@goldfishjs/module-usage - npm Package Compare versions

Comparing version 2.12.1 to 2.12.2

CHANGELOG.md

@@ -6,2 +6,13 @@ # Change Log
 
+## [2.12.2](https://github.com/alipay/goldfish/compare/v2.12.1...v2.12.2) (2022-05-09)
+
+
+### Bug Fixes
+
+* do not install the inner package. ([729ad5e](https://github.com/alipay/goldfish/commit/729ad5e37ec56935201847dd9da4d01238ff474d))
+
+
+
+
+
 ## [2.12.1](https://github.com/alipay/goldfish/compare/v2.12.0...v2.12.1) (2022-03-30)
@@ -8,0 +19,0 @@

package.json

 {
   "name": "@goldfishjs/module-usage",
-  "version": "2.12.1",
+  "version": "2.12.2",
   "description": "module-usage",
@@ -5,0 +5,0 @@ "scripts": {

src/index.js

@@ -1,7 +0,7 @@
-const cp = require('child_process');
+// const cp = require('child_process');
 
-try {
-  const p = cp.exec('tnpm i @alife/goldfish-module-usage@latest --no-package-lock --no-save --by=npm');
-  p.stdout.pipe(process.stdout);
-  p.stderr.pipe(process.stderr);
-} catch (e) {}
+// try {
+//   const p = cp.exec('tnpm i @alife/goldfish-module-usage@latest --no-package-lock --no-save --by=npm');
+//   p.stdout.pipe(process.stdout);
+//   p.stderr.pipe(process.stderr);
+// } catch (e) {}

Fixed alerts

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

7384

increased by3.64%

Number of medium supply chain risk alerts

1

decreased by-50%

No dependency changes