clj-kondo - npm Package Compare versions

Comparing version 2019.10.11-alpha to 2019.10.11-alpha.1

index.js

@@ -0,12 +1,21 @@
+const { createWriteStream, writeFile, mkdirSync } = require('fs');
+const { extname, join } = require('path');
 const binwrap = require('binwrap');
-const path = require('path');
+const request = require('request');
 
-const packageInfo = require(path.join(__dirname, 'package.json'));
-const version = packageInfo.version;
+const packageInfo = require(join(__dirname, 'package.json'));
+// This package uses the original version ('2019.10.11-alpha') plus a prerelease number (`.1`) 
+// if needed, so we need to strip the suffix.
+const version = packageInfo.version.slice(0, '2019.10.11-alpha'.length);
 const root = `https://github.com/borkdude/clj-kondo/releases/download/v${version}`;
+const fallback = root + `/clj-kondo-${version}-standalone.jar`;
+const binary = 'clj-kondo';
 
-module.exports = binwrap({
+// Note: We're not running `binwrap prepare` because `bin/clj-kondo` contains logic
+// to use the fallback.
+// Consider dropping binwrap altogether if we're just overriding functionality.
+const configuredBinwrap = binwrap({
   dirname: __dirname,
   binaries: [
-    'clj-kondo',
+    binary,
   ],
@@ -17,2 +26,25 @@ urls: {
   }
-});
+});
+
+// Wrap the original install method to provide a fallback.
+const originalInstall = configuredBinwrap.install.bind(configuredBinwrap);
+configuredBinwrap.install = function (unpackedBinPath, os, arch) {
+  mkdirSync(unpackedBinPath, { recursive: true });
+  try {
+    return originalInstall(unpackedBinPath, os, arch);
+  } catch (error) {
+    if (error.message.includes('No binaries are available for your platform')) {
+      return new Promise((resolve, reject) => {
+        const fallbackFile = join(unpackedBinPath, `${binary}${extname(fallback)}`);
+        request(fallback)
+          .pipe(createWriteStream(fallbackFile))
+          .on('finish', () => resolve())
+          .on('error', error => reject(error));
+      });
+    }
+  }
+};
+
+
+
+module.exports = configuredBinwrap;

package.json

 {
   "name": "clj-kondo",
-  "version": "2019.10.11-alpha",
+  "version": "2019.10.11-alpha.1",
   "description": "NPM distribution of https://github.com/borkdude/clj-kondo",
@@ -29,9 +29,9 @@ "homepage": "https://github.com/borkdude/clj-kondo",
     "install": "binwrap-install",
-    "prepare": "binwrap-prepare",
     "test": "binwrap-test",
-    "prepublish": "npm test"
+    "prepublishOnly": "npm test"
   },
   "dependencies": {
-    "binwrap": "^0.2.2"
+    "binwrap": "^0.2.2",
+    "request": "^2.88.0"
   }
-}
+}

README.md

@@ -1,3 +0,3 @@
-# clj-kondo
+# clj-kondo [![Build Status](https://github.com/filipesilva/clj-kondo/workflows/Node%20CI/badge.svg)](https://github.com/filipesilva/clj-kondo/actions)
 
 NPM distribution of https://github.com/borkdude/clj-kondo.

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

4455

increased by70.69%

Lines of code

42

increased by200%

Worsened metrics

Dependency count

2

increased by100%

Number of low supply chain risk alerts

2

increased by100%

Dependency changes

• + Addedrequest@^2.88.0