mocha
Advanced tools
Comparing version 9.2.1 to 9.2.2
@@ -228,14 +228,14 @@ 'use strict'; | ||
if (!map[pluginId]) { | ||
let foundId; | ||
try { | ||
map[pluginId] = require(pluginId); | ||
foundId = require.resolve(pluginId); | ||
map[pluginId] = require(foundId); | ||
} catch (err) { | ||
if (err.code === 'MODULE_NOT_FOUND') { | ||
// Try to load reporters from a path (absolute or relative) | ||
try { | ||
map[pluginId] = require(path.resolve(pluginId)); | ||
} catch (err) { | ||
throw createUnknownError(err); | ||
} | ||
} else { | ||
throw createUnknownError(err); | ||
if (foundId) throw createUnknownError(err); | ||
// Try to load reporters from a cwd-relative path | ||
try { | ||
map[pluginId] = require(path.resolve(pluginId)); | ||
} catch (e) { | ||
throw createUnknownError(e); | ||
} | ||
@@ -242,0 +242,0 @@ } |
@@ -19,3 +19,2 @@ 'use strict'; | ||
const { | ||
warn, | ||
createInvalidReporterError, | ||
@@ -339,31 +338,22 @@ createInvalidInterfaceError, | ||
if (!reporter) { | ||
let foundReporter; | ||
try { | ||
reporter = require(reporterName); | ||
foundReporter = require.resolve(reporterName); | ||
reporter = require(foundReporter); | ||
} catch (err) { | ||
if (err.code === 'MODULE_NOT_FOUND') { | ||
// Try to load reporters from a path (absolute or relative) | ||
try { | ||
reporter = require(path.resolve(utils.cwd(), reporterName)); | ||
} catch (_err) { | ||
_err.code === 'MODULE_NOT_FOUND' | ||
? warn(`'${reporterName}' reporter not found`) | ||
: warn( | ||
`'${reporterName}' reporter blew up with error:\n ${err.stack}` | ||
); | ||
} | ||
} else { | ||
warn(`'${reporterName}' reporter blew up with error:\n ${err.stack}`); | ||
if (foundReporter) { | ||
throw createInvalidReporterError(err.message, foundReporter); | ||
} | ||
// Try to load reporters from a cwd-relative path | ||
try { | ||
reporter = require(path.resolve(reporterName)); | ||
} catch (e) { | ||
throw createInvalidReporterError(e.message, reporterName); | ||
} | ||
} | ||
} | ||
if (!reporter) { | ||
throw createInvalidReporterError( | ||
`invalid reporter '${reporterName}'`, | ||
reporterName | ||
); | ||
} | ||
this._reporter = reporter; | ||
} | ||
this.options.reporterOption = reporterOptions; | ||
// alias option name is used in public reporters xunit/tap/progress | ||
// alias option name is used in built-in reporters xunit/tap/progress | ||
this.options.reporterOptions = reporterOptions; | ||
@@ -370,0 +360,0 @@ return this; |
@@ -658,3 +658,3 @@ 'use strict'; | ||
Runner.prototype.runTest = function (fn) { | ||
if (this._opts.dryRun) return fn(); | ||
if (this._opts.dryRun) return Runner.immediately(fn); | ||
@@ -661,0 +661,0 @@ var self = this; |
{ | ||
"name": "mocha", | ||
"version": "9.2.1", | ||
"version": "9.2.2", | ||
"type": "commonjs", | ||
"description": "simple, flexible, fun test framework", | ||
@@ -20,6 +21,2 @@ "keywords": [ | ||
], | ||
"funding": { | ||
"type": "opencollective", | ||
"url": "https://opencollective.com/mochajs" | ||
}, | ||
"author": "TJ Holowaychuk <tj@vision-media.ca>", | ||
@@ -34,2 +31,7 @@ "license": "MIT", | ||
}, | ||
"funding": { | ||
"type": "opencollective", | ||
"url": "https://opencollective.com/mochajs" | ||
}, | ||
"gitter": "https://gitter.im/mochajs/mocha", | ||
"homepage": "https://mochajs.org/", | ||
@@ -70,5 +72,5 @@ "logo": "https://cldup.com/S9uQ-cOLYz.svg", | ||
"log-symbols": "4.1.0", | ||
"minimatch": "3.0.4", | ||
"minimatch": "4.2.1", | ||
"ms": "2.1.3", | ||
"nanoid": "3.2.0", | ||
"nanoid": "3.3.1", | ||
"serialize-javascript": "6.0.0", | ||
@@ -197,3 +199,2 @@ "strip-json-comments": "3.1.1", | ||
}, | ||
"gitter": "https://gitter.im/mochajs/mocha", | ||
"husky": { | ||
@@ -200,0 +201,0 @@ "hooks": { |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
3907386
56251
26
3
+ Addedminimatch@3.1.24.2.1(transitive)
+ Addednanoid@3.3.1(transitive)
- Removedminimatch@3.0.4(transitive)
- Removednanoid@3.2.0(transitive)
Updatedminimatch@4.2.1
Updatednanoid@3.3.1