@qoder-ai/qodercli
Advanced tools
@qoder-ai/qodercli - npm Package Compare versions
+49
-21
| #!/usr/bin/env node | ||
| const { spawn } = require('child_process'); | ||
| const { spawnSync } = require('child_process'); | ||
| const path = require('path'); | ||
@@ -10,2 +10,3 @@ const fs = require('fs'); | ||
| const pkgName = `@qoder-ai/qodercli-${target}`; | ||
| const subPkgDir = pkgName.split('/')[1]; // e.g. "qodercli-win32-x64" | ||
@@ -15,18 +16,38 @@ // 查找平台子包中的二进制 | ||
| // 尝试多种路径: | ||
| // 1. node_modules 中的子包(npm install 场景) | ||
| // 2. 同级目录(开发/调试场景) | ||
| // __dirname = .../node_modules/@qoder-ai/qodercli/bin/ | ||
| // npm global install 结构: | ||
| // prefix/node_modules/@qoder-ai/qodercli/ (主包) | ||
| // prefix/node_modules/@qoder-ai/qodercli-win32-x64/ (子包, 同级) | ||
| // npm local install 结构: | ||
| // project/node_modules/@qoder-ai/qodercli/ | ||
| // project/node_modules/@qoder-ai/qodercli-win32-x64/ (hoisted) | ||
| // 或 project/node_modules/@qoder-ai/qodercli/node_modules/@qoder-ai/qodercli-win32-x64/ (nested) | ||
| const candidates = [ | ||
| // 同级 scope 目录下 (global + hoisted local) | ||
| path.join(__dirname, '..', '..', subPkgDir, 'bin', BINARY_NAME), | ||
| // nested in main package's node_modules | ||
| path.join(__dirname, '..', 'node_modules', pkgName, 'bin', BINARY_NAME), | ||
| path.join(__dirname, '..', '..', pkgName.split('/')[1], 'bin', BINARY_NAME), | ||
| // 3 levels up (some pnpm/yarn structures) | ||
| path.join(__dirname, '..', '..', '..', 'node_modules', pkgName, 'bin', BINARY_NAME), | ||
| path.join(__dirname, target, BINARY_NAME), | ||
| // npm global on Windows may place under node_modules directly | ||
| path.join(__dirname, '..', '..', '..', subPkgDir, 'bin', BINARY_NAME), | ||
| // resolve from require (most reliable for complex layouts) | ||
| ]; | ||
| // Also try require.resolve to find the sub-package | ||
| try { | ||
| const subPkgJson = require.resolve(`${pkgName}/package.json`, { paths: [path.join(__dirname, '..')] }); | ||
| const subPkgBin = path.join(path.dirname(subPkgJson), 'bin', BINARY_NAME); | ||
| candidates.push(subPkgBin); | ||
| } catch {} | ||
| let binPath = null; | ||
| for (const p of candidates) { | ||
| if (fs.existsSync(p)) { | ||
| binPath = p; | ||
| break; | ||
| } | ||
| try { | ||
| if (fs.existsSync(p)) { | ||
| binPath = p; | ||
| break; | ||
| } | ||
| } catch {} | ||
| } | ||
@@ -39,11 +60,20 @@ | ||
| console.error(''); | ||
| console.error('This usually means:'); | ||
| console.error(' 1. Your platform is not supported, or'); | ||
| console.error(' 2. The optional dependency was not installed (try: npm install --include=optional)'); | ||
| console.error('__dirname:', __dirname); | ||
| console.error('Searched paths:'); | ||
| candidates.forEach(p => console.error(` - ${p} [${fs.existsSync(p) ? 'EXISTS' : 'NOT FOUND'}]`)); | ||
| console.error(''); | ||
| // List what's actually in the scope directory | ||
| const scopeDir = path.join(__dirname, '..', '..'); | ||
| try { | ||
| console.error('Contents of scope dir (' + scopeDir + '):'); | ||
| fs.readdirSync(scopeDir).forEach(f => console.error(' ' + f)); | ||
| } catch (e) { console.error(' (cannot read: ' + e.message + ')'); } | ||
| console.error(''); | ||
| console.error('Supported platforms: darwin-arm64, darwin-x64, linux-x64, linux-arm64, win32-x64'); | ||
| console.error('Try: npm install -g @qoder-ai/qodercli --include=optional'); | ||
| process.exit(1); | ||
| } | ||
| const child = spawn(binPath, process.argv.slice(2), { | ||
| // Use spawnSync for reliable cross-platform behavior | ||
| const result = spawnSync(binPath, process.argv.slice(2), { | ||
| stdio: 'inherit', | ||
@@ -53,9 +83,7 @@ windowsHide: false, | ||
| child.on('close', (code) => { | ||
| process.exit(code !== null ? code : 1); | ||
| }); | ||
| if (result.error) { | ||
| console.error('Failed to execute qodercli:', result.error.message); | ||
| process.exit(1); | ||
| } | ||
| child.on('error', (error) => { | ||
| console.error('Failed to execute qodercli:', error.message); | ||
| process.exit(1); | ||
| }); | ||
| process.exit(result.status !== null ? result.status : 1); |
+2
-6
| { | ||
| "name": "@qoder-ai/qodercli", | ||
| "version": "0.2.2-beta.7", | ||
| "version": "0.2.2-beta.8", | ||
| "description": "QoderCLI - AI-powered coding assistant", | ||
@@ -11,7 +11,3 @@ "private": false, | ||
| "optionalDependencies": { | ||
| "@qoder-ai/qodercli-darwin-arm64": "0.2.2-beta.7", | ||
| "@qoder-ai/qodercli-darwin-x64": "0.2.2-beta.7", | ||
| "@qoder-ai/qodercli-linux-x64": "0.2.2-beta.7", | ||
| "@qoder-ai/qodercli-linux-arm64": "0.2.2-beta.7", | ||
| "@qoder-ai/qodercli-win32-x64": "0.2.2-beta.7" | ||
| "@qoder-ai/qodercli-win32-x64": "0.2.2-beta.8" | ||
| }, | ||
@@ -18,0 +14,0 @@ "keywords": ["qoder", "ai", "cli", "coding", "assistant", "terminal"], |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
768058
0.16%- Dependency count
1
-80%- Lines of code
3175
0.83%Worsened metrics
- Number of low supply chain risk alerts
56
1.82%