@expo/config
Advanced tools
@expo/config - npm Package Compare versions
+5
-86
@@ -8,5 +8,5 @@ "use strict"; | ||
| exports.resolveConfigExport = resolveConfigExport; | ||
| function _fs() { | ||
| const data = require("fs"); | ||
| _fs = function () { | ||
| function _requireUtils() { | ||
| const data = require("@expo/require-utils"); | ||
| _requireUtils = function () { | ||
| return data; | ||
@@ -16,16 +16,2 @@ }; | ||
| } | ||
| function _requireFromString() { | ||
| const data = _interopRequireDefault(require("require-from-string")); | ||
| _requireFromString = function () { | ||
| return data; | ||
| }; | ||
| return data; | ||
| } | ||
| function _sucrase() { | ||
| const data = require("sucrase"); | ||
| _sucrase = function () { | ||
| return data; | ||
| }; | ||
| return data; | ||
| } | ||
| function _Errors() { | ||
@@ -52,3 +38,2 @@ const data = require("./Errors"); | ||
| } | ||
| function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; } | ||
| /** | ||
@@ -62,72 +47,6 @@ * Transpile and evaluate the dynamic config object. | ||
| function evalConfig(configFile, request) { | ||
| const contents = (0, _fs().readFileSync)(configFile, 'utf8'); | ||
| let result; | ||
| try { | ||
| const { | ||
| code | ||
| } = (0, _sucrase().transform)(contents, { | ||
| filePath: configFile, | ||
| transforms: ['typescript', 'imports'] | ||
| }); | ||
| result = (0, _requireFromString().default)(code, configFile); | ||
| } catch (error) { | ||
| const location = extractLocationFromSyntaxError(error); | ||
| // Apply a code frame preview to the error if possible, sucrase doesn't do this by default. | ||
| if (location) { | ||
| const { | ||
| codeFrameColumns | ||
| } = require('@babel/code-frame'); | ||
| const codeFrame = codeFrameColumns(contents, { | ||
| start: error.loc | ||
| }, { | ||
| highlightCode: true | ||
| }); | ||
| error.codeFrame = codeFrame; | ||
| error.message += `\n${codeFrame}`; | ||
| } else { | ||
| const importantStack = extractImportantStackFromNodeError(error); | ||
| if (importantStack) { | ||
| error.message += `\n${importantStack}`; | ||
| } | ||
| } | ||
| throw error; | ||
| } | ||
| return resolveConfigExport(result, configFile, request); | ||
| const mod = (0, _requireUtils().loadModuleSync)(configFile); | ||
| return resolveConfigExport(mod, configFile, request); | ||
| } | ||
| function extractLocationFromSyntaxError(error) { | ||
| // sucrase provides the `loc` object | ||
| if (error.loc) { | ||
| return error.loc; | ||
| } | ||
| // `SyntaxError`s provide the `lineNumber` and `columnNumber` properties | ||
| if ('lineNumber' in error && 'columnNumber' in error) { | ||
| return { | ||
| line: error.lineNumber, | ||
| column: error.columnNumber | ||
| }; | ||
| } | ||
| return null; | ||
| } | ||
| // These kinda errors often come from syntax errors in files that were imported by the main file. | ||
| // An example is a module that includes an import statement. | ||
| function extractImportantStackFromNodeError(error) { | ||
| if (isSyntaxError(error)) { | ||
| const traces = error.stack?.split('\n').filter(line => !line.startsWith(' at ')); | ||
| if (!traces) return null; | ||
| // Remove redundant line | ||
| if (traces[traces.length - 1].startsWith('SyntaxError:')) { | ||
| traces.pop(); | ||
| } | ||
| return traces.join('\n'); | ||
| } | ||
| return null; | ||
| } | ||
| function isSyntaxError(error) { | ||
| return error instanceof SyntaxError || error.constructor.name === 'SyntaxError'; | ||
| } | ||
| /** | ||
@@ -134,0 +53,0 @@ * - Resolve the exported contents of an Expo config (be it default or module.exports) |
