New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
fpi - npm Package Compare versions
Comparing version 0.0.14 to 0.0.15
30
index.js
@@ -9,15 +9,33 @@ #! /usr/bin/env node | ||
| const cliParameter = process.argv[2] | ||
| /* Get package.json file path */ | ||
| const packageJsonPath = path.join(process.cwd(), 'package.json') | ||
| /* Colored console */ | ||
| const color = { | ||
| error: '\x1b[33m%s\x1b[0m' | ||
| } | ||
| /* If CLI parameter equals 'install' or 'i' */ | ||
| if (cliParameter === 'install' || cliParameter === 'i') { | ||
| console.log(packageJsonPath) | ||
| /* Get 'package.json' file path */ | ||
| const packageJsonPath = path.join(process.cwd(), 'package.json') | ||
| /* If package.json file exist */ | ||
| /* If 'package.json' file exists */ | ||
| if (fs.existsSync(packageJsonPath)) { | ||
| console.log('yes') | ||
| /* Get 'package.json' file content */ | ||
| const packageJsonContent = require(packageJsonPath) | ||
| /* If 'package.json' file has 'dependencies' or 'devDependencies' parameters */ | ||
| if (packageJsonContent.dependencies || packageJsonContent.devDependencies) { | ||
| /* Get all dependencies */ | ||
| const allDependencies = Object.assign(packageJsonContent.dependencies || {}, packageJsonContent.devDependencies || {}) | ||
| /* Show */ | ||
| console.log(allDependencies) | ||
| /* If 'package.json' file doesn't have 'dependencies' or 'devDependencies' parameters */ | ||
| } else { | ||
| /* Show error */ | ||
| console.log(color.error, 'package.json doesn\'t have \'dependencies\' or \'devDependencies\' parameters.') | ||
| }/* if (packageJsonContent.dependencies || packageJsonContent.devDependencies) */ | ||
| /* If 'package.json' file doesn't exist */ | ||
| } else { | ||
| console.log('no') | ||
| /* Show error */ | ||
| console.log(color.error, 'package.json file not found.') | ||
| }/* if (fs.existsSync(packageJsonPath)) */ | ||
| }/* if (cliParameter === 'install' || cliParameter === 'i') */ |
| { | ||
| "name": "fpi", | ||
| "version": "0.0.14", | ||
| "version": "0.0.15", | ||
| "description": "Fast Package Installer.", | ||
@@ -27,3 +27,8 @@ "main": "index.js", | ||
| }, | ||
| "dependencies": {} | ||
| "dependencies": { | ||
| "react": "^16.1.0" | ||
| }, | ||
| "devDependencies": { | ||
| "react-dom": "^16.2.0" | ||
| } | ||
| } |
New alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by34.81%
3919
- Lines of code
- increased by94.44%
35
Worsened metrics
- Dependency count
- increased byInfinity%
1
- Dev dependency count
- increased byInfinity%
1
- Number of low supply chain risk alerts
- increased by100%
2
Dependency changes
+ Addedreact@^16.1.0
+ Addedjs-tokens@4.0.0(transitive)
+ Addedloose-envify@1.4.0(transitive)
+ Addedobject-assign@4.1.1(transitive)
+ Addedprop-types@15.8.1(transitive)
+ Addedreact@16.14.0(transitive)
+ Addedreact-is@16.13.1(transitive)