cloudappx-server
Advanced tools
Comparing version 0.0.5 to 0.0.6
{ | ||
"name": "cloudappx-server", | ||
"version": "0.0.5", | ||
"version": "0.0.6", | ||
"description": "MakeAppX in the Cloud", | ||
"repository": { | ||
"type": "git", | ||
"url": "https://github.com/alxlu/CloudAppX" | ||
"url": "https://github.com/MicrosoftEdge/CloudAppX" | ||
}, | ||
@@ -9,0 +9,0 @@ "scripts": { |
@@ -122,15 +122,23 @@ var fs = require('fs'), | ||
var deferred = Q.defer(); | ||
var configPath = path.resolve(__dirname, '..', 'assets', 'priconfig.xml'); | ||
var cmdLine = '"' + toolPath + '" new /o /pr "' + projectRoot + '" /cf "' + configPath + '" /of "' + outputFile + '" /in ' + packageIdentity; | ||
exec(cmdLine, { maxBuffer: 1024 * 1024 }, function (err, stdout, stderr) { | ||
if (err) { | ||
return deferred.reject(err); | ||
} | ||
deferred.resolve({ | ||
projectRoot: projectRoot, | ||
outputFile: outputFile, | ||
stdout: stdout, | ||
stderr: stderr | ||
}); | ||
// check if a MakePri configuration file was provided, otherwise use the default file in 'assets' | ||
var configFile = 'priconfig.xml'; | ||
var configPath = path.join(projectRoot, configFile); | ||
fsStat(configPath).catch(function (err) { | ||
configPath = path.resolve(__dirname, '..', 'assets', configFile); | ||
}).finally(function() { | ||
console.log("Using " + configFile + " path: " + configPath); | ||
var cmdLine = '"' + toolPath + '" new /o /pr "' + projectRoot + '" /cf "' + configPath + '" /of "' + outputFile + '" /in ' + packageIdentity; | ||
exec(cmdLine, { maxBuffer: 1024 * 1024 }, function (err, stdout, stderr) { | ||
if (err) { | ||
return deferred.reject(err); | ||
} | ||
deferred.resolve({ | ||
projectRoot: projectRoot, | ||
outputFile: outputFile, | ||
stdout: stdout, | ||
stderr: stderr | ||
}); | ||
}); | ||
}); | ||
@@ -137,0 +145,0 @@ |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
106407
442
11
1