New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@transloadit/prd
Advanced tools
@transloadit/prd - npm Package Compare versions
Comparing version 0.0.2 to 0.0.3
| { | ||
| "name": "@transloadit/prd", | ||
| "license": "AGPL-3.0-only", | ||
| "version": "0.0.2", | ||
| "version": "0.0.3", | ||
| "private": false, | ||
@@ -18,3 +18,3 @@ "publishConfig": { | ||
| }, | ||
| "gitHead": "9acfa3e18cb4367f61d21835565c7d4740ec6a2e" | ||
| "gitHead": "4df1d893c5fb8ea9ca4e855ca5f58a9be9dee606" | ||
| } |
17
prd.js
| const pr = require('@transloadit/pr') | ||
| function areWeTestingWithJest () { | ||
| return process.env.JEST_WORKER_ID !== undefined | ||
| } | ||
| module.exports = function prd (...args) { | ||
| const ret = pr(...args) | ||
| const err = new Error('Halt via prd') | ||
| const exitCode = 1 | ||
| pr(...args) | ||
| const err = new Error('Halt via prd') | ||
| console.error(err) | ||
| if (!areWeTestingWithJest) { | ||
| process.exit(exitCode) | ||
| } else { | ||
| ret.push({ exitCode }) | ||
| } | ||
| return ret | ||
| process.exit(1) | ||
| } |
@@ -5,4 +5,9 @@ const prd = require('./prd') | ||
| test('main', async () => { | ||
| expect(prd('foo')).toStrictEqual(['foo', { exitCode: 1 }]) | ||
| const mockExit = jest.spyOn(process, 'exit').mockImplementation(() => {}) | ||
| jest.spyOn(console, 'error').mockImplementation((e) => { | ||
| expect(e.message).toStrictEqual('Halt via prd') | ||
| }) | ||
| prd('foo') | ||
| expect(mockExit).toHaveBeenCalledWith(1) | ||
| }) | ||
| }) |
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-0.08%
35833
- Lines of code
- decreased by-18.18%
18
No dependency changes