@oclif/config - npm Package Compare versions

Comparing version 1.18.1 to 1.18.2

lib/plugin.js

@@ -33,4 +33,22 @@ "use strict";
 }
-// eslint-disable-next-line valid-jsdoc
+// essentially just "cd .."
+function* up(from) {
+    while (path.dirname(from) !== from) {
+        yield from;
+        from = path.dirname(from);
+    }
+    yield from;
+}
+async function findSourcesRoot(root) {
+    for (const next of up(root)) {
+        const cur = path.join(next, 'package.json');
+        // eslint-disable-next-line no-await-in-loop
+        if (await util_2.exists(cur))
+            return path.dirname(cur);
+    }
+}
 /**
+ * @returns string
+ * @param name string
+ * @param root string
  * find package root
@@ -40,13 +58,6 @@ * for packages installed into node_modules this will go up directories until
  *
- * This is needed because of the deduping npm does
+ * This is needed because some oclif plugins do not declare the `main` field in their package.json
+ * https://github.com/oclif/config/pull/289#issuecomment-983904051
  */
-async function findRoot(name, root) {
-    // essentially just "cd .."
-    function* up(from) {
-        while (path.dirname(from) !== from) {
-            yield from;
-            from = path.dirname(from);
-        }
-        yield from;
-    }
+async function findRootLegacy(name, root) {
     for (const next of up(root)) {
@@ -75,2 +86,13 @@ let cur;
 }
+async function findRoot(name, root) {
+    if (name) {
+        let pkgPath;
+        try {
+            pkgPath = util_2.resolvePackage(name, { paths: [__dirname, root] });
+        }
+        catch (error) { }
+        return pkgPath ? findSourcesRoot(path.dirname(pkgPath)) : findRootLegacy(name, root);
+    }
+    return findSourcesRoot(root);
+}
 class Plugin {
@@ -77,0 +99,0 @@ // eslint-disable-next-line no-useless-constructor

lib/util.d.ts

@@ -8,4 +8,7 @@ export declare function flatMap<T, U>(arr: T[], fn: (i: T) => U[]): U[];
 export declare function exists(path: string): Promise<boolean>;
+export declare function resolvePackage(id: string, paths: {
+    paths: string[];
+}): string;
 export declare function loadJSON(path: string): Promise<any>;
 export declare function compact<T>(a: (T | undefined)[]): T[];
 export declare function uniq<T>(arr: T[]): T[];

lib/util.js

@@ -21,2 +21,6 @@ "use strict";
 exports.exists = exists;
+function resolvePackage(id, paths) {
+    return require.resolve(id, paths);
+}
+exports.resolvePackage = resolvePackage;
 function loadJSON(path) {
@@ -23,0 +27,0 @@ debug('loadJSON %s', path);

package.json

 {
   "name": "@oclif/config",
   "description": "base config object and standard interfaces for oclif components",
-  "version": "1.18.1",
+  "version": "1.18.2",
   "author": "Jeff Dickey @jdxcode",
@@ -6,0 +6,0 @@ "bugs": "https://github.com/oclif/config/issues",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

55201

increased by1.71%

Lines of code

1529

increased by1.93%

Worsened metrics

Number of low supply chain risk alerts

26

increased by4%

No dependency changes