@codefresh-io/cf-git-providers
Advanced tools
@codefresh-io/cf-git-providers - npm Package Compare versions
Comparing version
@@ -8,6 +8,5 @@ "use strict"; | ||
| const plugin_retry_1 = require("@octokit/plugin-retry"); | ||
| const https_proxy_agent_1 = require("https-proxy-agent"); | ||
| const proxy_agent_1 = __importDefault(require("proxy-agent")); | ||
| const lodash_1 = require("lodash"); | ||
| const https_1 = require("https"); | ||
| const url_1 = __importDefault(require("url")); | ||
| const helpers_1 = require("../helpers"); | ||
@@ -32,15 +31,2 @@ // eslint-disable-next-line @typescript-eslint/no-var-requires | ||
| }; | ||
| const _getAgent = (insecure) => { | ||
| const options = { keepAlive: true, maxSockets: 10, rejectUnauthorized: !insecure }; | ||
| const proxyUrl = process.env.HTTPS_PROXY || process.env.https_proxy; | ||
| let agent; | ||
| if (proxyUrl) { | ||
| const proxy = url_1.default.parse(proxyUrl); | ||
| agent = new https_proxy_agent_1.HttpsProxyAgent({ ...options, ...proxy }); | ||
| } | ||
| else { | ||
| agent = new https_1.Agent(options); | ||
| } | ||
| return agent; | ||
| }; | ||
| const _cleanFilePath = (filepath) => { | ||
@@ -132,3 +118,9 @@ const prefix = './'; | ||
| const pathPrefix = (opt.apiPathPrefix && opt.apiPathPrefix !== '/') ? opt.apiPathPrefix : ''; | ||
| const agent = _getAgent(process.env.NODE_TLS_REJECT_UNAUTHORIZED === '0' || lodash_1.get(opt, 'insecure', false)); | ||
| const insecure = process.env.NODE_TLS_REJECT_UNAUTHORIZED === '0' || lodash_1.get(opt, 'insecure', false); | ||
| const baseUrl = `https://${opt.apiHost || 'api.github.com'}${pathPrefix}`; | ||
| const agentOptions = { keepAlive: true, maxSockets: 10, rejectUnauthorized: !insecure }; | ||
| let agent = new https_1.Agent(agentOptions); | ||
| if (process.env.HTTP_PROXY || process.env.HTTPS_PROXY) { | ||
| agent = new proxy_agent_1.default(); | ||
| } | ||
| const GithubClient = rest_1.Octokit.plugin(plugin_retry_1.retry); | ||
@@ -146,3 +138,3 @@ this.githubClient = new GithubClient({ | ||
| debug: true, | ||
| baseUrl: `https://${opt.apiHost || 'api.github.com'}${pathPrefix}` | ||
| baseUrl, | ||
| }); | ||
@@ -149,0 +141,0 @@ } |
| { | ||
| "name": "@codefresh-io/cf-git-providers", | ||
| "version": "0.4.4-CR-10173", | ||
| "version": "0.4.4-CR-10173-3", | ||
| "description": "An NPM module/CLI for interacting with various git providers", | ||
@@ -23,3 +23,2 @@ "keywords": [ | ||
| "debug": "^4.1.1", | ||
| "https-proxy-agent": "^5.0.0", | ||
| "lodash": "^4.17.21", | ||
@@ -26,0 +25,0 @@ "p-limit": "^3.0.2", |
Sorry, the diff of this file is not supported yet
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Dependency count
12
-7.69%- Number of medium supply chain risk alerts
4
-33.33%Worsened metrics
- Total package byte prevSize
220893
-0.22%- Lines of code
3352
-0.24%Dependency changes
- Removed
https-proxy-agent@^5.0.0