@npmcli/run-script
Advanced tools
Comparing version 7.0.3 to 7.0.4
@@ -1,5 +0,4 @@ | ||
const util = require('util') | ||
const fs = require('fs') | ||
const { stat } = fs.promises || { stat: util.promisify(fs.stat) } | ||
const { resolve } = require('path') | ||
const { stat } = require('node:fs/promises') | ||
const { resolve } = require('node:path') | ||
module.exports = async path => { | ||
@@ -6,0 +5,0 @@ try { |
@@ -12,6 +12,6 @@ /* eslint camelcase: "off" */ | ||
binPaths, | ||
env = {}, | ||
env, | ||
stdio, | ||
cmd, | ||
args = [], | ||
args, | ||
stdioString, | ||
@@ -18,0 +18,0 @@ } = options |
@@ -1,15 +0,15 @@ | ||
// https://github.com/npm/rfcs/pull/183 | ||
const envVal = val => Array.isArray(val) ? val.map(v => envVal(v)).join('\n\n') | ||
: val === null || val === false ? '' | ||
: String(val) | ||
const packageEnvs = (env, vals, prefix) => { | ||
const packageEnvs = (vals, prefix, env = {}) => { | ||
for (const [key, val] of Object.entries(vals)) { | ||
if (val === undefined) { | ||
continue | ||
} else if (val && !Array.isArray(val) && typeof val === 'object') { | ||
packageEnvs(env, val, `${prefix}${key}_`) | ||
} else if (val === null || val === false) { | ||
env[`${prefix}${key}`] = '' | ||
} else if (Array.isArray(val)) { | ||
val.forEach((item, index) => { | ||
packageEnvs({ [`${key}_${index}`]: item }, `${prefix}`, env) | ||
}) | ||
} else if (typeof val === 'object') { | ||
packageEnvs(val, `${prefix}${key}_`, env) | ||
} else { | ||
env[`${prefix}${key}`] = envVal(val) | ||
env[`${prefix}${key}`] = String(val) | ||
} | ||
@@ -20,8 +20,11 @@ } | ||
module.exports = (env, pkg) => packageEnvs({ ...env }, { | ||
name: pkg.name, | ||
version: pkg.version, | ||
config: pkg.config, | ||
engines: pkg.engines, | ||
bin: pkg.bin, | ||
}, 'npm_package_') | ||
// https://github.com/npm/rfcs/pull/183 defines which fields we put into the environment | ||
module.exports = pkg => { | ||
return packageEnvs({ | ||
name: pkg.name, | ||
version: pkg.version, | ||
config: pkg.config, | ||
engines: pkg.engines, | ||
bin: pkg.bin, | ||
}, 'npm_package_') | ||
} |
@@ -72,3 +72,3 @@ const makeSpawnArgs = require('./make-spawn-args.js') | ||
binPaths, | ||
env: packageEnvs(env, pkg), | ||
env: { ...env, ...packageEnvs(pkg) }, | ||
stdio, | ||
@@ -97,2 +97,4 @@ cmd, | ||
const { signal } = er | ||
// coverage disabled because win32 never emits signals | ||
/* istanbul ignore next */ | ||
if (stdio === 'inherit' && signal) { | ||
@@ -99,0 +101,0 @@ // by the time we reach here, the child has already exited. we send the |
@@ -1,2 +0,2 @@ | ||
const rpj = require('read-package-json-fast') | ||
const PackageJson = require('@npmcli/package-json') | ||
const runScriptPkg = require('./run-script-pkg.js') | ||
@@ -6,10 +6,11 @@ const validateOptions = require('./validate-options.js') | ||
const runScript = options => { | ||
const runScript = async options => { | ||
validateOptions(options) | ||
const { pkg, path } = options | ||
return pkg ? runScriptPkg(options) | ||
: rpj(path + '/package.json') | ||
.then(readPackage => runScriptPkg({ ...options, pkg: readPackage })) | ||
if (options.pkg) { | ||
return runScriptPkg(options) | ||
} | ||
const { content: pkg } = await PackageJson.normalize(options.path) | ||
return runScriptPkg({ ...options, pkg }) | ||
} | ||
module.exports = Object.assign(runScript, { isServerPackage }) |
{ | ||
"name": "@npmcli/run-script", | ||
"version": "7.0.3", | ||
"version": "7.0.4", | ||
"description": "Run a lifecycle script for a package (descendant of npm-lifecycle)", | ||
@@ -20,3 +20,3 @@ "author": "GitHub Inc.", | ||
"@npmcli/template-oss": "4.21.3", | ||
"require-inject": "^1.4.4", | ||
"spawk": "^1.8.1", | ||
"tap": "^16.0.1" | ||
@@ -26,5 +26,5 @@ }, | ||
"@npmcli/node-gyp": "^3.0.0", | ||
"@npmcli/package-json": "^5.0.0", | ||
"@npmcli/promise-spawn": "^7.0.0", | ||
"node-gyp": "^10.0.0", | ||
"read-package-json-fast": "^3.0.0", | ||
"which": "^4.0.0" | ||
@@ -31,0 +31,0 @@ }, |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
18366
306
1
13
+ Added@npmcli/package-json@^5.0.0
+ Added@npmcli/git@5.0.8(transitive)
+ Added@npmcli/package-json@5.2.1(transitive)
+ Addedhosted-git-info@7.0.2(transitive)
+ Addedini@4.1.3(transitive)
+ Addednormalize-package-data@6.0.2(transitive)
+ Addednpm-install-checks@6.3.0(transitive)
+ Addednpm-package-arg@11.0.3(transitive)
+ Addednpm-pick-manifest@9.1.0(transitive)
+ Addedpromise-inflight@1.0.1(transitive)
+ Addedspdx-correct@3.2.0(transitive)
+ Addedspdx-exceptions@2.5.0(transitive)
+ Addedspdx-expression-parse@3.0.1(transitive)
+ Addedspdx-license-ids@3.0.20(transitive)
+ Addedvalidate-npm-package-license@3.0.4(transitive)
+ Addedvalidate-npm-package-name@5.0.1(transitive)
- Removedread-package-json-fast@^3.0.0
- Removedread-package-json-fast@3.0.2(transitive)