install - npm Package Compare versions

Comparing version 0.1.3 to 0.1.4

install.js

@@ -129,3 +129,3 @@ (function(global, undefined) {
     function ready(module) {
-        var unmet, code, match, id, result = true;
+        var deps, code, match, id, result = true;
 
@@ -141,9 +141,9 @@ if (!module.seen &&
             // regard to dependencies) but shorter.
-            unmet = module.unmet;
-            if (!unmet) {
+            deps = module.deps;
+            if (!deps) {
                 code = module + "";
-                unmet = module.unmet = {};
+                deps = module.deps = {};
                 requireExp.lastIndex = 0;
                 while ((match = requireExp.exec(code)))
-                    unmet[absolutize(match[1], module.id)] = true;
+                    deps[absolutize(match[1], module.id)] = true;
             }
@@ -158,10 +158,10 @@
 
-            for (id in unmet) {
-                if (hasOwn.call(unmet, id)) {
+            for (id in deps) {
+                if (hasOwn.call(deps, id)) {
                     // Once a dependency is determined to be satisfied, we
-                    // remove its identifier from `module.unmet`, so that we
+                    // remove its identifier from `module.deps`, so that we
                     // can avoid considering it again if `ready` is called
                     // multiple times.
                     if (hasOwn.call(installed, id) && ready(installed[id])) {
-                        delete unmet[id];
+                        delete deps[id];
                     // If any dependency is missing or not `ready`, then the
@@ -168,0 +168,0 @@ // current module is not yet `ready`. The `break` is not

package.json

@@ -18,3 +18,3 @@ {
   ],
-  "version": "0.1.3",
+  "version": "0.1.4",
   "homepage": "http://github.com/benjamn/install",
@@ -21,0 +21,0 @@ "repository": {

test/run.js

@@ -126,2 +126,41 @@ var main = require("../main");
 
+exports.testDepsStyle = function(t, assert) {
+    function uselessToString() {
+        assert.ok(false, ".toString should not be called when .deps is defined");
+    }
+
+    install("h2", {
+        deps: { h0: true, h1: true },
+        toString: uselessToString,
+
+        call: function(self, require, exports, module) {
+            function checkName(id) {
+                assert.strictEqual(require(id).name, id);
+            }
+
+            exports.name = module.id;
+
+            checkName("h0");
+            checkName("h1");
+            checkName("h2");
+        }
+    });
+
+    install("h1", { exports: { name: "h1" }});
+
+    install({
+        deps: { h2: true },
+        toString: uselessToString,
+        call: function(self, require) {
+            var h2 = "h2";
+            assert.strictEqual(require(h2).name, "h2");
+            finish(t);
+        }
+    });
+
+    install("h0", function(require, exports) {
+        exports.name = "h0";
+    });
+};
+
 exports.testCircularRequirement = function(t, assert) {
@@ -128,0 +167,0 @@ install("j", function(require, exports) {

New alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

60075

increased by1.57%

Lines of code

646

increased by5.04%

Worsened metrics

Number of low supply chain risk alerts

4

increased by100%

No dependency changes