@sveltejs/adapter-auto - npm Package Compare versions

Comparing version 1.0.0-next.87 to 1.0.0-next.88

index.js

@@ -0,2 +1,7 @@
+import { execSync } from 'child_process';
+import { pathToFileURL } from 'url';
+import { resolve } from 'import-meta-resolve';
 import { adapters } from './adapters.js';
+import { dirname, join } from 'path';
+import { existsSync } from 'fs';
 
@@ -6,2 +11,40 @@ /** @type {import('./index').default} */
 
+/** @type {Record<string, (name: string) => string>} */
+const commands = {
+	npm: (name) => `npm install -D ${name}`,
+	pnpm: (name) => `pnpm add -D ${name}`,
+	yarn: (name) => `yarn add -D ${name}`
+};
+
+function detect_lockfile() {
+	let dir = process.cwd();
+
+	do {
+		if (existsSync(join(dir, 'pnpm-lock.yaml'))) return 'pnpm';
+		if (existsSync(join(dir, 'yarn.lock'))) return 'yarn';
+		if (existsSync(join(dir, 'package-lock.json'))) return 'npm';
+	} while (dir !== (dir = dirname(dir)));
+
+	return 'npm';
+}
+
+function detect_package_manager() {
+	const manager = detect_lockfile();
+
+	try {
+		execSync(`${manager} --version`);
+		return manager;
+	} catch {
+		return 'npm';
+	}
+}
+
+/** @param {string} name */
+async function import_from_cwd(name) {
+	const cwd = pathToFileURL(process.cwd()).href;
+	const url = await resolve(name, cwd + '/x.js');
+
+	return import(url);
+}
+
 for (const candidate of adapters) {
@@ -13,16 +56,3 @@ if (candidate.test()) {
 		try {
-			module = await import(candidate.module);
-
-			fn = () => {
-				const adapter = module.default();
-				return {
-					...adapter,
-					adapt: (builder) => {
-						builder.log.info(`Detected environment: ${candidate.name}. Using ${candidate.module}`);
-						return adapter.adapt(builder);
-					}
-				};
-			};
-
-			break;
+			module = await import_from_cwd(candidate.module);
 		} catch (error) {
@@ -33,9 +63,44 @@ if (
 			) {
-				throw new Error(
-					`It looks like ${candidate.module} is not installed. Please install it and try building your project again.`
-				);
+				const package_manager = detect_package_manager();
+				const command = commands[package_manager](candidate.module);
+
+				try {
+					console.log(`Installing ${candidate.module}...`);
+
+					execSync(command, {
+						stdio: 'inherit',
+						env: {
+							...process.env,
+							NODE_ENV: undefined
+						}
+					});
+
+					module = await import_from_cwd(candidate.module);
+
+					console.log(`Successfully installed ${candidate.module}.`);
+					console.warn(
+						`\nIf you plan on staying on this deployment platform, consider replacing @sveltejs/adapter-auto with ${candidate.module}. This will give you faster and more robust installs, and more control over deployment configuration.\n`
+					);
+				} catch (e) {
+					throw new Error(
+						`Could not install ${candidate.module}. Please install it yourself by adding it to your package.json's devDependencies and try building your project again.`
+					);
+				}
+			} else {
+				throw error;
 			}
+		}
 
-			throw error;
-		}
+		fn = () => {
+			const adapter = module.default();
+			return {
+				...adapter,
+				adapt: (builder) => {
+					builder.log.info(`Detected environment: ${candidate.name}. Using ${candidate.module}`);
+					return adapter.adapt(builder);
+				}
+			};
+		};
+
+		break;
 	}
@@ -42,0 +107,0 @@ }

package.json

 {
   "name": "@sveltejs/adapter-auto",
-  "version": "1.0.0-next.87",
+  "version": "1.0.0-next.88",
   "repository": {
@@ -27,7 +27,2 @@ "type": "git",
   ],
-  "dependencies": {
-    "@sveltejs/adapter-cloudflare": "1.0.0-next.40",
-    "@sveltejs/adapter-netlify": "1.0.0-next.84",
-    "@sveltejs/adapter-vercel": "1.0.0-next.81"
-  },
   "devDependencies": {
@@ -37,2 +32,5 @@ "@types/node": "^16.11.68",
   },
+  "dependencies": {
+    "import-meta-resolve": "^2.1.0"
+  },
   "scripts": {
@@ -39,0 +37,0 @@ "lint": "prettier --check . --config ../../.prettierrc --ignore-path .gitignore",

New alerts

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

6763

increased by34.21%

Dependency count

1

decreased by-66.67%

Lines of code

122

increased by79.41%

Worsened metrics

Number of low supply chain risk alerts

2

increased byInfinity%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedimport-meta-resolve@^2.1.0

• + Addedimport-meta-resolve@2.2.2(transitive)

• - Removed@sveltejs/adapter-cloudflare@1.0.0-next.40

• - Removed@sveltejs/adapter-netlify@1.0.0-next.84

• - Removed@sveltejs/adapter-vercel@1.0.0-next.81

• - Removed@cloudflare/workers-types@3.19.0(transitive)

• - Removed@esbuild/android-arm@0.15.18(transitive)

• - Removed@esbuild/linux-loong64@0.15.18(transitive)

• - Removed@iarna/toml@2.2.5(transitive)

• - Removed@mapbox/node-pre-gyp@1.0.11(transitive)

• - Removed@rollup/pluginutils@4.2.1(transitive)

• - Removed@sveltejs/adapter-cloudflare@1.0.0-next.40(transitive)

