New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@signalapp/better-sqlite3
Advanced tools
@signalapp/better-sqlite3 - npm Package Compare versions
Comparing version 9.0.11 to 9.0.12
@@ -15,10 +15,11 @@ const https = require('https'); | ||
| const tmpFile = path.join(__dirname, 'unverified.tmp'); | ||
| const finalFile = path.join(__dirname, 'sqlcipher.tar.gz'); | ||
| const buildFile = process.argv[2]; | ||
| const targetFile = path.join(__dirname, 'sqlcipher.tar.gz'); | ||
| const tmpFile = `${targetFile}.tmp`; | ||
| async function main() { | ||
| if (fs.statSync(finalFile, { throwIfNoEntry: false })) { | ||
| if (fs.statSync(targetFile, { throwIfNoEntry: false })) { | ||
| const hash = crypto.createHash('sha256'); | ||
| const existingHash = await pipeline( | ||
| fs.createReadStream(finalFile), | ||
| fs.createReadStream(targetFile), | ||
| hash, | ||
@@ -28,2 +29,3 @@ ); | ||
| console.log('local build artifact is up-to-date'); | ||
| fs.copyFileSync(targetFile, buildFile); | ||
| return; | ||
@@ -33,2 +35,4 @@ } | ||
| console.log('local build artifact is outdated'); | ||
| } else { | ||
| console.log('local build artifact is absent'); | ||
| } | ||
@@ -60,6 +64,7 @@ download(); | ||
| fs.renameSync(tmpFile, finalFile); | ||
| }) | ||
| fs.renameSync(tmpFile, targetFile); | ||
| fs.copyFileSync(targetFile, buildFile); | ||
| }); | ||
| } | ||
| main(); |
@@ -5,4 +5,4 @@ 'use strict'; | ||
| const dest = process.argv[2]; | ||
| const source = path.join(__dirname, 'sqlcipher.tar.gz'); | ||
| const source = process.argv[2]; | ||
| const dest = process.argv[3]; | ||
@@ -9,0 +9,0 @@ process.on('unhandledRejection', (err) => { throw err; }); |
| { | ||
| "name": "@signalapp/better-sqlite3", | ||
| "version": "9.0.11", | ||
| "version": "9.0.12", | ||
| "description": "The fastest and simplest library for SQLite3 in Node.js.", | ||
@@ -31,3 +31,2 @@ "homepage": "http://github.com/WiseLibs/better-sqlite3", | ||
| "mocha": "^8.3.2", | ||
| "node-gyp": "^9.1.0", | ||
| "nodemark": "^0.3.0", | ||
@@ -39,8 +38,4 @@ "sqlite": "^4.0.23", | ||
| "format": "xcrun clang-format --style=chromium -Werror --verbose -i src/*.cpp src/*.hpp", | ||
| "install": "npm run download && npm run build-release", | ||
| "build-release": "node-gyp rebuild --release", | ||
| "build-debug": "node-gyp rebuild --debug", | ||
| "test": "mocha --exit --slow=75 --timeout=5000", | ||
| "benchmark": "node benchmark", | ||
| "download": "node ./deps/download.js" | ||
| "benchmark": "node benchmark" | ||
| }, | ||
@@ -47,0 +42,0 @@ "license": "MIT", |
Sorry, the diff of this file is not supported yet
Fixed alerts
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.21%
182271
- Dev dependency count
- decreased by-12.5%
7
- Lines of code
- increased by0.63%
793
- Number of high supply chain risk alerts
- decreased by-100%
0
No dependency changes