@travetto/base - npm Package Compare versions

Comparing version 0.0.87 to 0.0.88

bin/travetto.js

@@ -10,3 +10,8 @@ #!/usr/bin/env node
 
-const CACHE_DIR = (process.env.TS_CACHE_DIR = process.env.TS_CACHE_DIR || `${process.cwd()}/build`);
+if (!process.env.TS_CACHE_DIR) {
+  process.env.TS_CACHE_NAME = 'build'
+  process.env.TS_CACHE_DIR = `${process.cwd()}/${TS_CACHE_NAME}`;
+}
+
+const CACHE_DIR = process.env.TS_CACHE_DIR;
 const CACHE_SEP = (process.env.TS_CACHE_SEP = process.env.TS_CACHE_SEP || `~`);
@@ -13,0 +18,0 @@ const CACHE_SEP_RE = new RegExp(CACHE_SEP, 'g');

package.json

@@ -22,3 +22,3 @@ {
   "scripts": {}, 
-  "version": "0.0.87"
+  "version": "0.0.88"
 }

src/scan-app.ts

@@ -6,2 +6,4 @@ import * as fs from 'fs';
 
+const CACHE_NAME = process.env.TS_CACHE_NAME;
+
 export function findAppFilesByExt(ext: string) {
@@ -12,3 +14,3 @@ if (!cache[ext]) {
       testDir: x => {
-        return x !== 'build' &&
+        return (!CACHE_NAME || x !== CACHE_NAME) &&
           (!x.includes('node_modules') || (
@@ -15,0 +17,0 @@ x.endsWith('node_modules') ||

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

32219

increased by0.47%

Lines of code

960

increased by0.52%

Worsened metrics

Number of low supply chain risk alerts

8

increased by33.33%

No dependency changes