
+import { API_ERROR, API_MESSAGE, HEADERS, HEADER_TYPE } from '@verdaccio/core';
+import { generatePackageMetadata } from '@verdaccio/helper';
+
+import { $RequestExtend, $ResponseExtend } from '../../types/custom';
 import { initializeServer, publishVersion } from './_helper';
 
 const mockApiJWTmiddleware = jest.fn(

packages/api/test/integration/user.spec.ts

@@ -1,16 +1,14 @@
-import supertest from 'supertest';
 import _ from 'lodash';
+import supertest from 'supertest';
 
 import {
-  getBadRequest,
-  getConflict,
-  getUnauthorized,
+  API_ERROR,
+  API_MESSAGE,
   HEADERS,
   HEADER_TYPE,
-  API_MESSAGE,
   HTTP_STATUS,
-  API_ERROR,
-} from '@verdaccio/commons-api';
+  errorUtils,
+} from '@verdaccio/core';
 
 import { $RequestExtend, $ResponseExtend } from '../../types/custom';
 import { initializeServer } from './_helper';
@@ -28,7 +26,7 @@ const mockAuthenticate = jest.fn(() => (_name, _password, callback): void => {
 });
 
 const mockAddUser = jest.fn(() => (_name, _password, callback): void => {
-  return callback(getConflict(API_ERROR.USERNAME_ALREADY_REGISTERED));
+  return callback(errorUtils.getConflict(API_ERROR.USERNAME_ALREADY_REGISTERED));
 });
 
 jest.mock('@verdaccio/auth', () => ({
@@ -143,7 +141,7 @@ describe('user', () => {
         }
     );
     mockAddUser.mockImplementationOnce(() => (_name, _password, callback): void => {
-      return callback(getBadRequest(API_ERROR.USERNAME_PASSWORD_REQUIRED));
+      return callback(errorUtils.getBadRequest(API_ERROR.USERNAME_PASSWORD_REQUIRED));
     });
     const credentialsShort = _.cloneDeep(credentials);
     delete credentialsShort.name;
@@ -208,7 +206,7 @@ describe('user', () => {
         }
     );
     mockAuthenticate.mockImplementationOnce(() => (_name, _password, callback): void => {
-      return callback(getUnauthorized(API_ERROR.BAD_USERNAME_PASSWORD));
+      return callback(errorUtils.getUnauthorized(API_ERROR.BAD_USERNAME_PASSWORD));
     });
     const credentialsShort = _.cloneDeep(credentials);
     credentialsShort.password = 'failPassword';
@@ -240,7 +238,7 @@ describe('user', () => {
         }
     );
     mockAuthenticate.mockImplementationOnce(() => (_name, _password, callback): void => {
-      return callback(getUnauthorized(API_ERROR.BAD_USERNAME_PASSWORD));
+      return callback(errorUtils.getUnauthorized(API_ERROR.BAD_USERNAME_PASSWORD));
     });
     const credentialsShort = _.cloneDeep(credentials);
     credentialsShort.password = 'failPassword';

packages/api/test/integration/whoami.spec.ts

@@ -1,6 +1,6 @@
 import supertest from 'supertest';
 
-import { HEADERS, HTTP_STATUS } from '@verdaccio/commons-api';
+import { HEADERS, HTTP_STATUS } from '@verdaccio/core';
 
 import { $RequestExtend, $ResponseExtend } from '../../types/custom';
 import { initializeServer } from './_helper';

packages/api/test/unit/publish.spec.ts

@@ -1,11 +1,11 @@
-import { HTTP_STATUS, API_ERROR } from '@verdaccio/commons-api';
-import { ErrorCode } from '@verdaccio/utils';
+import { API_ERROR, HTTP_STATUS, errorUtils } from '@verdaccio/core';
+
 import {
   addVersion,
-  uploadPackageTarball,
+  publishPackage,
   removeTarball,
   unPublishPackage,
-  publishPackage,
+  uploadPackageTarball,
 } from '../../src/publish';
 
 const REVISION_MOCK = '15-e53a77096b0ee33e';
@@ -202,13 +202,13 @@ describe('Publish endpoints - un-publish package', () => {
     const storage = {
       removePackage(packageName) {
         expect(packageName).toEqual(req.params.package);
-        return Promise.reject(ErrorCode.getInternalError());
+        return Promise.reject(errorUtils.getInternalError());
       },
     };
 
     // @ts-ignore
     await unPublishPackage(storage)(req, res, next);
-    expect(next).toHaveBeenCalledWith(ErrorCode.getInternalError());
+    expect(next).toHaveBeenCalledWith(errorUtils.getInternalError());
   });
 });
 

packages/api/test/unit/validate.api.params.middleware.spec.ts

@@ -1,7 +1,7 @@
 /* eslint-disable curly */
 // ensure that all arguments are validated
-import path from 'path';
 import fs from 'fs';
+import path from 'path';
 
 /**
  * Validate.

packages/api/tsconfig.json

@@ -13,9 +13,6 @@
     {
       "path": "../config"
     },
-    {
-      "path": "../core/commons-api"
-    },
     {
       "path": "../core/core"
     },

packages/api/types/custom.d.ts

@@ -1,6 +1,7 @@
-import { Logger, RemoteUser } from '@verdaccio/types';
 import { NextFunction, Request, Response } from 'express';
 
+import { Logger, RemoteUser } from '@verdaccio/types';
+
 export type $RequestExtend = Request & { remote_user?: any; log: Logger };
 export type $ResponseExtend = Response & { cookies?: any };
 export type $NextFunctionVer = NextFunction & any;

packages/auth/CHANGELOG.md

@@ -1,5 +1,53 @@
 # @verdaccio/auth
 
+## 6.0.0-6-next.15
+
+### Minor Changes
+
+- 20c9e43e: dist tags Implementation on Fastify
+
+### Patch Changes
+
+- Updated dependencies [f86c31ed]
+  - @verdaccio/utils@6.0.0-6-next.9
+  - @verdaccio/config@6.0.0-6-next.11
+  - @verdaccio/loaders@6.0.0-6-next.7
+
+## 6.0.0-6-next.14
+
+### Patch Changes
+
+- Updated dependencies [6c1eb021]
+  - @verdaccio/core@6.0.0-6-next.3
+  - @verdaccio/logger@6.0.0-6-next.7
+  - @verdaccio/config@6.0.0-6-next.10
+  - @verdaccio/loaders@6.0.0-6-next.7
+  - verdaccio-htpasswd@11.0.0-6-next.10
+  - @verdaccio/utils@6.0.0-6-next.8
+
+## 6.0.0-6-next.13
+
+### Major Changes
+
+- 794af76c: Remove Node 12 support
+
+  - We need move to the new `undici` and does not support Node.js 12
+
+### Minor Changes
+
+- 154b2ecd: refactor: remove @verdaccio/commons-api in favor @verdaccio/core and remove duplications
+
+### Patch Changes
+
+- Updated dependencies [794af76c]
+- Updated dependencies [154b2ecd]
+  - @verdaccio/config@6.0.0-6-next.9
+  - @verdaccio/core@6.0.0-6-next.2
+  - verdaccio-htpasswd@11.0.0-6-next.9
+  - @verdaccio/loaders@6.0.0-6-next.6
+  - @verdaccio/logger@6.0.0-6-next.6
+  - @verdaccio/utils@6.0.0-6-next.7
+
 ## 6.0.0-6-next.12
 
 ### Patch Changes

packages/auth/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@verdaccio/auth",
-  "version": "6.0.0-6-next.12",
+  "version": "6.0.0-6-next.15",
   "description": "logger",
   "main": "./build/index.js",
   "types": "build/index.d.ts",
@@ -25,7 +25,7 @@
     "verdaccio"
   ],
   "engines": {
-    "node": ">=10",
+    "node": ">=14",
     "npm": ">=6"
   },
   "scripts": {
@@ -39,20 +39,20 @@
   },
   "license": "MIT",
   "dependencies": {
-    "@verdaccio/commons-api": "workspace:11.0.0-6-next.4",
-    "@verdaccio/config": "workspace:6.0.0-6-next.8",
-    "@verdaccio/loaders": "workspace:6.0.0-6-next.5",
-    "@verdaccio/logger": "workspace:6.0.0-6-next.5",
-    "@verdaccio/utils": "workspace:6.0.0-6-next.6",
+    "@verdaccio/core": "workspace:6.0.0-6-next.3",
+    "@verdaccio/config": "workspace:6.0.0-6-next.11",
+    "@verdaccio/loaders": "workspace:6.0.0-6-next.7",
+    "@verdaccio/logger": "workspace:6.0.0-6-next.7",
+    "@verdaccio/utils": "workspace:6.0.0-6-next.9",
     "debug": "4.3.2",
     "express": "4.17.1",
     "jsonwebtoken": "8.5.1",
     "lodash": "4.17.21",
-    "verdaccio-htpasswd": "workspace:11.0.0-6-next.8"
+    "verdaccio-htpasswd": "workspace:11.0.0-6-next.10"
   },
   "devDependencies": {
-    "@verdaccio/mock": "workspace:6.0.0-6-next.9",
-    "@verdaccio/types": "workspace:11.0.0-6-next.8"
+    "@verdaccio/mock": "workspace:6.0.0-6-next.12",
+    "@verdaccio/types": "workspace:11.0.0-6-next.9"
   },
   "funding": {
     "type": "opencollective",

packages/auth/src/auth.ts

@@ -1,50 +1,45 @@
-import _ from 'lodash';
-import { NextFunction, Request, Response } from 'express';
 import buildDebug from 'debug';
+import { NextFunction, Request, Response } from 'express';
+import _ from 'lodash';
+import { HTPasswd, HTPasswdConfig } from 'verdaccio-htpasswd';
 
