envify - npm Package Compare versions
Comparing version 3.1.0 to 3.2.0
| { | ||
| "name": "envify", | ||
| "version": "3.1.0", | ||
| "version": "3.2.0", | ||
| "description": "Selectively replace Node-style environment variables with plain strings.", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -107,2 +107,33 @@ # envify [](http://travis-ci.org/hughsk/envify) [](http://github.com/hughsk/stability-badges) # | ||
| ## Purging `process.env` ## | ||
| By default, environment variables that are not defined will be left untouched. | ||
| This is because in some cases, you might want to run an envify transform over | ||
| your source more than once, and removing these values would make that | ||
| impossible. | ||
| However, if any references to `process.env` are remaining after transforming | ||
| your source with envify, browserify will automatically insert its shim for | ||
| Node's process object, which will increase the size of your bundle. This weighs | ||
| in at around 2KB, so if you're trying to be conservative with your bundle size | ||
| you can "purge" these remaining variables such that any missing ones are simply | ||
| replaced with undefined. | ||
| To do so through the command-line, simply use the subarg syntax and include | ||
| `purge` after `envify`, e.g.: | ||
| ``` bash | ||
| browserify index.js -t [ envify purge --NODE_ENV development ] | ||
| ``` | ||
| Or if you're using the module API, you can pass `_: "purge"` into your | ||
| arguments like so: | ||
| ``` javascript | ||
| b.transform(envify({ | ||
| _: 'purge' | ||
| , NODE_ENV: 'development' | ||
| })) | ||
| ``` | ||
| ## Contributors ## | ||
@@ -109,0 +140,0 @@ |
@@ -5,2 +5,4 @@ var Syntax = require('jstransform').Syntax | ||
| function create(envs) { | ||
| var args = [].concat(envs[0]._ || []).concat(envs[1]._ || []) | ||
| var purge = args.indexOf('purge') !== -1 | ||
@@ -13,5 +15,3 @@ function visitProcessEnv(traverse, node, path, state) { | ||
| if (value !== undefined) { | ||
| utils.catchup(node.range[0], state) | ||
| utils.append(JSON.stringify(value), state) | ||
| utils.move(node.range[1], state) | ||
| replaceEnv(node, state, value) | ||
| return false | ||
@@ -21,5 +21,15 @@ } | ||
| if (purge) { | ||
| replaceEnv(node, state, undefined) | ||
| } | ||
| return false | ||
| } | ||
| function replaceEnv(node, state, value) { | ||
| utils.catchup(node.range[0], state) | ||
| utils.append(JSON.stringify(value), state) | ||
| utils.move(node.range[1], state) | ||
| } | ||
| visitProcessEnv.test = function(node, path, state) { | ||
@@ -26,0 +36,0 @@ return ( |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Number of lines in readme file
- increased by26.96%
146
- Number of low supply chain risk alerts
- decreased by-33.33%
2
Worsened metrics
- Total package byte prevSize
- decreased by-22.57%
7189
- Number of package files
- decreased by-12.5%
7
- Lines of code
- decreased by-60.34%
69