@mapbox/node-pre-gyp - npm Package Compare versions

Comparing version 1.0.5 to 1.0.6

CHANGELOG.md

 # node-pre-gyp changelog
 
+## 1.0.6
+- Added node v17 to the internal node releases listing
+- Upgraded various dependencies declared in package.json to latest major versions (node-fetch from 2.6.1 to 2.6.5, npmlog from 4.1.2 to 5.01, semver from 7.3.4 to 7.3.5, and tar from 6.1.0 to 6.1.11)
+- Fixed bug in `staging_host` parameter (https://github.com/mapbox/node-pre-gyp/pull/590)
+
+
 ## 1.0.5
@@ -4,0 +10,0 @@ - Fix circular reference warning with node >= v14

lib/node-pre-gyp.js

@@ -241,5 +241,5 @@ 'use strict';
  *
- * this strategy was chosen so that any command other than "publish" uses "production"
- * as the default without requiring any command-line options but that "publish" requires
- * '--s3_host production_host' to be specified in order to *really* publish. publishing
+ * this strategy was chosen so that any command other than "publish" or "unpublish" uses "production"
+ * as the default without requiring any command-line options but that "publish" and "unpublish" require
+ * '--s3_host production_host' to be specified in order to *really* publish (or unpublish). publishing
  * to staging can be done freely without worrying about disturbing any production releases.
@@ -261,3 +261,3 @@ */
   let target = 'production_host';
-  if (command === 'publish') {
+  if (command === 'publish' || command === 'unpublish') {
     target = 'staging_host';
@@ -264,0 +264,0 @@ }

lib/util/abi_crosswalk.json

@@ -2210,2 +2210,26 @@ {
   },
+  "12.22.2": {
+    "node_abi": 72,
+    "v8": "7.8"
+  },
+  "12.22.3": {
+    "node_abi": 72,
+    "v8": "7.8"
+  },
+  "12.22.4": {
+    "node_abi": 72,
+    "v8": "7.8"
+  },
+  "12.22.5": {
+    "node_abi": 72,
+    "v8": "7.8"
+  },
+  "12.22.6": {
+    "node_abi": 72,
+    "v8": "7.8"
+  },
+  "12.22.7": {
+    "node_abi": 72,
+    "v8": "7.8"
+  },
   "13.0.0": {
@@ -2379,2 +2403,38 @@ "node_abi": 79,
   },
+  "14.17.0": {
+    "node_abi": 83,
+    "v8": "8.4"
+  },
+  "14.17.1": {
+    "node_abi": 83,
+    "v8": "8.4"
+  },
+  "14.17.2": {
+    "node_abi": 83,
+    "v8": "8.4"
+  },
+  "14.17.3": {
+    "node_abi": 83,
+    "v8": "8.4"
+  },
+  "14.17.4": {
+    "node_abi": 83,
+    "v8": "8.4"
+  },
+  "14.17.5": {
+    "node_abi": 83,
+    "v8": "8.4"
+  },
+  "14.17.6": {
+    "node_abi": 83,
+    "v8": "8.4"
+  },
+  "14.18.0": {
+    "node_abi": 83,
+    "v8": "8.4"
+  },
+  "14.18.1": {
+    "node_abi": 83,
+    "v8": "8.4"
+  },
   "15.0.0": {
@@ -2455,3 +2515,75 @@ "node_abi": 88,
     "v8": "9.0"
+  },
+  "16.1.0": {
+    "node_abi": 93,
+    "v8": "9.0"
+  },
+  "16.2.0": {
+    "node_abi": 93,
+    "v8": "9.0"
+  },
+  "16.3.0": {
+    "node_abi": 93,
+    "v8": "9.0"
+  },
+  "16.4.0": {
+    "node_abi": 93,
+    "v8": "9.1"
+  },
+  "16.4.1": {
+    "node_abi": 93,
+    "v8": "9.1"
+  },
+  "16.4.2": {
+    "node_abi": 93,
+    "v8": "9.1"
+  },
+  "16.5.0": {
+    "node_abi": 93,
+    "v8": "9.1"
+  },
+  "16.6.0": {
+    "node_abi": 93,
+    "v8": "9.2"
+  },
+  "16.6.1": {
+    "node_abi": 93,
+    "v8": "9.2"
+  },
+  "16.6.2": {
+    "node_abi": 93,
+    "v8": "9.2"
+  },
+  "16.7.0": {
+    "node_abi": 93,
+    "v8": "9.2"
+  },
+  "16.8.0": {
+    "node_abi": 93,
+    "v8": "9.2"
+  },
+  "16.9.0": {
+    "node_abi": 93,
+    "v8": "9.3"
+  },
+  "16.9.1": {
+    "node_abi": 93,
+    "v8": "9.3"
+  },
+  "16.10.0": {
+    "node_abi": 93,
+    "v8": "9.3"
+  },
+  "16.11.0": {
+    "node_abi": 93,
+    "v8": "9.4"
+  },
+  "16.11.1": {
+    "node_abi": 93,
+    "v8": "9.4"
+  },
+  "17.0.0": {
+    "node_abi": 102,
+    "v8": "9.5"
   }
 }

