You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
angular-server-side-configuration
Advanced tools
angular-server-side-configuration - npm Package Compare versions
Comparing version 10.1.0 to 10.2.0
@@ -5,2 +5,9 @@ # Changelog | ||
| ## [10.2.0](https://github.com/kyubisation/angular-server-side-configuration/compare/v10.1.0...v10.2.0) (2020-10-25) | ||
| ### Features | ||
| * update download url of Dockerfiles if available ([368e5eb](https://github.com/kyubisation/angular-server-side-configuration/commit/368e5eba3a6f23ef13ca47ad32c0cc30be8e54f4)) | ||
| ## [10.1.0](https://github.com/kyubisation/angular-server-side-configuration/compare/v10.0.1...v10.1.0) (2020-10-18) | ||
@@ -7,0 +14,0 @@ |
| { | ||
| "name": "angular-server-side-configuration", | ||
| "version": "10.1.0", | ||
| "version": "10.2.0", | ||
| "description": "Configure an angular application on the server", | ||
@@ -20,3 +20,4 @@ "builders": "./builders/builders.json", | ||
| "lint": "tslint -p tsconfig.json", | ||
| "release": "standard-version" | ||
| "release": "standard-version", | ||
| "prepack": "node scripts/patch-dockerfile-migration-version.js" | ||
| }, | ||
@@ -55,20 +56,20 @@ "main": "./src/main.js", | ||
| "@angular-devkit/schematics": "^10.0.0", | ||
| "@rollup/plugin-commonjs": "^13.0.0", | ||
| "@rollup/plugin-node-resolve": "^8.1.0", | ||
| "@rollup/plugin-commonjs": "^15.1.0", | ||
| "@rollup/plugin-node-resolve": "^9.0.0", | ||
| "@schematics/angular": "^10.0.0", | ||
| "@types/glob-to-regexp": "^0.4.0", | ||
| "@types/jest": "^26.0.3", | ||
| "@types/jest": "^26.0.15", | ||
| "@types/node": "^12.0.0", | ||
| "@types/rimraf": "^3.0.0", | ||
| "@wessberg/rollup-plugin-ts": "^1.2.27", | ||
| "@wessberg/rollup-plugin-ts": "^1.3.6", | ||
| "glob-to-regexp": "^0.4.1", | ||
| "jest": "^26.1.0", | ||
| "jest-junit": "^11.0.1", | ||
| "jest": "^26.6.1", | ||
| "jest-junit": "^12.0.0", | ||
| "npm-run-all": "^4.1.5", | ||
| "rimraf": "^3.0.2", | ||
| "rollup": "^2.19.0", | ||
| "standard-version": "^8.0.0", | ||
| "ts-jest": "^26.1.1", | ||
| "ts-node": "^8.10.2", | ||
| "tslint": "^6.1.2", | ||
| "rollup": "^2.32.1", | ||
| "standard-version": "^9.0.0", | ||
| "ts-jest": "^26.4.2", | ||
| "ts-node": "^9.0.0", | ||
| "tslint": "^6.1.3", | ||
| "typescript": "~3.9.6" | ||
@@ -75,0 +76,0 @@ }, |
@@ -171,3 +171,3 @@ # angular-server-side-configuration | ||
| FROM nginx:alpine | ||
| ADD https://github.com/kyubisation/angular-server-side-configuration/releases/download/v9.0.1/ngssc_64bit /usr/sbin/ngssc | ||
| ADD https://github.com/kyubisation/angular-server-side-configuration/releases/download/v10.2.0/ngssc_64bit /usr/sbin/ngssc | ||
| RUN chmod +x /usr/sbin/ngssc | ||
@@ -174,0 +174,0 @@ COPY dist /usr/share/nginx/html |
@@ -13,4 +13,9 @@ { | ||
| "factory": "./ng-update/index#updateToV9" | ||
| }, | ||
| "dockerfile": { | ||
| "version": "10.2.0", | ||
| "description": "Updates the download url for ngssc", | ||
| "factory": "./ng-update/index#dockerfile" | ||
| } | ||
| } | ||
| } |
| import { Rule } from '@angular-devkit/schematics'; | ||
| declare function updateToV8(): Rule; | ||
| declare function updateToV9(): Rule; | ||
| export { updateToV8, updateToV9 }; | ||
| declare function dockerfile(): Rule; | ||
| export { updateToV8, updateToV9, dockerfile }; |
@@ -5,5 +5,5 @@ 'use strict'; | ||
| var core = require('@angular-devkit/core'); | ||
| var schematics = require('@angular-devkit/schematics'); | ||
| var config = require('@schematics/angular/utility/config'); | ||
| var core = require('@angular-devkit/core'); | ||
| var change = require('@schematics/angular/utility/change'); | ||
@@ -176,2 +176,16 @@ | ||
| } | ||
| function dockerfile() { | ||
| return (tree) => { | ||
| const downloadUrlRegex = /https:\/\/github.com\/kyubisation\/angular-server-side-configuration\/releases\/download\/v((0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)/; | ||
| const version = require('../../package.json').version; | ||
| tree.visit((path, entry) => { | ||
| if (core.basename(path).indexOf('Dockerfile') >= 0 && entry && entry.content.toString().match(downloadUrlRegex)) { | ||
| const content = entry.content | ||
| .toString() | ||
| .replace(new RegExp(downloadUrlRegex.source, 'g'), `https://github.com/kyubisation/angular-server-side-configuration/releases/download/v${version}`); | ||
| tree.overwrite(path, content); | ||
| } | ||
| }); | ||
| }; | ||
| } | ||
| function tryReadNgsscJson(tree) { | ||
@@ -228,3 +242,4 @@ const ngssc = tree.read(NGSSC_JSON_PATH); | ||
| exports.dockerfile = dockerfile; | ||
| exports.updateToV8 = updateToV8; | ||
| exports.updateToV9 = updateToV9; |
New alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
79324
3.35%- Number of package files
27
3.85%- Lines of code
1300
2.85%Worsened metrics
- Number of low supply chain risk alerts
11
57.14%No dependency changes