@plugin-light/shared
Advanced tools
@plugin-light/shared - npm Package Compare versions
| export { getCdnList, type CdnConfig } from '@plugin-light/const'; |
| export { NPM_PACKAGES_LIST, type NpmPackageConfig } from '@plugin-light/const'; |
| export { getPipelineRunLink } from './pipeline'; |
| export declare function getPipelineRunLink({ pipelineId, pipelineRunId, }: { | ||
| pipelineId: string; | ||
| pipelineRunId: string; | ||
| }): string; |
| export { extractRepoPath } from './repo'; |
| /** | ||
| * 从 repo 地址中提取仓库路径 | ||
| * 支持 git@git.aow.com:pmd-mobile/pmd-h5/plugin-light.git 和 https://github.com/novlan1/plugin-light 两种格式 | ||
| * @param repo 仓库地址 | ||
| * @returns 仓库路径,如 pmd-mobile/pmd-h5/plugin-light | ||
| */ | ||
| export declare function extractRepoPath(repo: string): string; |
| export declare const scssLogger: { | ||
| warn(message: any, options: any): void; | ||
| warn(message: string): void; | ||
| }; |
+24
-20
@@ -1,27 +0,31 @@ | ||
| export { isInBlackList, } from './black-list'; | ||
| export { checkBundleAnalyze, checkDebugMode, } from './bundle-analyze'; | ||
| export { ALL_PLATFORM, CDN_MAP, CSS_MAP, CSS_POSTFIX_MAP, HTML_MAP, PLATFORM_MAP, PLATFORMS_ALL, PLATFORMS_MP, } from './config'; | ||
| export { AEGIS_EXTERNAL_SCRIPT_LINK, DEFAULT_ADAPTER_DIRS, DEFAULT_TRANSPILE_DEPENDENCIES, EXTERNAL_LINK_MAP, UNI_SIMPLE_ROUTER_SCRIPT_LINK, } from './config-project'; | ||
| export { createLogDir, getRelativePath, normalizePath, parseSetDeps, removeFirstSlash, ROOT_NAME, saveJsonToLog, updateAssetSource, } from './helper'; | ||
| export { DEFAULT_CONTEXT_OBJECT, } from './context'; | ||
| export { scssLogger, } from './css'; | ||
| export { getDeps, } from './deps'; | ||
| export { getImportOrderRule } from './eslint-rules'; | ||
| export { findDependencies, } from './find-dependencies'; | ||
| export { checkH5, } from './h5'; | ||
| export { getLoaderFile, getLoaderProdFile, } from './loader-file'; | ||
| export { recordLoaderLog, saveLoaderLog, } from './loader-log'; | ||
| export { shouldUseLoader, } from './loader-options'; | ||
| export { getWxmlAndWxssPostfix, } from './platform'; | ||
| export { getProjectName, getSubProjectName, } from './project-name'; | ||
| export { revertManifest, updateManifest, } from './replace-manifest'; | ||
| export { getRootDir, } from './root'; | ||
| export { getSubProjectConfig, getSubProjectRoot, } from './sub-project'; | ||
| export { getAppPlatform, getPlatform, getUtsPlatform, isApp, isAppAndroid, isAppIOS, isH5, isMp, isMpAlipay, isMpBaidu, isMpKuaishou, isMpQQ, isMpToutiao, isMpWeixin, isQuickapp, isQuickappHuawei, isQuickappUnion, } from './uni-env'; | ||
| export * from './black-list'; | ||
| export * from './bundle-analyze'; | ||
| export * from './cdn'; | ||
| export * from './config'; | ||
| export * from './config-project'; | ||
| export * from './context'; | ||
| export * from './cross-game-style'; | ||
| export * from './css'; | ||
| export * from './deps'; | ||
| export * from './eslint-rules'; | ||
| export * from './find-dependencies'; | ||
| export * from './gen-version'; | ||
