mounter - npm Package Compare versions
Comparing version 0.0.4 to 0.0.5
| { | ||
| "name": "mounter", | ||
| "version": "0.0.4", | ||
| "version": "0.0.5", | ||
| "main": "src/main.js", | ||
@@ -5,0 +5,0 @@ "description": "Install your subprojects from git endpoint into your project", |
@@ -16,3 +16,3 @@ mounter | ||
| ======= | ||
| Add components.json into your project folder. | ||
| Add mounter.json into your project folder. | ||
@@ -19,0 +19,0 @@ |
@@ -32,11 +32,13 @@ var async = require('async'), | ||
| prefix = path.resolve(process.cwd(), prefix); | ||
| config = require('./utils/conf').load(prefix + '/components.json') | ||
| if (available.indexOf(action) === -1) { | ||
| completed(new Error('Invalid action')); | ||
| if (!action && available.indexOf(action) === -1) { | ||
| console.log('Usage: mounter <command>'); | ||
| console.log('where <command> is one of:', available.join(', ')); | ||
| completed(null); | ||
| return; | ||
| } | ||
| prefix = path.resolve(process.cwd(), prefix); | ||
| config = require('./utils/conf').load(prefix + '/mounter.json') | ||
| execute(action, completed); | ||
| } |
| exports['config should have correct endpoint for private git endpoint'] = function(test) { | ||
| var config = require('../src/utils/conf').load(__dirname + '/misc/components')['app']; | ||
| var config = require('../src/utils/conf').load(__dirname + '/misc/mounter')['app']; | ||
@@ -12,3 +12,3 @@ test.ok(typeof config.endpoint === 'object', 'have endpoint object') | ||
| exports['config should have correct endpoint for github'] = function(test) { | ||
| var config = require('../src/utils/conf').load(__dirname + '/misc/components')['jquery']; | ||
| var config = require('../src/utils/conf').load(__dirname + '/misc/mounter')['jquery']; | ||
@@ -15,0 +15,0 @@ console.log(config); |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Fixed alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-42.86%
4
Worsened metrics
- Total package byte prevSize
- decreased by-86.65%
12450
- Number of package files
- decreased by-11.11%
16
- Lines of code
- decreased by-87.3%
260