kubo
Advanced tools
Comparing version 0.22.0 to 0.23.0-rc1
{ | ||
"name": "kubo", | ||
"version": "0.22.0", | ||
"version": "0.23.0-rc1", | ||
"description": "Install the latest Kubo (go-ipfs) binary", | ||
@@ -5,0 +5,0 @@ "main": "src/index.js", |
@@ -1,7 +0,20 @@ | ||
# npm-kubo | ||
<h1 align="center"> | ||
<br> | ||
<a href="https://docs.ipfs.tech/how-to/command-line-quick-start/"><img src="https://user-images.githubusercontent.com/157609/250148884-d6d12db8-fdcf-4be3-8546-2550b69845d8.png" alt="Kubo logo" title="Kubo logo" width="200"></a> | ||
<br> | ||
Kubo: IPFS Implementation in GO | ||
<br> | ||
<br> | ||
</h1> | ||
[![](https://img.shields.io/badge/project-IPFS-blue.svg?style=flat-square)](https://ipfs.tech/) | ||
[![standard-readme compliant](https://img.shields.io/badge/standard--readme-OK-green.svg?style=flat-square)](https://github.com/RichardLitt/standard-readme) | ||
<h4 align="center">Install <a href="https://github.com/ipfs/kubo">Kubo</a> (previously known as "go-ipfs") from <a href="https://www.npmjs.com/package/kubo">NPM</a></h4> | ||
> install [Kubo](https://github.com/ipfs/kubo) (previously known as "kubo") from npm | ||
<p align="center"> | ||
<a href="https://ipfs.tech"><img src="https://img.shields.io/badge/project-IPFS-blue.svg?style=flat-square" alt="Official Part of IPFS Project"></a> | ||
<a href="https://discuss.ipfs.tech"><img alt="Discourse Forum" src="https://img.shields.io/discourse/posts?server=https%3A%2F%2Fdiscuss.ipfs.tech"></a> | ||
<a href="https://matrix.to/#/#ipfs-space:ipfs.io"><img alt="Matrix" src="https://img.shields.io/matrix/ipfs-space%3Aipfs.io?server_fqdn=matrix.org"></a> | ||
<a href="https://github.com/ipfs/npm-kubo/actions"><img src="https://img.shields.io/github/actions/workflow/status/ipfs/npm-kubo/main.yml?branch=master" alt="ci"></a> | ||
<a href="https://www.npmjs.com/package/kubo"><img src="https://img.shields.io/npm/v/kubo" alt="npm version"></a> | ||
<a href="https://www.npmjs.com/package/kubo"><img src="https://img.shields.io/npm/dm/kubo.svg" alt="npm downloads"></a> | ||
</p> | ||
@@ -19,3 +32,3 @@ ## Table of Contents | ||
Install the latest [Kubo](https://github.com/ipfs/kubo/) (kubo) binary: | ||
Install the latest [Kubo](https://github.com/ipfs/kubo/) (go-ipfs) binary: | ||
@@ -52,3 +65,3 @@ ```sh | ||
Downloaded archives are placed in OS-specific cache directory which can be customized by setting `NPM_GO_IPFS_CACHE` in env. | ||
Downloaded archives are placed in OS-specific cache directory which can be customized by setting `NPM_KUBO_CACHE` in env. | ||
@@ -55,0 +68,0 @@ ### Overriding with `KUBO_BINARY` env |
@@ -36,3 +36,3 @@ 'use strict' | ||
async function cachingFetchAndVerify (url) { | ||
const cacheDir = process.env.NPM_GO_IPFS_CACHE || cachedir('npm-kubo') | ||
const cacheDir = process.env.NPM_KUBO_CACHE || process.env.NPM_GO_IPFS_CACHE || cachedir('npm-kubo') | ||
const filename = url.split('/').pop() | ||
@@ -128,3 +128,3 @@ | ||
arch: process.env.TARGET_ARCH || arch || goenv.GOARCH, | ||
distUrl: process.env.GO_IPFS_DIST_URL || conf.distUrl, | ||
distUrl: process.env.KUBO_DIST_URL || process.env.GO_IPFS_DIST_URL || conf.distUrl, | ||
installPath: installPath ? path.resolve(installPath) : process.cwd() | ||
@@ -131,0 +131,0 @@ } |
@@ -29,5 +29,17 @@ 'use strict' | ||
test('Returns an error when dist url is 404', async (t) => { | ||
test('Returns an error when KUBO_DIST_URL is 404', async (t) => { | ||
await clean() | ||
process.env.KUBO_DIST_URL = 'https://dist.ipfs.tech/notfound' | ||
await t.rejects(download(), /404/) | ||
delete process.env.KUBO_DIST_URL | ||
t.end() | ||
}) | ||
test('Returns an error when legacy GO_IPFS_DIST_URL is 404', async (t) => { | ||
await clean() | ||
process.env.GO_IPFS_DIST_URL = 'https://dist.ipfs.tech/notfound' | ||
@@ -42,2 +54,3 @@ | ||
test('Path returns undefined when no binary has been downloaded', async (t) => { | ||
@@ -44,0 +57,0 @@ await clean() |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
21261
402
131
2
21