New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@microsoft/package-deps-hash

Package Overview
Dependencies
Maintainers
2
Versions
241
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@microsoft/package-deps-hash - npm Package Compare versions

Comparing version 2.4.4 to 3.0.0

postinstall.js

26

package.json
{
"name": "@microsoft/package-deps-hash",
"version": "2.4.4",
"description": "",
"main": "lib/index.js",
"typings": "dist/package-deps-hash.d.ts",
"version": "3.0.0",
"description": "(Please use \"@rushstack/package-deps-hash\" instead.)",
"license": "MIT",
"repository": {
"type": "git",
"url": "https://github.com/microsoft/rushstack/tree/master/libraries/package-deps-hash"
},
"scripts": {
"build": "gulp test --clean"
},
"devDependencies": {
"@microsoft/rush-stack-compiler-3.5": "0.4.3",
"@microsoft/node-library-build": "6.4.4",
"@microsoft/node-core-library": "3.19.3",
"@rushstack/eslint-config": "0.5.4",
"@types/chai": "3.4.34",
"@types/mocha": "5.2.5",
"@types/node": "10.17.13",
"chai": "~3.5.0",
"gulp": "~4.0.2"
},
"dependencies": {
"@microsoft/node-core-library": "3.19.3"
"postinstall": "node postinstall.js"
}
}

34

README.md
# @microsoft/package-deps-hash
The `package-deps-hash` library generates a JSON object containing the git hashes of all files used to produce
a given package. This is useful for scenarios where you want to define a "change receipt" file to be published
with a package. The [Rush](https://rushjs.io/) tool uses this library to implement incremental build detection.
> Please use [@rushstack/package-deps-hash](https://www.npmjs.com/package/@rushstack/package-deps-hash) instead of this package.
Only files in a git repo that are not in .gitignore will be considered in building the hash. The file content and
the current state of the package can be compared then to determine whether the package needs to be rebuilt.
IMPORTANT: This package has moved under the `@rushstack` NPM scope.
Internally it uses the GIT hashes to derive the hashes for package content. This allows the process to leverage Git's
hash optimizations, as opposed to creating a more elaborate diffing scheme.
```
OLD NAME: @microsoft/package-deps-hash (2.4.4)
NEW NAME: @rushstack/package-deps-hash (2.4.5)
```
NOTE: Git is required to be accessible in the command line path.
The new package's CHANGELOG.md preserves version history from before the rename.
## Usage
The new package starts with a SemVer PATCH increment, since no code has changed.
```ts
let _ = require('lodash');
let { getPackageDeps } = require('@microsoft/package-deps-hash');
// Gets the current deps object for the current working directory
let deps = getPackageDeps();
let existingDeps = JSON.parse(fs.readFileSync('package-deps.json'));
if (_.isEqual(deps, existingDeps)) {
// Skip re-building package.
} else {
// Rebuild package.
}
```
API documentation for this package: https://rushstack.io/pages/api/package-deps-hash/
To learn about the Rush Stack project, please visit https://rushstack.io/`
CHANGELOG.json
CHANGELOG.md
dist/package-deps-hash.d.ts
dist/tsdoc-metadata.json
lib/getPackageDeps.d.ts
lib/getPackageDeps.d.ts.map
lib/getPackageDeps.js
lib/getPackageDeps.js.map
lib/index.d.ts
lib/index.d.ts.map
lib/index.js
lib/index.js.map
lib/IPackageDeps.d.ts
lib/IPackageDeps.d.ts.map
lib/IPackageDeps.js
lib/IPackageDeps.js.map
LICENSE
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc