@php-wasm/universal
Advanced tools
@php-wasm/universal - npm Package Compare versions
+1
-1
@@ -39,3 +39,3 @@ export type { MessageListener, PHPOutput, PHPRunOptions, UniversalPHP, PHPEvent, PHPEventListener, HTTPMethod, PHPRequest, PHPRequestHeaders, SpawnHandler, } from './universal-php'; | ||
| export { withResolvedPHPExtensions, installPHPExtensionFilesSync, PHP_EXTENSIONS_DIR, resolvePHPExtension, } from './load-extension'; | ||
| export type { InstallPHPExtensionFilesOptions, PHPExtensionIniDirective, ResolvedInstallOptions, ResolvedPHPExtension, PHPExtensionManifest, PHPExtensionManifestExtraFiles, PHPExtensionSource, } from './load-extension'; | ||
| export type { InstallPHPExtensionFilesOptions, PHPExtensionIniDirective, PHPExtensionLoadDirective, ResolvedInstallOptions, ResolvedPHPExtension, PHPExtensionManifest, PHPExtensionManifestExtraFiles, PHPExtensionSource, } from './load-extension'; | ||
| export { DEFAULT_BASE_URL, ensurePathPrefix, removePathPrefix, toRelativeUrl, } from './urls'; | ||
@@ -42,0 +42,0 @@ export { isExitCode } from './is-exit-code'; |
@@ -13,2 +13,3 @@ import type { Emscripten } from './emscripten-types'; | ||
| export type PHPExtensionIniDirective = 'extension' | 'zend_extension'; | ||
| export type PHPExtensionLoadDirective = PHPExtensionIniDirective | false; | ||
| /** | ||
@@ -23,2 +24,17 @@ * Extension artifact manifest. Lets callers publish a matrix of `.so` files | ||
| mode?: 'php-extension'; | ||
| /** | ||
| * The first directive of the generated startup `.ini` file. Defaults to | ||
| * `extension`; use `zend_extension` for Zend extensions like Xdebug. | ||
| * Use `false` to stage the `.so` without registering it in php.ini. | ||
| */ | ||
| loadWithIniDirective?: PHPExtensionLoadDirective; | ||
| /** Additional `key=value` lines for the generated startup `.ini` file. */ | ||
| iniEntries?: Record<string, string>; | ||
| /** Environment variables added before the extension is loaded. */ | ||
| env?: Record<string, string>; | ||
| /** | ||
| * VFS directory where PHP.wasm writes the extension `.so` file and its | ||
| * per-extension ini file. Defaults to `PHP_EXTENSIONS_DIR`. | ||
| */ | ||
| extensionDir?: string; | ||
| artifacts: Array<{ | ||
@@ -90,3 +106,3 @@ /** PHP major/minor version, e.g. `8.4`. */ | ||
| */ | ||
| loadWithIniDirective?: PHPExtensionIniDirective; | ||
| loadWithIniDirective?: PHPExtensionLoadDirective; | ||
| /** Additional `key=value` lines for the generated startup `.ini` file. */ | ||
@@ -125,3 +141,3 @@ iniEntries?: Record<string, string>; | ||
| /** Absolute VFS path the generated per-extension ini file is staged at. */ | ||
| iniPath: string; | ||
| iniPath?: string; | ||
| /** | ||
@@ -132,3 +148,3 @@ * Contents of the generated per-extension ini file. The first line is the | ||
| */ | ||
| iniContent: string; | ||
| iniContent?: string; | ||
| /** Sidecar files staged alongside the extension. Optional. */ | ||
@@ -167,3 +183,3 @@ extraFiles?: ResolvedExtraFiles; | ||
| */ | ||
| loadWithIniDirective?: PHPExtensionIniDirective; | ||
| loadWithIniDirective?: PHPExtensionLoadDirective; | ||
| /** Additional `key=value` lines for the generated startup `.ini` file. */ | ||
@@ -170,0 +186,0 @@ iniEntries?: Record<string, string>; |
+6
-6
| { | ||
| "name": "@php-wasm/universal", | ||
| "version": "3.1.30", | ||
| "version": "3.1.31", | ||
| "description": "PHP.wasm – emscripten bindings for PHP", | ||
@@ -40,3 +40,3 @@ "repository": { | ||
| "license": "GPL-2.0-or-later", | ||
| "gitHead": "1034030cf2893113dfc0d3a3ff79b1c60906cabe", | ||
| "gitHead": "d84feb0c0a69675bd502b8c5f51b24ee52822c8c", | ||
| "engines": { | ||
@@ -48,6 +48,6 @@ "node": ">=20.10.0", | ||
| "ini": "4.1.2", | ||
| "@php-wasm/logger": "3.1.30", | ||
| "@php-wasm/util": "3.1.30", | ||
| "@php-wasm/stream-compression": "3.1.30", | ||
| "@php-wasm/progress": "3.1.30" | ||
| "@php-wasm/logger": "3.1.31", | ||