• - Removed@sveltejs/adapter-netlify@1.0.0-next.84(transitive)

• - Removed@sveltejs/adapter-vercel@1.0.0-next.81(transitive)

• - Removed@vercel/nft@0.22.6(transitive)

• - Removedabbrev@1.1.1(transitive)

• - Removedacorn@8.12.1(transitive)

• - Removedagent-base@6.0.2(transitive)

• - Removedansi-regex@5.0.1(transitive)

• - Removedaproba@2.0.0(transitive)

• - Removedare-we-there-yet@2.0.0(transitive)

• - Removedasync-sema@3.1.1(transitive)

• - Removedbalanced-match@1.0.2(transitive)

• - Removedbindings@1.5.0(transitive)

• - Removedbrace-expansion@1.1.11(transitive)

• - Removedbraces@3.0.3(transitive)

• - Removedchownr@2.0.0(transitive)

• - Removedcolor-support@1.1.3(transitive)

• - Removedconcat-map@0.0.1(transitive)

• - Removedconsole-control-strings@1.1.0(transitive)

• - Removeddebug@4.3.5(transitive)

• - Removeddelegates@1.0.0(transitive)

• - Removeddetect-libc@2.0.3(transitive)

• - Removedemoji-regex@8.0.0(transitive)

• - Removedesbuild@0.15.18(transitive)

• - Removedesbuild-android-64@0.15.18(transitive)

• - Removedesbuild-android-arm64@0.15.18(transitive)

• - Removedesbuild-darwin-64@0.15.18(transitive)

• - Removedesbuild-darwin-arm64@0.15.18(transitive)

• - Removedesbuild-freebsd-64@0.15.18(transitive)

• - Removedesbuild-freebsd-arm64@0.15.18(transitive)

• - Removedesbuild-linux-32@0.15.18(transitive)

• - Removedesbuild-linux-64@0.15.18(transitive)

• - Removedesbuild-linux-arm@0.15.18(transitive)

• - Removedesbuild-linux-arm64@0.15.18(transitive)

• - Removedesbuild-linux-mips64le@0.15.18(transitive)

• - Removedesbuild-linux-ppc64le@0.15.18(transitive)

• - Removedesbuild-linux-riscv64@0.15.18(transitive)

• - Removedesbuild-linux-s390x@0.15.18(transitive)

• - Removedesbuild-netbsd-64@0.15.18(transitive)

• - Removedesbuild-openbsd-64@0.15.18(transitive)

• - Removedesbuild-sunos-64@0.15.18(transitive)

• - Removedesbuild-windows-32@0.15.18(transitive)

• - Removedesbuild-windows-64@0.15.18(transitive)

• - Removedesbuild-windows-arm64@0.15.18(transitive)

• - Removedestree-walker@2.0.2(transitive)

• - Removedfile-uri-to-path@1.0.0(transitive)

• - Removedfill-range@7.1.1(transitive)

• - Removedfs-minipass@2.1.0(transitive)

• - Removedfs.realpath@1.0.0(transitive)

• - Removedgauge@3.0.2(transitive)

• - Removedglob@7.2.3(transitive)

• - Removedgraceful-fs@4.2.11(transitive)

• - Removedhas-unicode@2.0.1(transitive)

• - Removedhttps-proxy-agent@5.0.1(transitive)

• - Removedinflight@1.0.6(transitive)

• - Removedinherits@2.0.4(transitive)

• - Removedis-fullwidth-code-point@3.0.0(transitive)

• - Removedis-number@7.0.0(transitive)

• - Removedmake-dir@3.1.0(transitive)

• - Removedmicromatch@4.0.7(transitive)

• - Removedminimatch@3.1.2(transitive)

• - Removedminipass@3.3.65.0.0(transitive)

• - Removedminizlib@2.1.2(transitive)

• - Removedmkdirp@1.0.4(transitive)

• - Removedmrmime@1.0.1(transitive)

• - Removedms@2.1.2(transitive)

• - Removednode-fetch@2.7.0(transitive)

• - Removednode-gyp-build@4.8.1(transitive)

• - Removednopt@5.0.0(transitive)

• - Removednpmlog@5.0.1(transitive)

• - Removedobject-assign@4.1.1(transitive)

• - Removedonce@1.4.0(transitive)

• - Removedpath-is-absolute@1.0.1(transitive)

• - Removedpicomatch@2.3.1(transitive)

• - Removedreadable-stream@3.6.2(transitive)

• - Removedregexparam@2.0.2(transitive)

• - Removedresolve-from@5.0.0(transitive)

• - Removedrimraf@3.0.2(transitive)

• - Removedsafe-buffer@5.2.1(transitive)

• - Removedsemver@6.3.17.6.2(transitive)

• - Removedset-blocking@2.0.0(transitive)

• - Removedset-cookie-parser@2.6.0(transitive)

• - Removedsignal-exit@3.0.7(transitive)

• - Removedstring-width@4.2.3(transitive)

• - Removedstring_decoder@1.3.0(transitive)

• - Removedstrip-ansi@6.0.1(transitive)

• - Removedtar@6.2.1(transitive)

• - Removedto-regex-range@5.0.1(transitive)

• - Removedtr46@0.0.3(transitive)

• - Removedutil-deprecate@1.0.2(transitive)

• - Removedwebidl-conversions@3.0.1(transitive)

• - Removedwhatwg-url@5.0.0(transitive)

• - Removedwide-align@1.1.5(transitive)

• - Removedworktop@0.8.0-next.14(transitive)

• - Removedwrappy@1.0.2(transitive)

• - Removedyallist@4.0.0(transitive)