@datadog/native-appsec
Advanced tools
@datadog/native-appsec - npm Package Compare versions
Comparing version 0.3.1 to 0.4.0
@@ -53,2 +53,6 @@ #!/usr/bin/env node | ||
| , path.join(__dirname, '..', 'vendor', dir, 'appsec.node').split('\\').join('\\\\')) | ||
| if (args.platform === 'linux') { | ||
| fs.renameSync(path.join(process.cwd(), 'libddwaf.so').split('\\').join('\\\\') | ||
| , path.join(__dirname, '..', 'vendor', dir, 'libddwaf.so').split('\\').join('\\\\')) | ||
| } | ||
| fs.writeFileSync(path.join(__dirname, '..', 'install.json').split('\\').join('\\\\') | ||
@@ -55,0 +59,0 @@ , JSON.stringify({ target: dir }, null, 2)) |
| { | ||
| "name": "@datadog/native-appsec", | ||
| "version": "0.3.1", | ||
| "version": "0.4.0", | ||
| "description": "Node.js bindings for libddwaf", | ||
| "main": "index.js", | ||
| "libddwaf_version": "1.0.11", | ||
| "libddwaf_version": "1.0.12", | ||
| "bin": { | ||
@@ -8,0 +8,0 @@ "appsec-reinstall": "bin/appsec-reinstall.js" |
@@ -9,8 +9,17 @@ /** | ||
| const pkg = require('../package.json') | ||
| const detectLib = require('detect-libc') | ||
| const platform = process.env.PLATFORM || os.platform() | ||
| const arch = process.env.ARCH || os.arch() | ||
| const libC = process.env.LIBC || detectLib.family | ||
| let libName = 'libddwaf.a' | ||
| const getLibName = module.exports.getLibName = function () { | ||
| switch (platform) { | ||
| case 'darwin': | ||
| return 'libddwaf.a' | ||
| case 'win32': | ||
| return 'ddwaf_static.lib' | ||
| case 'linux': | ||
| return 'libddwaf.so' | ||
| } | ||
| } | ||
| const getDirName = module.exports.getDirName = function () { | ||
@@ -22,3 +31,2 @@ // TODO: override arch to download binaries out of docker and copy them then | ||
| case 'win32': | ||
| libName = 'ddwaf_static.lib' | ||
| if (arch === 'x64') { | ||
@@ -32,9 +40,3 @@ return `libddwaf-${pkg.libddwaf_version}-windows-x64` | ||
| case 'linux': | ||
| if (libC === detectLib.GLIBC) { | ||
| return `libddwaf-${pkg.libddwaf_version}-linux-x86_64-glibc` | ||
| } | ||
| if (libC === detectLib.MUSL) { | ||
| return `libddwaf-${pkg.libddwaf_version}-linux-x86_64-muslc` | ||
| } | ||
| break | ||
| return `libddwaf-${pkg.libddwaf_version}-linux-x86_64` | ||
| } | ||
@@ -45,6 +47,5 @@ throw new Error(`Platform: ${platform} - ${arch} is unsupported`) | ||
| const dirname = getDirName() | ||
| const libName = getLibName() | ||
| module.exports.include = path.join(__dirname, '..', dirname, 'include').split('\\').join('\\\\') | ||
| module.exports.lib = path.join(__dirname, '..', dirname, 'lib', libName).split('\\').join('\\\\') | ||
| // console.log(module.exports); |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 3 instances in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Lines of code
- increased by2.84%
145
- Number of low supply chain risk alerts
- decreased by-20%
4
Worsened metrics
- Total package byte prevSize
- decreased by-24.44%
3910770
- Number of medium supply chain risk alerts
- increased by150%
5