@gasket/plugin-metadata - npm Package Compare versions

Comparing version 7.0.0-next.65 to 7.0.0-next.66

lib/actions.js

@@ -8,2 +8,13 @@ const path = require('path');
 
+function tryRequire(path) {
+  try {
+    return require(path);
+  } catch (err) {
+    if (err.code === 'MODULE_NOT_FOUND') {
+      return null;
+    }
+    throw err;
+  }
+}
+
 function getAppInfo(gasket) {
@@ -58,6 +69,7 @@ const { config: { root } } = gasket;
 
-        if (isPreset)
+        if (isPreset) {
           presets.push(pluginData);
-        else
+        } else {
           plugins.push(pluginData);
+        }
 
@@ -67,12 +79,18 @@ for (const name of Object.keys({ ...dependencies, ...devDependencies })) {
           if (!isModule) continue;
-          const mod = require(path.join(name, 'package.json'));
-          modules[name] = {
-            name: mod.name,
-            version: mod.version,
-            description: mod.description,
-            metadata: {
-              link: 'README.md',
-              path: path.dirname(path.join(require.resolve(name), '..'))
-            }
-          };
+
+          //
+          // get gasket module details if installed
+          //
+          const mod = tryRequire(path.join(name, 'package.json'));
+          if (mod) {
+            modules[name] = {
+              name: mod.name,
+              version: mod.version,
+              description: mod.description,
+              metadata: {
+                link: 'README.md',
+                path: path.dirname(path.join(require.resolve(name), '..'))
+              }
+            };
+          }
         }
@@ -79,0 +97,0 @@ }

package.json

 {
   "name": "@gasket/plugin-metadata",
-  "version": "7.0.0-next.65",
+  "version": "7.0.0-next.66",
   "description": "Adds metadata to gasket lifecycles",
@@ -42,3 +42,3 @@ "main": "lib/index.js",
   "dependencies": {
-    "@gasket/core": "7.0.0-next.65"
+    "@gasket/core": "7.0.0-next.66"
   },
@@ -70,3 +70,3 @@ "devDependencies": {
   },
-  "gitHead": "93fb05fe933682704607eed6a2dfc870cf35c2d1"
+  "gitHead": "73d57d790d06eaf7d75c74bd89a9505f49be73ea"
 }

New alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Fixed alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

18669

increased by1.74%

Lines of code

322

increased by5.23%

Dependency changes

• + Added@gasket/core@7.0.0-next.66(transitive)

• - Removed@gasket/core@7.0.0-next.65(transitive)

• Updated@gasket/core@7.0.0-next.66