lavamoat-core - npm Package Compare versions

Comparing version 2.0.0 to 2.0.1

package.json

 {
   "name": "lavamoat-core",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "description": "LavaMoat kernel and utils",
@@ -19,3 +19,2 @@ "main": "src/index.js",
     "lavamoat-tofu": "^2.0.9",
-    "module-name-from-path": "^1.0.4",
     "resolve": "^1.15.1",
@@ -53,3 +52,3 @@ "resolve-package-path": "^2.0.0",
   },
-  "gitHead": "308a4822fb7629d5ef1e3758c691fec535d9c501"
+  "gitHead": "75b6fe60cfa00aaede97a62c80b59c0f92d164c0"
 }

src/packageData.js

@@ -0,3 +1,4 @@
+'use strict'
+const path = require('path')
 const through = require('through2').obj
-const packageNameFromPath = require('module-name-from-path')
 const resolvePackagePath = require('resolve-package-path')
@@ -62,1 +63,13 @@ const pathSeperator = require('path').sep
 }
+
+function packageNameFromPath (file) {
+  const segments = file.split(path.sep)
+  const index = segments.lastIndexOf('node_modules')
+  if (index === -1) return
+  let moduleName = segments[index + 1]
+  // check for scoped modules
+  if (moduleName[0] === '@') {
+    moduleName = segments[index + 1] + path.sep + segments[index + 2]
+  }
+  return moduleName
+}

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

256609

increased by0.12%

Dependency count

9

decreased by-10%

Lines of code

4689

increased by0.24%

Number of low supply chain risk alerts

6

decreased by-14.29%

Dependency changes

• - Removedmodule-name-from-path@^1.0.4

• - Removedmodule-name-from-path@1.0.4(transitive)