husky
Advanced tools
Comparing version 5.0.7 to 5.0.8
@@ -7,9 +7,5 @@ "use strict"; | ||
| exports.install = void 0; | ||
| const os_1 = __importDefault(require("os")); | ||
| const fs_1 = __importDefault(require("fs")); | ||
| const path_1 = __importDefault(require("path")); | ||
| const child_process_1 = __importDefault(require("child_process")); | ||
| function copyScript(scriptName, destDir) { | ||
| fs_1.default.copyFileSync(path_1.default.join(__dirname, '../../scripts', scriptName), path_1.default.join(destDir, scriptName)); | ||
| } | ||
| function install(dir = '.husky') { | ||
@@ -23,15 +19,14 @@ const absoluteHooksDir = path_1.default.resolve(process.cwd(), dir); | ||
| } | ||
| const tmpDir = fs_1.default.mkdtempSync(path_1.default.join(os_1.default.tmpdir(), 'husky-')); | ||
| copyScript('husky.sh', tmpDir); | ||
| copyScript('pre-commit', tmpDir); | ||
| fs_1.default.chmodSync(path_1.default.join(tmpDir, 'pre-commit'), 0o0755); | ||
| child_process_1.default.spawnSync('git', ['config', 'core.hooksPath', tmpDir]); | ||
| child_process_1.default.spawnSync('git', ['commit', '--author', 'husky <husky@example.com>'], { | ||
| stdio: 'inherit', | ||
| env: { | ||
| ...process.env, | ||
| husky_dir: dir, | ||
| }, | ||
| }); | ||
| try { | ||
| fs_1.default.mkdirSync(path_1.default.join(dir, '_'), { recursive: true }); | ||
| fs_1.default.writeFileSync(path_1.default.join(dir, '.gitignore'), '_', 'utf-8'); | ||
| fs_1.default.copyFileSync(path_1.default.join(__dirname, '../../scripts/husky.sh'), path_1.default.join(dir, '_/husky.sh')); | ||
| child_process_1.default.spawnSync('git', ['config', 'core.hooksPath', dir]); | ||
| } | ||
| catch (e) { | ||
| console.log('husky - Git hooks failed to install'); | ||
| throw e; | ||
| } | ||
| console.log('husky - Git hooks installed'); | ||
| } | ||
| exports.install = install; |
| { | ||
| "name": "husky", | ||
| "version": "5.0.7", | ||
| "version": "5.0.8", | ||
| "description": "Git hooks made easy", | ||
@@ -5,0 +5,0 @@ "bin": "lib/bin.js", |
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-25%
3
Worsened metrics
- Total package byte prevSize
- decreased by-1.87%
24233
- Number of package files
- decreased by-8.33%
11
- Lines of code
- decreased by-3.57%
135
No dependency changes