New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
create-react-app
Advanced tools
create-react-app - npm Package Compare versions
Comparing version 1.1.0 to 1.2.0
166
index.js
@@ -42,2 +42,3 @@ #!/usr/bin/env node | ||
| var chalk = require('chalk'); | ||
| var validateProjectName = require("validate-npm-package-name"); | ||
@@ -62,2 +63,3 @@ var currentNodeVersion = process.versions.node; | ||
| var semver = require('semver'); | ||
| var dns = require('dns'); | ||
@@ -102,2 +104,10 @@ var projectName; | ||
| function printValidationResults(results) { | ||
| if (typeof results !== 'undefined') { | ||
| results.forEach(function (error) { | ||
| console.error(chalk.red(' * ' + error)); | ||
| }); | ||
| } | ||
| } | ||
| var hiddenProgram = new commander.Command() | ||
@@ -151,21 +161,40 @@ .option('--internal-testing-template <path-to-template>', '(internal usage only, DO NOT RELY ON THIS) ' + | ||
| function install(dependencies, verbose, callback) { | ||
| var command; | ||
| var args; | ||
| if (shouldUseYarn()) { | ||
| command = 'yarnpkg'; | ||
| args = [ 'add', '--exact'].concat(dependencies); | ||
| } else { | ||
| checkNpmVersion(); | ||
| command = 'npm'; | ||
| args = ['install', '--save', '--save-exact'].concat(dependencies); | ||
| } | ||
| function install(useYarn, dependencies, verbose, isOnline) { | ||
| return new Promise(function(resolve, reject) { | ||
| var command; | ||
| var args; | ||
| if (useYarn) { | ||
| command = 'yarnpkg'; | ||
| args = [ | ||
| 'add', | ||
| '--exact', | ||
| isOnline === false && '--offline' | ||
| ].concat(dependencies); | ||
| if (verbose) { | ||
| args.push('--verbose'); | ||
| } | ||
| if (!isOnline) { | ||
| console.log(chalk.yellow('You appear to be offline.')); | ||
| console.log(chalk.yellow('Falling back to the local Yarn cache.')); | ||
| console.log(); | ||
| } | ||
| var child = spawn(command, args, {stdio: 'inherit'}); | ||
| child.on('close', function(code) { | ||
| callback(code, command, args); | ||
| } else { | ||
| checkNpmVersion(); | ||
| command = 'npm'; | ||
| args = ['install', '--save', '--save-exact'].concat(dependencies); | ||
| } | ||
| if (verbose) { | ||
| args.push('--verbose'); | ||
| } | ||
| var child = spawn(command, args, {stdio: 'inherit'}); | ||
| child.on('close', function(code) { | ||
| if (code !== 0) { | ||
| reject({ | ||
| command: command + ' ' + args.join(' ') | ||
| }); | ||
| return; | ||
| } | ||
| resolve(); | ||
| }); | ||
| }); | ||
@@ -186,7 +215,34 @@ } | ||
| console.log(); | ||
| var useYarn = shouldUseYarn(); | ||
| checkIfOnline(useYarn) | ||
| .then(function(isOnline) { | ||
| return install(useYarn, allDependencies, verbose, isOnline); | ||
| }) | ||
| .then(function() { | ||
| checkNodeVersion(packageName); | ||
| install(allDependencies, verbose, function(code, command, args) { | ||
| if (code !== 0) { | ||
| // Since react-scripts has been installed with --save | ||
| // we need to move it into devDependencies and rewrite package.json | ||
| // also ensure react dependencies have caret version range | ||
| fixDependencies(packageName); | ||
| var scriptsPath = path.resolve( | ||
| process.cwd(), | ||
| 'node_modules', | ||
| packageName, | ||
| 'scripts', | ||
| 'init.js' | ||
| ); | ||
| var init = require(scriptsPath); | ||
| init(root, appName, verbose, originalDirectory, template); | ||
| }) | ||
| .catch(function(reason) { | ||
| console.log(); | ||
| console.error('Aborting installation.', chalk.cyan(command + ' ' + args.join(' ')), 'has failed.'); | ||
| console.log('Aborting installation.'); | ||
| if (reason.command) { | ||
| console.log(' ' + chalk.cyan(reason.command), 'has failed.') | ||
| } | ||
| console.log(); | ||
| // On 'exit' we will delete these files from target directory. | ||
