@vaadin/vaadin-usage-statistics - npm Package Compare versions

Comparing version 2.0.4 to 2.0.5

check.js

 var fs = require('fs');
 
 const disabledForMachine = process.env.npm_package_config_disabled;
+const greetingLogged = process.env.npm_package_config_greeting_logged;
+const optoutLogged = process.env.npm_package_config_optout_logged;
+
 let disabledForProject = false;
@@ -15,15 +18,7 @@
   if (disabledForMachine) {
-    console.log(`
+    !optoutLogged && console.log(`
     You have disabled Vaadin development time usage statistics collection. To re-enable, run:
     npm explore @vaadin/vaadin-usage-statistics -- npm run enable
     For more details, see https://github.com/vaadin/vaadin-usage-statistics
-`);
-  } else {
-    console.log(`
-    You have disabled Vaadin development time usage statistics collection. To re-enable, remove:
-    "vaadin": { "disableUsageStatistics": true }
-    from the project package.json
-
-    For more details, see https://github.com/vaadin/vaadin-usage-statistics
-`);
+  `);
   }
@@ -37,3 +32,3 @@ try {
 } else {
-  console.log(`
+  !greetingLogged && console.log(`
     Vaadin collects development time usage statistics to improve this product. To opt-out, either run:
@@ -40,0 +35,0 @@ npm explore @vaadin/vaadin-usage-statistics -- npm run disable

package.json

@@ -6,3 +6,3 @@ {
   "name": "@vaadin/vaadin-usage-statistics",
-  "version": "2.0.4",
+  "version": "2.0.5",
   "directories": {
@@ -31,5 +31,5 @@ "test": "test"
 "scripts": {
-"postinstall": "node check.js",
-"disable": "npm config set @vaadin/vaadin-usage-statistics:disabled true && npm run postinstall",
-"enable": "npm config set @vaadin/vaadin-usage-statistics:disabled false && npm run postinstall"
+"postinstall": "node check.js && npm config set @vaadin/vaadin-usage-statistics:greeting-logged true",
+"disable": "npm config set @vaadin/vaadin-usage-statistics:disabled true && npm run postinstall && npm config set @vaadin/vaadin-usage-statistics:optout-logged true",
+"enable": "npm config set @vaadin/vaadin-usage-statistics:disabled false && npm config set @vaadin/vaadin-usage-statistics:greeting-logged false && npm config set @vaadin/vaadin-usage-statistics:optout-logged false && npm run postinstall"
 },
@@ -36,0 +36,0 @@ "bugs": {

New alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Fixed alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

32379

increased by0.52%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Lines of code

501

decreased by-0.99%

Number of low supply chain risk alerts

5

increased by66.67%

No dependency changes