@netlify/framework-info
Advanced tools
Comparing version 9.3.1-framework-version-detection.0 to 9.3.1-framework-version-detection.1
{ | ||
"name": "@netlify/framework-info", | ||
"version": "9.3.1-framework-version-detection.0", | ||
"version": "9.3.1-framework-version-detection.1", | ||
"description": "Framework detection utility", | ||
@@ -74,2 +74,3 @@ "type": "module", | ||
"filter-obj": "^3.0.0", | ||
"find-up": "^6.3.0", | ||
"fs-extra": "^10.1.0", | ||
@@ -76,0 +77,0 @@ "is-plain-obj": "^4.0.0", |
import { join } from 'path' | ||
import { cwd } from 'process' | ||
import { cwd, chdir } from 'process' | ||
import { findUp } from 'find-up' | ||
import { getContext, getPackageJson } from './context.js' | ||
@@ -55,3 +57,20 @@ import { listFrameworks as list, hasFramework as has, getFramework as get } from './core.js' | ||
const npmPackage = frameworkInfo.package.name | ||
const { packageJson } = await getPackageJson(join(projectDir, 'node_modules', npmPackage)) | ||
// Get path of package.json for the installed framework. We need to traverse up the directories | ||
// in the event that the project uses something like npm workspaces, and the installed framework package | ||
// has been hoisted to the root directory of the project (which differs from the project/application being built) | ||
// Need to change the CWD to the project directory being built in order to make sure we find and use the correct | ||
// package.json | ||
const originalCwd = cwd() | ||
const returnToOriginalDirectory = () => { | ||
chdir(originalCwd) | ||
} | ||
chdir(projectDir) | ||
const installedFrameworkPath = await findUp(join('node_modules', npmPackage, 'package.json')) | ||
const { packageJson } = await getPackageJson(installedFrameworkPath) | ||
returnToOriginalDirectory() | ||
return { | ||
@@ -58,0 +77,0 @@ ...frameworkInfo, |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
70460
2225
0
13
+ Addedfind-up@^6.3.0