| "@php-wasm/util": "3.1.31", | ||
| "@php-wasm/stream-compression": "3.1.31", | ||
| "@php-wasm/progress": "3.1.31" | ||
| }, | ||
@@ -54,0 +54,0 @@ "packageManager": "npm@10.9.2", |
@@ -18,2 +18,24 @@ { | ||
| }, | ||
| "loadWithIniDirective": { | ||
| "$ref": "#/definitions/PHPExtensionLoadDirective", | ||
| "description": "The first directive of the generated startup `.ini` file. Defaults to `extension`; use `zend_extension` for Zend extensions like Xdebug. Use `false` to stage the `.so` without registering it in php.ini." | ||
| }, | ||
| "iniEntries": { | ||
| "type": "object", | ||
| "additionalProperties": { | ||
| "type": "string" | ||
| }, | ||
| "description": "Additional `key=value` lines for the generated startup `.ini` file." | ||
| }, | ||
| "env": { | ||
| "type": "object", | ||
| "additionalProperties": { | ||
| "type": "string" | ||
| }, | ||
| "description": "Environment variables added before the extension is loaded." | ||
| }, | ||
| "extensionDir": { | ||
| "type": "string", | ||
| "description": "VFS directory where PHP.wasm writes the extension `.so` file and its per-extension ini file. Defaults to `PHP_EXTENSIONS_DIR`." | ||
| }, | ||
| "artifacts": { | ||
@@ -50,2 +72,18 @@ "type": "array", | ||
| }, | ||
| "PHPExtensionLoadDirective": { | ||
| "anyOf": [ | ||
| { | ||
| "$ref": "#/definitions/PHPExtensionIniDirective" | ||
| }, | ||
| { | ||
| "type": "boolean", | ||
| "const": false | ||
| } | ||
| ] | ||
| }, | ||
| "PHPExtensionIniDirective": { | ||
| "type": "string", | ||
| "enum": ["extension", "zend_extension"], | ||
| "description": "The php.ini directive used to load the extension. Use `extension` for regular PHP extensions and `zend_extension` for Zend extensions like Xdebug." | ||
| }, | ||
| "PHPExtensionManifestExtraFiles": { | ||
@@ -52,0 +90,0 @@ "type": "object", |
+7
-6
@@ -24,4 +24,3 @@ # Shared PHP.wasm runtime API | ||
| "phpVersion": "8.4", | ||
| "file": "wp_mysql_parser-php8.4-jspi.so", | ||
| "sha256": "..." | ||
| "sourcePath": "wp_mysql_parser-php8.4-jspi.so" | ||
| } | ||
@@ -32,5 +31,5 @@ ] | ||
| `file` may be absolute, or relative to the manifest URL. If you pass an inline | ||
| manifest instead of `manifestUrl`, pass `baseUrl` to choose where relative | ||
| artifact files are resolved from. | ||
| `sourcePath` may be absolute, or relative to the manifest URL. If you pass an | ||
| inline manifest instead of `manifestUrl`, pass `baseUrl` to choose where | ||
| relative artifact files are resolved from. | ||
@@ -45,3 +44,5 @@ Asyncify extension loading is reserved for bundled extensions shipped with the | ||
| options so the extension `.so`, generated `.ini`, sidecar files, and environment | ||
| variables are ready before PHP scans its `.ini` files. | ||
| variables are ready before PHP scans its `.ini` files. When | ||
| `loadWithIniDirective` is `false`, the `.so` and sidecar files are still staged | ||
| but no `.ini` file or `PHP_INI_SCAN_DIR` entry is generated. | ||
@@ -48,0 +49,0 @@ ```ts |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Potential vulnerability
Supply chain riskInitial human review suggests the presence of a vulnerability in this package. It is pending further analysis and confirmation.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
1612472
7.19%- Lines of code
11885
7.08%- Number of lines in readme file
69
1.47%- Number of medium supply chain risk alerts
11
-8.33%Dependency changes
+ Added
@php-wasm/logger@3.1.31(transitive)+ Added
@php-wasm/progress@3.1.31(transitive)+ Added
@php-wasm/stream-compression@3.1.31(transitive)+ Added
@php-wasm/util@3.1.31(transitive)- Removed
@php-wasm/logger@3.1.30(transitive)- Removed
@php-wasm/progress@3.1.30(transitive)- Removed
@php-wasm/stream-compression@3.1.30(transitive)- Removed
@php-wasm/util@3.1.30(transitive)Updated
@php-wasm/logger@3.1.31Updated
@php-wasm/progress@3.1.31Updated
@php-wasm/util@3.1.31