husky - npm Package Compare versions

Comparing version 4.2.3 to 4.2.4

bin/run.js

@@ -9,3 +9,10 @@ #!/usr/bin/env node
   message(requiredVersion) {
-    return 'Husky requires Node ' + requiredVersion + ", can't run Git hook."
+    return (
+      'Husky requires Node ' +
+      requiredVersion +
+      ' (runtime: ' +
+      process.version +
+      ')' +
+      ", can't run Git hook."
+    )
   }
@@ -12,0 +19,0 @@ })

CHANGELOG.md

 # CHANGELOG
 
-Changes for 3.0.0+ can now be found in https://github.com/typicode/husky/releases
+⚠️ __Changes for `>=3` can now be found in https://github.com/typicode/husky/releases__
 
@@ -5,0 +5,0 @@ ## 3.0.0

husky.js

@@ -13,2 +13,3 @@ /* eslint-disable */
       requiredVersion +
+      ' (runtime: ' + process.version + ')' +
       ', skipping Git hooks installation.'
@@ -15,0 +16,0 @@ )

lib/installer/localScript.js

@@ -19,4 +19,7 @@ "use strict";
 function removeLocalScript(gitHooksDir) {
-    fs.unlinkSync(path.join(gitHooksDir, 'husky.local.sh'));
+    const filename = path.join(gitHooksDir, 'husky.local.sh');
+    if (fs.existsSync(filename)) {
+        fs.unlinkSync(filename);
+    }
 }
 exports.removeLocalScript = removeLocalScript;

lib/installer/mainScript.js

@@ -20,4 +20,7 @@ "use strict";
 function removeMainScript(gitHooksDir) {
-    fs.unlinkSync(path.join(gitHooksDir, 'husky.sh'));
+    const filename = path.join(gitHooksDir, 'husky.sh');
+    if (fs.existsSync(filename)) {
+        fs.unlinkSync(filename);
+    }
 }
 exports.removeMainScript = removeMainScript;

lib/runner/index.js

@@ -32,4 +32,3 @@ "use strict";
     console.log(`husky > ${hookName} (node ${process.version})`);
-    const SHELL = process.env.SHELL || 'sh';
-    const { status } = child_process_1.spawnSync(SHELL, ['-c', cmd], {
+    const { status } = child_process_1.spawnSync('sh', ['-c', cmd], {
         cwd,
@@ -36,0 +35,0 @@ env: Object.assign(Object.assign({}, process.env), env),

package.json

 {
   "name": "husky",
-  "version": "4.2.3",
+  "version": "4.2.4",
   "description": "Prevents bad commit or push (git hooks, pre-commit/precommit, pre-push/prepush, post-merge/postmerge and all that stuff...)",
@@ -5,0 +5,0 @@ "bin": {

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

50606

increased by0.58%

Lines of code

616

increased by2.16%

Number of low supply chain risk alerts

13

decreased by-7.14%

No dependency changes