@npmcli/config - npm Package Compare versions

Comparing version 4.0.1 to 4.0.2

lib/env-replace.js

@@ -10,6 +10,6 @@ // replace any ${ENV} values with the appropriate environ.
   if (esc.length % 2) {
-    return orig.substr((esc.length + 1) / 2)
+    return orig.slice((esc.length + 1) / 2)
   }
 
-  return (esc.substr(esc.length / 2)) + val
+  return (esc.slice(esc.length / 2)) + val
 })

lib/index.js

@@ -369,3 +369,3 @@ // TODO: set the scope config from package.json or explicit cli config
       }
-      const key = envKey.substr('npm_config_'.length)
+      const key = envKey.slice('npm_config_'.length)
         .replace(/(?!^)_/g, '-') // don't replace _ at the start of the key
@@ -400,9 +400,9 @@ .toLowerCase()
       let valid = true
-      for (const [where] of this.data.entries()) {
+      for (const [entryWhere] of this.data.entries()) {
         // no need to validate our defaults, we know they're fine
         // cli was already validated when parsed the first time
-        if (where === 'default' || where === 'builtin' || where === 'cli') {
+        if (entryWhere === 'default' || entryWhere === 'builtin' || entryWhere === 'cli') {
           continue
         }
-        const ret = this.validate(where)
+        const ret = this.validate(entryWhere)
         valid = valid && ret
@@ -409,0 +409,0 @@ }

lib/parse-field.js

@@ -59,3 +59,3 @@ // Parse a field, coercing it to the best type available.
     if (homePattern.test(f) && home) {
-      f = resolve(home, f.substr(2))
+      f = resolve(home, f.slice(2))
     } else {
@@ -62,0 +62,0 @@ f = resolve(f)

package.json

 {
   "name": "@npmcli/config",
-  "version": "4.0.1",
+  "version": "4.0.2",
   "files": [
-    "bin",
-    "lib"
+    "bin/",
+    "lib/"
   ],
@@ -12,3 +12,3 @@ "main": "lib/index.js",
     "type": "git",
-    "url": "git+https://github.com/npm/config"
+    "url": "https://github.com/npm/config.git"
   },
@@ -23,7 +23,7 @@ "author": "GitHub Inc.",
     "prepublishOnly": "git push origin --follow-tags",
-    "lint": "eslint '**/*.js'",
-    "postlint": "npm-template-check",
+    "lint": "eslint \"**/*.js\"",
+    "postlint": "template-oss-check",
     "lintfix": "npm run lint -- --fix",
     "posttest": "npm run lint",
-    "template-copy": "npm-template-copy --force"
+    "template-oss-apply": "template-oss-apply --force"
   },
@@ -35,8 +35,9 @@ "tap": {
   "devDependencies": {
-    "@npmcli/template-oss": "^2.8.1",
-    "tap": "^15.1.6"
+    "@npmcli/eslint-config": "^3.0.1",
+    "@npmcli/template-oss": "3.2.2",
+    "tap": "^16.0.1"
   },
   "dependencies": {
-    "@npmcli/map-workspaces": "^2.0.1",
-    "ini": "^2.0.0",
+    "@npmcli/map-workspaces": "^2.0.2",
+    "ini": "^3.0.0",
     "mkdirp-infer-owner": "^2.0.0",
@@ -50,7 +51,8 @@ "nopt": "^5.0.0",
   "engines": {
-    "node": "^12.13.0 || ^14.15.0 || >=16"
+    "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
   },
   "templateOSS": {
-    "version": "2.8.1"
+    "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
+    "version": "3.2.2"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

48052

increased by0.39%

Worsened metrics

Dev dependency count

3

increased by50%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedini@3.0.1(transitive)

• - Removedini@2.0.0(transitive)

• Updated@npmcli/map-workspaces@^2.0.2

• Updatedini@^3.0.0