+import { createAnonymousRemoteUser, createRemoteUser } from '@verdaccio/config';
 import {
   API_ERROR,
   SUPPORT_ERRORS,
   TOKEN_BASIC,
   TOKEN_BEARER,
   VerdaccioError,
-  getBadRequest,
-  getInternalError,
-  getForbidden,
-} from '@verdaccio/commons-api';
+  errorUtils,
+} from '@verdaccio/core';
 import { loadPlugin } from '@verdaccio/loaders';
-import { HTPasswd, HTPasswdConfig } from 'verdaccio-htpasswd';
-
 import {
-  Config,
-  Logger,
-  Callback,
-  IPluginAuth,
-  RemoteUser,
-  JWTSignOptions,
-  Security,
-  AuthPluginPackage,
   AllowAccess,
+  AuthPluginPackage,
+  Callback,
+  Config,
+  IPluginAuth,
+  JWTSignOptions,
+  Logger,
   PackageAccess,
   PluginOptions,
+  RemoteUser,
+  Security,
 } from '@verdaccio/types';
-
-import { getMatchedPackagesSpec, isNil, isFunction } from '@verdaccio/utils';
-import { createAnonymousRemoteUser, createRemoteUser } from '@verdaccio/config';
-
-import {
-  getMiddlewareCredentials,
-  getDefaultPlugins,
-  verifyJWTPayload,
-  parseAuthTokenHeader,
-  isAuthHeaderValid,
-  isAESLegacy,
-  convertPayloadToBase64,
-} from './utils';
+import { getMatchedPackagesSpec, isFunction, isNil } from '@verdaccio/utils';
 
 import { signPayload } from './jwt-token';
 import { aesEncrypt } from './legacy-token';
 import { parseBasicPayload } from './token';
+import {
+  convertPayloadToBase64,
+  getDefaultPlugins,
+  getMiddlewareCredentials,
+  isAESLegacy,
+  isAuthHeaderValid,
+  parseAuthTokenHeader,
+  verifyJWTPayload,
+} from './utils';
 
 /* eslint-disable @typescript-eslint/no-var-requires */
 const LoggerApi = require('@verdaccio/logger');
@@ -54,6 +49,7 @@ const debug = buildDebug('verdaccio:auth');
 export interface IBasicAuth<T> {
   config: T & Config;
   authenticate(user: string, password: string, cb: Callback): void;
+  invalidateToken?(token: string): Promise<void>;
   changePassword(user: string, password: string, newPassword: string, cb: Callback): void;
   allow_access(pkg: AuthPluginPackage, user: RemoteUser, callback: Callback): void;
   add_user(user: string, password: string, cb: Callback): any;
@@ -85,6 +81,7 @@ export interface IAuth extends IBasicAuth<Config>, IAuthMiddleware, TokenEncrypt
   // eslint-disable-next-line @typescript-eslint/no-explicit-any
   plugins: any[];
   allow_unpublish(pkg: AuthPluginPackage, user: RemoteUser, callback: Callback): void;
+  invalidateToken(token: string): Promise<void>;
 }
 
 class Auth implements IAuth {
@@ -97,6 +94,9 @@ class Auth implements IAuth {
     this.config = config;
     this.logger = LoggerApi.logger.child({ sub: 'auth' });
     this.secret = config.secret;
+    if (!this.secret) {
+      throw new TypeError('secret it is required value on initialize the auth class');
+    }
 
     this.plugins =
       _.isNil(config?.auth) === false ? this._loadPlugin(config) : this.loadDefaultPlugin(config);
@@ -153,7 +153,7 @@ class Auth implements IAuth {
     const validPlugins = _.filter(this.plugins, (plugin) => isFunction(plugin.changePassword));
 
     if (_.isEmpty(validPlugins)) {
-      return cb(getInternalError(SUPPORT_ERRORS.PLUGIN_MISSING_INTERFACE));
+      return cb(errorUtils.getInternalError(SUPPORT_ERRORS.PLUGIN_MISSING_INTERFACE));
     }
 
     for (const plugin of validPlugins) {
@@ -179,6 +179,12 @@ class Auth implements IAuth {
     }
   }
 
+  public async invalidateToken(token: string) {
+    // eslint-disable-next-line no-console
+    console.log('invalidate token pending to implement', token);
+    return Promise.resolve();
+  }
+
   public authenticate(username: string, password: string, cb: Callback): void {
     const plugins = this.plugins.slice(0);
     (function next(): void {
@@ -415,7 +421,9 @@ class Auth implements IAuth {
       }
 
       // in case auth header does not exist we return anonymous function
-      req.remote_user = createAnonymousRemoteUser();
+      const remoteUser = createAnonymousRemoteUser();
+      req.remote_user = remoteUser;
+      res.locals.remote_user = remoteUser;
 
       const { authorization } = req.headers;
       if (_.isNil(authorization)) {
@@ -425,7 +433,7 @@ class Auth implements IAuth {
 
       if (!isAuthHeaderValid(authorization)) {
         debug('api middleware authentication heather is invalid');
-        return next(getBadRequest(API_ERROR.BAD_AUTH_HEADER));
+        return next(errorUtils.getBadRequest(API_ERROR.BAD_AUTH_HEADER));
       }
       const { secret, security } = this.config;
 
@@ -476,7 +484,7 @@ class Auth implements IAuth {
       } else {
         // with JWT throw 401
         debug('jwt invalid token');
-        next(getForbidden(API_ERROR.BAD_USERNAME_PASSWORD));
+        next(errorUtils.getForbidden(API_ERROR.BAD_USERNAME_PASSWORD));
       }
     }
   }
@@ -510,7 +518,7 @@ class Auth implements IAuth {
     } else {
       // we force npm client to ask again with basic authentication
       debug('legacy invalid header');
-      return next(getBadRequest(API_ERROR.BAD_AUTH_HEADER));
+      return next(errorUtils.getBadRequest(API_ERROR.BAD_AUTH_HEADER));
     }
   }
 
@@ -544,7 +552,7 @@ class Auth implements IAuth {
       }
 
       if (!isAuthHeaderValid(authorization)) {
-        return next(getBadRequest(API_ERROR.BAD_AUTH_HEADER));
+        return next(errorUtils.getBadRequest(API_ERROR.BAD_AUTH_HEADER));
       }
 
       const token = (authorization || '').replace(`${TOKEN_BEARER} `, '');

packages/auth/src/jwt-token.ts

@@ -1,5 +1,5 @@
-import jwt from 'jsonwebtoken';
 import buildDebug from 'debug';
+import jwt from 'jsonwebtoken';
 
 import { JWTSignOptions, RemoteUser } from '@verdaccio/types';
 

packages/auth/src/legacy-token.ts

@@ -1,13 +1,14 @@
 import {
+  HexBase64BinaryEncoding,
+  Utf8AsciiBinaryEncoding,
   createCipheriv,
   createDecipheriv,
-  HexBase64BinaryEncoding,
   randomBytes,
-  Utf8AsciiBinaryEncoding,
 } from 'crypto';
-import { TOKEN_VALID_LENGTH } from '@verdaccio/config';
 import buildDebug from 'debug';
 
+import { TOKEN_VALID_LENGTH } from '@verdaccio/config';
+
 const debug = buildDebug('verdaccio:auth:token:legacy');
 
 export const defaultAlgorithm = process.env.VERDACCIO_LEGACY_ALGORITHM || 'aes-256-ctr';

packages/auth/src/utils.ts

@@ -1,29 +1,27 @@
-import _ from 'lodash';
 import buildDebug from 'debug';
+import _ from 'lodash';
+
+import { createAnonymousRemoteUser } from '@verdaccio/config';
 import {
+  API_ERROR,
+  HTTP_STATUS,
+  TOKEN_BASIC,
+  TOKEN_BEARER,
+  VerdaccioError,
+  errorUtils,
+} from '@verdaccio/core';
+import {
+  AuthPackageAllow,
   Callback,
   Config,
   IPluginAuth,
   RemoteUser,
   Security,
-  AuthPackageAllow,
 } from '@verdaccio/types';
-import {
-  HTTP_STATUS,
-  TOKEN_BASIC,
-  TOKEN_BEARER,
-  API_ERROR,
-  getForbidden,
-  getUnauthorized,
-  getConflict,
-  getCode,
-} from '@verdaccio/commons-api';
-import { VerdaccioError } from '@verdaccio/commons-api';
 
-import { createAnonymousRemoteUser } from '@verdaccio/config';
-import { TokenEncryption, AESPayload } from './auth';
-import { aesDecrypt } from './legacy-token';
+import { AESPayload, TokenEncryption } from './auth';
 import { verifyPayload } from './jwt-token';
+import { aesDecrypt } from './legacy-token';
 import { parseBasicPayload } from './token';
 
 const debug = buildDebug('verdaccio:auth:utils');
@@ -155,7 +153,7 @@ export function verifyJWTPayload(token: string, secret: string): RemoteUser {
       // we return an anonymous user to force log in.
       return createAnonymousRemoteUser();
     }
-    throw getCode(HTTP_STATUS.UNAUTHORIZED, error.message);
+    throw errorUtils.getCode(HTTP_STATUS.UNAUTHORIZED, error.message);
   }
 }
 
@@ -166,11 +164,11 @@ export function isAuthHeaderValid(authorization: string): boolean {
 export function getDefaultPlugins(logger: any): IPluginAuth<Config> {
   return {
     authenticate(user: string, password: string, cb: Callback): void {
-      cb(getForbidden(API_ERROR.BAD_USERNAME_PASSWORD));
+      cb(errorUtils.getForbidden(API_ERROR.BAD_USERNAME_PASSWORD));
     },
 
     adduser(user: string, password: string, cb: Callback): void {
-      return cb(getConflict(API_ERROR.BAD_USERNAME_PASSWORD));
+      return cb(errorUtils.getConflict(API_ERROR.BAD_USERNAME_PASSWORD));
     },
 
