install-artifact-from-github
Advanced tools
Comparing version 1.2.0 to 1.3.0
@@ -9,2 +9,3 @@ #!/usr/bin/env node | ||
const {promisify} = require('util'); | ||
const http = require('http'); | ||
const https = require('https'); | ||
@@ -28,2 +29,4 @@ const {exec, spawnSync} = require('child_process'); | ||
const isParamPresent = name => process.argv.indexOf('--' + name) > 0; | ||
const getParam = (name, defaultValue = '') => { | ||
@@ -39,3 +42,7 @@ const index = process.argv.indexOf('--' + name); | ||
mirrorHost = getParam('host'), | ||
mirrorEnvVar = getParam('host-var') || 'DOWNLOAD_HOST'; | ||
mirrorEnvVar = getParam('host-var') || 'DOWNLOAD_HOST', | ||
skipPath = isParamPresent('skip-path'), | ||
skipPathVar = getParam('skip-path-var') || 'DOWNLOAD_SKIP_PATH', | ||
skipVer = isParamPresent('skip-ver'), | ||
skipVerVar = getParam('skip-ver-var') || 'DOWNLOAD_SKIP_VER'; | ||
@@ -48,2 +55,5 @@ const parseUrl = [ | ||
const isHttp = /^http:\/\//i, | ||
isHttps = /^https:\/\//i; | ||
const getRepo = url => { | ||
@@ -60,8 +70,14 @@ if (!url) return null; | ||
const url = process.env.npm_package_github || (process.env.npm_package_repository_type === 'git' && process.env.npm_package_repository_url), | ||
result = getRepo(url), | ||
host = mirrorHost || process.env[mirrorEnvVar] || 'https://github.com'; | ||
return ( | ||
result && | ||
`${host}/${result[1]}/${result[2]}/releases/download/${process.env.npm_package_version}/${prefix}${platform}-${process.arch}-${process.versions.modules}${suffix}` | ||
); | ||
result = getRepo(url); | ||
if (!result) return null; | ||
const host = mirrorHost || process.env[mirrorEnvVar] || 'https://github.com'; | ||
let assetUrl = host; | ||
if (!skipPath && !process.env[skipPathVar]) { | ||
assetUrl += `/${result[1]}/${result[2]}/releases/download`; | ||
} | ||
if (!skipVer && !process.env[skipVerVar]) { | ||
assetUrl += '/' + process.env.npm_package_version; | ||
} | ||
assetUrl += `/${prefix}${platform}-${process.arch}-${process.versions.modules}${suffix}`; | ||
return assetUrl; | ||
}; | ||
@@ -116,4 +132,10 @@ | ||
new Promise((resolve, reject) => { | ||
const httpLib = isHttps.test(url) ? https : isHttp.test(url) ? http : null; | ||
if (!httpLib) { | ||
// local file | ||
fsp.readFile(url).then(resolve, reject); | ||
return; | ||
} | ||
let buffer = null; | ||
https | ||
httpLib | ||
.get(url, res => { | ||
@@ -120,0 +142,0 @@ if (res.statusCode >= 300 && res.statusCode < 400 && res.headers && res.headers.location) { |
{ | ||
"name": "install-artifact-from-github", | ||
"version": "1.2.0", | ||
"version": "1.3.0", | ||
"description": "Create binary artifacts hosted by github and install them without compiling.", | ||
"homepage": "http://github.com/uhop/install-artifact-from-github", | ||
"bugs": "http://github.com/uhop/install-artifact-from-github/issues", | ||
"github": "http://github.com/uhop/install-artifact-from-github", | ||
"homepage": "https://github.com/uhop/install-artifact-from-github", | ||
"bugs": "https://github.com/uhop/install-artifact-from-github/issues", | ||
"github": "https://github.com/uhop/install-artifact-from-github", | ||
"repository": { | ||
@@ -29,4 +29,4 @@ "type": "git", | ||
], | ||
"author": "Eugene Lazutkin <eugene.lazutkin@gmail.com> (http://lazutkin.com/)", | ||
"author": "Eugene Lazutkin <eugene.lazutkin@gmail.com> (https://lazutkin.com/)", | ||
"license": "BSD-3-Clause" | ||
} |
@@ -60,2 +60,3 @@ # install-artifact-from-github [![NPM version][npm-img]][npm-url] | ||
- 1.3.0 *enhanced support for custom mirrors.* | ||
- 1.2.0 *support for NPM >= 7.* | ||
@@ -62,0 +63,0 @@ - 1.1.3 *technical release: updated docs.* |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
18228
341
69
27
5