| export * from './h5'; | ||
| export * from './helper'; | ||
| export * from './ifdef'; | ||
| export * from './inject-dynamic-style'; | ||
| export * from './loader-file'; | ||
| export * from './loader-log'; | ||
| export * from './loader-options'; | ||
| export * from './node-module-file'; | ||
| export * from './npm-publish'; | ||
| export * from './pipeline'; | ||
| export * from './platform'; | ||
| export * from './project-name'; | ||
| export * from './replace-manifest'; | ||
| export * from './replace-vue-directive'; | ||
| export * from './repo'; | ||
| export * from './root'; | ||
| export * from './sub-project'; | ||
| export * from './uni-env'; | ||
| export * from './v-lazy'; |
+5
-2
| { | ||
| "name": "@plugin-light/shared", | ||
| "version": "1.0.3", | ||
| "version": "1.0.9", | ||
| "homepage": "https://novlan1.github.io/docs/plugin-light/zh/plugin-light-shared.html", | ||
@@ -20,4 +20,7 @@ "bugs": { | ||
| "loader-utils": "^2.0.4", | ||
| "t-comm": "^3.0.22" | ||
| "@plugin-light/const": "^0.1.1" | ||
| }, | ||
| "devDependencies": { | ||
| "t-comm": "^3.0.33" | ||
| }, | ||
| "scripts": { | ||
@@ -24,0 +27,0 @@ "build": "rm -rf lib && rollup -c", |
Sorry, the diff of this file is too big to display
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 4 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 13 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 9 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
568269
1171.35%- Number of package files
52
13.04%- Lines of code
23145
1935.62%Worsened metrics
- Dev dependency count
1
Infinity%- Number of low supply chain risk alerts
118
436.36%- Number of medium supply chain risk alerts
20
Infinity%Dependency changes
+ Added
@plugin-light/const@^0.1.1+ Added
@plugin-light/const@0.1.6(transitive)- Removed
t-comm@^3.0.22- Removed
@babel/runtime@7.29.2(transitive)- Removed
agent-base@6.0.2(transitive)- Removed
ajv@6.15.0(transitive)- Removed
asn1@0.2.6(transitive)- Removed
assert-plus@1.0.0(transitive)- Removed
async-function@1.0.0(transitive)- Removed
async-generator-function@1.0.0(transitive)- Removed
asynckit@0.4.0(transitive)- Removed
aws-sign2@0.7.0(transitive)- Removed
aws4@1.13.2(transitive)- Removed
axios@1.16.1(transitive)- Removed
bcrypt-pbkdf@1.0.2(transitive)- Removed
boolbase@1.0.0(transitive)- Removed
call-bind-apply-helpers@1.0.2(transitive)- Removed
call-bound@1.0.4(transitive)- Removed
caseless@0.12.0(transitive)- Removed
cheerio@1.2.0(transitive)- Removed
cheerio-select@2.1.0(transitive)- Removed
chownr@2.0.0(transitive)- Removed
combined-stream@1.0.8(transitive)- Removed
commander@10.0.1(transitive)- Removed
core-util-is@1.0.2(transitive)- Removed
cron-parser@4.9.0(transitive)- Removed
css-select@5.2.2(transitive)- Removed
css-what@6.2.2(transitive)- Removed
dashdash@1.14.1(transitive)- Removed
debug@4.4.3(transitive)- Removed
delayed-stream@1.0.0(transitive)- Removed
dom-serializer@2.0.0(transitive)- Removed
domelementtype@2.3.0(transitive)- Removed
domhandler@5.0.3(transitive)- Removed
domutils@3.2.2(transitive)- Removed