     // FIXME: allow_action and allow_publish should be in the @verdaccio/types
@@ -205,9 +203,13 @@ export function allow_action(action: ActionsAllowed, logger): AllowAction {
     }
 
     if (name) {
-      callback(getForbidden(`user ${name} is not allowed to ${action} package ${pkg.name}`));
+      callback(
+        errorUtils.getForbidden(`user ${name} is not allowed to ${action} package ${pkg.name}`)
+      );
     } else {
-      callback(getUnauthorized(`authorization required to ${action} package ${pkg.name}`));
+      callback(
+        errorUtils.getUnauthorized(`authorization required to ${action} package ${pkg.name}`)
+      );
     }
   };
 }

packages/auth/test/auth-utils.spec.ts

@@ -1,39 +1,42 @@
-import path from 'path';
 import _ from 'lodash';
+import path from 'path';
 
-import { CHARACTER_ENCODING, TOKEN_BEARER, API_ERROR } from '@verdaccio/commons-api';
-
-import { configExample } from '@verdaccio/mock';
 import {
   Config as AppConfig,
-  parseConfigFile,
   ROLES,
-  createRemoteUser,
   createAnonymousRemoteUser,
+  createRemoteUser,
+  parseConfigFile,
 } from '@verdaccio/config';
-
 import {
-  getAuthenticatedMessage,
-  buildToken,
+  API_ERROR,
+  CHARACTER_ENCODING,
+  TOKEN_BEARER,
+  VerdaccioError,
+  errorUtils,
+} from '@verdaccio/core';
+import { setup } from '@verdaccio/logger';
+import { configExample } from '@verdaccio/mock';
+import { Config, RemoteUser, Security } from '@verdaccio/types';
+import {
   AllowActionCallbackResponse,
+  buildToken,
   buildUserBuffer,
+  getAuthenticatedMessage,
 } from '@verdaccio/utils';
 
-import { Config, Security, RemoteUser } from '@verdaccio/types';
-import { VerdaccioError, getForbidden } from '@verdaccio/commons-api';
-import { setup } from '@verdaccio/logger';
 import {
-  IAuth,
-  Auth,
   ActionsAllowed,
+  Auth,
+  IAuth,
+  aesDecrypt,
   allow_action,
+  getApiToken,
   getDefaultPlugins,
   getMiddlewareCredentials,
-  getApiToken,
-  verifyJWTPayload,
-  aesDecrypt,
-  verifyPayload,
   signPayload,
+  verifyJWTPayload,
+  verifyPayload,
 } from '../src';
 
 setup([]);
@@ -110,7 +113,7 @@ describe('Auth utilities', () => {
     test('authentication should fail by default (default)', () => {
       const plugin = getDefaultPlugins({ trace: jest.fn() });
       plugin.authenticate('foo', 'bar', (error: any) => {
-        expect(error).toEqual(getForbidden(API_ERROR.BAD_USERNAME_PASSWORD));
+        expect(error).toEqual(errorUtils.getForbidden(API_ERROR.BAD_USERNAME_PASSWORD));
       });
     });
 
@@ -118,7 +121,7 @@ describe('Auth utilities', () => {
       const plugin = getDefaultPlugins({ trace: jest.fn() });
       // @ts-ignore
       plugin.adduser('foo', 'bar', (error: any) => {
-        expect(error).toEqual(getForbidden(API_ERROR.BAD_USERNAME_PASSWORD));
+        expect(error).toEqual(errorUtils.getForbidden(API_ERROR.BAD_USERNAME_PASSWORD));
       });
     });
   });

packages/auth/test/auth.spec.ts

@@ -1,19 +1,21 @@
 import _ from 'lodash';
-import { ROLES, Config as AppConfig } from '@verdaccio/config';
-import { setup } from '@verdaccio/logger';
+
 import { IAuth } from '@verdaccio/auth';
+import { Config as AppConfig, ROLES } from '@verdaccio/config';
+import { errorUtils } from '@verdaccio/core';
+import { setup } from '@verdaccio/logger';
 import { Config } from '@verdaccio/types';
-import { getInternalError } from '@verdaccio/commons-api';
 
 import { Auth } from '../src';
-
-import { authProfileConf, authPluginFailureConf, authPluginPassThrougConf } from './helper/plugin';
+import { authPluginFailureConf, authPluginPassThrougConf, authProfileConf } from './helper/plugin';
 
 setup([]);
 
 describe('AuthTest', () => {
   test('should be defined', () => {
     const config: Config = new AppConfig(_.cloneDeep(authProfileConf));
+    config.checkSecretKey('12345');
+
     const auth: IAuth = new Auth(config);
 
     expect(auth).toBeDefined();
@@ -23,6 +25,7 @@ describe('AuthTest', () => {
     describe('test authenticate states', () => {
       test('should be a success login', () => {
         const config: Config = new AppConfig(_.cloneDeep(authProfileConf));
+        config.checkSecretKey('12345');
         const auth: IAuth = new Auth(config);
 
         expect(auth).toBeDefined();
@@ -49,6 +52,7 @@ describe('AuthTest', () => {
 
       test('should be a fail on login', () => {
         const config: Config = new AppConfig(_.cloneDeep(authPluginFailureConf));
+        config.checkSecretKey('12345');
         const auth: IAuth = new Auth(config);
 
         expect(auth).toBeDefined();
@@ -57,7 +61,7 @@ describe('AuthTest', () => {
 
         auth.authenticate('foo', 'bar', callback);
         expect(callback).toHaveBeenCalledTimes(1);
-        expect(callback).toHaveBeenCalledWith(getInternalError());
+        expect(callback).toHaveBeenCalledWith(errorUtils.getInternalError());
       });
     });
 
@@ -67,6 +71,7 @@ describe('AuthTest', () => {
     describe('test authenticate out of control inputs from plugins', () => {
       test('should skip falsy values', () => {
         const config: Config = new AppConfig(_.cloneDeep(authPluginPassThrougConf));
+        config.checkSecretKey('12345');
         const auth: IAuth = new Auth(config);
 
         expect(auth).toBeDefined();
@@ -86,6 +91,7 @@ describe('AuthTest', () => {
 
       test('should error truthy non-array', () => {
         const config: Config = new AppConfig(_.cloneDeep(authPluginPassThrougConf));
+        config.checkSecretKey('12345');
         const auth: IAuth = new Auth(config);
 
         expect(auth).toBeDefined();
@@ -103,6 +109,7 @@ describe('AuthTest', () => {
 
       test('should skip empty array', () => {
         const config: Config = new AppConfig(_.cloneDeep(authPluginPassThrougConf));
+        config.checkSecretKey('12345');
         const auth: IAuth = new Auth(config);
 
         expect(auth).toBeDefined();
@@ -119,6 +126,7 @@ describe('AuthTest', () => {
 
       test('should accept valid array', () => {
         const config: Config = new AppConfig(_.cloneDeep(authPluginPassThrougConf));
+        config.checkSecretKey('12345');
         const auth: IAuth = new Auth(config);
 
         expect(auth).toBeDefined();

packages/auth/test/helper/plugin.ts

@@ -1,4 +1,5 @@
 import path from 'path';
+
 import { configExample as config } from '@verdaccio/mock';
 
 export const authProfileConf = config({

packages/auth/tsconfig.json

@@ -10,9 +10,6 @@
     {
       "path": "../config"
     },
-    {
-      "path": "../core/commons-api"
-    },
     {
       "path": "../core/htpasswd"
     },

packages/cli/CHANGELOG.md

@@ -1,5 +1,52 @@
 # @verdaccio/cli
 
+## 6.0.0-6-next.25
+
+### Patch Changes
+
+- Updated dependencies [f86c31ed]
+- Updated dependencies [20c9e43e]
+  - @verdaccio/fastify-migration@6.0.0-6-next.16
+  - @verdaccio/config@6.0.0-6-next.11
+  - @verdaccio/node-api@6.0.0-6-next.24
+
+## 6.0.0-6-next.24
+
+### Minor Changes
+
+- 6c1eb021: feat: use warning codes for deprecation warnings
+
+### Patch Changes
+
+- Updated dependencies [6c1eb021]
+  - @verdaccio/core@6.0.0-6-next.3
+  - @verdaccio/logger@6.0.0-6-next.7
+  - @verdaccio/node-api@6.0.0-6-next.23
+  - @verdaccio/config@6.0.0-6-next.10
+  - @verdaccio/fastify-migration@6.0.0-6-next.15
+
+## 6.0.0-6-next.23
+
+### Major Changes
+
+- 794af76c: Remove Node 12 support
+
+  - We need move to the new `undici` and does not support Node.js 12
+
+### Minor Changes
+
+- 154b2ecd: refactor: remove @verdaccio/commons-api in favor @verdaccio/core and remove duplications
+
+### Patch Changes
+
+- Updated dependencies [794af76c]
+- Updated dependencies [b702ea36]
+- Updated dependencies [154b2ecd]
+  - @verdaccio/config@6.0.0-6-next.9
+  - @verdaccio/fastify-migration@6.0.0-6-next.14
+  - @verdaccio/logger@6.0.0-6-next.6
+  - @verdaccio/node-api@6.0.0-6-next.22
+
 ## 6.0.0-6-next.22
 
