@lavamoat/allow-scripts
Advanced tools
Comparing version 2.3.0 to 2.3.1
{ | ||
"name": "@lavamoat/allow-scripts", | ||
"version": "2.3.0", | ||
"version": "2.3.1", | ||
"main": "src/index.js", | ||
@@ -15,3 +15,3 @@ "bin": { | ||
"@lavamoat/aa": "^3.1.1", | ||
"@npmcli/run-script": "^1.8.1", | ||
"@npmcli/run-script": "^6.0.0", | ||
"bin-links": "4.0.1", | ||
@@ -53,3 +53,3 @@ "npm-normalize-package-bin": "^3.0.0", | ||
}, | ||
"gitHead": "178db076d9a8dbd1c6b5c9eb6d3b3d7ebd06214b" | ||
"gitHead": "1dc8f60b18e679d490388bdb001edb9cea617b69" | ||
} |
@@ -140,7 +140,7 @@ const { existsSync, | ||
process.stderr.write(result.stderr) | ||
process.exit(result.status) | ||
console.log('@lavamoat/allow-scripts: Could not add @lavamoat/preinstall-always-fail.') | ||
} else { | ||
console.log('@lavamoat/allow-scripts: Added dependency @lavamoat/preinstall-always-fail.') | ||
} | ||
if(FEATURE.bins) { | ||
@@ -155,5 +155,6 @@ // no motivation to fix lint here, there's a better implementation of this in a neighboring branch | ||
// but passing a unix-style path to node on Windows works fine. | ||
packageJson.scripts['allow-scripts'] = 'node ./node_modules/@lavamoat/allow-scripts/src/cli.js' | ||
packageJson.scripts['allow-scripts'] = 'node ./node_modules/@lavamoat/allow-scripts/src/cli.js --experimental-bins' | ||
console.log('@lavamoat/allow-scripts: Adding allow-scripts as a package.json script with direct path.') | ||
writeFileSync(addInstallParentDir('package.json'), JSON.stringify(packageJson, null, 2)) | ||
} | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
892
43801
29
+ Added@gar/promisify@1.1.3(transitive)
+ Added@npmcli/fs@2.1.2(transitive)
+ Added@npmcli/move-file@2.0.1(transitive)
+ Added@npmcli/node-gyp@3.0.0(transitive)
+ Added@npmcli/promise-spawn@6.0.2(transitive)
+ Added@npmcli/run-script@6.0.2(transitive)
+ Added@tootallnate/once@2.0.0(transitive)
+ Addedagent-base@6.0.2(transitive)
+ Addedagentkeepalive@4.5.0(transitive)
+ Addedaggregate-error@3.1.0(transitive)
+ Addedaproba@2.0.0(transitive)
+ Addedare-we-there-yet@3.0.1(transitive)
+ Addedbrace-expansion@2.0.1(transitive)
+ Addedcacache@16.1.3(transitive)
+ Addedclean-stack@2.2.0(transitive)
+ Addedcolor-support@1.1.3(transitive)
+ Addeddebug@4.3.7(transitive)
+ Addedencoding@0.1.13(transitive)
+ Addederr-code@2.0.3(transitive)
+ Addedexponential-backoff@3.1.1(transitive)
+ Addedgauge@4.0.4(transitive)
+ Addedglob@8.1.0(transitive)
+ Addedhttp-cache-semantics@4.1.1(transitive)
+ Addedhttp-proxy-agent@5.0.0(transitive)
+ Addedhttps-proxy-agent@5.0.1(transitive)
+ Addedhumanize-ms@1.2.1(transitive)
+ Addediconv-lite@0.6.3(transitive)
+ Addedindent-string@4.0.0(transitive)
+ Addedip-address@9.0.5(transitive)
+ Addedis-lambda@1.0.1(transitive)
+ Addedjsbn@1.1.0(transitive)
+ Addedjson-parse-even-better-errors@3.0.2(transitive)
+ Addedlru-cache@7.18.3(transitive)
+ Addedmake-fetch-happen@10.2.1(transitive)
+ Addedminimatch@5.1.6(transitive)
+ Addedminipass-collect@1.0.2(transitive)
+ Addedminipass-fetch@2.1.2(transitive)
+ Addedminipass-flush@1.0.5(transitive)
+ Addedminipass-pipeline@1.2.4(transitive)
+ Addedminipass-sized@1.0.3(transitive)
+ Addedms@2.1.3(transitive)
+ Addednegotiator@0.6.3(transitive)
+ Addednode-gyp@9.4.1(transitive)
+ Addednopt@6.0.0(transitive)
+ Addednpmlog@6.0.2(transitive)
+ Addedp-map@4.0.0(transitive)
