@commitlint/load - npm Package Compare versions

Comparing version 18.4.1 to 18.4.2

lib/utils/load-config.d.ts

@@ -1,2 +0,1 @@
-import { Options } from 'cosmiconfig';
 export interface LoadConfigResult {
@@ -9,3 +8,3 @@ config: unknown;
 export declare const isDynamicAwaitSupported: () => boolean;
-export declare const getDynamicAwaitConfig: () => Partial<Options>;
+export declare const isEsmModule: (cwd: string) => boolean;
 //# sourceMappingURL=load-config.d.ts.map

lib/utils/load-config.js

@@ -6,5 +6,6 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getDynamicAwaitConfig = exports.isDynamicAwaitSupported = exports.loadConfig = void 0;
+exports.isEsmModule = exports.isDynamicAwaitSupported = exports.loadConfig = void 0;
 const cosmiconfig_1 = require("cosmiconfig");
 const cosmiconfig_typescript_loader_1 = require("cosmiconfig-typescript-loader");
+const fs_1 = require("fs");
 const path_1 = __importDefault(require("path"));
@@ -20,3 +21,7 @@ const moduleName = 'commitlint';
     };
-    const { searchPlaces, loaders } = (0, exports.getDynamicAwaitConfig)();
+    // If dynamic await is supported (Node >= v20.8.0) or directory uses ESM, support
+    // async js/cjs loaders (dynamic import). Otherwise, use synchronous js/cjs loaders.
+    const loaders = (0, exports.isDynamicAwaitSupported)() || (0, exports.isEsmModule)(cwd)
+        ? cosmiconfig_1.defaultLoaders
+        : cosmiconfig_1.defaultLoadersSync;
     const explorer = (0, cosmiconfig_1.cosmiconfig)(moduleName, {
@@ -33,4 +38,6 @@ searchPlaces: [
             `.${moduleName}rc.cjs`,
+            `.${moduleName}rc.mjs`,
             `${moduleName}.config.js`,
             `${moduleName}.config.cjs`,
+            `${moduleName}.config.mjs`,
             // files supported by TypescriptLoader
@@ -41,5 +48,9 @@ `.${moduleName}rc.ts`,
             `${moduleName}.config.cts`,
-            ...(searchPlaces || []),
         ],
-        loaders: Object.assign({ '.ts': tsLoader, '.cts': tsLoader }, (loaders || {})),
+        loaders: {
+            '.ts': tsLoader,
+            '.cts': tsLoader,
+            '.cjs': loaders['.cjs'],
+            '.js': loaders['.js'],
+        },
     });
@@ -56,3 +67,3 @@ const explicitPath = configPath ? path_1.default.resolve(cwd, configPath) : undefined;
 exports.loadConfig = loadConfig;
-// See the following issues for more context:
+// See the following issues for more context, contributing to failing Jest tests:
 //  - Issue: https://github.com/nodejs/node/issues/40058
@@ -68,17 +79,13 @@ //  - Resolution: https://github.com/nodejs/node/pull/48510 (Node v20.8.0)
 exports.isDynamicAwaitSupported = isDynamicAwaitSupported;
-// If dynamic await is supported (Node >= v20.8.0), support mjs config.
-// Otherwise, don't support mjs and use synchronous js/cjs loaders.
-const getDynamicAwaitConfig = () => (0, exports.isDynamicAwaitSupported)()
-    ? {
-        searchPlaces: [`.${moduleName}rc.mjs`, `${moduleName}.config.mjs`],
-        loaders: {},
+// Is the given directory set up to use ESM (ECMAScript Modules)?
+const isEsmModule = (cwd) => {
+    var _a;
+    const packagePath = path_1.default.join(cwd, 'package.json');
+    if (!(0, fs_1.existsSync)(packagePath)) {
+        return false;
     }
-    : {
-        searchPlaces: [],
-        loaders: {
-            '.cjs': cosmiconfig_1.defaultLoadersSync['.cjs'],
-            '.js': cosmiconfig_1.defaultLoadersSync['.js'],
-        },
-    };
-exports.getDynamicAwaitConfig = getDynamicAwaitConfig;
+    const packageJSON = (0, fs_1.readFileSync)(packagePath, { encoding: 'utf-8' });
+    return ((_a = JSON.parse(packageJSON)) === null || _a === void 0 ? void 0 : _a.type) === 'module';
+};
+exports.isEsmModule = isEsmModule;
 //# sourceMappingURL=load-config.js.map

package.json

 {
   "name": "@commitlint/load",
-  "version": "18.4.1",
+  "version": "18.4.2",
   "description": "Load shared commitlint configuration",
@@ -60,3 +60,3 @@ "main": "lib/load.js",
   },
-  "gitHead": "74b2f82803dedc1c3ea880878e9f27e1d4bd9be6"
+  "gitHead": "0370a855dcc026dda4dd29122f49ed7db5657de3"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

36326

increased by1.2%

Lines of code

447

increased by1.36%

Worsened metrics

Number of low supply chain risk alerts

7

increased by16.67%

No dependency changes