 ### Patch Changes

packages/cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@verdaccio/cli",
-  "version": "6.0.0-6-next.22",
+  "version": "6.0.0-6-next.25",
   "author": {
     "name": "Juan Picado",
     "email": "juanpicado19@gmail.com"
@@ -26,7 +26,7 @@
     "verdaccio"
   ],
   "engines": {
-    "node": ">=12",
+    "node": ">=14",
     "npm": ">=6"
   },
   "description": "verdaccio CLI",
@@ -44,11 +44,12 @@
     "start": "ts-node src/index.ts"
   },
   "dependencies": {
-    "@verdaccio/config": "workspace:6.0.0-6-next.8",
-    "@verdaccio/logger": "workspace:6.0.0-6-next.5",
-    "@verdaccio/node-api": "workspace:6.0.0-6-next.21",
-    "@verdaccio/fastify-migration": "workspace:6.0.0-6-next.13",
-    "clipanion": "3.0.1",
+    "@verdaccio/core": "workspace:6.0.0-6-next.3",
+    "@verdaccio/config": "workspace:6.0.0-6-next.11",
+    "@verdaccio/logger": "workspace:6.0.0-6-next.7",
+    "@verdaccio/node-api": "workspace:6.0.0-6-next.24",
+    "@verdaccio/fastify-migration": "workspace:6.0.0-6-next.16",
+    "clipanion": "3.1.0",
     "envinfo": "7.8.1",
     "kleur": "3.0.3",
     "semver": "7.3.5"

packages/cli/src/cli.ts

@@ -1,13 +1,15 @@
 import { Cli } from 'clipanion';
 
+import { warningUtils } from '@verdaccio/core';
+
+import { FastifyServer } from './commands/FastifyServer';
 import { InfoCommand } from './commands/info';
 import { InitCommand } from './commands/init';
 import { VersionCommand } from './commands/version';
-import { NewServer } from './commands/newServer';
-import { isVersionValid, MIN_NODE_VERSION } from './utils';
+import { MIN_NODE_VERSION, isVersionValid } from './utils';
 
 if (process.getuid && process.getuid() === 0) {
-  process.emitWarning(`Verdaccio doesn't need superuser privileges. don't run it under root`);
+  warningUtils.emit(warningUtils.Codes.VERWAR001);
 }
 
 if (!isVersionValid(process.version)) {
@@ -28,7 +30,7 @@ const cli = new Cli({
 cli.register(InfoCommand);
 cli.register(InitCommand);
 cli.register(VersionCommand);
-cli.register(NewServer);
+cli.register(FastifyServer);
 cli.runExit(args, Cli.defaultContext);
 
 process.on('uncaughtException', function (err) {

packages/cli/src/commands/FastifyServer.ts

@@ -1,7 +1,9 @@
 import { Command, Option } from 'clipanion';
+
 import { findConfigFile, parseConfigFile } from '@verdaccio/config';
-import { setup, logger } from '@verdaccio/logger';
+import { warningUtils } from '@verdaccio/core';
 import server from '@verdaccio/fastify-migration';
+import { logger, setup } from '@verdaccio/logger';
 import { ConfigRuntime } from '@verdaccio/types';
 
 export const DEFAULT_PROCESS_NAME: string = 'verdaccio';
@@ -9,9 +11,12 @@ export const DEFAULT_PROCESS_NAME: string = 'verdaccio';
 /**
  * This command is intended to run the server with Fastify
  * as a migration step.
+ * More info: https://github.com/verdaccio/verdaccio/discussions/2155
+ * To try out.
+ * pnpm debug:fastify
  */
-export class NewServer extends Command {
-  public static paths = [['new']];
+export class FastifyServer extends Command {
+  public static paths = [['fastify-server']];
 
   private port = Option.String('-l,-p,--listen,--port', {
     description: 'host:port number to listen on (default: localhost:4873)',
@@ -24,7 +29,7 @@ export class NewServer extends Command {
   private initLogger(logConfig: ConfigRuntime) {
     try {
       if (logConfig.logs) {
-        process.emitWarning('config.logs is deprecated, rename configuration to "config.log"');
+        warningUtils.emit(warningUtils.Codes.VERDEP001);
       }
       // FUTURE: remove fallback when is ready
       setup(logConfig.log || logConfig.logs);
@@ -41,9 +46,11 @@ export class NewServer extends Command {
       this.initLogger(configParsed);
 
       process.title = web?.title || DEFAULT_PROCESS_NAME;
+      // FIXME: need a way to get version of the package.
       // const { version, name } = require('../../package.json');
       const ser = await server({ logger, config: configParsed });
-      await ser.listen(4873);
+      // FIXME: harcoded, this would need to come from the configuration and the --listen flag.
+      await ser.listen(process.env.PORT || 4873);
     } catch (err: any) {
       console.error(err);
       process.exit(1);

packages/cli/src/commands/info.ts

@@ -1,5 +1,5 @@
-import envinfo from 'envinfo';
 import { Command } from 'clipanion';
+import envinfo from 'envinfo';
 
 export class InfoCommand extends Command {
   public static paths = [[`--info`], [`-i`]];

packages/cli/src/commands/init.ts

@@ -1,6 +1,8 @@
 import { Command, Option } from 'clipanion';
+
 import { findConfigFile, parseConfigFile } from '@verdaccio/config';
-import { setup, logger } from '@verdaccio/logger';
+import { warningUtils } from '@verdaccio/core';
+import { logger, setup } from '@verdaccio/logger';
 import { initServer } from '@verdaccio/node-api';
 import { ConfigRuntime } from '@verdaccio/types';
 
@@ -46,9 +48,7 @@ export class InitCommand extends Command {
   private initLogger(logConfig: ConfigRuntime) {
     try {
       if (logConfig.logs) {
-        process.emitWarning(
-          'config.logs is deprecated, rename configuration to "config.log" in singular'
-        );
+        warningUtils.emit(warningUtils.Codes.VERDEP001);
       }
       // FUTURE: remove fallback when is ready
       setup(logConfig.log || logConfig.logs);

packages/cli/src/utils.ts

@@ -1,7 +1,8 @@
 import semver from 'semver';
 
-export const MIN_NODE_VERSION = '14';
+export const MIN_NODE_VERSION = '14.0.0';
 
-export function isVersionValid(version) {
+export function isVersionValid(processVersion) {
+  const version = processVersion.substr(1);
   return semver.satisfies(version, `>=${MIN_NODE_VERSION}`);
 }

packages/cli/test/utils.spec.ts

@@ -1,9 +1,16 @@
 import { isVersionValid } from '../src/utils';
 
 test('valid version node.js', () => {
-  expect(isVersionValid('14.0.0')).toBeTruthy();
+  expect(isVersionValid('v14.0.0')).toBeTruthy();
+  expect(isVersionValid('v15.0.0')).toBeTruthy();
+  expect(isVersionValid('v16.0.0')).toBeTruthy();
+  expect(isVersionValid('v17.0.0')).toBeTruthy();
 });
 
 test('is invalid version node.js', () => {
-  expect(isVersionValid('13.0.0')).toBeFalsy();
+  expect(isVersionValid('v13.0.0')).toBeFalsy();
+  expect(isVersionValid('v12.0.0')).toBeFalsy();
+  expect(isVersionValid('v8.0.0')).toBeFalsy();
+  expect(isVersionValid('v4.0.0')).toBeFalsy();
+  expect(isVersionValid('v0.0.10')).toBeFalsy();
 });

packages/cli/tsconfig.json

@@ -13,6 +13,9 @@
     {
       "path": "../core/cli-ui"
     },
+    {
+      "path": "../core/core"
+    },
     {
       "path": "../core/server"
     },

packages/config/CHANGELOG.md

@@ -1,5 +1,39 @@
 # @verdaccio/config
 
+## 6.0.0-6-next.11
+
+### Patch Changes
+
+- Updated dependencies [f86c31ed]
+  - @verdaccio/utils@6.0.0-6-next.9
+
+## 6.0.0-6-next.10
+
+### Patch Changes
+
+- Updated dependencies [6c1eb021]
+  - @verdaccio/core@6.0.0-6-next.3
+  - @verdaccio/utils@6.0.0-6-next.8
+
+## 6.0.0-6-next.9
+
+### Major Changes
+
+- 794af76c: Remove Node 12 support
+
+  - We need move to the new `undici` and does not support Node.js 12
+
+### Minor Changes
+
+- 154b2ecd: refactor: remove @verdaccio/commons-api in favor @verdaccio/core and remove duplications
+
+### Patch Changes
+
+- Updated dependencies [794af76c]
+- Updated dependencies [154b2ecd]
+  - @verdaccio/core@6.0.0-6-next.2
+  - @verdaccio/utils@6.0.0-6-next.7
+
 ## 6.0.0-6-next.8
 
 ### Major Changes

packages/config/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@verdaccio/config",
-  "version": "6.0.0-6-next.8",
+  "version": "6.0.0-6-next.11",
   "description": "logger",
   "main": "./build/index.js",
   "types": "build/index.d.ts",
@@ -26,7 +26,7 @@
     "verdaccio"
   ],
   "engines": {
-    "node": ">=10",
+    "node": ">=14",
     "npm": ">=6"
   },
   "scripts": {
@@ -39,13 +39,13 @@
     "build": "pnpm run build:js && pnpm run build:types"
   },
   "dependencies": {
-    "@verdaccio/commons-api": "workspace:11.0.0-6-next.4",
-    "@verdaccio/utils": "workspace:6.0.0-6-next.6",
+    "@verdaccio/core": "workspace:6.0.0-6-next.3",
+    "@verdaccio/utils": "workspace:6.0.0-6-next.9",
     "debug": "4.3.2",
     "js-yaml": "3.14.1",
     "lodash": "4.17.21",
     "minimatch": "3.0.4",
-    "yup": "0.32.9"
+    "yup": "0.32.11"
   },
   "devDependencies": {
     "@types/minimatch": "3.0.5",

packages/config/src/config-path.ts

@@ -1,10 +1,11 @@
-import fs from 'fs';
-import path from 'path';
-import _ from 'lodash';
 import buildDebug from 'debug';
+import fs from 'fs';
+import _ from 'lodash';
+import path from 'path';
 
