hasdep - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1

index.js

 "use strict";
 
+const Fs = require("fs");
+const Os = require("os");
+const Path = require("path");
 const Bossy = require("bossy");
@@ -10,5 +13,31 @@ const Semver = require("semver");
 try {
-  Config = require("./config.json");
+  // Check for local config
+  let configFilePath = Path.join(process.cwd(), "hasdep-config.json");
+  Fs.stat(configFilePath, (err, stats) => {
+    if (err) {
+      // Fallback to Global config, if present
+      configFilePath = Path.join(Os.homedir(), "hasdep-config.json");
+      Fs.stat(configFilePath, (err, stats) => {
+        if (err) {
+          console.log(Chalk.red("Couldn't load config file at ./hasdep-config.json (project specific) or global ~/hasdep-config.json - create one based on https://github.com/shakefon/hasdep/blob/master/config.default.json"));
+          throw err;
+        }
+
+        console.log(Chalk.bgMagenta("Using global hasdep config file in homedir"));
+        Config = JSON.parse(Fs.readFileSync(configFilePath));
+
+        main();
+
+      });
+      return;
+    }
+
+    console.log(Chalk.bgMagenta("Using local project hasdep config file"));
+    Config = JSON.parse(Fs.readFileSync(configFilePath));
+
+    main();
+
+  });
+
 } catch (err) {
-  console.log(Chalk.red("Couldn't load config file at ./config.json - create it based on ./config.default.json"));
   throw err;
@@ -18,4 +47,9 @@ }
 const GitHubApi = require("github");
-const github = new GitHubApi(Config.githubApi);
+let github;
 
+const main = () => {
+  github = new GitHubApi(Config.githubApi);
+  processArgs();
+};
+
 const definition = {
@@ -188,7 +222,9 @@ o: {
 
-if (args.r) {
-  return searchRepo(args);
-}
+const processArgs = () => {
+  if (args.r) {
+    return searchRepo(args);
+  }
 
-searchOrg(args);
+  searchOrg(args);
+};
 

package.json

 {
   "name": "hasdep",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Check for a dependency (and version) across a Github Org or specific repo",
@@ -16,4 +16,5 @@ "main": "index.js",
     "github": "^2.4.1",
+    "path": "^0.12.7",
     "semver": "^5.3.0"
   }
 }

README.md

@@ -25,5 +25,7 @@ #hasdep
 
-Copy the supplied `config.default.json` to `config.json`
+Copy the supplied `config.default.json` to `~/hasdep-config.json`. This file
+will be used whenever a local `hasdep-config.json` is not present. If you wish to perform a search with different
+settings, run `hasdep` from a directory which contains a `hasdep-config.json` with those settings.
 
-`cp config.default.json config.json`
+`cp config.default.json ~/hasdep-config.json`
 
@@ -30,0 +32,0 @@ If you're searching Github.com, you're good to proceed.

New alerts

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

8788

increased by16.34%

Lines of code

176

increased by18.92%

Number of lines in readme file

80

increased by2.56%

Worsened metrics

Dependency count

5

increased by25%

Number of low supply chain risk alerts

3

increased by50%

Dependency changes

• + Addedpath@^0.12.7

• + Addedinherits@2.0.3(transitive)

• + Addedpath@0.12.7(transitive)

• + Addedprocess@0.11.10(transitive)

• + Addedutil@0.10.4(transitive)