can-npm-publish
Advanced tools
can-npm-publish - npm Package Compare versions
Comparing version 1.3.3 to 1.3.4
@@ -39,3 +39,3 @@ #!/usr/bin/env node | ||
| }) | ||
| .catch(error => { | ||
| .catch((error) => { | ||
| if (cli.flags.verbose) { | ||
@@ -42,0 +42,0 @@ console.error(error.message); |
| // MIT © 2018 azu | ||
| "use strict"; | ||
| const path = require("path"); | ||
| const spawn = require("cross-spawn"); | ||
@@ -7,2 +8,17 @@ const readPkg = require("read-pkg"); | ||
| /** | ||
| * @param {string} [filePathOrDirPath] | ||
| * @returns {Promise<readPkg.NormalizedPackageJson>} | ||
| */ | ||
| const readPkgWithPath = (filePathOrDirPath) => { | ||
| if (filePathOrDirPath) { | ||
| const isJSON = path.extname(filePathOrDirPath) === ".json"; | ||
| if (isJSON) { | ||
| return Promise.resolve(require(filePathOrDirPath)); | ||
| } | ||
| return readPkg({ cwd: filePathOrDirPath }); | ||
| } else { | ||
| return readPkg(); | ||
| } | ||
| }; | ||
| /** | ||
| * Return rejected promise if the package name is invalid | ||
@@ -14,3 +30,3 @@ * @param {string} packagePath | ||
| const checkPkgName = (packagePath, options) => { | ||
| return readPkg(packagePath).then(pkg => { | ||
| return readPkgWithPath(packagePath).then((pkg) => { | ||
| const name = pkg["name"]; | ||
@@ -39,4 +55,4 @@ const result = validatePkgName(name); | ||
| */ | ||
| const checkPrivateField = packagePath => { | ||
| return readPkg(packagePath).then(pkg => { | ||
| const checkPrivateField = (packagePath) => { | ||
| return readPkgWithPath(packagePath).then((pkg) => { | ||
| if (pkg["private"] === true) { | ||
@@ -62,11 +78,14 @@ return Promise.reject(new Error("This package is private.")); | ||
| view.stdout.on("data", data => { | ||
| view.stdout.on("data", (data) => { | ||
| result += data.toString(); | ||
| }); | ||
| view.stderr.on("data", err => { | ||
| view.stderr.on("data", (err) => { | ||
| errorResult += err.toString(); | ||
| }); | ||
| view.on("close", code => { | ||
| view.on("close", (code) => { | ||
| if (code !== 0) { | ||
| return reject(new Error(errorResult)); | ||
| } | ||
| const resultJSON = JSON.parse(result); | ||
@@ -82,3 +101,3 @@ if (resultJSON && resultJSON.error) { | ||
| } | ||
| resolve(JSON.parse(result)); | ||
| resolve(resultJSON); | ||
| }); | ||
@@ -88,4 +107,4 @@ }); | ||
| const checkAlreadyPublish = packagePath => { | ||
| return readPkg(packagePath).then(pkg => { | ||
| const checkAlreadyPublish = (packagePath) => { | ||
| return readPkgWithPath(packagePath).then((pkg) => { | ||
| const name = pkg["name"]; | ||
@@ -101,3 +120,3 @@ const version = pkg["version"]; | ||
| } | ||
| return viewPackage(name, registry).then(versions => { | ||
| return viewPackage(name, registry).then((versions) => { | ||
| if (versions.includes(version)) { | ||
@@ -104,0 +123,0 @@ return Promise.reject(new Error(`${name}@${version} is already published`)); |
| { | ||
| "name": "can-npm-publish", | ||
| "version": "1.3.3", | ||
| "version": "1.3.4", | ||
| "description": "A command line tool that check to see if `npm publish` is possible.", | ||
@@ -35,17 +35,17 @@ "keywords": [ | ||
| "test": "mocha test", | ||
| "prettier": "prettier --write \"**/*.{js,jsx,ts,tsx,css}\"", | ||
| "precommit": "lint-staged", | ||
| "postcommit": "git reset" | ||
| "postcommit": "git reset", | ||
| "format": "prettier --write \"**/*.{js,jsx,ts,tsx,css}\"", | ||
| "prepare": "git config --local core.hooksPath .githooks" | ||
| }, | ||
| "dependencies": { | ||
| "cross-spawn": "^6.0.5", | ||
| "meow": "^4.0.0", | ||
| "read-pkg": "^3.0.0", | ||
| "cross-spawn": "^7.0.3", | ||
| "meow": "^9.0.0", | ||
| "read-pkg": "^5.0.0", | ||
| "validate-npm-package-name": "^3.0.0" | ||
| }, | ||
| "devDependencies": { | ||
| "husky": "^0.14.3", | ||
| "lint-staged": "^6.0.1", | ||
| "mocha": "^5.0.0", | ||
| "prettier": "^1.10.2" | ||
| "lint-staged": "^11.0.0", | ||
| "mocha": "^9.0.0", | ||
