gh-release-fetch - npm Package Compare versions

Comparing version 1.0.3 to 1.0.4

dist/index.d.ts

@@ -11,1 +11,2 @@ export interface Release {
 export declare function updateAvailable(repository: string, currentVersion: string): Promise<boolean>;
+export declare function newerVersion(latestVersion: string, currentVersion: string): boolean;

dist/index.js

@@ -32,3 +32,3 @@ "use strict";
         const latestVersion = yield resolveRelease(repository);
-        return semver_1.gt(latestVersion, currentVersion);
+        return newerVersion(latestVersion, currentVersion);
     });
@@ -41,2 +41,7 @@ }
         const json = yield res.json();
+        if (res.status === 403 &&
+            typeof json.message === 'string' &&
+            json.message.includes('API rate limit exceeded')) {
+            throw new Error('API rate limit exceeded, please try again later');
+        }
         return json.tag_name;
@@ -66,1 +71,13 @@ });
 }
+function newerVersion(latestVersion, currentVersion) {
+    if (!latestVersion) {
+        return false;
+    }
+    if (!currentVersion) {
+        return true;
+    }
+    const l = latestVersion.replace(/^v/, '');
+    const c = currentVersion.replace(/^v/, '');
+    return semver_1.gt(l, c);
+}
+exports.newerVersion = newerVersion;

package.json

 {
   "name": "gh-release-fetch",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "description": "A library to fetch release binaries from GitHub Releases",
@@ -5,0 +5,0 @@ "main": "dist/index.js",

src/index.spec.ts

@@ -1,2 +0,2 @@
-import { newerVersion } from './index'
+import { newerVersion, fetchLatest } from "./index";
 
@@ -12,1 +12,29 @@ test('compare versions', () => {
 })
+
+jest.mock('node-fetch');
+
+describe('fetchLatest', () => {
+  test('should throw error when api limit is reached', async () => {
+    const fetch = require("node-fetch");
+    const response = {
+      status: 403,
+      json: () =>
+        Promise.resolve({
+          message: 'API rate limit exceeded for ',
+        }),
+    };
+    fetch.mockResolvedValue(response)
+
+    await expect(
+      fetchLatest({
+        repository: 'netlify/test',
+        package: 'test',
+        destination: 'bin/test',
+        version: '1.0.0',
+        extract: true,
+      })
+    ).rejects.toEqual(
+      new Error('API rate limit exceeded, please try again later')
+    );
+  });
+});

src/index.ts

@@ -30,4 +30,13 @@ import * as download from 'download';
 async function resolveRelease(repository: string): Promise<string> {
-  const res = await fetch(`https://api.github.com/repos/${repository}/releases/latest`);
+  const res = await fetch(
+    `https://api.github.com/repos/${repository}/releases/latest`
+  );
   const json = await res.json();
+  if (
+    res.status === 403 &&
+    typeof json.message === 'string' &&
+    json.message.includes('API rate limit exceeded')
+  ) {
+    throw new Error('API rate limit exceeded, please try again later');
+  }
   return json.tag_name;
@@ -34,0 +43,0 @@ }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

10888

increased by27.39%

Number of package files

11

increased by10%

Lines of code

250

increased by26.26%

Worsened metrics

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes