heroku-cli-util
Advanced tools
heroku-cli-util - npm Package Compare versions
Comparing version 4.0.3 to 5.0.0
@@ -16,4 +16,3 @@ 'use strict'; | ||
| exports.command = require('./lib/command'); | ||
| exports.config = require('./lib/config'); | ||
| exports.color = require('./lib/color'); | ||
| exports.color = require('chalk'); | ||
| exports.action = require('./lib/action'); | ||
@@ -20,0 +19,0 @@ exports.extend = require('./lib/extend'); |
@@ -13,4 +13,4 @@ 'use strict'; | ||
| token: context.auth ? context.auth.password : null, | ||
| host: cli.config.api_host, | ||
| rejectUnauthorized: !cli.config.api_host.endsWith('herokudev.com'), | ||
| host: context.apiHost, | ||
| rejectUnauthorized: !context.apiHost.endsWith('herokudev.com'), | ||
| }; | ||
@@ -37,6 +37,3 @@ if (context.secondFactor) { | ||
| setupHttpProxy(); | ||
| if (!context.supportsColor) { | ||
| // TODO: parse the ini file in heroku-cli | ||
| cli.color.enabled = false; | ||
| } | ||
| cli.color.enabled = context.supportsColor; | ||
| let logPath = context.herokuDir ? context.herokuDir+'/error.log' : null; | ||
@@ -43,0 +40,0 @@ let handleErr = cli.errorHandler({logPath: logPath, debug: context.debug}); |
@@ -63,3 +63,3 @@ 'use strict'; | ||
| return function handleErr(err) { | ||
| if (cli.config.raiseErrors) { throw err; } | ||
| if (cli.raiseErrors) { throw err; } | ||
| options = options || {}; | ||
@@ -66,0 +66,0 @@ if (err !== '') { error(err); } |
| { | ||
| "name": "heroku-cli-util", | ||
| "version": "4.0.3", | ||
| "version": "5.0.0", | ||
| "description": "Set of helpful CLI utilities", | ||
@@ -32,3 +32,9 @@ "main": "index.js", | ||
| "ini": "^1.3.3" | ||
| } | ||
| }, | ||
| "bundledDependencies": [ | ||
| "chalk", | ||
| "co", | ||
| "heroku-client", | ||
| "ini" | ||
| ] | ||
| } |
| 'use strict'; | ||
| global.cli = require('..'); | ||
| cli.mockConsole(); | ||
| cli.config.raiseErrors = true; | ||
| cli.raiseErrors = true; | ||
| let chai = require('chai'); | ||
| chai.should(); |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 3 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Copyleft License
License(Experimental) Copyleft license information was found.
Found 1 instance in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 8 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Mixed license
License(Experimental) Package contains multiple licenses.
Found 1 instance in 1 package
Non-permissive License
License(Experimental) A license not known to be considered permissive was found.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 7 instances in 1 package
Improved metrics
- Total package byte prevSize
- increased by5073.43%
2642898
- Number of package files
- increased by1237.04%
361
- Lines of code
- increased by4241.07%
52744
Worsened metrics
- Number of low license alerts
- increased byInfinity%
3
- License quality
- decreased by-30%
70
- Number of low supply chain risk alerts
- increased by185.71%
40
- Number of medium supply chain risk alerts
- increased byInfinity%
18