@lavamoat/allow-scripts
Advanced tools
Comparing version 3.0.4 to 3.1.0
@@ -9,2 +9,22 @@ # Changelog | ||
## [3.1.0](https://github.com/LavaMoat/LavaMoat/compare/allow-scripts-v3.0.4...allow-scripts-v3.1.0) (2024-07-11) | ||
### Features | ||
* **allow-scripts:** support Node.js v22 ([0c665ec](https://github.com/LavaMoat/LavaMoat/commit/0c665ec65b635c29f347369809680372c9b58b79)) | ||
### Bug Fixes | ||
* **allow-scripts:** Run automatic `node-gyp rebuild` for packages containing a `binding.gyp` ([62a2b4e](https://github.com/LavaMoat/LavaMoat/commit/62a2b4e11a35c2d9f6f91ae4a3030753f27519b1)) | ||
* **deps:** update dependency bin-links to v4.0.4 ([2844646](https://github.com/LavaMoat/LavaMoat/commit/2844646907ffcf16c6785ba43c5d551d77fa369a)) | ||
### Dependencies | ||
* The following workspace dependencies were updated | ||
* dependencies | ||
* @lavamoat/aa bumped from ^4.2.0 to ^4.3.0 | ||
## [3.0.4](https://github.com/LavaMoat/LavaMoat/compare/allow-scripts-v3.0.3...allow-scripts-v3.0.4) (2024-03-26) | ||
@@ -11,0 +31,0 @@ |
{ | ||
"name": "@lavamoat/allow-scripts", | ||
"version": "3.0.4", | ||
"version": "3.1.0", | ||
"description": "A tool for running only the dependency lifecycle hooks specified in an allowlist.", | ||
@@ -14,3 +14,3 @@ "repository": { | ||
"engines": { | ||
"node": "^16.20.0 || ^18.0.0 || ^20.0.0" | ||
"node": "^16.20.0 || ^18.0.0 || ^20.0.0 || ^22.0.0" | ||
}, | ||
@@ -43,5 +43,5 @@ "bin": { | ||
"dependencies": { | ||
"@lavamoat/aa": "^4.2.0", | ||
"@lavamoat/aa": "^4.3.0", | ||
"@npmcli/run-script": "7.0.4", | ||
"bin-links": "4.0.3", | ||
"bin-links": "4.0.4", | ||
"npm-normalize-package-bin": "3.0.1", | ||
@@ -60,4 +60,4 @@ "yargs": "17.7.2" | ||
], | ||
"timeout": "30s" | ||
"timeout": "60s" | ||
} | ||
} |
// @ts-check | ||
const { promises: fs } = require('node:fs') | ||
const { promises: fs, existsSync } = require('node:fs') | ||
const path = require('node:path') | ||
@@ -455,2 +455,11 @@ const npmRunScript = require('@npmcli/run-script') | ||
if ( | ||
!lifeCycleScripts.includes('preinstall') && | ||
!lifeCycleScripts.includes('install') && | ||
existsSync(path.join(filePath, 'binding.gyp')) | ||
) { | ||
lifeCycleScripts.unshift('install') | ||
depScripts.install = 'node-gyp rebuild' | ||
} | ||
if (lifeCycleScripts.length) { | ||
@@ -457,0 +466,0 @@ /** |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
46834
1164
1
+ Addedbin-links@4.0.4(transitive)
+ Addednegotiator@0.6.3(transitive)
- Removedbin-links@4.0.3(transitive)
- Removednegotiator@0.6.4(transitive)
Updated@lavamoat/aa@^4.3.0
Updatedbin-links@4.0.4