-import { CHARACTER_ENCODING } from '@verdaccio/commons-api';
-import { folderExists, fileExists } from './config-utils';
+import { CHARACTER_ENCODING } from '@verdaccio/core';
+
+import { fileExists, folderExists } from './config-utils';
 
 const CONFIG_FILE = 'config.yaml';
 const XDG = 'xdg';

packages/config/src/config.ts

@@ -1,25 +1,25 @@
 import assert from 'assert';
-import _ from 'lodash';
 import buildDebug from 'debug';
+import _ from 'lodash';
 
-import { getMatchedPackagesSpec, generateRandomHexString, isObject } from '@verdaccio/utils';
-import { APP_ERROR } from '@verdaccio/commons-api';
+import { APP_ERROR } from '@verdaccio/core';
 import {
-  PackageList,
   Config as AppConfig,
-  ConfigRuntime,
-  Security,
-  PackageAccess,
-  ServerSettingsConf,
   AuthConf,
+  ConfigRuntime,
+  PackageAccess,
+  PackageList,
+  Security,
+  ServerSettingsConf,
 } from '@verdaccio/types';
+import { generateRandomHexString, getMatchedPackagesSpec, isObject } from '@verdaccio/utils';
 
-import { generateRandomSecretKey } from './token';
-import { normalisePackageAccess } from './package-access';
-import { sanityCheckUplinksProps, uplinkSanityCheck } from './uplinks';
-import { defaultSecurity } from './security';
 import { getUserAgent } from './agent';
+import { normalisePackageAccess } from './package-access';
+import { defaultSecurity } from './security';
 import serverSettings from './serverSettings';
+import { generateRandomSecretKey } from './token';
+import { sanityCheckUplinksProps, uplinkSanityCheck } from './uplinks';
 
 const strategicConfigProps = ['uplinks', 'packages'];
 const allowedEnvConfig = ['http_proxy', 'https_proxy', 'no_proxy'];

packages/config/src/package-access.ts

@@ -1,7 +1,9 @@
 import assert from 'assert';
 import _ from 'lodash';
+
+import { errorUtils } from '@verdaccio/core';
 import { PackageAccess } from '@verdaccio/types';
-import { ErrorCode } from '@verdaccio/utils';
+
 export interface LegacyPackageList {
   [key: string]: PackageAccess;
 }
@@ -35,7 +37,7 @@ export function normalizeUserList(groupsList: any): any {
   } else if (Array.isArray(groupsList)) {
     result.push(groupsList);
   } else {
-    throw ErrorCode.getInternalError(
+    throw errorUtils.getInternalError(
       'CONFIG: bad package acl (array or string expected): ' + JSON.stringify(groupsList)
     );
   }

packages/config/src/parse.ts

@@ -1,6 +1,7 @@
 import fs from 'fs';
 import YAML from 'js-yaml';
-import { APP_ERROR } from '@verdaccio/commons-api';
+
+import { APP_ERROR } from '@verdaccio/core';
 import { ConfigRuntime, ConfigYaml } from '@verdaccio/types';
 
 /**

packages/config/src/uplinks.ts

@@ -1,8 +1,9 @@
 import assert from 'assert';
-import { getMatchedPackagesSpec } from '@verdaccio/utils';
-import { PackageList, UpLinksConfList } from '@verdaccio/types';
 import _ from 'lodash';
 
+import { PackageList, UpLinksConfList } from '@verdaccio/types';
+import { getMatchedPackagesSpec } from '@verdaccio/utils';
+
 export const DEFAULT_REGISTRY = 'https://registry.npmjs.org';
 export const DEFAULT_UPLINK = 'npmjs';
 

packages/config/test/config.path.spec.ts

@@ -1,4 +1,5 @@
 import os from 'os';
+
 import { findConfigFile } from '../src/config-path';
 
 const mockmkDir = jest.fn();

packages/config/test/config.spec.ts

@@ -1,14 +1,14 @@
-import path from 'path';
 import _ from 'lodash';
+import path from 'path';
 
 import {
   Config,
   DEFAULT_REGISTRY,
   DEFAULT_UPLINK,
-  defaultSecurity,
-  parseConfigFile,
   ROLES,
   WEB_TITLE,
+  defaultSecurity,
+  parseConfigFile,
 } from '../src';
 import { parseConfigurationFile } from './utils';
 

packages/config/test/package-access.spec.ts

@@ -1,7 +1,7 @@
 import _ from 'lodash';
 
-import { normalisePackageAccess, PACKAGE_ACCESS } from '../src/package-access';
 import { parseConfigFile } from '../src';
+import { PACKAGE_ACCESS, normalisePackageAccess } from '../src/package-access';
 import { parseConfigurationFile } from './utils';
 
 describe('Package access utilities', () => {

packages/config/test/token.spec.ts

@@ -1,4 +1,4 @@
-import { generateRandomSecretKey, TOKEN_VALID_LENGTH } from '../src/token';
+import { TOKEN_VALID_LENGTH, generateRandomSecretKey } from '../src/token';
 
 test('token test valid length', () => {
   const token = generateRandomSecretKey();

packages/config/test/uplinks.spec.ts

@@ -1,5 +1,5 @@
-import { hasProxyTo, sanityCheckUplinksProps, uplinkSanityCheck } from '../src/uplinks';
 import { normalisePackageAccess, parseConfigFile } from '../src';
+import { hasProxyTo, sanityCheckUplinksProps, uplinkSanityCheck } from '../src/uplinks';
 import { parseConfigurationFile } from './utils';
 
 describe('Uplinks Utilities', () => {

packages/config/test/utils.spec.ts

@@ -1,5 +1,5 @@
+import { ROLES, createAnonymousRemoteUser, createRemoteUser } from '../src';
 import { spliceURL } from '../src/string';
-import { createAnonymousRemoteUser, createRemoteUser, ROLES } from '../src';
 
 describe('spliceURL', () => {
   test('should splice two strings and generate a url', () => {

packages/config/tsconfig.json

@@ -7,9 +7,6 @@
   "include": ["src/**/*.ts"],
   "exclude": ["src/**/*.test.ts"],
   "references": [
-    {
-      "path": "../core/commons-api"
-    },
     {
       "path": "../utils"
     }

packages/core/commons-api/README.md

@@ -1,15 +0,0 @@
-# @verdaccio/commons-api
-
-commons api utilities for verdaccio
-
-[![verdaccio (latest)](https://img.shields.io/npm/v/@verdaccio/commons-api/latest.svg)](https://www.npmjs.com/package/@verdaccio/commons-api)
-[![docker pulls](https://img.shields.io/docker/pulls/verdaccio/verdaccio.svg?maxAge=43200)](https://verdaccio.org/docs/en/docker.html)
-[![backers](https://opencollective.com/verdaccio/tiers/backer/badge.svg?label=Backer&color=brightgreen)](https://opencollective.com/verdaccio)
-[![stackshare](https://img.shields.io/badge/Follow%20on-StackShare-blue.svg?logo=stackshare&style=flat)](https://stackshare.io/verdaccio)
-[![discord](https://img.shields.io/discord/388674437219745793.svg)](http://chat.verdaccio.org/)
-[![node](https://img.shields.io/node/v/@verdaccio/commons-api/latest.svg)](https://www.npmjs.com/package/@verdaccio/commons-api)
-![MIT](https://img.shields.io/github/license/mashape/apistatus.svg)
-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/verdaccio/localized.svg)](https://crowdin.com/project/verdaccio)
-
-[![Twitter followers](https://img.shields.io/twitter/follow/verdaccio_npm.svg?style=social&label=Follow)](https://twitter.com/verdaccio_npm)
-[![Github](https://img.shields.io/github/stars/verdaccio/verdaccio.svg?style=social&label=Stars)](https://github.com/verdaccio/verdaccio/stargazers)

packages/core/commons-api/package.json

@@ -1,55 +0,0 @@
-{
-  "name": "@verdaccio/commons-api",
-  "version": "11.0.0-6-next.4",
-  "description": "Commons API utilities for Verdaccio",
-  "keywords": [
-    "private",
-    "package",
-    "repository",
-    "registry",
-    "enterprise",
-    "modules",
-    "proxy",
-    "server",
-    "verdaccio"
-  ],
-  "author": "Juan Picado <juanpicado19@gmail.com>",
-  "license": "MIT",
-  "homepage": "https://verdaccio.org",
-  "repository": {
-    "type": "https",
-    "url": "https://github.com/verdaccio/verdaccio",
-    "directory": "packages/core/commons-api"
-  },
-  "bugs": {
-    "url": "https://github.com/verdaccio/verdaccio/issues"
-  },
-  "publishConfig": {
-    "access": "public"
-  },
-  "main": "build/index.js",
-  "types": "build/index.d.ts",
-  "files": [
-    "build"
-  ],
-  "engines": {
-    "node": ">=10",
-    "npm": ">=6"
-  },
-  "dependencies": {
-    "http-errors": "1.8.0",
-    "http-status-codes": "2.1.4"
-  },
-  "scripts": {
-    "clean": "rimraf ./build",
-    "test": "cross-env NODE_ENV=test BABEL_ENV=test jest",
-    "build:types": "tsc --emitDeclarationOnly -p tsconfig.build.json",
-    "build:js": "babel src/ --out-dir build/ --copy-files --extensions \".ts,.tsx\" --source-maps",
-    "watch": "pnpm build:js -- --watch",
-    "build": "pnpm run build:js && pnpm run build:types"
-  },
-  "funding": {
-    "type": "opencollective",
-    "url": "https://opencollective.com/verdaccio"
-  }
-}

