agoric - npm Package Compare versions
Comparing version 0.13.22-dev-d667e9f.0 to 0.13.22-dev-d8aa4d6.0
| { | ||
| "name": "agoric", | ||
| "version": "0.13.22-dev-d667e9f.0+d667e9f", | ||
| "version": "0.13.22-dev-d8aa4d6.0+d8aa4d6", | ||
| "description": "Manage the Agoric Javascript smart contract platform", | ||
| "type": "module", | ||
| "main": "src/main.js", | ||
| "bin": "bin/agoric", | ||
| "bin": "src/entrypoint.js", | ||
| "files": [ | ||
| "lib", | ||
| "src", | ||
| "exported.js" | ||
| ], | ||
| "scripts": { | ||
| "build": "exit 0", | ||
| "build": "./scripts/get-sdk-package-names.js > src/sdk-package-names.js", | ||
| "test": "ava", | ||
@@ -25,3 +25,3 @@ "test:c8": "c8 $C8_OPTIONS ava --config=ava-nesm.config.js", | ||
| "devDependencies": { | ||
| "@agoric/swingset-vat": "0.24.2-dev-d667e9f.0+d667e9f", | ||
| "@agoric/swingset-vat": "0.24.2-dev-d8aa4d6.0+d8aa4d6", | ||
| "ava": "^3.12.1", | ||
@@ -32,10 +32,10 @@ "c8": "^7.7.2", | ||
| "dependencies": { | ||
| "@agoric/access-token": "0.4.17-dev-d667e9f.0+d667e9f", | ||
| "@agoric/assert": "0.3.16-dev-d667e9f.0+d667e9f", | ||
| "@agoric/bundle-source": "2.0.2-dev-d667e9f.0+d667e9f", | ||
| "@agoric/captp": "1.10.9-dev-d667e9f.0+d667e9f", | ||
| "@agoric/install-ses": "0.5.30-dev-d667e9f.0+d667e9f", | ||
| "@agoric/access-token": "0.4.17-dev-d8aa4d6.0+d8aa4d6", | ||
| "@agoric/assert": "0.3.16-dev-d8aa4d6.0+d8aa4d6", | ||
| "@agoric/bundle-source": "2.0.2-dev-d8aa4d6.0+d8aa4d6", | ||
| "@agoric/captp": "1.10.9-dev-d8aa4d6.0+d8aa4d6", | ||
| "@agoric/install-ses": "0.5.30-dev-d8aa4d6.0+d8aa4d6", | ||
| "@agoric/nat": "^4.1.0", | ||
| "@agoric/promise-kit": "0.2.30-dev-d667e9f.0+d667e9f", | ||
| "@endo/compartment-mapper": "^0.5.3", | ||
| "@agoric/promise-kit": "0.2.30-dev-d8aa4d6.0+d8aa4d6", | ||
| "@endo/compartment-mapper": "^0.6.1", | ||
| "@iarna/toml": "^2.2.3", | ||
@@ -77,3 +77,3 @@ "anylogger": "^0.21.0", | ||
| }, | ||
| "gitHead": "d667e9f83a9ada0a4ec0ddb39096e3f64cc57a5b" | ||
| "gitHead": "d8aa4d616caef9d1aada125fbf5fddff53b6d121" | ||
| } |
@@ -14,3 +14,3 @@ /* global process */ | ||
| const DEFAULT_DAPP_TEMPLATE = 'dapp-fungible-faucet'; | ||
| const DEFAULT_DAPP_URL_BASE = 'git://github.com/Agoric/'; | ||
| const DEFAULT_DAPP_URL_BASE = 'https://github.com/Agoric/'; | ||
| const DEFAULT_DAPP_BRANCH = undefined; | ||
@@ -56,8 +56,4 @@ | ||
| .option('--no-sdk', 'do not use the Agoric SDK containing this program') | ||
| .option('--docker-tag <tag>', 'image tag to use for Docker containers') | ||
| .option( | ||
| '--docker-tag <tag>', | ||
| 'image tag to use for Docker containers', | ||
| 'latest', | ||
| ) | ||
| .option( | ||
| '-v, --verbose', | ||
@@ -169,35 +165,59 @@ 'verbosity that can be increased', | ||
| const addRunOptions = cmd => | ||
| cmd | ||
| .option( | ||
| '--allow-unsafe-plugins', | ||
| `CAREFUL: installed Agoric VM plugins will also have all your user's privileges`, | ||
| false, | ||
| ) | ||
| .option( | ||
| '--hostport <host:port>', | ||
| 'host and port to connect to VM', | ||
| '127.0.0.1:8000', | ||
| ) | ||
| .option( | ||
| '--need <subsystems>', | ||
| 'comma-separated names of subsystems to wait for', | ||
