commander-scripts-ivan
Advanced tools
commander-scripts-ivan - npm Package Compare versions
@@ -52,8 +52,22 @@ #!/usr/bin/env node | ||
| function shouldUseYarn() { | ||
| function shouldUse() { | ||
| try { | ||
| execSync('yarnpkg --version', { stdio: 'ignore' }) | ||
| return true | ||
| execSync('cnpm --version', { stdio: 'ignore' }) | ||
| return { | ||
| command: 'cnpm', | ||
| args: ['add', '-D', '-E', STARTER], | ||
| } | ||
| } catch (e) { | ||
| return false | ||
| try { | ||
| execSync('yarn --version', { stdio: 'ignore' }) | ||
| return { | ||
| command: 'yarn', | ||
| args: ['install', '-D', '-E', STARTER], | ||
| } | ||
| } catch (err) { | ||
| return { | ||
| command: 'npm', | ||
| args: ['install', '-D', '-E', STARTER], | ||
| } | ||
| } | ||
| } | ||
@@ -67,4 +81,2 @@ } | ||
| const args = shouldUseYarn() ? ['add', '-D', '-E', packageName, '--cwd', root] : ['install', '-D', '-E', packageName] | ||
| const packageJson = { name, version: '0.0.1', private: true } | ||
@@ -75,3 +87,4 @@ fs.writeFileSync(path.join(root, 'package.json'), JSON.stringify(packageJson, null, 2)) | ||
| console.log(chalk.cyan('Installing packages. This might take a couple of minutes...\n\n')) | ||
| const command = shouldUseYarn() ? 'yarn' : 'npm' | ||
| const { args, command } = shouldUse() | ||
| // 异步执行npm install指令以promise resolve得到 | ||
@@ -81,3 +94,5 @@ const child = spawn.sync(command, args, { stdio: 'inherit' }) | ||
| red('\n\nAborting installation.') | ||
| return | ||
| // 删除文件夹 | ||
| fs.removeSync(path.join(root)) | ||
| process.exit(1) | ||
| } | ||
@@ -84,0 +99,0 @@ console.log(chalk.green(`\n\n${packageName} has been installed...\n\n`)) |
+1
-1
| { | ||
| "name": "commander-scripts-ivan", | ||
| "version": "0.0.14", | ||
| "version": "0.0.15", | ||
| "description": "Node.js命令行脚本", | ||
@@ -5,0 +5,0 @@ "bin": "./commander-scripts-ivan.js", |
New alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
5109
5.43%- Lines of code
126
13.51%