@datkt/konanc-config - npm Package Compare versions

Comparing version 4.0.1 to 4.1.0

CHANGELOG.md

@@ -0,1 +1,6 @@
+<a name="4.1.0"></a>
+# [4.1.0](https://github.com/datkt/konanc-config/compare/4.0.1...4.1.0) (2018-11-06)
+
+
+
 <a name="4.0.1"></a>
@@ -2,0 +7,0 @@ ## [4.0.1](https://github.com/datkt/konanc-config/compare/4.0.0...4.0.1) (2018-11-05)

index.js

@@ -12,2 +12,3 @@ const { extname, dirname, resolve } = require('path')
 const PROTOCOL_REGEX = /[a-zA-Z0-9|+|-]+:\/\//
+const PREFIX = process.env.PREFIX || 'node_modules/'
 
@@ -54,2 +55,10 @@ function load(name, defaults, env) {
   if (Array.isArray(conf.repo)) {
+    // add prefixed repos
+    for (const repo of conf.repo.slice()) {
+      const prefixed = PREFIX + repo
+      if (!conf.repo.includes(prefixed)) {
+        conf.repo.push(prefixed)
+      }
+    }
+
     for (const repo of conf.repo) {
@@ -64,3 +73,3 @@ if ('string' == typeof repo && !PROTOCOL_REGEX.test(repo)) {
 
-        if (found && !conf.repo.includes(found)) {
+        if ('/' != repo[0] && found && !conf.repo.includes(found)) {
           conf.repo.push(found)
@@ -67,0 +76,0 @@ }

package.json

 {
   "name": "@datkt/konanc-config",
-  "version": "4.0.1",
+  "version": "4.1.0",
   "description": "Command line utility to read '*.kc' konanc config files to print compiler flags",
@@ -5,0 +5,0 @@ "main": "index.js",

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

16189

increased by4.65%

Lines of code

141

increased by6.02%

Worsened metrics

Number of low supply chain risk alerts

3

increased by50%

No dependency changes