| 'local,agoric,wallet', | ||
| ) | ||
| .option( | ||
| '--provide <subsystems>', | ||
| 'comma-separated names of subsystems this script initializes', | ||
| '', | ||
| ); | ||
| addRunOptions( | ||
| program | ||
| .command('run <script> [script-args...]') | ||
| .description( | ||
| 'run a script with all your user privileges against the local Agoric VM', | ||
| ), | ||
| ).action(async (script, scriptArgs, cmd) => { | ||
| const opts = { ...program.opts(), ...cmd.opts(), scriptArgs }; | ||
| return subMain(deployMain, ['run', script], opts); | ||
| }); | ||
| addRunOptions( | ||
| program | ||
| .command('deploy [script...]') | ||
| .description( | ||
| 'run multiple scripts with all your user privileges against the local Agoric VM', | ||
| ), | ||
| ).action(async (scripts, cmd) => { | ||
| const opts = { ...program.opts(), ...cmd.opts() }; | ||
| return subMain(deployMain, ['deploy', ...scripts], opts); | ||
| }); | ||
| program | ||
| .command('deploy [script...]') | ||
| .command('start [profile] [args...]') | ||
| .description( | ||
| 'run a deployment script with all your user privileges against the local Agoric VM', | ||
| `\ | ||
| start an Agoric VM | ||
| agoric start - runs the default profile (dev) | ||
| agoric start dev -- [initArgs] - simulated chain and solo VM | ||
| agoric start local-chain [portNum] -- [initArgs] - local chain | ||
| agoric start local-solo [portNum] [provisionPowers] - local solo VM | ||
| `, | ||
| ) | ||
| .option( | ||
| '--allow-unsafe-plugins', | ||
| `CAREFUL: installed Agoric VM plugins will also have all your user's privileges`, | ||
| false, | ||
| ) | ||
| .option( | ||
| '--hostport <host:port>', | ||
| 'host and port to connect to VM', | ||
| '127.0.0.1:8000', | ||
| ) | ||
| .option( | ||
| '--need <subsystems>', | ||
| 'comma-separated names of subsystems to wait for', | ||
| 'local,agoric,wallet', | ||
| ) | ||
| .option( | ||
| '--provide <subsystems>', | ||
| 'comma-separated names of subsystems this script initializes', | ||
| '', | ||
| ) | ||
| .action(async (scripts, cmd) => { | ||
| const opts = { ...program.opts(), ...cmd.opts() }; | ||
| return subMain(deployMain, ['deploy', ...scripts], opts); | ||
| }); | ||
| program | ||
| .command('start [profile] [args...]') | ||
| .description('run an Agoric VM') | ||
| .option('-d, --debug', 'run in JS debugger mode') | ||
@@ -207,2 +227,3 @@ .option('--reset', 'clear all VM state before starting') | ||
| .option('--pull', 'for Docker-based VM, pull the image before running') | ||
| .option('--rebuild', 'rebuild VM dependencies before running') | ||
| .option( | ||
@@ -209,0 +230,0 @@ '--delay [seconds]', |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 9 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by117.61%
118212
- Number of package files
- increased by240%
17
- Lines of code
- increased by848.23%
2143
Worsened metrics
- Number of low supply chain risk alerts
- increased byInfinity%
14
- Number of medium supply chain risk alerts
- increased by100%
4
Dependency changes
+ Added@endo/compartment-mapper@0.6.7(transitive)
- Removed@endo/compartment-mapper@0.5.6(transitive)