@featurepeek/ping - npm Package Compare versions

Comparing version 0.0.3 to 0.0.4

index.js

 #!/usr/bin/env node
 const request = require('request')
 
-console.log(process.argv)
-console.log(process.env)
+// console.log(process.argv)
+// console.log(process.env)
 
-if (process.argv.length <= 4) {
+if (process.argv.length <= 2) {
   console.log('Not enough arguments.')
-  console.log('Usage: ping <HOST> <URL> <BUILD_NUM>')
+  console.log('Usage: featurepeek <ARTIFACTS_PATH>')
   process.exit()
 }
 
-const HOST = process.argv[2]
-const URL = process.argv[3]
-const BUILD = process.argv[4]
+const FEATUREPEEK_ENDPOINT = 'https://api.featurepeek.com/api/v1/TBD/static/circleci'
+const CI_HOST = 'circleci.com'
+const CI_VERSION = '1.1'
+const VCS = 'github'
+const ARTIFACTS_DEPTH = 3
 
+const org = process.env.CIRCLE_PROJECT_USERNAME
+const repo = process.env.CIRCLE_PROJECT_REPONAME
+const build = process.env.CIRCLE_BUILD_NUM
+const dirDepth = process.argv[2].replace(/^\.\//, '').split('/').length
+
+const artifactsBaseURL = `https://${CI_HOST}/api/v${CI_VERSION}/project/${VCS}/${org}/${repo}/${build}/artifacts`
+
 const options = {
-  url: HOST,
+  url: FEATUREPEEK_ENDPOINT,
   json: {
-    url: URL,
-    build: BUILD,
+    artifacts_url: artifactsBaseURL,
+    cutdirs: ARTIFACTS_DEPTH + dirDepth,
+    pr_url: process.env.CIRCLE_PULL_REQUEST,
   },
 }
 
-request.post(HOST, options, (err, res, body) => {
+console.log(options)
+
+request.post(artifactsBaseURL, options, (err, res, body) => {
   if (err) {
@@ -27,0 +39,0 @@ console.error(err)

package.json

 {
   "private": false,
   "name": "@featurepeek/ping",
-  "version": "0.0.3",
+  "version": "0.0.4",
   "main": "index.js",
@@ -6,0 +6,0 @@ "bin": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

14508

increased by4.13%

Lines of code

34

increased by36%

Worsened metrics

Number of low supply chain risk alerts

5

increased by150%

No dependency changes