@platformatic/foundation
Advanced tools
@platformatic/foundation - npm Package Compare versions
+54
-1
| import { FastifyError } from '@fastify/error' | ||
| import { JSONSchemaType } from 'ajv' | ||
| import { EventEmitter } from 'node:events' | ||
| import { Logger } from 'pino' | ||
| import { ParseArgsOptionsConfig } from 'node:util' | ||
| import { LevelWithSilentOrString, Logger } from 'pino' | ||
@@ -13,2 +14,54 @@ // Symbols | ||
| // Cli types | ||
| export function createCLIContext<T = {}>( | ||
| executableId?: string, | ||
| executableName?: string, | ||
| verbose?: boolean, | ||
| prettyPrint?: boolean, | ||
| options?: T | ||
| ): { | ||
| executableId: string | ||
| executableName: string | ||
| verbose: boolean | ||
| prettyPrint: boolean | ||
| } & T | ||
| export function logo(color?: boolean, name?: string): string | ||
| export function createCliLogger(level: LevelWithSilentOrString, noPretty: boolean): Logger | ||
| export function logFatalError(logger: Logger, ...args: any[]): false | ||
| export function parseArgs( | ||
| args: string[], | ||
| options: ParseArgsOptionsConfig, | ||
| stopAtFirstPositional?: boolean, | ||
| strict?: boolean | ||
| ): { | ||
| values: Record<string, any> | ||
| positionals: string[] | ||
| unparsed: string[] | ||
| tokens: any[] | ||
| } | ||
| export function getRoot(positionals?: string[]): string | ||
| export function applicationToEnvVariable(application: string): string | ||
| export function findRuntimeConfigurationFile( | ||
| logger: Logger, | ||
| root: string, | ||
| configurationFile?: string, | ||
| fallback?: boolean, | ||
| throwOnError?: boolean, | ||
| verifyPackages?: boolean, | ||
| executableName?: string | ||
| ): Promise<string | false | undefined> | ||
| export function fallbackToTemporaryConfigFile( | ||
| logger: Logger, | ||
| root: string, | ||
| verifyPackages: boolean | ||
| ): Promise<string | false | undefined> | ||
| // Configuration types | ||
@@ -15,0 +68,0 @@ export declare const envVariablePattern: RegExp |
+5
-3
| { | ||
| "name": "@platformatic/foundation", | ||
| "version": "3.41.0", | ||
| "version": "3.42.0", | ||
| "description": "Platformatic Foundation", | ||
@@ -33,3 +33,3 @@ "main": "index.js", | ||
| "semver": "^7.6.3", | ||
| "undici": "7.18.2", | ||
| "undici": "7.24.0", | ||
| "yaml": "^2.4.1" | ||
@@ -45,2 +45,3 @@ }, | ||
| "pino-test": "^1.0.1", | ||
| "tstyche": "^6.2.0", | ||
| "typescript": "^5.5.4" | ||
@@ -52,5 +53,6 @@ }, | ||
| "scripts": { | ||
| "test": "node --test --test-reporter=cleaner-spec-reporter --test-concurrency=1 --test-timeout=2000000 test/*.test.js test/**/*.test.js", | ||
| "test": "npm run test:types && node --test --test-reporter=cleaner-spec-reporter --test-concurrency=1 --test-timeout=2000000 test/*.test.js test/**/*.test.js", | ||
| "test:types": "tstyche", | ||
| "lint": "eslint" | ||
| } | ||
| } |
New alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
112624
1.26%- Lines of code
3363
1.33%Worsened metrics
- Dev dependency count
9
12.5%Dependency changes
+ Added
undici@7.24.0(transitive)- Removed
undici@7.18.2(transitive)Updated
undici@7.24.0