+5
-8
| { | ||
| "name": "@expo/config", | ||
| "version": "55.0.4", | ||
| "version": "55.0.5", | ||
| "description": "A library for interacting with the app.json", | ||
@@ -36,19 +36,16 @@ "main": "build/index.js", | ||
| "dependencies": { | ||
| "@babel/code-frame": "^7.20.0", | ||
| "@expo/config-plugins": "~55.0.4", | ||
| "@expo/config-plugins": "~55.0.5", | ||
| "@expo/config-types": "^55.0.4", | ||
| "@expo/json-file": "^10.0.12", | ||
| "@expo/require-utils": "^55.0.0", | ||
| "deepmerge": "^4.3.1", | ||
| "getenv": "^2.0.0", | ||
| "glob": "^13.0.0", | ||
| "require-from-string": "^2.0.2", | ||
| "resolve-from": "^5.0.0", | ||
| "resolve-workspace-root": "^2.0.0", | ||
| "semver": "^7.6.0", | ||
| "slugify": "^1.3.4", | ||
| "sucrase": "~3.35.1" | ||
| "slugify": "^1.3.4" | ||
| }, | ||
| "devDependencies": { | ||
| "@types/babel__code-frame": "^7.27.0", | ||
| "@types/require-from-string": "^1.2.1", | ||
| "expo-module-scripts": "^55.0.2" | ||
@@ -59,3 +56,3 @@ }, | ||
| }, | ||
| "gitHead": "436ffb4355d5207f4a03fbc3568cd33424a40f3e" | ||
| "gitHead": "928cc951854450f3c72e00e8e420e567fabd1f8c" | ||
| } |
Sorry, the diff of this file is not supported yet
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Dependency count
11
-15.38%- Dev dependency count
2
-33.33%- Number of low supply chain risk alerts
8
-11.11%Worsened metrics
- Total package byte prevSize
156539
-4.25%- Lines of code
1853
-3.99%Dependency changes
+ Added
@expo/require-utils@^55.0.0+ Added
@babel/compat-data@7.29.0(transitive)+ Added
@babel/core@7.29.0(transitive)+ Added
@babel/generator@7.29.1(transitive)+ Added
@babel/helper-compilation-targets@7.28.6(transitive)+ Added
@babel/helper-globals@7.28.0(transitive)+ Added
@babel/helper-module-imports@7.28.6(transitive)+ Added
@babel/helper-module-transforms@7.28.6(transitive)+ Added
@babel/helper-plugin-utils@7.28.6(transitive)+ Added
@babel/helper-string-parser@7.27.1(transitive)+ Added
@babel/helper-validator-option@7.27.1(transitive)+ Added
@babel/helpers@7.28.6(transitive)+ Added
@babel/parser@7.29.0(transitive)+ Added
@babel/plugin-transform-modules-commonjs@7.28.6(transitive)+ Added
@babel/template@7.28.6(transitive)+ Added
@babel/traverse@7.29.0(transitive)+ Added
@babel/types@7.29.0(transitive)+ Added
@expo/require-utils@55.0.2(transitive)+ Added
@jridgewell/remapping@2.3.5(transitive)+ Added
baseline-browser-mapping@2.10.0(transitive)+ Added
browserslist@4.28.1(transitive)+ Added
caniuse-lite@1.0.30001776(transitive)+ Added
convert-source-map@2.0.0(transitive)+ Added
electron-to-chromium@1.5.307(transitive)+ Added
escalade@3.2.0(transitive)+ Added
gensync@1.0.0-beta.2(transitive)+ Added
jsesc@3.1.0(transitive)+ Added
lru-cache@5.1.1(transitive)+ Added
node-releases@2.0.36(transitive)+ Added
semver@6.3.1(transitive)+ Added
update-browserslist-db@1.2.3(transitive)+ Added
yallist@3.1.1(transitive)- Removed
@babel/code-frame@^7.20.0- Removed
require-from-string@^2.0.2- Removed
sucrase@~3.35.1- Removed
any-promise@1.3.0(transitive)- Removed
commander@4.1.1(transitive)- Removed
fdir@6.5.0(transitive)- Removed
lines-and-columns@1.2.4(transitive)- Removed
mz@2.7.0(transitive)- Removed
object-assign@4.1.1(transitive)- Removed
picomatch@4.0.3(transitive)- Removed
pirates@4.0.7(transitive)- Removed
require-from-string@2.0.2(transitive)- Removed
sucrase@3.35.1(transitive)- Removed
thenify@3.3.1(transitive)- Removed
thenify-all@1.6.0(transitive)- Removed
tinyglobby@0.2.15(transitive)- Removed
ts-interface-checker@0.1.13(transitive)Updated
@expo/config-plugins@~55.0.5