@sanity/util - npm Package Compare versions

Comparing version 0.106.28-next to 0.106.30-next

lib/index.js

@@ -6,3 +6,3 @@ 'use strict';
 });
-exports.safeJson = exports.lazyRequire = exports.reduceConfig = exports.getConfig = undefined;
+exports.getSanityVersions = exports.safeJson = exports.lazyRequire = exports.reduceConfig = exports.getConfig = undefined;
 
@@ -25,2 +25,6 @@ var _getConfig = require('./getConfig');
 
+var _getSanityVersions = require('./getSanityVersions');
+
+var _getSanityVersions2 = _interopRequireDefault(_getSanityVersions);
+
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
@@ -31,2 +35,3 @@
 exports.lazyRequire = _lazyRequire2.default;
-exports.safeJson = _safeJson2.default;
+exports.safeJson = _safeJson2.default;
+exports.getSanityVersions = _getSanityVersions2.default;

package.json

 {
   "name": "@sanity/util",
-  "version": "0.106.28-next",
+  "version": "0.106.30-next",
   "description": "Utilities shared across projects of Sanity",
@@ -26,3 +26,4 @@ "main": "lib/index.js",
     "fs-promise": "^2.0.0",
-    "lodash": "^4.17.4"
+    "lodash": "^4.17.4",
+    "resolve-from": "^3.0.0"
   },
@@ -33,5 +34,5 @@ "devDependencies": {
     "babel-preset-stage-2": "^6.22.0",
-    "chai": "^3.5.0",
-    "chai-as-promised": "^6.0.0",
-    "eslint": "^3.19.0",
+    "chai": "^4.0.2",
+    "chai-as-promised": "^7.0.0",
+    "eslint": "^4.0.0",
     "eslint-config-sanity": "^2.1.4",
@@ -38,0 +39,0 @@ "mocha": "^3.2.0",

test/util.test.js

@@ -0,4 +1,5 @@
+import path from 'path'
 import {describe, it} from 'mocha'
 import {expect} from 'chai'
-import reduceConfig from '../src/reduceConfig'
+import {reduceConfig, getSanityVersions} from '../src'
 
@@ -51,2 +52,12 @@ describe('util', () => {
   })
+
+  describe('getSanityVersions', () => {
+    it('extracts correct versions', () => {
+      const versions = getSanityVersions(path.join(__dirname, 'versionsFixture'))
+      expect(versions).to.deep.equal({
+        '@sanity/base': '0.999.99',
+        '@sanity/components': '0.777.77'
+      })
+    })
+  })
 })

New alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

69094

increased by12.48%

Number of package files

21

increased by16.67%

Lines of code

246

increased by19.42%

Worsened metrics

Dependency count

3

increased by50%

Number of low supply chain risk alerts

8

increased by33.33%

Dependency changes

• + Addedresolve-from@^3.0.0

• + Addedresolve-from@3.0.0(transitive)