New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

javy-cli

Package Overview
Dependencies
Maintainers
0
Versions
14
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

javy-cli - npm Package Compare versions

Comparing version

0.2.0
to
3.0.1

6

CHANGELOG.md

@@ -10,2 +10,8 @@ # Changelog

## [3.0.1] - 2024-08-13
### Changed
- Download version 3.0.1 of Javy instead of the latest released version of Javy.
## [0.2.0] - 2023-08-17

@@ -12,0 +18,0 @@

37

index.js

@@ -13,10 +13,10 @@ #!/usr/bin/env node

const NAME = "javy";
const VERSION = "v3.0.1";
async function main() {
try {
const version = await getDesiredVersionNumber();
if (!(await isBinaryDownloaded(version))) {
await downloadBinary(version);
if (!(await isBinaryDownloaded(VERSION))) {
await downloadBinary(VERSION);
}
const result = childProcess.spawnSync(binaryPath(version), getArgs(), {
const result = childProcess.spawnSync(binaryPath(VERSION), getArgs(), {
stdio: "inherit",

@@ -34,3 +34,3 @@ });

console.error(`${NAME} was not downloaded correctly. Please retry.`);
fs.unlinkSync(binaryPath(version));
fs.unlinkSync(binaryPath(VERSION));
}

@@ -85,29 +85,2 @@ } catch (e) {

/**
* getDesiredVersionNumber returns the version number of the release that
* should be downloaded and launched. If the FORCE_RELEASE env variable is set,
* that will be used as the desired version number, if not, we determine the
* latest release available on GitHub.
*
* GitHub has a public Release API, but rate limits it per IP, so that the
* CLI can end up breaking. Instead, we use a little trick. You can download
* artifacts from the latest release by using `latest` as your version number.
* The server will respond with a 302 redirect to the artifact's URL. That URL
* contains the actual release version number, which we can extract.
*/
async function getDesiredVersionNumber() {
if (process.env.FORCE_RELEASE) return process.env.FORCE_RELEASE;
const resp = await fetch(
`https://github.com/${REPO}/releases/latest/download/lol`,
{ redirect: "manual" }
);
if (resp.status != 302) {
throw Error(
`Could not determine latest release using the GitHub (Status code ${resp.status
}): ${await resp.text().catch(() => "<No error message>")}`
);
}
return resp.headers.get("location").split("/").at(-2);
}
function binaryUrl(version) {

@@ -114,0 +87,0 @@ return `https://github.com/${REPO}/releases/download/${version}/${NAME}-${platarch()}-${version}.gz`;

2

package.json
{
"name": "javy-cli",
"version": "0.2.0",
"version": "3.0.1",
"description": "",

@@ -5,0 +5,0 @@ "main": "index.js",

20

README.md

@@ -1,6 +0,8 @@

# Javy npm package
# javy-cli npm package
**This package is deprecated. Please download the appropriate release from [Javy's release page](https://github.com/bytecodealliance/javy/releases).**
This is the npm package for Javy. The package contains a small Node script
that downloads the appropriate Javy binary on demand and invokes it with the
parameters given.
parameters given.

@@ -16,15 +18,1 @@ ## Usage

```
## Updating javy
The npm package will automatically download the newest version of Javy if a
newer version is available.
## Using a specific version of javy
To use a specific version of Javy, set the environment variable
`FORCE_RELEASE` to the version you would like to use.
```
FORCE_RELEASE=v1.1.0 npx javy-cli@latest
```