@graphql-tools/load-files - npm Package Compare versions

Comparing version 6.5.2 to 6.5.3

index.js

@@ -32,2 +32,4 @@ 'use strict';
 const graphql = require('graphql');
+const module$1 = require('module');
+const process = require('process');
 
@@ -101,2 +103,3 @@ const { readFile, stat } = fs.promises;
         absolute: true,
+        cwd: process.cwd(),
     },
@@ -113,3 +116,3 @@ exportNames: DEFAULT_EXPORT_NAMES,
 function loadFilesSync(pattern, options = LoadFilesDefaultOptions) {
-    var _a;
+    var _a, _b;
     const execOptions = { ...LoadFilesDefaultOptions, ...options };
@@ -120,3 +123,3 @@ const relevantPaths = scanForFilesSync(asArray(pattern).map(path => isDirectorySync(path)
     const extractExports = execOptions.extractExports || DEFAULT_EXTRACT_EXPORTS_FACTORY((_a = execOptions.exportNames) !== null && _a !== void 0 ? _a : []);
-    const requireMethod = execOptions.requireMethod || require;
+    const requireMethod = execOptions.requireMethod || module$1.createRequire(path.join(((_b = options === null || options === void 0 ? void 0 : options.globOptions) === null || _b === void 0 ? void 0 : _b.cwd) || process.cwd(), 'noop.js'));
     return relevantPaths
@@ -185,3 +188,12 @@ .map(path$1 => {
     const extractExports = execOptions.extractExports || DEFAULT_EXTRACT_EXPORTS_FACTORY((_a = execOptions.exportNames) !== null && _a !== void 0 ? _a : []);
-    const defaultRequireMethod = (path) => new Promise(function (resolve) { resolve(_interopNamespace(require(path))); }).catch(async () => require(path));
+    const defaultRequireMethod = (path$1) => new Promise(function (resolve) { resolve(_interopNamespace(require(path$1))); }).catch(importError => {
+        var _a;
+        const cwdRequire = module$1.createRequire(path.join(((_a = options === null || options === void 0 ? void 0 : options.globOptions) === null || _a === void 0 ? void 0 : _a.cwd) || process.cwd(), 'noop.js'));
+        try {
+            return cwdRequire(path$1);
+        }
+        catch (e) {
+            throw importError;
+        }
+    });
     const requireMethod = execOptions.requireMethod || defaultRequireMethod;
@@ -188,0 +200,0 @@ return Promise.all(relevantPaths

package.json

 {
   "name": "@graphql-tools/load-files",
-  "version": "6.5.2",
+  "version": "6.5.3",
   "description": "A set of utils for faster development of GraphQL tools",
@@ -35,4 +35,5 @@ "sideEffects": false,
       "import": "./*.mjs"
-    }
+    },
+    "./package.json": "./package.json"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

18181

increased by7.45%

Lines of code

440

increased by5.77%

Number of low supply chain risk alerts

5

decreased by-28.57%

No dependency changes