dunder-proto@1.0.1(transitive)- Removed
ecc-jsbn@0.1.2(transitive)- Removed
encoding-sniffer@0.2.1(transitive)- Removed
entities@4.5.06.0.17.0.1(transitive)- Removed
es-define-property@1.0.1(transitive)- Removed
es-errors@1.3.0(transitive)- Removed
es-object-atoms@1.1.2(transitive)- Removed
es-set-tostringtag@2.1.0(transitive)- Removed
extend@3.0.2(transitive)- Removed
extsprintf@1.3.0(transitive)- Removed
fast-deep-equal@3.1.3(transitive)- Removed
fast-json-stable-stringify@2.1.0(transitive)- Removed
follow-redirects@1.16.0(transitive)- Removed
forever-agent@0.6.1(transitive)- Removed
form-data@2.3.34.0.5(transitive)- Removed
fs-minipass@2.1.0(transitive)- Removed
function-bind@1.1.2(transitive)- Removed
generator-function@2.0.1(transitive)- Removed
get-intrinsic@1.3.1(transitive)- Removed
get-proto@1.0.1(transitive)- Removed
getpass@0.1.7(transitive)- Removed
gopd@1.2.0(transitive)- Removed
har-schema@2.0.0(transitive)- Removed
har-validator@5.1.5(transitive)- Removed
has-symbols@1.1.0(transitive)- Removed
has-tostringtag@1.0.2(transitive)- Removed
hasown@2.0.3(transitive)- Removed
htmlparser2@10.1.0(transitive)- Removed
http-signature@1.2.0(transitive)- Removed
https-proxy-agent@5.0.1(transitive)- Removed
iconv-lite@0.6.3(transitive)- Removed
is-typedarray@1.0.0(transitive)- Removed
isstream@0.1.2(transitive)- Removed
jose@4.15.9(transitive)- Removed
jsbn@0.1.1(transitive)- Removed
json-schema@0.4.0(transitive)- Removed
json-schema-traverse@0.4.1(transitive)- Removed
json-stringify-safe@5.0.1(transitive)- Removed
jsprim@1.4.2(transitive)- Removed
luxon@3.7.2(transitive)- Removed
math-intrinsics@1.1.0(transitive)- Removed
mime-db@1.52.0(transitive)- Removed
mime-types@2.1.35(transitive)- Removed
minipass@3.3.65.0.0(transitive)- Removed
minizlib@2.1.2(transitive)- Removed
mkdirp@1.0.4(transitive)- Removed
ms@2.1.3(transitive)- Removed
nth-check@2.1.1(transitive)- Removed
oauth-sign@0.9.0(transitive)- Removed
object-inspect@1.13.4(transitive)- Removed
parse5@7.3.0(transitive)- Removed
parse5-htmlparser2-tree-adapter@7.1.0(transitive)- Removed
parse5-parser-stream@7.1.2(transitive)- Removed
performance-now@2.1.0(transitive)- Removed
proxy-from-env@2.1.0(transitive)- Removed
psl@1.15.0(transitive)- Removed
punycode@2.3.1(transitive)- Removed
qs@6.15.26.5.5(transitive)- Removed
request@2.88.2(transitive)- Removed
safe-buffer@5.2.1(transitive)- Removed
safer-buffer@2.1.2(transitive)- Removed
semver@7.8.1(transitive)- Removed
side-channel@1.1.0(transitive)- Removed
side-channel-list@1.0.1(transitive)- Removed
side-channel-map@1.0.1(transitive)- Removed
side-channel-weakmap@1.0.2(transitive)- Removed
sshpk@1.18.0(transitive)- Removed
t-comm@3.2.36(transitive)- Removed
tar@6.2.1(transitive)- Removed
tough-cookie@2.5.0(transitive)- Removed
tunnel-agent@0.6.0(transitive)- Removed
tweetnacl@0.14.5(transitive)- Removed
undici@7.25.0(transitive)- Removed
uri-js@4.4.1(transitive)- Removed
uuid@3.4.0(transitive)- Removed
verror@1.10.0(transitive)- Removed
whatwg-encoding@3.1.1(transitive)- Removed
whatwg-mimetype@4.0.0(transitive)- Removed
yallist@4.0.0(transitive)