packages/core/commons-api/src/index.ts

@@ -1,200 +0,0 @@
-import createError, { HttpError } from 'http-errors';
-import httpCodes from 'http-status-codes';
-
-export const DEFAULT_MIN_LIMIT_PASSWORD = 3;
-
-export const HEADER_TYPE = {
-  CONTENT_ENCODING: 'content-encoding',
-  CONTENT_TYPE: 'content-type',
-  CONTENT_LENGTH: 'content-length',
-  ACCEPT_ENCODING: 'accept-encoding',
-};
-
-export const HTTP_STATUS = {
-  OK: httpCodes.OK,
-  CREATED: httpCodes.CREATED,
-  MULTIPLE_CHOICES: httpCodes.MULTIPLE_CHOICES,
-  NOT_MODIFIED: httpCodes.NOT_MODIFIED,
-  BAD_REQUEST: httpCodes.BAD_REQUEST,
-  UNAUTHORIZED: httpCodes.UNAUTHORIZED,
-  FORBIDDEN: httpCodes.FORBIDDEN,
-  NOT_FOUND: httpCodes.NOT_FOUND,
-  CONFLICT: httpCodes.CONFLICT,
-  NOT_IMPLEMENTED: httpCodes.NOT_IMPLEMENTED,
-  UNSUPPORTED_MEDIA: httpCodes.UNSUPPORTED_MEDIA_TYPE,
-  BAD_DATA: httpCodes.UNPROCESSABLE_ENTITY,
-  INTERNAL_ERROR: httpCodes.INTERNAL_SERVER_ERROR,
-  SERVICE_UNAVAILABLE: httpCodes.SERVICE_UNAVAILABLE,
-  LOOP_DETECTED: 508,
-};
-
-export const CHARACTER_ENCODING = {
-  UTF8: 'utf8',
-};
-
-export const ERROR_CODE = {
-  token_required: 'token is required',
-};
-
-export const TOKEN_BASIC = 'Basic';
-export const TOKEN_BEARER = 'Bearer';
-
-export const HEADERS = {
-  ACCEPT: 'Accept',
-  ACCEPT_ENCODING: 'Accept-Encoding',
-  USER_AGENT: 'User-Agent',
-  JSON: 'application/json',
-  CONTENT_TYPE: 'Content-type',
-  CONTENT_LENGTH: 'content-length',
-  TEXT_PLAIN: 'text/plain',
-  TEXT_PLAIN_UTF8: 'text/plain; charset=utf-8',
-  TEXT_HTML_UTF8: 'text/html; charset=utf-8',
-  TEXT_HTML: 'text/html',
-  AUTHORIZATION: 'authorization',
-  // only set with proxy that setup HTTPS
-  // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
-  FORWARDED_PROTO: 'X-Forwarded-Proto',
-  FORWARDED_FOR: 'X-Forwarded-For',
-  FRAMES_OPTIONS: 'X-Frame-Options',
-  CSP: 'Content-Security-Policy',
-  CTO: 'X-Content-Type-Options',
-  XSS: 'X-XSS-Protection',
-  ETAG: 'ETag',
-  JSON_CHARSET: 'application/json; charset=utf-8',
-  OCTET_STREAM: 'application/octet-stream; charset=utf-8',
-  TEXT_CHARSET: 'text/plain; charset=utf-8',
-  WWW_AUTH: 'WWW-Authenticate',
-  GZIP: 'gzip',
-};
-
-export const API_MESSAGE = {
-  PKG_CREATED: 'created new package',
-  PKG_CHANGED: 'package changed',
-  PKG_REMOVED: 'package removed',
-  PKG_PUBLISHED: 'package published',
-  TARBALL_UPLOADED: 'tarball uploaded successfully',
-  TARBALL_REMOVED: 'tarball removed',
-  TAG_UPDATED: 'tags updated',
-  TAG_REMOVED: 'tag removed',
-  TAG_ADDED: 'package tagged',
-  LOGGED_OUT: 'Logged out',
-};
-
-// @deprecated
-export const SUPPORT_ERRORS = {
-  PLUGIN_MISSING_INTERFACE: 'the plugin does not provide implementation of the requested feature',
-  TFA_DISABLED: 'the two-factor authentication is not yet supported',
-  STORAGE_NOT_IMPLEMENT: 'the storage does not support token saving',
-  PARAMETERS_NOT_VALID: 'the parameters are not valid',
-};
-
-// @deprecated
-export const API_ERROR = {
-  PASSWORD_SHORT: (passLength = DEFAULT_MIN_LIMIT_PASSWORD): string =>
-    `The provided password is too short. Please pick a password longer than ` +
-    `${passLength} characters.`,
-  MUST_BE_LOGGED: 'You must be logged in to publish packages.',
-  PLUGIN_ERROR: 'bug in the auth plugin system',
-  CONFIG_BAD_FORMAT: 'config file must be an object',
-  BAD_USERNAME_PASSWORD: 'bad username/password, access denied',
-  NO_PACKAGE: 'no such package available',
-  PACKAGE_CANNOT_BE_ADDED: 'this package cannot be added',
-  BAD_DATA: 'bad data',
-  NOT_ALLOWED: 'not allowed to access package',
-  NOT_ALLOWED_PUBLISH: 'not allowed to publish package',
-  INTERNAL_SERVER_ERROR: 'internal server error',
-  UNKNOWN_ERROR: 'unknown error',
-  NOT_PACKAGE_UPLINK: 'package does not exist on uplink',
-  UPLINK_OFFLINE_PUBLISH: 'one of the uplinks is down, refuse to publish',
-  UPLINK_OFFLINE: 'uplink is offline',
-  CONTENT_MISMATCH: 'content length mismatch',
-  NOT_FILE_UPLINK: "file doesn't exist on uplink",
-  MAX_USERS_REACHED: 'maximum amount of users reached',
-  VERSION_NOT_EXIST: "this version doesn't exist",
-  UNSUPORTED_REGISTRY_CALL: 'unsupported registry call',
-  FILE_NOT_FOUND: 'File not found',
-  REGISTRATION_DISABLED: 'user registration disabled',
-  UNAUTHORIZED_ACCESS: 'unauthorized access',
-  BAD_STATUS_CODE: 'bad status code',
-  PACKAGE_EXIST: 'this package is already present',
-  BAD_AUTH_HEADER: 'bad authorization header',
-  WEB_DISABLED: 'Web interface is disabled in the config file',
-  DEPRECATED_BASIC_HEADER: 'basic authentication is deprecated, please use JWT instead',
-  BAD_FORMAT_USER_GROUP: 'user groups is different than an array',
-  RESOURCE_UNAVAILABLE: 'resource unavailable',
-  BAD_PACKAGE_DATA: 'bad incoming package data',
-  USERNAME_PASSWORD_REQUIRED: 'username and password is required',
-  USERNAME_ALREADY_REGISTERED: 'username is already registered',
-};
-
-// @deprecated
-export const APP_ERROR = {
-  CONFIG_NOT_VALID: 'CONFIG: it does not look like a valid config file',
-  PROFILE_ERROR: 'profile unexpected error',
-  PASSWORD_VALIDATION: 'not valid password',
-};
-
-// @deprecated
-export type VerdaccioError = HttpError & { code: number };
-
-function getError(code: number, message: string): VerdaccioError {
-  const httpError = createError(code, message);
-
-  httpError.code = code;
-
-  return httpError as VerdaccioError;
-}
-
-export function getConflict(message: string = API_ERROR.PACKAGE_EXIST): VerdaccioError {
-  return getError(HTTP_STATUS.CONFLICT, message);
-}
-
-export function getBadData(customMessage?: string): VerdaccioError {
-  return getError(HTTP_STATUS.BAD_DATA, customMessage || API_ERROR.BAD_DATA);
-}
-
-export function getBadRequest(customMessage: string): VerdaccioError {
-  return getError(HTTP_STATUS.BAD_REQUEST, customMessage);
-}
-
-export function getInternalError(customMessage?: string): VerdaccioError {
-  return customMessage
-    ? getError(HTTP_STATUS.INTERNAL_ERROR, customMessage)
-    : getError(HTTP_STATUS.INTERNAL_ERROR, API_ERROR.UNKNOWN_ERROR);
-}
-
-export function getUnauthorized(message = 'no credentials provided'): VerdaccioError {
-  return getError(HTTP_STATUS.UNAUTHORIZED, message);
-}
-
-export function getForbidden(message = "can't use this filename"): VerdaccioError {
-  return getError(HTTP_STATUS.FORBIDDEN, message);
-}
-
-export function getServiceUnavailable(
-  message: string = API_ERROR.RESOURCE_UNAVAILABLE
-): VerdaccioError {
-  return getError(HTTP_STATUS.SERVICE_UNAVAILABLE, message);
-}
-
-export function getNotFound(customMessage?: string): VerdaccioError {
-  return getError(HTTP_STATUS.NOT_FOUND, customMessage || API_ERROR.NO_PACKAGE);
-}
-
-export function getCode(statusCode: number, customMessage: string): VerdaccioError {
-  return getError(statusCode, customMessage);
-}
-
-export const TIME_EXPIRATION_24H = '24h';
-export const TIME_EXPIRATION_7D = '7d';
-export const DIST_TAGS = 'dist-tags';
-export const LATEST = 'latest';
-export const USERS = 'users';
-export const DEFAULT_USER = 'Anonymous';
-
-export const LOG_STATUS_MESSAGE =
-  "@{status}, user: @{user}(@{remoteIP}), req: '@{request.method} @{request.url}'";
-export const LOG_VERDACCIO_ERROR = `${LOG_STATUS_MESSAGE}, error: @{!error}`;
-export const LOG_VERDACCIO_BYTES = `${LOG_STATUS_MESSAGE}, bytes: @{bytes.in}/@{bytes.out}`;
-
-export * from './helpers/pkg';

