[bitbake-devel,v3,6/7] fetch2/npm.py: restrict the build to be offline

Submitted by Jean-Marie LEMETAYER on Nov. 20, 2019, 9:34 a.m. | Patch ID: 167181

Details

Message ID 20191120093412.11519-7-jean-marie.lemetayer@savoirfairelinux.com
State New
Headers show

Commit Message

Jean-Marie LEMETAYER Nov. 20, 2019, 9:34 a.m.
After the do_fetch task, every other tasks must not access the network.
In order to ensure this point every npm command must use the '--offline'
argument. In addition, setting an invalid proxy is used as a safety.

Signed-off-by: Jean-Marie LEMETAYER <jean-marie.lemetayer@savoirfairelinux.com>
---
 lib/bb/fetch2/npm.py | 2 ++
 1 file changed, 2 insertions(+)

Patch hide | download patch | download mbox

diff --git a/lib/bb/fetch2/npm.py b/lib/bb/fetch2/npm.py
index 9beb84bf..b365d5fc 100644
--- a/lib/bb/fetch2/npm.py
+++ b/lib/bb/fetch2/npm.py
@@ -329,6 +329,8 @@  def unpack_dependencies(d, shrinkwrap_file=None):
 
     def cache_dependency(tarball):
         cmd = "npm cache add '{}'".format(tarball)
+        cmd += " --offline"
+        cmd += " --proxy=http://invalid.org"
         cmd += d.expand(" --cache=${NPM_CACHE_DIR}")
         runfetchcmd(cmd, d)