package.json

 {
   "name": "@mapbox/node-pre-gyp",
   "description": "Node.js native addon binary install tool",
-  "version": "1.0.5",
+  "version": "1.0.6",
   "keywords": [
@@ -26,22 +26,22 @@ "native",
     "make-dir": "^3.1.0",
-    "node-fetch": "^2.6.1",
+    "node-fetch": "^2.6.5",
     "nopt": "^5.0.0",
-    "npmlog": "^4.1.2",
+    "npmlog": "^5.0.1",
     "rimraf": "^3.0.2",
-    "semver": "^7.3.4",
-    "tar": "^6.1.0"
+    "semver": "^7.3.5",
+    "tar": "^6.1.11"
   },
   "devDependencies": {
-    "@mapbox/cloudfriend": "^4.6.0",
+    "@mapbox/cloudfriend": "^5.1.0",
     "@mapbox/eslint-config-mapbox": "^3.0.0",
     "action-walk": "^2.2.0",
-    "aws-sdk": "^2.840.0",
-    "codecov": "^3.8.1",
-    "eslint": "^7.18.0",
+    "aws-sdk": "^2.1012.0",
+    "codecov": "^3.8.3",
+    "eslint": "^7.32.0",
     "eslint-plugin-node": "^11.1.0",
-    "mock-aws-s3": "^4.0.1",
+    "mock-aws-s3": "^4.0.2",
     "nock": "^12.0.3",
-    "node-addon-api": "^3.1.0",
+    "node-addon-api": "^4.2.0",
     "nyc": "^15.1.0",
-    "tape": "^5.2.2",
+    "tape": "^5.3.1",
     "tar-fs": "^2.1.1"
@@ -48,0 +48,0 @@ },

README.md

@@ -327,3 +327,3 @@ # @mapbox/node-pre-gyp
 
-If the command being executed is "publish" then the default is set to `binary.staging_host`. In all other cases
+If the command being executed is either "publish" or "unpublish" then the default is set to `binary.staging_host`. In all other cases
 the default is `binary.production_host`.
@@ -335,3 +335,3 @@
 This allows installing from staging by specifying `--s3_host=staging`. And it requires specifying
-`--s3_option=production` in order to publish to production making accidental publishing less likely.
+`--s3_option=production` in order to publish to, or unpublish from, production, making accidental errors less likely.
 
@@ -603,4 +603,4 @@ ## Node-API Considerations
 
-    travis encrypt node_pre_gyp_accessKeyId=${node_pre_gyp_accessKeyId}
-    travis encrypt node_pre_gyp_secretAccessKey=${node_pre_gyp_secretAccessKey}
+    travis encrypt AWS_ACCESS_KEY_ID=${node_pre_gyp_accessKeyId}
+    travis encrypt AWS_SECRET_ACCESS_KEY=${node_pre_gyp_secretAccessKey}
 
@@ -607,0 +607,0 @@ Then put those values in your `.travis.yml` like:

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

165841

increased by1.4%

Lines of code

4514

increased by3.01%

Worsened metrics

Number of medium supply chain risk alerts

5

increased by25%

Dependency changes

• + Addedansi-regex@5.0.1(transitive)

• + Addedaproba@2.0.0(transitive)

• + Addedare-we-there-yet@2.0.0(transitive)

• + Addedcolor-support@1.1.3(transitive)

• + Addedemoji-regex@8.0.0(transitive)

• + Addedgauge@3.0.2(transitive)

• + Addedis-fullwidth-code-point@3.0.0(transitive)

• + Addednpmlog@5.0.1(transitive)

• + Addedreadable-stream@3.6.2(transitive)

• + Addedsafe-buffer@5.2.1(transitive)

• + Addedstring-width@4.2.3(transitive)

• + Addedstring_decoder@1.3.0(transitive)

• + Addedstrip-ansi@6.0.1(transitive)

• - Removedansi-regex@2.1.1(transitive)

• - Removedaproba@1.2.0(transitive)

• - Removedare-we-there-yet@1.1.7(transitive)

• - Removedcode-point-at@1.1.0(transitive)

• - Removedcore-util-is@1.0.3(transitive)

• - Removedgauge@2.7.4(transitive)

• - Removedis-fullwidth-code-point@1.0.0(transitive)

• - Removedisarray@1.0.0(transitive)

• - Removednpmlog@4.1.2(transitive)

• - Removednumber-is-nan@1.0.1(transitive)

• - Removedprocess-nextick-args@2.0.1(transitive)

• - Removedreadable-stream@2.3.8(transitive)

• - Removedsafe-buffer@5.1.2(transitive)

• - Removedstring-width@1.0.2(transitive)

• - Removedstring_decoder@1.1.1(transitive)

• - Removedstrip-ansi@3.0.1(transitive)

• Updatednode-fetch@^2.6.5

• Updatednpmlog@^5.0.1

• Updatedsemver@^7.3.5

• Updatedtar@^6.1.11