+ Addedpromise-inflight@1.0.1(transitive)
+ Addedpromise-retry@2.0.1(transitive)
+ Addedread-package-json-fast@3.0.2(transitive)
+ Addedreadable-stream@3.6.2(transitive)
+ Addedretry@0.12.0(transitive)
+ Addedsafe-buffer@5.2.1(transitive)
+ Addedsmart-buffer@4.2.0(transitive)
+ Addedsocks@2.8.3(transitive)
+ Addedsocks-proxy-agent@7.0.0(transitive)
+ Addedsprintf-js@1.1.3(transitive)
+ Addedssri@9.0.1(transitive)
+ Addedstring_decoder@1.3.0(transitive)
+ Addedunique-filename@2.0.1(transitive)
+ Addedunique-slug@3.0.0(transitive)
+ Addedwhich@3.0.1(transitive)
- Removed@npmcli/node-gyp@1.0.3(transitive)
- Removed@npmcli/promise-spawn@1.3.2(transitive)
- Removed@npmcli/run-script@1.8.6(transitive)
- Removedajv@6.12.6(transitive)
- Removedansi-regex@2.1.1(transitive)
- Removedaproba@1.2.0(transitive)
- Removedare-we-there-yet@1.1.7(transitive)
- Removedasn1@0.2.6(transitive)
- Removedassert-plus@1.0.0(transitive)
- Removedasynckit@0.4.0(transitive)
- Removedaws-sign2@0.7.0(transitive)
- Removedaws4@1.13.2(transitive)
- Removedbcrypt-pbkdf@1.0.2(transitive)
- Removedcaseless@0.12.0(transitive)
- Removedcode-point-at@1.1.0(transitive)
- Removedcombined-stream@1.0.8(transitive)
- Removedcore-util-is@1.0.21.0.3(transitive)
- Removeddashdash@1.14.1(transitive)
- Removeddelayed-stream@1.0.0(transitive)
- Removedecc-jsbn@0.1.2(transitive)
- Removedextend@3.0.2(transitive)
- Removedextsprintf@1.3.0(transitive)
- Removedfast-deep-equal@3.1.3(transitive)
- Removedfast-json-stable-stringify@2.1.0(transitive)
- Removedforever-agent@0.6.1(transitive)
- Removedform-data@2.3.3(transitive)
- Removedgauge@2.7.4(transitive)
- Removedgetpass@0.1.7(transitive)
- Removedhar-schema@2.0.0(transitive)
- Removedhar-validator@5.1.5(transitive)
- Removedhttp-signature@1.2.0(transitive)
- Removedis-fullwidth-code-point@1.0.0(transitive)
- Removedis-typedarray@1.0.0(transitive)
- Removedisarray@1.0.0(transitive)
- Removedisstream@0.1.2(transitive)
- Removedjsbn@0.1.1(transitive)
- Removedjson-parse-even-better-errors@2.3.1(transitive)
- Removedjson-schema@0.4.0(transitive)
- Removedjson-schema-traverse@0.4.1(transitive)
- Removedjson-stringify-safe@5.0.1(transitive)
- Removedjsprim@1.4.2(transitive)
- Removedmime-db@1.52.0(transitive)
- Removedmime-types@2.1.35(transitive)
- Removednode-gyp@7.1.2(transitive)
- Removednopt@5.0.0(transitive)
- Removednpm-normalize-package-bin@1.0.1(transitive)
- Removednpmlog@4.1.2(transitive)
- Removednumber-is-nan@1.0.1(transitive)
- Removedoauth-sign@0.9.0(transitive)
- Removedobject-assign@4.1.1(transitive)
- Removedperformance-now@2.1.0(transitive)
- Removedprocess-nextick-args@2.0.1(transitive)
- Removedpsl@1.9.0(transitive)
- Removedpunycode@2.3.1(transitive)
- Removedqs@6.5.3(transitive)
- Removedread-package-json-fast@2.0.3(transitive)
- Removedreadable-stream@2.3.8(transitive)
- Removedrequest@2.88.2(transitive)
- Removedsafe-buffer@5.1.2(transitive)
- Removedsshpk@1.18.0(transitive)
- Removedstring-width@1.0.2(transitive)
- Removedstring_decoder@1.1.1(transitive)
- Removedstrip-ansi@3.0.1(transitive)
- Removedtough-cookie@2.5.0(transitive)
- Removedtunnel-agent@0.6.0(transitive)
- Removedtweetnacl@0.14.5(transitive)
- Removeduri-js@4.4.1(transitive)
- Removeduuid@3.4.0(transitive)
- Removedverror@1.10.0(transitive)
Updated@npmcli/run-script@^6.0.0