New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
g2-ops-config
Advanced tools
g2-ops-config - npm Package Compare versions
Comparing version 0.0.9 to 0.0.10
@@ -46,4 +46,13 @@ 'use strict'; | ||
| function injectProcessEnv(response) { | ||
| Object.keys(response).forEach(function (key) { | ||
| if (key.startsWith('ENV') && typeof response[key] === 'string') { | ||
| process.env[key] = response[key]; | ||
| } | ||
| }); | ||
| } | ||
| function transformYamlResponse(responses, profiles) { | ||
| return responses.reduce(function (accu, response, index) { | ||
| injectProcessEnv(response); | ||
| return _extends({}, accu, _defineProperty({}, profiles[index], response)); | ||
@@ -50,0 +59,0 @@ }, {}); |
| { | ||
| "name": "g2-ops-config", | ||
| "version": "0.0.9", | ||
| "version": "0.0.10", | ||
| "description": "To fetch and maintain cloud configs for difference projects", | ||
@@ -5,0 +5,0 @@ "main": "dist/index.js", |
@@ -34,7 +34,16 @@ // @flow | ||
| function getYamlPromise(profile, application) { | ||
| return axios.get(configFileURL(profile, application)).then((response) => response.data) | ||
| return axios.get(configFileURL(profile, application)).then(response => response.data) | ||
| } | ||
| function injectProcessEnv(response: { [string]: mixed }) { | ||
| Object.keys(response).forEach(key => { | ||
| if (key.startsWith('ENV') && typeof response[key] === 'string') { | ||
| process.env[key] = response[key] | ||
| } | ||
| }) | ||
| } | ||
| function transformYamlResponse(responses, profiles) { | ||
| return responses.reduce((accu, response, index) => { | ||
| injectProcessEnv(response) | ||
| return { | ||
@@ -48,4 +57,4 @@ ...accu, | ||
| function fetchConfigurations(application: string, profiles: Array<string>): Promise<Array<any>> { | ||
| const yamlPromises = profiles.map((profile) => getYamlPromise(profile, application)) | ||
| return Promise.all(yamlPromises).then((data) => { | ||
| const yamlPromises = profiles.map(profile => getYamlPromise(profile, application)) | ||
| return Promise.all(yamlPromises).then(data => { | ||
| return transformYamlResponse(data, profiles) | ||
@@ -56,2 +65,1 @@ }) | ||
| export default fetchConfigurations | ||
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
No README
QualityPackage does not have a README. This may indicate a failed publish or a low quality package.
Found 1 instance in 1 package
Improved metrics
- Lines of code
- increased by2.61%
630
- Number of medium quality alerts
- decreased by-50%
1
- Number of lines in readme file
- increased byInfinity%
3
Worsened metrics
- Total package byte prevSize
- decreased by-97.75%
22972
- Number of package files
- decreased by-90.06%
16
- Number of low supply chain risk alerts
- increased by15.38%
15
No dependency changes