is-npm - npm Package Compare versions

Comparing version 5.0.0 to 6.0.0

index.js

@@ -1,11 +0,10 @@
-'use strict';
+import process from 'node:process';
 
 const packageJson = process.env.npm_package_json;
 const userAgent = process.env.npm_config_user_agent;
-const isYarn = Boolean(userAgent && userAgent.startsWith('yarn'));
-const isNpm = Boolean(userAgent && userAgent.startsWith('npm'));
+const isNpm6 = Boolean(userAgent && userAgent.startsWith('npm'));
 const isNpm7 = Boolean(packageJson && packageJson.endsWith('package.json'));
 
-module.exports.isNpmOrYarn = isNpm || isNpm7 || isYarn;
-module.exports.isNpm = isNpm || isNpm7;
-module.exports.isYarn = isYarn;
+export const isNpm = isNpm6 || isNpm7;
+export const isYarn = Boolean(userAgent && userAgent.startsWith('yarn'));
+export const isNpmOrYarn = isNpm || isYarn;

package.json

 {
 	"name": "is-npm",
-	"version": "5.0.0",
+	"version": "6.0.0",
 	"description": "Check if your code is running as an npm script",
@@ -13,4 +13,6 @@ "license": "MIT",
 	},
+	"type": "module",
+	"exports": "./index.js",
 	"engines": {
-		"node": ">=10"
+		"node": "^12.20.0 || ^14.13.1 || >=16.0.0"
 	},
@@ -36,6 +38,6 @@ "scripts": {
 	"devDependencies": {
-		"ava": "^2.4.0",
-		"tsd": "^0.11.0",
-		"xo": "^0.30.0"
+		"ava": "^3.15.0",
+		"tsd": "^0.17.0",
+		"xo": "^0.44.0"
 	}
 }

readme.md

@@ -1,2 +0,2 @@
-# is-npm [![Build Status](https://travis-ci.com/sindresorhus/is-npm.svg?branch=master)](https://travis-ci.com/sindresorhus/is-npm)
+# is-npm
 
@@ -7,5 +7,5 @@ > Check if your code is running as an [npm](https://docs.npmjs.com/misc/scripts) or [yarn](https://yarnpkg.com/lang/en/docs/cli/run/) script
 
+```sh
+npm install is-npm
 ```
-$ npm install is-npm
-```
 
@@ -15,3 +15,3 @@ ## Usage
 ```js
-const {isNpmOrYarn, isNpm, isYarn} = require('is-npm');
+import {isNpmOrYarn, isNpm, isYarn} from 'is-npm';
 
@@ -18,0 +18,0 @@ console.table({isNpmOrYarn, isNpm, isYarn});

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Is type module

Yes

Worsened metrics

Total package byte prevSize

5036

decreased by-1.33%

Lines of code

41

decreased by-2.38%

Number of low supply chain risk alerts

2

increased byInfinity%

No dependency changes