fix: fall back to git clone when tarball response is not a valid archive

When a hosted git provider (e.g. GitLab) returns an HTML page with
HTTP 200 for a private repo's archive endpoint instead of a proper
401/403, the tarball extraction fails with TAR_BAD_ARCHIVE. Previously,
the fallback to git clone only triggered on HTTP errors. This widens
the catch to include any TAR_* error code, allowing pacote to recover
by cloning the repo directly.

Fixes #476
Ref: npm/cli#3229

Author: babyhuey

lib/git.js

@@ -254,8 +254,11 @@ class GitFetcher extends Fetcher {
           resolved: this.resolved,
           integrity: null, // it'll always be different, if we have one
         }).extract(tmp).then(() => handler(`${tmp}${this.spec.gitSubdir || ''}`), er => {
-          // fall back to ssh download if tarball fails
-          if (typeof er.statusCode === 'number' && er.statusCode >= 400) {
+          // fall back to clone if the tarball download fails due to an
+          // HTTP error or if the response is not a valid tarball (e.g.
+          // a hosted provider returning an HTML sign-in page with 200)
+          if ((typeof er.statusCode === 'number' && er.statusCode >= 400) ||
+              /^TAR_/.test(er.code)) {
             return this.#clone(handler, false)
           } else {
             throw er

test/git.js

@@ -649,13 +649,30 @@ t.test('fetch a private repo where the tgz is a 404 and http error has minified
   })
 
 t.test('fetch a private repo where the tgz is not a tarball', { skip: isWindows && 'posix only' },
-  t => {
+  () => {
     const gf = new GitFetcher(`localhost:repo/x#${REPO_HEAD}`, opts)
     gf.spec.hosted.tarball = () => `${hostedUrl}/not-tar.tgz`
-    // should NOT retry, because the error was not an HTTP fetch error
-    return t.rejects(gf.extract(me + '/bad-tgz'), {
-      code: 'TAR_BAD_ARCHIVE',
+    // should fall back to clone, since the tarball content is not valid.
+    // this can happen when a hosted git provider returns an HTML page
+    // (e.g. a sign-in page) with HTTP 200 for private repo archives.
+    return gf.extract(me + '/bad-tgz')
+  })
+
+t.test('non-retriable tarball error is thrown, not retried', { skip: isWindows && 'posix only' },
+  async t => {
+    const gf = new GitFetcher(`localhost:repo/x#${REPO_HEAD}`, opts)
+    gf.spec.hosted.tarball = () => `${hostedUrl}/not-tar.tgz`
+    // override the hosted tarball to simulate a non-recoverable error
+    // that is neither an HTTP error nor a TAR error
+    const orig = gf.spec.hosted.tarball
+    gf.spec.hosted.tarball = () => orig()
+    const _extract = RemoteFetcher.prototype.extract
+    t.teardown(() => {
+      RemoteFetcher.prototype.extract = _extract
     })
+    RemoteFetcher.prototype.extract = () =>
+      Promise.reject(Object.assign(new Error('bad'), { code: 'EINTEGRITY' }))
+    await t.rejects(gf.extract(me + '/bad-tgz-other'), { code: 'EINTEGRITY' })
   })
 
 t.test('resolved is a git+ssh url for hosted repos that support it',