| "prettier": "^2.3.1" | ||
| }, | ||
@@ -55,10 +55,10 @@ "prettier": { | ||
| "printWidth": 120, | ||
| "tabWidth": 4 | ||
| "tabWidth": 4, | ||
| "trailingComma": "none" | ||
| }, | ||
| "lint-staged": { | ||
| "*.{js,jsx,ts,tsx,css}": [ | ||
| "prettier --write", | ||
| "git add" | ||
| "prettier --write" | ||
| ] | ||
| } | ||
| } |
@@ -1,2 +0,2 @@ | ||
| # can-npm-publish [](https://travis-ci.org/azu/can-npm-publish) | ||
| # can-npm-publish [](https://github.com/azu/can-npm-publish/actions?query=workflow%3A"test") | ||
@@ -3,0 +3,0 @@ A command line tool that check to see if `npm publish` is possible. |
New alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by7.29%
10248
- Dev dependency count
- decreased by-25%
3
- Lines of code
- increased by12.58%
170
Worsened metrics
- Number of low supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Added@babel/code-frame@7.26.2(transitive)
+ Added@babel/helper-validator-identifier@7.25.9(transitive)
+ Added@types/minimist@1.2.5(transitive)
+ Added@types/normalize-package-data@2.4.4(transitive)
+ Addedcamelcase@5.3.1(transitive)
+ Addedcamelcase-keys@6.2.2(transitive)
+ Addedcross-spawn@7.0.6(transitive)
+ Addedfind-up@4.1.0(transitive)
+ Addedhard-rejection@2.1.0(transitive)
+ Addedhosted-git-info@4.1.0(transitive)
+ Addedindent-string@4.0.0(transitive)
+ Addedjs-tokens@4.0.0(transitive)
+ Addedjson-parse-even-better-errors@2.3.1(transitive)
+ Addedkind-of@6.0.3(transitive)
+ Addedlines-and-columns@1.2.4(transitive)
+ Addedlocate-path@5.0.0(transitive)
+ Addedlru-cache@6.0.0(transitive)
+ Addedmap-obj@4.3.0(transitive)
+ Addedmeow@9.0.0(transitive)
+ Addedmin-indent@1.0.1(transitive)
+ Addedminimist-options@4.1.0(transitive)
+ Addednormalize-package-data@3.0.3(transitive)
+ Addedp-limit@2.3.0(transitive)
+ Addedp-locate@4.1.0(transitive)
+ Addedp-try@2.2.0(transitive)
+ Addedparse-json@5.2.0(transitive)
+ Addedpath-exists@4.0.0(transitive)
+ Addedpath-key@3.1.1(transitive)
+ Addedpicocolors@1.1.1(transitive)
+ Addedquick-lru@4.0.1(transitive)
+ Addedread-pkg@5.2.0(transitive)
+ Addedread-pkg-up@7.0.1(transitive)
+ Addedredent@3.0.0(transitive)
+ Addedsemver@7.6.3(transitive)
+ Addedshebang-command@2.0.0(transitive)
+ Addedshebang-regex@3.0.0(transitive)
+ Addedstrip-indent@3.0.0(transitive)
+ Addedtrim-newlines@3.0.1(transitive)
+ Addedtype-fest@0.18.10.6.00.8.1(transitive)
+ Addedwhich@2.0.2(transitive)
+ Addedyallist@4.0.0(transitive)
+ Addedyargs-parser@20.2.9(transitive)
- Removedarray-find-index@1.0.2(transitive)
- Removedcamelcase@4.1.0(transitive)
- Removedcamelcase-keys@4.2.0(transitive)
- Removedcross-spawn@6.0.6(transitive)
- Removedcurrently-unhandled@0.4.1(transitive)
- Removedfind-up@2.1.0(transitive)
- Removedgraceful-fs@4.2.11(transitive)
- Removedindent-string@3.2.0(transitive)
- Removedjson-parse-better-errors@1.0.2(transitive)
- Removedload-json-file@4.0.0(transitive)
- Removedlocate-path@2.0.0(transitive)
- Removedloud-rejection@1.6.0(transitive)
- Removedmap-obj@2.0.0(transitive)
- Removedmeow@4.0.1(transitive)
- Removedminimist@1.2.8(transitive)
- Removedminimist-options@3.0.2(transitive)
- Removednice-try@1.0.5(transitive)
- Removedp-limit@1.3.0(transitive)
- Removedp-locate@2.0.0(transitive)
- Removedp-try@1.0.0(transitive)
- Removedparse-json@4.0.0(transitive)
- Removedpath-exists@3.0.0(transitive)
- Removedpath-key@2.0.1(transitive)
- Removedpath-type@3.0.0(transitive)
- Removedpify@3.0.0(transitive)
- Removedquick-lru@1.1.0(transitive)
- Removedread-pkg@3.0.0(transitive)
- Removedread-pkg-up@3.0.0(transitive)
- Removedredent@2.0.0(transitive)
- Removedshebang-command@1.2.0(transitive)
- Removedshebang-regex@1.0.0(transitive)
- Removedsignal-exit@3.0.7(transitive)
- Removedstrip-bom@3.0.0(transitive)
- Removedstrip-indent@2.0.0(transitive)
- Removedtrim-newlines@2.0.0(transitive)
- Removedwhich@1.3.1(transitive)
Updatedcross-spawn@^7.0.3
Updatedmeow@^9.0.0
Updatedread-pkg@^5.0.0