New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@tangible/roller

Package Overview
Dependencies
Maintainers
3
Versions
68
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@tangible/roller - npm Package Compare versions

Comparing version
2.1.1
 to
2.1.2
+2
-1
commands/archive.js

@@ -86,3 +86,4 @@ /**

console.log('Files to archive:', files)
console.log('Files to archive:')
console.log(files.join('\n'))

@@ -89,0 +90,0 @@ console.log('Archive file:', dest)

+22
-12
commands/install.js

@@ -54,2 +54,20 @@ import path from 'path'

// Fallback to HTTPS instead of Git/SSH protocol
const fallbackGit = git.replace('git@github.com:', 'https://github.com/')
async function runWithFallback(command) {
const options = {
cwd: targetPath,
}
try {
console.log(command)
await run(command, options)
} catch (e) {
console.log('Git did\'t work with SSH protocol. Trying fallback with HTTPS.')
const fallbackCommand = command.replace(git, fallbackGit)
console.log(fallbackCommand)
await run(fallbackCommand, options)
}
}
if (await fileExists(targetPath)) {

@@ -62,15 +80,7 @@ if (!shouldUpdate) {

const command = `git pull --ff-only ${git} ${branch}`
console.log(command)
await run(command, {
cwd: targetPath,
})
await runWithFallback(`git pull --ff-only ${git} ${branch}`)
} else {
const command = `git clone --recursive --depth 1 --single-branch --branch ${branch} ${git} ${folderName || slug}`
console.log(command)
await run(command, {
cwd: parentPath,
})
await runWithFallback(
`git clone --recursive --depth 1 --single-branch --branch ${branch} ${git} ${folderName || slug}`,
)
}

@@ -77,0 +87,0 @@ 

+1
-1
package.json
{
"name": "@tangible/roller",
"type": "module",
"version": "2.1.1",
"version": "2.1.2",
"description": "Build project assets using Rollup and ESBuild",

@@ -6,0 +6,0 @@ "homepage": "https://github.com/tangibleinc/tangible-roller",