packages/core/commons-api/test/errors.spec.ts

@@ -1,108 +0,0 @@
-import _ from 'lodash';
-
-import {
-  getNotFound,
-  VerdaccioError,
-  HTTP_STATUS,
-  getConflict,
-  getBadData,
-  getInternalError,
-  API_ERROR,
-  getUnauthorized,
-  getForbidden,
-  getServiceUnavailable,
-  getCode,
-} from '../src/index';
-
-describe('testing errors', () => {
-  test('should qualify as an native error', () => {
-    expect(_.isError(getNotFound())).toBeTruthy();
-    expect(_.isError(getConflict())).toBeTruthy();
-    expect(_.isError(getBadData())).toBeTruthy();
-    expect(_.isError(getInternalError())).toBeTruthy();
-    expect(_.isError(getUnauthorized())).toBeTruthy();
-    expect(_.isError(getForbidden())).toBeTruthy();
-    expect(_.isError(getServiceUnavailable())).toBeTruthy();
-    expect(_.isError(getCode(400, 'fooError'))).toBeTruthy();
-  });
-
-  test('should test not found', () => {
-    const err: VerdaccioError = getNotFound('foo');
-
-    expect(err.code).toBeDefined();
-    expect(err.code).toEqual(HTTP_STATUS.NOT_FOUND);
-    expect(err.statusCode).toEqual(HTTP_STATUS.NOT_FOUND);
-    expect(err.message).toEqual('foo');
-  });
-
-  test('should test conflict', () => {
-    const err: VerdaccioError = getConflict('foo');
-
-    expect(err.code).toBeDefined();
-    expect(err.code).toEqual(HTTP_STATUS.CONFLICT);
-    expect(err.message).toEqual('foo');
-  });
-
-  test('should test bad data', () => {
-    const err: VerdaccioError = getBadData('foo');
-
-    expect(err.code).toBeDefined();
-    expect(err.code).toEqual(HTTP_STATUS.BAD_DATA);
-    expect(err.message).toEqual('foo');
-  });
-
-  test('should test internal error custom message', () => {
-    const err: VerdaccioError = getInternalError('foo');
-
-    expect(err.code).toBeDefined();
-    expect(err.code).toEqual(HTTP_STATUS.INTERNAL_ERROR);
-    expect(err.message).toEqual('foo');
-  });
-
-  test('should test internal error', () => {
-    const err: VerdaccioError = getInternalError();
-
-    expect(err.code).toBeDefined();
-    expect(err.code).toEqual(HTTP_STATUS.INTERNAL_ERROR);
-    expect(err.message).toEqual(API_ERROR.UNKNOWN_ERROR);
-  });
-
-  test('should test Unauthorized message', () => {
-    const err: VerdaccioError = getUnauthorized('foo');
-
-    expect(err.code).toBeDefined();
-    expect(err.code).toEqual(HTTP_STATUS.UNAUTHORIZED);
-    expect(err.message).toEqual('foo');
-  });
-
-  test('should test forbidden message', () => {
-    const err: VerdaccioError = getForbidden('foo');
-
-    expect(err.code).toBeDefined();
-    expect(err.code).toEqual(HTTP_STATUS.FORBIDDEN);
-    expect(err.message).toEqual('foo');
-  });
-
-  test('should test service unavailable message', () => {
-    const err: VerdaccioError = getServiceUnavailable('foo');
-
-    expect(err.code).toBeDefined();
-    expect(err.code).toEqual(HTTP_STATUS.SERVICE_UNAVAILABLE);
-    expect(err.message).toEqual('foo');
-  });
-
-  test('should test custom code error message', () => {
-    const err: VerdaccioError = getCode(HTTP_STATUS.NOT_FOUND, 'foo');
-
-    expect(err.code).toBeDefined();
-    expect(err.code).toEqual(HTTP_STATUS.NOT_FOUND);
-    expect(err.message).toEqual('foo');
-  });
-
-  test('should test custom code ok message', () => {
-    const err: VerdaccioError = getCode(HTTP_STATUS.OK, 'foo');
-
-    expect(err.code).toBeDefined();
-    expect(err.code).toEqual(HTTP_STATUS.OK);
-  });
-});

packages/core/commons-api/types/lockfile.d.ts

@@ -1,20 +0,0 @@
-declare module 'lockfile' {
-  type Callback = (err?: Error) => void;
-
-  interface LockOptions {
-    wait?: number;
-    pollPeriod?: number;
-    stale?: number;
-    retries?: number;
-    retryWait?: number;
-  }
-
-  interface LockFileExport {
-    lock(fileName: string, opts: LockOptions, cb: Callback): void;
-    unlock(fileName: string, cb: Callback): void;
-  }
-
-  const lockFileExport: LockFileExport;
-
-  export default lockFileExport;
-}

packages/core/core/CHANGELOG.md

@@ -1,25 +1,44 @@
 # @verdaccio/core
 
+## 6.0.0-6-next.3
+
+### Minor Changes
+
+- 6c1eb021: feat: use warning codes for deprecation warnings
+
+## 6.0.0-6-next.2
+
+### Major Changes
+
+- 794af76c: Remove Node 12 support
+
+  - We need move to the new `undici` and does not support Node.js 12
+
+### Minor Changes
+
+- 154b2ecd: refactor: remove @verdaccio/commons-api in favor @verdaccio/core and remove duplications
+
 ## 6.0.0-6-next.1
+
 ### Major Changes
 
