geoip-lite - npm Package Compare versions

Comparing version 1.4.5 to 1.4.6

package.json

 {
 	"name"        :  "geoip-lite",
-	"version"     :  "1.4.5",
+	"version"     :  "1.4.6",
 	"description" :  "A light weight native JavaScript implementation of GeoIP API from MaxMind",
@@ -5,0 +5,0 @@ "keywords"    :  ["geo", "geoip", "ip", "ipv4", "ipv6", "geolookup", "maxmind", "geolite"],

scripts/updatedb.js

@@ -33,3 +33,16 @@ // fetches and converts maxmind lite databases
 }
+var geodatadir = args.find(function(arg) {
+	return arg.match(/^geodatadir=[\w./]+/) !== null;
+});
+if (typeof geodatadir === 'undefined' && typeof process.env.GEODATADIR !== 'undefined') {
+	geodatadir = 'geodatadir='+process.env.GEODATADIR;
+}
 var dataPath = path.join(__dirname, '..', 'data');
+if (typeof geodatadir !== 'undefined') {
+	dataPath = path.join(process.cwd(), geodatadir.split('=')[1]);
+	if (!fs.existsSync(dataPath)) {
+		console.log(chalk.red('ERROR') + ': Directory does\'t exist: ' + dataPath);
+		process.exit(1);
+	}
+}
 var tmpPath = path.join(__dirname, '..', 'tmp');
@@ -36,0 +49,0 @@ var countryLookup = {};

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

115397224

Lines of code

1338

increased by0.98%

Worsened metrics

Number of low supply chain risk alerts

11

increased by22.22%

No dependency changes