@dicebear/converter
Advanced tools
Comparing version 5.0.0-alpha.27 to 5.0.0-alpha.28
import { createRequire } from 'node:module'; | ||
const require = createRequire(import.meta.url); | ||
export async function ensurePackage(name, version) { | ||
let packageJson; | ||
try { | ||
packageJson = require(`${name}/package.json`); | ||
require.resolve(name); | ||
} | ||
@@ -12,8 +11,2 @@ catch (e) { | ||
} | ||
const packageVersion = packageJson.version.split('.').map((v) => parseInt(v)); | ||
const requiredVersion = version.split('.').map((v) => parseInt(v)); | ||
if (packageVersion[0] !== requiredVersion[0] || | ||
packageVersion[1] < requiredVersion[1]) { | ||
throw new Error(`Please install \`${name}@^${version}\` to use this feature. (Currently installed version: \`${packageJson.version})\`})'`); | ||
} | ||
} |
{ | ||
"name": "@dicebear/converter", | ||
"version": "5.0.0-alpha.27", | ||
"version": "5.0.0-alpha.28", | ||
"description": "SVG Converter for DiceBear", | ||
@@ -40,2 +40,7 @@ "keywords": [ | ||
}, | ||
"peerDependencies": { | ||
"@resvg/resvg-js": "^1.4.0", | ||
"exiftool-vendored": "^16.4.0", | ||
"sharp": "^0.30.0" | ||
}, | ||
"devDependencies": { | ||
@@ -51,2 +56,13 @@ "@resvg/resvg-js": "^1.4.0", | ||
}, | ||
"peerDependenciesMeta": { | ||
"@resvg/resvg-js": { | ||
"optional": true | ||
}, | ||
"exiftool-vendored": { | ||
"optional": true | ||
}, | ||
"sharp": { | ||
"optional": true | ||
} | ||
}, | ||
"engines": { | ||
@@ -58,3 +74,3 @@ "node": "^14.13.1 || >=16.0.0" | ||
}, | ||
"gitHead": "10fb6bbb9cb153fff52e32758ba65b4c6c9c7f3a" | ||
"gitHead": "de2e082b64c80896ef63459d18063cf149973ab7" | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
545863
5
232