davidwindham.com / npmx.dev
forked from npmx.dev/npmx.dev
[READ-ONLY] a fast, modern browser for the npm registry
fork atom

fix: use consistent package parsing on social/likes (#1180)

authored by

BoxenOfDonuts and committed by
GitHub 50ed1cd1 d3800dcf

+28 -5
+3 -1
app/composables/usePackageComparison.ts
··· 142 142 $fetch<VulnerabilityTreeResult>( 143 143 `/api/registry/vulnerabilities/${encodePackageName(name)}`, 144 144 ).catch(() => null), 145 - $fetch<PackageLikes>(`/api/social/likes/${name}`).catch(() => null), 145 + $fetch<PackageLikes>(`/api/social/likes/${encodePackageName(name)}`).catch( 146 + () => null, 147 + ), 146 148 ]) 147 149 const versionData = pkgData.versions[latestVersion] 148 150 const packageSize = versionData?.dist?.unpackedSize
+25 -4
server/api/social/likes/[...pkg].get.ts
··· 1 + import * as v from 'valibot' 2 + import { PackageRouteParamsSchema } from '#shared/schemas/package' 3 + 4 + /** 5 + * GET /api/social/likes/:name 6 + * 7 + * Gets the likes for a npm package on npmx 8 + */ 1 9 export default eventHandlerWithOAuthSession(async (event, oAuthSession, _) => { 2 - const packageName = getRouterParam(event, 'pkg') 3 - if (!packageName) { 10 + const pkgParamSegments = getRouterParam(event, 'pkg')?.split('/') ?? [] 11 + const { rawPackageName } = parsePackageParams(pkgParamSegments) 12 + 13 + if (!rawPackageName) { 4 14 throw createError({ 5 15 status: 400, 6 16 message: 'package name not provided', 7 17 }) 8 18 } 9 19 10 - const likesUtil = new PackageLikesUtils() 11 - return await likesUtil.getLikes(packageName, oAuthSession?.did.toString()) 20 + try { 21 + const { packageName } = v.parse(PackageRouteParamsSchema, { 22 + packageName: decodeURIComponent(rawPackageName), 23 + }) 24 + 25 + const likesUtil = new PackageLikesUtils() 26 + return await likesUtil.getLikes(packageName, oAuthSession?.did.toString()) 27 + } catch (error: unknown) { 28 + handleApiError(error, { 29 + statusCode: 502, 30 + message: 'Failed to get likes', 31 + }) 32 + } 12 33 })