@@ -211,2 +267,3 @@ var knownGeneratedFiles = [ | ||
| console.log('Deleting', chalk.cyan(appName + '/'), 'from', chalk.cyan(path.resolve(root, '..'))); | ||
| process.chdir(path.resolve(root, '..')); | ||
| fs.removeSync(path.join(root)); | ||
@@ -216,20 +273,3 @@ } | ||
| process.exit(1); | ||
| } | ||
| checkNodeVersion(packageName); | ||
| // Since react-scripts has been installed with --save | ||
| // We need to move it into devDependencies and rewrite package.json | ||
| moveReactScriptsToDev(packageName); | ||
| var scriptsPath = path.resolve( | ||
| process.cwd(), | ||
| 'node_modules', | ||
| packageName, | ||
| 'scripts', | ||
| 'init.js' | ||
| ); | ||
| var init = require(scriptsPath); | ||
| init(root, appName, verbose, originalDirectory, template); | ||
| }); | ||
| }); | ||
| } | ||
@@ -313,2 +353,10 @@ | ||
| function checkAppName(appName) { | ||
| var validationResult = validateProjectName(appName); | ||
| if (!validationResult.validForNewPackages) { | ||
| console.error('Could not create a project called ' + chalk.red('"' + appName + '"') + ' because of npm naming restrictions:'); | ||
| printValidationResults(validationResult.errors); | ||
| printValidationResults(validationResult.warnings); | ||
| process.exit(1); | ||
| } | ||
| // TODO: there should be a single place that holds the dependencies | ||
@@ -318,3 +366,2 @@ var dependencies = ['react', 'react-dom']; | ||
| var allDependencies = dependencies.concat(devDependencies).sort(); | ||
| if (allDependencies.indexOf(appName) >= 0) { | ||
@@ -337,3 +384,25 @@ console.error( | ||
| function moveReactScriptsToDev(packageName) { | ||
| function makeCaretRange(dependencies, name) { | ||
| var version = dependencies[name]; | ||
| if (typeof version === 'undefined') { | ||
| console.error( | ||
| chalk.red('Missing ' + name + ' dependency in package.json') | ||
| ); | ||
| process.exit(1); | ||
| } | ||
| var patchedVersion = '^' + version; | ||
| if (!semver.validRange(patchedVersion)) { | ||
| console.error( | ||
| 'Unable to patch ' + name + ' dependency version because version ' + chalk.red(version) + ' will become invalid ' + chalk.red(patchedVersion) | ||
| ); | ||
| patchedVersion = version; | ||
| } | ||
| dependencies[name] = patchedVersion; | ||
| } | ||
| function fixDependencies(packageName) { | ||
| var packagePath = path.join(process.cwd(), 'package.json'); | ||
@@ -362,2 +431,5 @@ var packageJson = require(packagePath); | ||
| makeCaretRange(packageJson.dependencies, 'react'); | ||
| makeCaretRange(packageJson.dependencies, 'react-dom'); | ||
| fs.writeFileSync(packagePath, JSON.stringify(packageJson, null, 2)); | ||
@@ -378,1 +450,15 @@ } | ||
| } | ||
| function checkIfOnline(useYarn) { | ||
| if (!useYarn) { | ||
| // Don't ping the Yarn registry. | ||
| // We'll just assume the best case. | ||
| return Promise.resolve(true); | ||
| } | ||
| return new Promise(function(resolve) { | ||
| dns.resolve('registry.yarnpkg.com', function(err) { | ||
| resolve(err === null); | ||
| }); | ||
| }); | ||
| } |
| { | ||
| "name": "create-react-app", | ||
| "version": "1.1.0", | ||
| "version": "1.2.0", | ||
| "keywords": [ | ||
@@ -27,4 +27,5 @@ "react" | ||
| "fs-extra": "^1.0.0", | ||
| "semver": "^5.0.3" | ||
| "semver": "^5.0.3", | ||
| "validate-npm-package-name": "^3.0.0" | ||
| } | ||
| } |
New alerts
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by18.46%
15852
- Lines of code
- increased by23.08%
400
Worsened metrics
- Dependency count
- increased by20%
6
- Number of medium maintenance alerts
- increased byInfinity%
1
- Number of medium supply chain risk alerts
- increased by100%
2
Dependency changes
+ Addedbuiltins@1.0.3(transitive)
+ Addedvalidate-npm-package-name@3.0.0(transitive)