@travetto/boot - npm Package Compare versions

Comparing version 0.6.4 to 0.6.5

bin/postinstall.js

 const fs = require('fs');
 
+const root = process.env.INIT_CWD || process.cwd();
+
 ['tsconfig.json', 'tslint.json']
-  .filter(f => !fs.existsSync(`${process.cwd()}/${f}`))
+  .filter(f => !fs.existsSync(`${root}/${f}`))
   .forEach(f => {
     const conf = JSON.stringify({ extends: `./node_modules/@travetto/boot/${f}` });
-    fs.writeFileSync(`${process.cwd()}/${f}`, conf);
+    fs.writeFileSync(`${root}/${f}`, conf);
   });
@@ -9,0 +11,0 @@

package.json

@@ -45,3 +45,3 @@ {
   },
-  "version": "0.6.4"
+  "version": "0.6.5"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

39559

increased by0.09%

Lines of code

508

increased by0.2%

Worsened metrics

Number of low supply chain risk alerts

13

increased by8.33%

No dependency changes