@lerna/npm-conf
Advanced tools
Comparing version 3.0.0-beta.8 to 3.0.0-beta.12
@@ -6,2 +6,14 @@ # Change Log | ||
<a name="3.0.0-beta.12"></a> | ||
# [3.0.0-beta.12](https://github.com/lerna/lerna/compare/v3.0.0-beta.11...v3.0.0-beta.12) (2018-03-30) | ||
### Bug Fixes | ||
* **npm-conf:** Replace env vars even in config keys ([3c9a5de](https://github.com/lerna/lerna/commit/3c9a5de)) | ||
<a name="3.0.0-beta.8"></a> | ||
@@ -8,0 +20,0 @@ # [3.0.0-beta.8](https://github.com/lerna/lerna/compare/v3.0.0-beta.7...v3.0.0-beta.8) (2018-03-22) |
@@ -7,2 +7,3 @@ "use strict"; | ||
const { ConfigChain } = require("config-chain"); | ||
const envReplace = require("./env-replace"); | ||
const findPrefix = require("./find-prefix"); | ||
@@ -22,6 +23,12 @@ const parseField = require("./parse-field"); | ||
try { | ||
/* eslint-disable no-param-reassign */ | ||
for (const x of Object.keys(data)) { | ||
// eslint-disable-next-line no-param-reassign | ||
data[x] = parseField(data[x], x); | ||
// https://github.com/npm/npm/commit/f0e998d | ||
const newKey = envReplace(x); | ||
const newField = parseField(data[x], newKey); | ||
delete data[x]; | ||
data[newKey] = newField; | ||
} | ||
/* eslint-enable no-param-reassign */ | ||
} catch (err) { | ||
@@ -28,0 +35,0 @@ throw err; |
"use strict"; | ||
const path = require("path"); | ||
const envReplace = require("./env-replace"); | ||
const types = require("./types"); | ||
@@ -70,26 +71,1 @@ | ||
} | ||
// https://github.com/npm/npm/blob/latest/lib/config/core.js#L409-L423 | ||
function envReplace(str) { | ||
if (typeof str !== "string" || !str) { | ||
return str; | ||
} | ||
// Replace any ${ENV} values with the appropriate environment | ||
const regex = /(\\*)\$\{([^}]+)\}/g; | ||
return str.replace(regex, (orig, esc, name) => { | ||
// eslint-disable-next-line no-param-reassign | ||
esc = esc.length > 0 && esc.length % 2; | ||
if (esc) { | ||
return orig; | ||
} | ||
if (process.env[name] === undefined) { | ||
throw new Error(`Failed to replace env in config: ${orig}`); | ||
} | ||
return process.env[name]; | ||
}); | ||
} |
{ | ||
"name": "@lerna/npm-conf", | ||
"version": "3.0.0-beta.8", | ||
"version": "3.0.0-beta.12", | ||
"description": "Vendored npm-conf with updates", | ||
@@ -41,3 +41,3 @@ "keywords": [ | ||
}, | ||
"gitHead": "f6e9f95e7b0896fbb65db15898596355345edbcd" | ||
"gitHead": "05dce5c0e4bca8dc894a99ed28337c85c211b37c" | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
23014
11
699
22