app-builder-bin - npm Package Compare versions

Comparing version 1.3.1 to 1.3.2

index.js

 "use strict"
 
+import {spawn as _spawn} from "child_process";
+
 const path = require("path")
@@ -17,1 +19,53 @@
 exports.appBuilderPath = process.env.USE_SYSTEM_APP_BUILDER === "true" ? "app-builder" : require(`app-builder-bin-${suffix}`).appBuilderPath
+
+exports.execute = function (command, args) {
+  return new Promise((resolve, reject) => {
+    let env = getProcessEnv(null)
+    if (options.stdio == null) {
+      const isDebugEnabled = extraOptions == null || extraOptions.isDebugEnabled == null ? debug.enabled : extraOptions.isDebugEnabled
+      // do not ignore stdout/stderr if not debug, because in this case we will read into buffer and print on error
+      options.stdio = [extraOptions != null && extraOptions.isPipeInput ? "pipe" : "ignore", isDebugEnabled ? "inherit" : "pipe", isDebugEnabled ? "inherit" : "pipe"]
+    }
+
+    // use general debug.enabled to log spawn, because it doesn't produce a lot of output (the only line), but important in any case
+    if (log.isDebugEnabled) {
+      const argsString = args.join(" ")
+      const logFields: any = {
+        command,
+        args: command === "docker" ? argsString : removePassword(argsString),
+      }
+      if (options != null && options.cwd != null) {
+        logFields.cwd = options.cwd
+      }
+      log.debug(logFields, "spawning")
+    }
+
+    try {
+      return _spawn(command, args, options)
+    }
+    catch (e) {
+      throw new Error(`Cannot spawn ${command}: ${e.stack || e}`)
+    }
+
+
+    handleProcess("close", doSpawn(command, args || [], options, extraOptions), command, isCollectOutput, resolve, reject)
+  })
+}
+
+function getProcessEnv(env) {
+  if (process.platform === "win32") {
+    return env
+  }
+
+  const finalEnv = {
+    ...(env || process.env)
+  }
+
+  // without LC_CTYPE dpkg can returns encoded unicode symbols
+  // set LC_CTYPE to avoid crash https://github.com/electron-userland/electron-builder/issues/503 Even "en_DE.UTF-8" leads to error.
+  const locale = process.platform === "linux" ? (process.env.LANG || "C.UTF-8") : "en_US.UTF-8"
+  finalEnv.LANG = locale
+  finalEnv.LC_CTYPE = locale
+  finalEnv.LC_ALL = locale
+  return finalEnv
+}

package.json

 {
   "name": "app-builder-bin",
   "description": "app-builder precompiled binaries",
-  "version": "1.3.1",
+  "version": "1.3.2",
   "files": [
@@ -12,5 +12,5 @@ "*.js",
   "optionalDependencies": {
-    "app-builder-bin-mac": "1.3.1",
-    "app-builder-bin-win": "1.3.1",
-    "app-builder-bin-linux": "1.3.1"
+    "app-builder-bin-mac": "1.3.2",
+    "app-builder-bin-win": "1.3.2",
+    "app-builder-bin-linux": "1.3.2"
   },
@@ -17,0 +17,0 @@ "keywords": [

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

5241

increased by58%

Lines of code

56

increased by366.67%

Worsened metrics

Number of low supply chain risk alerts

5

increased by66.67%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes