New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@gasket/utils
Advanced tools
@gasket/utils - npm Package Compare versions
Comparing version 6.36.1 to 6.38.0
@@ -35,29 +35,75 @@ const fs = require('fs/promises'); | ||
| /** | ||
| * requireWithInstall - load devDependency programmatically when needed | ||
| * @param {string} dependency The require'ed dep needed | ||
| * installDependency - install dependency | ||
| * @param {string} dependency The dep/s needed | ||
| * @param {Gasket} gasket Gasket instance | ||
| * @returns {object} module | ||
| */ | ||
| async function requireWithInstall(dependency, gasket) { | ||
| async function installDependency(dependency, gasket) { | ||
| const { logger } = gasket; | ||
| const { root } = gasket.config; | ||
| const resolveOptions = { paths: [root] }; | ||
| const modulePath = tryResolve(dependency, resolveOptions); | ||
| const { pkgManager, cmd, flags, logMsg } = await getPkgManager(root); | ||
| const manager = new PackageManager({ packageManager: pkgManager, dest: root }); | ||
| if (modulePath) return require(modulePath); | ||
| const msg = Array.isArray(dependency) ? dependency.toString() : dependency; | ||
| const args = Array.isArray(dependency) ? [...dependency, ...flags] : [dependency, ...flags]; | ||
| const { pkgManager, cmd, flags, logMsg } = await getPkgManager(root); | ||
| const pkg = dependency.match(rePackage)[0]; | ||
| const manager = new PackageManager({ packageManager: pkgManager, dest: root }); | ||
| logger.info(logMsg(pkg)); | ||
| logger.info(logMsg(msg)); | ||
| try { | ||
| await manager.exec(cmd, [pkg, ...flags]); | ||
| await manager.exec(cmd, args); | ||
| } catch (err) { | ||
| logger.error(`requireWithInstall - Failed to install "${pkg}" using "${pkgManager}"`); | ||
| logger.error(`requireWithInstall - Failed to install "${dependency}" using "${pkgManager}"`); | ||
| throw err; | ||
| } | ||
| return require(resolve(dependency, resolveOptions)); | ||
| } | ||
| /** | ||
| * requireWithInstall - load devDependency request programmatically when needed | ||
| * @param {string|string[]} dependency The require'ed dep/s needed | ||
| * @param {Gasket} gasket Gasket instance | ||
| * @returns {object|object[]} module or list of modules | ||
| */ | ||
| async function requireWithInstall(dependency, gasket) { | ||
| const { root } = gasket.config; | ||
| const resolveOptions = { paths: [root] }; | ||
| if (!Array.isArray(dependency)) { | ||
| const modulePath = tryResolve(dependency, resolveOptions); | ||
| if (modulePath) return require(modulePath); | ||
| const pkg = dependency.match(rePackage)[0]; | ||
| await installDependency(pkg, gasket); | ||
| return require(resolve(dependency, resolveOptions)); | ||
| } | ||
| const idxListToResolve = []; | ||
| const pkgListToResolve = []; | ||
| const resolvedDependencyList = dependency.reduce((all, item, index) => { | ||
| const modulePath = tryResolve(item, resolveOptions); | ||
| if (modulePath) { | ||
| all.push(require(modulePath)); | ||
| } else { | ||
| const pkg = item.match(rePackage)[0]; | ||
| all.push(null); | ||
| idxListToResolve.push(index); | ||
| pkgListToResolve.push(pkg); | ||
| } | ||
| return all; | ||
| }, []); | ||
| if (!idxListToResolve.length) { | ||
| return resolvedDependencyList; | ||
| } | ||
| await installDependency(pkgListToResolve, gasket); | ||
| for (const idx of idxListToResolve) { | ||
| const resolvedDep = require(resolve(dependency[idx], resolveOptions)); | ||
| resolvedDependencyList[idx] = resolvedDep; | ||
| } | ||
| return resolvedDependencyList; | ||
| } | ||
| module.exports = requireWithInstall; |
| { | ||
| "name": "@gasket/utils", | ||
| "version": "6.36.1", | ||
| "version": "6.38.0", | ||
| "description": "Reusable utilities for Gasket internals", | ||
@@ -14,6 +14,5 @@ "main": "lib", | ||
| "lint:fix": "npm run lint -- --fix", | ||
| "test": "npm run test:runner", | ||
| "test:runner": "mocha test/*.test.js --require test/setup.js", | ||
| "test:watch": "npm run test:runner -- --watch", | ||
| "test:coverage": "nyc --reporter=text --reporter=json-summary npm run test:runner", | ||
| "test": "cross-env NODE_OPTIONS='--unhandled-rejections=strict' jest", | ||
| "test:watch": "jest --watch", | ||
| "test:coverage": "jest --coverage", | ||
| "posttest": "npm run lint", | ||
@@ -48,21 +47,18 @@ "docs": "jsdoc2md --plugin @godaddy/dmd --files lib/*.js > docs/api.md" | ||
| "devDependencies": { | ||
| "@gasket/engine": "^6.36.1", | ||
| "@gasket/engine": "^6.38.0", | ||
| "@godaddy/dmd": "^1.0.0", | ||
| "abort-controller": "^3.0.0", | ||
| "assume": "^2.3.0", | ||
| "assume-sinon": "^1.1.0", | ||
| "cross-env": "^7.0.3", | ||
| "eslint": "^8.7.0", | ||
| "eslint-config-godaddy": "^6.0.0", | ||
| "eslint-plugin-jest": "^27.2.1", | ||
| "eslint-plugin-json": "^3.1.0", | ||
| "eslint-plugin-mocha": "^10.0.3", | ||
| "eslint-plugin-unicorn": "^44.0.0", | ||
| "jsdoc-to-markdown": "^7.1.0", | ||
| "mocha": "^10.0.0", | ||
| "nyc": "^15.1.0", | ||
| "proxyquire": "^2.1.3", | ||
| "sinon": "^14.0.0" | ||
| "jest": "^29.3.1", | ||
| "jsdoc-to-markdown": "^7.1.0" | ||
| }, | ||
| "eslintConfig": { | ||
| "extends": [ | ||
| "godaddy" | ||
| "godaddy", | ||
| "plugin:jest/recommended" | ||
| ], | ||
@@ -79,3 +75,3 @@ "plugins": [ | ||
| ], | ||
| "gitHead": "f7112c146cc51335e311636f34e94307f488d2a6" | ||
| "gitHead": "bd5dca4b0de093e274845e98bf77a0e0fbe2b711" | ||
| } |
New alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3.78%
31314
- Dev dependency count
- decreased by-26.67%
11
- Lines of code
- increased by6.82%
564
Worsened metrics
- Number of low supply chain risk alerts
- increased by25%
10
No dependency changes