 - 459b6fa7: refactor: search v1 endpoint and local-database
-  
+
   - refactor search `api v1` endpoint, improve performance
   - remove usage of `async` dependency https://github.com/verdaccio/verdaccio/issues/1225
   - refactor method storage class
   - create new module `core` to reduce the ammount of modules with utilities
   - use `undici` instead `node-fetch`
   - use `fastify` instead `express` for functional test
-  
+
   ### Breaking changes
-  
+
   - plugin storage API changes
   - remove old search endpoint (return 404)
   - filter local private packages at plugin level
-  
+
   The storage api changes for methods `get`, `add`, `remove` as promise base. The `search` methods also changes and recieves a `query` object that contains all query params from the client.
-  
+
   ```ts
   export interface IPluginStorage<T> extends IPlugin {
     add(name: string): Promise<void>;

packages/core/core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@verdaccio/core",
-  "version": "6.0.0-6-next.1",
+  "version": "6.0.0-6-next.3",
   "description": "core utilities",
   "keywords": [
     "private",
@@ -19,7 +19,7 @@
   "license": "MIT",
   "homepage": "https://verdaccio.org",
   "engines": {
-    "node": ">=12",
+    "node": ">=14",
     "npm": ">=6"
   },
   "repository": {
@@ -36,10 +36,11 @@
   "dependencies": {
     "http-errors": "1.8.0",
     "http-status-codes": "2.1.4",
-    "semver": "7.3.5"
+    "semver": "7.3.5",
+    "fastify-warning": "0.2.0"
   },
   "devDependencies": {
-    "@verdaccio/types": "workspace:11.0.0-6-next.8"
+    "@verdaccio/types": "workspace:11.0.0-6-next.9"
   },
   "scripts": {
     "clean": "rimraf ./build",

packages/core/core/src/constants.ts

@@ -1,3 +1,5 @@
+import httpCodes from 'http-status-codes';
+
 export const DEFAULT_MIN_LIMIT_PASSWORD = 3;
 export const TIME_EXPIRATION_24H = '24h';
 export const TIME_EXPIRATION_7D = '7d';
@@ -47,3 +49,43 @@ export const HEADERS = {
   WWW_AUTH: 'WWW-Authenticate',
   GZIP: 'gzip',
 };
+
+export const HTTP_STATUS = {
+  OK: httpCodes.OK,
+  CREATED: httpCodes.CREATED,
+  MULTIPLE_CHOICES: httpCodes.MULTIPLE_CHOICES,
+  NOT_MODIFIED: httpCodes.NOT_MODIFIED,
+  BAD_REQUEST: httpCodes.BAD_REQUEST,
+  UNAUTHORIZED: httpCodes.UNAUTHORIZED,
+  FORBIDDEN: httpCodes.FORBIDDEN,
+  NOT_FOUND: httpCodes.NOT_FOUND,
+  CONFLICT: httpCodes.CONFLICT,
+  NOT_IMPLEMENTED: httpCodes.NOT_IMPLEMENTED,
+  UNSUPPORTED_MEDIA: httpCodes.UNSUPPORTED_MEDIA_TYPE,
+  BAD_DATA: httpCodes.UNPROCESSABLE_ENTITY,
+  INTERNAL_ERROR: httpCodes.INTERNAL_SERVER_ERROR,
+  SERVICE_UNAVAILABLE: httpCodes.SERVICE_UNAVAILABLE,
+  LOOP_DETECTED: 508,
+};
+
+export const ERROR_CODE = {
+  token_required: 'token is required',
+};
+
+export const API_MESSAGE = {
+  PKG_CREATED: 'created new package',
+  PKG_CHANGED: 'package changed',
+  PKG_REMOVED: 'package removed',
+  PKG_PUBLISHED: 'package published',
+  TARBALL_UPLOADED: 'tarball uploaded successfully',
+  TARBALL_REMOVED: 'tarball removed',
+  TAG_UPDATED: 'tags updated',
+  TAG_REMOVED: 'tag removed',
+  TAG_ADDED: 'package tagged',
+  LOGGED_OUT: 'Logged out',
+};
+
+export const LOG_STATUS_MESSAGE =
+  "@{status}, user: @{user}(@{remoteIP}), req: '@{request.method} @{request.url}'";
+export const LOG_VERDACCIO_ERROR = `${LOG_STATUS_MESSAGE}, error: @{!error}`;
+export const LOG_VERDACCIO_BYTES = `${LOG_STATUS_MESSAGE}, bytes: @{bytes.in}/@{bytes.out}`;

packages/core/core/src/error-utils.ts

@@ -1,48 +1,6 @@
 import createError, { HttpError } from 'http-errors';
-import httpCodes from 'http-status-codes';
-import { DEFAULT_MIN_LIMIT_PASSWORD } from './constants';
 
-export const HTTP_STATUS = {
-  OK: httpCodes.OK,
-  CREATED: httpCodes.CREATED,
-  MULTIPLE_CHOICES: httpCodes.MULTIPLE_CHOICES,
-  NOT_MODIFIED: httpCodes.NOT_MODIFIED,
-  BAD_REQUEST: httpCodes.BAD_REQUEST,
-  UNAUTHORIZED: httpCodes.UNAUTHORIZED,
-  FORBIDDEN: httpCodes.FORBIDDEN,
-  NOT_FOUND: httpCodes.NOT_FOUND,
-  CONFLICT: httpCodes.CONFLICT,
-  NOT_IMPLEMENTED: httpCodes.NOT_IMPLEMENTED,
-  UNSUPPORTED_MEDIA: httpCodes.UNSUPPORTED_MEDIA_TYPE,
-  BAD_DATA: httpCodes.UNPROCESSABLE_ENTITY,
-  INTERNAL_ERROR: httpCodes.INTERNAL_SERVER_ERROR,
-  SERVICE_UNAVAILABLE: httpCodes.SERVICE_UNAVAILABLE,
-  LOOP_DETECTED: 508,
-};
-
-export const ERROR_CODE = {
-  token_required: 'token is required',
-};
-
-export const API_MESSAGE = {
-  PKG_CREATED: 'created new package',
-  PKG_CHANGED: 'package changed',
-  PKG_REMOVED: 'package removed',
-  PKG_PUBLISHED: 'package published',
-  TARBALL_UPLOADED: 'tarball uploaded successfully',
-  TARBALL_REMOVED: 'tarball removed',
-  TAG_UPDATED: 'tags updated',
-  TAG_REMOVED: 'tag removed',
-  TAG_ADDED: 'package tagged',
-  LOGGED_OUT: 'Logged out',
-};
-
-export const SUPPORT_ERRORS = {
-  PLUGIN_MISSING_INTERFACE: 'the plugin does not provide implementation of the requested feature',
-  TFA_DISABLED: 'the two-factor authentication is not yet supported',
-  STORAGE_NOT_IMPLEMENT: 'the storage does not support token saving',
-  PARAMETERS_NOT_VALID: 'the parameters are not valid',
-};
+import { DEFAULT_MIN_LIMIT_PASSWORD, HTTP_STATUS } from './constants';
 
 export const API_ERROR = {
   PASSWORD_SHORT: (passLength = DEFAULT_MIN_LIMIT_PASSWORD): string =>
@@ -82,6 +40,13 @@ export const API_ERROR = {
   USERNAME_ALREADY_REGISTERED: 'username is already registered',
 };
 
+export const SUPPORT_ERRORS = {
+  PLUGIN_MISSING_INTERFACE: 'the plugin does not provide implementation of the requested feature',
+  TFA_DISABLED: 'the two-factor authentication is not yet supported',
+  STORAGE_NOT_IMPLEMENT: 'the storage does not support token saving',
+  PARAMETERS_NOT_VALID: 'the parameters are not valid',
+};
+
 export const APP_ERROR = {
   CONFIG_NOT_VALID: 'CONFIG: it does not look like a valid config file',
   PROFILE_ERROR: 'profile unexpected error',
@@ -137,8 +102,3 @@ export function getNotFound(customMessage?: string): VerdaccioError {
 export function getCode(statusCode: number, customMessage: string): VerdaccioError {
   return getError(statusCode, customMessage);
 }
-
-export const LOG_STATUS_MESSAGE =
-  "@{status}, user: @{user}(@{remoteIP}), req: '@{request.method} @{request.url}'";
-export const LOG_VERDACCIO_ERROR = `${LOG_STATUS_MESSAGE}, error: @{!error}`;
-export const LOG_VERDACCIO_BYTES = `${LOG_STATUS_MESSAGE}, bytes: @{bytes.in}/@{bytes.out}`;

packages/core/core/src/index.ts

@@ -1,11 +1,28 @@
-import * as searchUtils from './search-utils';
-import * as streamUtils from './stream-utils';
-import * as errorUtils from './error-utils';
-import * as validatioUtils from './validation-utils';
 import * as constants from './constants';
-import * as pluginUtils from './plugin-utils';
+import * as errorUtils from './error-utils';
 import * as fileUtils from './file-utils';
 import * as pkgUtils from './pkg-utils';
+import * as pluginUtils from './plugin-utils';
+import * as searchUtils from './search-utils';
+import * as streamUtils from './stream-utils';
+import * as validatioUtils from './validation-utils';
+import * as warningUtils from './warning-utils';
+
+export { VerdaccioError, API_ERROR, SUPPORT_ERRORS, APP_ERROR } from './error-utils';
+export {
+  TOKEN_BASIC,
+  TOKEN_BEARER,
+  HTTP_STATUS,
+  API_MESSAGE,
+  HEADERS,
+  DIST_TAGS,
+  CHARACTER_ENCODING,
+  HEADER_TYPE,
+  LATEST,
+  DEFAULT_MIN_LIMIT_PASSWORD,
+  DEFAULT_USER,
+  USERS,
+} from './constants';
 
 export {
   fileUtils,
@@ -16,4 +33,5 @@ export {
   validatioUtils,
   constants,
   pluginUtils,
+  warningUtils,
 };

packages/core/core/src/pkg-utils.ts

@@ -1,5 +1,7 @@
-import { Package } from '@verdaccio/types';
 import semver from 'semver';
+
+import { Package } from '@verdaccio/types';
+
 import { DIST_TAGS } from './constants';
 
 /**

packages/core/core/src/plugin-utils.ts

@@ -1,4 +1,5 @@
 import { Config, IPackageStorage, Token, TokenFilter } from '@verdaccio/types';
+
 import { searchUtils } from '.';
 
 interface IPlugin {

packages/core/core/src/stream-utils.ts

@@ -1,4 +1,4 @@
-import { PassThrough, TransformOptions, Transform } from 'stream';
+import { PassThrough, Transform, TransformOptions } from 'stream';
 
 export interface IReadTarball {
   abort?: () => void;

packages/core/core/src/validation-utils.ts

@@ -1,5 +1,7 @@
 import assert from 'assert';
+
 import { Package } from '@verdaccio/types';
+
 import { DIST_TAGS } from './constants';
 
 export function isPackageNameScoped(name: string): boolean {

packages/core/core/src/warning-utils.ts

@@ -0,0 +1,59 @@
+import warning from 'fastify-warning';
+
+const warningInstance = warning();
+const verdaccioWarning = 'VerdaccioWarning';
+const verdaccioDeprecation = 'VerdaccioDeprecation';
+
+export enum Codes {
+  VERWAR001 = 'VERWAR001',
+  VERWAR002 = 'VERWAR002',
+  VERWAR003 = 'VERWAR003',
+  VERWAR004 = 'VERWAR004',
+  VERDEP001 = 'VERDEP001',
+  VERDEP002 = 'VERDEP002',
+  VERDEP003 = 'VERDEP003',
+}
+
+warningInstance.create(
+  verdaccioWarning,
+  Codes.VERWAR001,
+  `Verdaccio doesn't need superuser privileges. don't run it under root`
+);
+
+warningInstance.create(verdaccioWarning, Codes.VERWAR002, 'logger is not defined');
+
+warningInstance.create(
+  verdaccioWarning,
+  Codes.VERWAR003,
+  'rotating-file type is not longer supported, consider use [logrotate] instead'
+);
+
+warningInstance.create(
+  verdaccioWarning,
+  Codes.VERWAR004,
+  `invalid address - %s, we expect a port (e.g. "4873"), 
+host:port (e.g. "localhost:4873") or full url '(e.g. "http://localhost:4873/")
+https://verdaccio.org/docs/en/configuration#listen-port`
+);
+
+warningInstance.create(
+  verdaccioDeprecation,
+  Codes.VERDEP001,
+  'config.logs is deprecated, rename configuration to "config.log" in singular'
+);
+
+warningInstance.create(
+  verdaccioDeprecation,
+  Codes.VERDEP002,
+  'deprecate: multiple logger configuration is deprecated, please check the migration guide.'
+);
+
+warningInstance.create(
+  verdaccioDeprecation,
+  Codes.VERDEP003,
+  'multiple addresses will be deprecated in the next major, only use one'
+);
+
+export function emit(code, a?: string, b?: string, c?: string) {
+  warningInstance.emit(code, a, b, c);
+}

packages/core/core/test/errors.spec.ts

@@ -1,17 +1,17 @@
 import _ from 'lodash';
 
+import { HTTP_STATUS } from '../src/constants';
 import {
-  getNotFound,
-  VerdaccioError,
-  HTTP_STATUS,
-  getConflict,
-  getBadData,
-  getInternalError,
   API_ERROR,
-  getUnauthorized,
-  getForbidden,
-  getServiceUnavailable,
+  VerdaccioError,
+  getBadData,
   getCode,
+  getConflict,
+  getForbidden,
+  getInternalError,
+  getNotFound,
+  getServiceUnavailable,
+  getUnauthorized,
 } from '../src/error-utils';
 
 describe('testing errors', () => {

packages/core/core/test/merge.dist.tags.spec.ts

@@ -1,4 +1,4 @@
-import { semverSort, mergeVersions } from '../src/pkg-utils';
+import { mergeVersions, semverSort } from '../src/pkg-utils';
 
 describe('Storage._merge_versions versions', () => {
   test('simple', () => {

packages/core/core/test/mystreams.spec.ts

@@ -1,5 +1,6 @@
 import { Stream } from 'stream';
-import { readableToString, ReadTarball, UploadTarball } from '../src/stream-utils';
+
+import { ReadTarball, UploadTarball, readableToString } from '../src/stream-utils';
 
 describe('mystreams', () => {
   test('should delay events on ReadTarball abort', (cb) => {