fix: author marshall reported date diff for very old package releases (…

…#303) if a package had a below 30 days time diff between author first relases to the version being grabbed, but was 8 years old on the registry then the alert would still show up. this was fixed with a 45 days window from the released version and up to the current date as a more sane check
lirantal · Mar 4, 2024 · 5770c6e · 5770c6e
1 parent 2efc4be
commit 5770c6e
Showing 1 changed file with 20 additions and 9 deletions.
diff --git a/lib/marshalls/author.marshall.js b/lib/marshalls/author.marshall.js
@@ -30,7 +30,7 @@ class Marshall extends BaseMarshall {
    * @returns
    */
   async validate(pkg) {
-    // @TODO move some of these utility functions about first package vesion
+    // @TODO move some of these utility functions about first package version
     // published, date diff, etc into the package repo utils
     const pakument = await this.packageRepoUtils.getPackageInfo(pkg.packageName)
 
@@ -67,16 +67,27 @@ class Marshall extends BaseMarshall {
 
     const firstPublishedDateString = pakument.time[firstVersionForUser.version]
 
-    const dateDiffInMs = new Date(versionPublishedDateString) - new Date(firstPublishedDateString)
-    let dateDiffInDays = 0
-    if (dateDiffInMs > 0) {
-      dateDiffInDays = Math.round(dateDiffInMs / (1000 * 60 * 60 * 24))
+    // get date in ms
+    const currentDate = new Date()
+    const dateDiffInMsVersionPublished = currentDate - new Date(versionPublishedDateString)
+    console.log(dateDiffInMsVersionPublished)
+    let dateDiffVersionPublished = 0
+    if (dateDiffInMsVersionPublished > 0) {
+      dateDiffVersionPublished = Math.round(dateDiffInMsVersionPublished / (1000 * 60 * 60 * 24))
     }
 
-    if (dateDiffInDays <= 30) {
-      throw new Error(
-        `The user ${npmUser.name} <${npmUser.email}> published this package for the first time only ${dateDiffInDays} days ago.`
-      )
+    if (dateDiffVersionPublished <= 45) {
+      const dateDiffInMs = new Date(versionPublishedDateString) - new Date(firstPublishedDateString)
+      let dateDiffInDays = 0
+      if (dateDiffInMs > 0) {
+        dateDiffInDays = Math.round(dateDiffInMs / (1000 * 60 * 60 * 24))
+      }
+
+      if (dateDiffInDays <= 30) {
+        throw new Error(
+          `The user ${npmUser.name} <${npmUser.email}> published this package for the first time only ${dateDiffInDays} days prior to this version.`
+        )
+      }
     }
 
     return versionPublishedDateString