Create missing NPM metadata when package is deprecated
Context
In order to deprecate a package version, we need to set the attribute deprecated in the package's metadata, so having a metadata entry is a requirement. Currently, not all NPM packages have associated metadata, and this prevents the package from being deprecated.
Solution
Change the Packages::Npm::DeprecatePackageService to also create metadata entries (bulk insert), when they don't exist.
To have correct package metadata, pass the whole params to the worker and not only the versions and the deprecation message.
What does this MR do and why?
- Update
Packages::Npm::DeprecatePackageServiceto bulk create metadata entries, when they don't exist. - Enqueue
::Packages::Npm::CreateMetadataCacheWorkerif the metadata was updated or created. - Add related specs.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
| Before | After |
|---|---|
How to set up and validate locally
- Publish multiple versions of the same NPM package to a project in your GDK. This tool can help.
- In rails console, choose one or two versions and delete their
npm_metadatumrecords.Packages::Package.npm.last(2).map(&:npm_metadatum).each(&:destroy) - Keep track of those metadata-less versions to check them later and see if their metadata records will be created.
- Deprecate the package: https://docs.gitlab.com/ee/user/packages/npm_registry/#deprecate-a-package
- In rails console, check the metadata-less versions, their metadata records should be recreated, and the deprecation message should be stored in it.
- You should also see a deprecation warning when you run
$ npm install <package_name>or$ npm view <package_name>
Related to #479986 (closed)