findup-sync - npm Package Compare versions

Comparing version 0.4.1 to 0.4.2

index.js

@@ -11,3 +11,3 @@ 'use strict';
 var resolveDir = require('resolve-dir');
-var exists = require('fs-exists-sync');
+var detect = require('detect-file');
 var mm = require('micromatch');
@@ -50,3 +50,3 @@
   } else {
-    return findFile(cwd, pattern);
+    return findFile(cwd, pattern, options);
   }
@@ -57,3 +57,3 @@ }
   var isMatch = mm.matcher(pattern, opts);
-  var files = fs.readdirSync(cwd);
+  var files = tryReaddirSync(cwd);
   var len = files.length;
@@ -77,6 +77,7 @@ var idx = -1;
 
-function findFile(cwd, filename) {
+function findFile(cwd, filename, options) {
+  var res;
   var fp = cwd ? path.resolve(cwd, filename) : filename;
-  if (exists(fp)) {
-    return fp;
+  if (res = detect(fp, options)) {
+    return res;
   }
@@ -90,4 +91,4 @@
     fp = path.resolve(cwd, filename);
-    if (exists(fp)) {
-      return fp;
+    if (res = detect(fp, options)) {
+      return res;
     }
@@ -97,1 +98,8 @@ }
 }
+
+function tryReaddirSync(fp) {
+  try {
+    return fs.readdirSync(fp);
+  } catch(err) {}
+  return [];
+}

package.json

 {
   "name": "findup-sync",
   "description": "Find the first file matching a given pattern in the current directory or the nearest ancestor directory.",
-  "version": "0.4.1",
+  "version": "0.4.2",
   "homepage": "https://github.com/cowboy/node-findup-sync",
@@ -23,3 +23,3 @@ "author": "\"Cowboy\" Ben Alman (http://benalman.com)",
   "dependencies": {
-    "fs-exists-sync": "^0.1.0",
+    "detect-file": "^0.1.0",
     "is-glob": "^2.0.1",
@@ -30,2 +30,3 @@ "micromatch": "^2.3.7",
   "devDependencies": {
+    "fs-exists-sync": "^0.1.0",
     "grunt": "^1.0.1",
@@ -32,0 +33,0 @@ "grunt-contrib-jshint": "^0.12.0",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Lines of code

83

increased by9.21%

Number of low supply chain risk alerts

2

decreased by-33.33%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

3376

decreased by-39.13%

Dev dependency count

9

increased by12.5%

Number of package files

2

decreased by-33.33%

Number of medium quality alerts

1

increased byInfinity%

Number of lines in readme file

0

decreased by-100%

Dependency changes

• + Addeddetect-file@^0.1.0

• + Addeddetect-file@0.1.0(transitive)

• - Removedfs-exists-sync@^0.1.0