Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@electron/asar
Advanced tools
@electron/asar - npm Package Compare versions
Comparing version 3.2.16 to 3.2.17
@@ -60,3 +60,3 @@ "use strict"; | ||
| else { | ||
| return unpackDirs.some((unpackDir) => dirPath.startsWith(unpackDir)); | ||
| return unpackDirs.some((unpackDir) => dirPath.startsWith(unpackDir) && !path.relative(unpackDir, dirPath).startsWith('..')); | ||
| } | ||
@@ -63,0 +63,0 @@ } |
| "use strict"; | ||
| var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| var desc = Object.getOwnPropertyDescriptor(m, k); | ||
| if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { | ||
| desc = { enumerable: true, get: function() { return m[k]; } }; | ||
| } | ||
| Object.defineProperty(o, k2, desc); | ||
| }) : (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| o[k2] = m[k]; | ||
| })); | ||
| var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { | ||
| Object.defineProperty(o, "default", { enumerable: true, value: v }); | ||
| }) : function(o, v) { | ||
| o["default"] = v; | ||
| }); | ||
| var __importStar = (this && this.__importStar) || function (mod) { | ||
| if (mod && mod.__esModule) return mod; | ||
| var result = {}; | ||
| if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); | ||
| __setModuleDefault(result, mod); | ||
| return result; | ||
| }; | ||
| var __importDefault = (this && this.__importDefault) || function (mod) { | ||
@@ -11,2 +34,3 @@ return (mod && mod.__esModule) ? mod : { "default": mod }; | ||
| const wrapped_fs_1 = __importDefault(require("./wrapped-fs")); | ||
| const path = __importStar(require("path")); | ||
| const glob = (0, util_1.promisify)(glob_1.glob); | ||
@@ -45,5 +69,9 @@ async function determineFileType(filename) { | ||
| return links.every((link, index) => { | ||
| if (index === exactLinkIndex) | ||
| if (index === exactLinkIndex) { | ||
| return true; | ||
| return !filename.startsWith(link); | ||
| } | ||
| const isFileWithinSymlinkDir = filename.startsWith(link); | ||
| // symlink may point outside the directory: https://github.com/electron/asar/issues/303 | ||
| const relativePath = path.relative(link, path.dirname(filename)); | ||
| return !isFileWithinSymlinkDir || relativePath.startsWith('..'); | ||
| }); | ||
@@ -50,0 +78,0 @@ }); |
| { | ||
| "name": "@electron/asar", | ||
| "description": "Creating Electron app packages", | ||
| "version": "3.2.16", | ||
| "version": "3.2.17", | ||
| "main": "./lib/asar.js", | ||
@@ -6,0 +6,0 @@ "types": "./lib/asar.d.ts", |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.89%
92863
- Lines of code
- increased by2.02%
1417
No dependency changes