gulp-exec - npm Package Compare versions
Comparing version 2.1.1 to 2.1.2
11
index.js
| 'use strict'; | ||
| var through2 = require('through2'); | ||
| var path = require('path'); | ||
| var gutil = require('gulp-util'); | ||
@@ -18,3 +19,13 @@ var exec = require('child_process').exec; | ||
| if (!opt.env) { | ||
| opt.env = process.env; | ||
| } | ||
| // Include node_modules/.bin on the path when we execute the command. | ||
| var oldPath = opt.env.PATH; | ||
| var newPath = path.join(__dirname, '..', '..', '.bin'); | ||
| newPath += path.delimiter; | ||
| newPath += oldPath; | ||
| opt.env.PATH = newPath; | ||
| return through2.obj(function (file, enc, cb){ | ||
@@ -21,0 +32,0 @@ var cmd = gutil.template(command, {file: file, options: opt}); |
| { | ||
| "name": "gulp-exec", | ||
| "description": "exec plugin for gulp", | ||
| "version": "2.1.1", | ||
| "version": "2.1.2", | ||
| "homepage": "https://github.com/robrich/gulp-exec", | ||
@@ -15,12 +15,13 @@ "repository": "git://github.com/robrich/gulp-exec.git", | ||
| "gulp-util": "^3.0.0", | ||
| "through2": "~0.6.2" | ||
| "gulplog": "^1.0.0", | ||
| "through2": "^2.0.0" | ||
| }, | ||
| "devDependencies": { | ||
| "jshint": "^2.5.6", | ||
| "mocha": "^1.21.4", | ||
| "should": "^4.0.4", | ||
| "vinyl": "~0.4.3" | ||
| "jshint": "^2.8.0", | ||
| "mocha": "^2.3.3", | ||
| "should": "^7.1.0", | ||
| "vinyl": "^1.0.0" | ||
| }, | ||
| "scripts": { | ||
| "test": "mocha && jshint ./index.js ./test/." | ||
| "test": "mocha && jshint ." | ||
| }, | ||
@@ -30,8 +31,3 @@ "engines": { | ||
| }, | ||
| "licenses": [ | ||
| { | ||
| "type": "MIT", | ||
| "url": "http://github.com/robrich/gulp-exec/raw/master/LICENSE" | ||
| } | ||
| ] | ||
| "license": "MIT" | ||
| } |
Sorry, the diff of this file is not supported yet
New alerts
Potential vulnerability
Supply chain riskInitial human review suggests the presence of a vulnerability in this package. It is pending further analysis and confirmation.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3.22%
6857
- Number of package files
- increased by14.29%
8
- Lines of code
- increased by15.38%
75
Worsened metrics
- Dependency count
- increased by50%
3
- Number of low supply chain risk alerts
- increased by100%
2
- Number of medium supply chain risk alerts
- increased by100%
2
Dependency changes
+ Addedgulplog@^1.0.0
- Removedreadable-stream@1.0.34(transitive)
- Removedthrough2@0.6.5(transitive)
Updatedthrough2@^2.0.0