about-this-app
Advanced tools
Comparing version 1.1.0 to 1.1.1
10
index.js
@@ -7,3 +7,2 @@ // @flow | ||
const readPkgUp = require('read-pkg-up'); | ||
const _ = require('lodash'); | ||
@@ -17,4 +16,11 @@ const { path: packageJson, pkg } = readPkgUp.sync({ | ||
const has = (obj, path) => { | ||
// Regex explained: https://regexr.com/58j0k | ||
const pathArray = Array.isArray(path) ? path : path.match(/([^[.\]])+/g); | ||
return !!pathArray.reduce((prevObj, key) => prevObj && prevObj[key], obj); | ||
}; | ||
const hasFile = (f /*: string */) => fs.existsSync(resolve(f)); | ||
const hasPkgProp = props => arrify(props).some(prop => _.has(pkg, prop)); | ||
const hasPkgProp = props => arrify(props).some(prop => has(pkg, prop)); | ||
@@ -21,0 +27,0 @@ const hasPkgSubProp = (pkgProp /*: string */) => (...props /*: string[] */) => |
{ | ||
"name": "about-this-app", | ||
"version": "1.1.0", | ||
"version": "1.1.1", | ||
"description": "Utility functions to query package.json", | ||
"author": "Felix Gnass <fgnass@cellular.de>", | ||
"repository": "fgnass/about-this-app", | ||
"repository": "cellular/about-this-app", | ||
"license": "MIT", | ||
@@ -17,3 +17,2 @@ "main": "index.js", | ||
"arrify": "^1.0.1", | ||
"lodash": "^4.17.5", | ||
"read-pkg-up": "^3.0.0" | ||
@@ -23,3 +22,3 @@ }, | ||
"eslint": "^4.17.0", | ||
"eslint-config-cellular": "^1.0.0", | ||
"eslint-config-cellular": "^2.0.1", | ||
"flow-bin": "^0.65.0", | ||
@@ -26,0 +25,0 @@ "jest": "^22.2.1" |
# about-this-app | ||
[![Build Status](https://travis-ci.org/fgnass/about-this-app.svg?branch=master)](https://travis-ci.org/fgnass/about-this-app) | ||
[![Greenkeeper badge](https://badges.greenkeeper.io/cellular/about-this-app.svg)](https://greenkeeper.io/) | ||
[![Build Status](https://travis-ci.org/cellular/about-this-app.svg?branch=master)](https://travis-ci.org/cellular/about-this-app) | ||
Utility functions to query a project's package.json file. | ||
@@ -6,0 +8,0 @@ |
Sorry, the diff of this file is not supported yet
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
4979
2
8
83
53
4
1
- Removedlodash@^4.17.5
- Removedlodash@4.17.21(transitive)