next - npm Package Compare versions

Comparing version 0.2.4 to 0.2.5

lib/get-require.js

@@ -5,26 +5,64 @@ // Return require function for given path
 
-var fs    = require('fs')
-  , path  = require('path')
-  , ptrim = require('./path/trim')
-  , copy  = require('./fs/copy-sync')
+var defineProperty = Object.defineProperty
+  , Module         = require('module')
+  , fs             = require('fs')
+  , path           = require('path')
+  , ptrim          = require('./path/trim')
 
-  , stat = fs.statSync, unlink = fs.unlinkSync
-  , getDirname = path.dirname
+  , stat = fs.statSync
+  , getDirname = path.dirname, nodeCache = Module._cache
 
-  , cache = {}, tplPath = __dirname + '/get-require.tpl';
+  , cache = {}, getFromNodeCache;
 
+getFromNodeCache = function (module) {
+	var require;
+	if (module.require) {
+		// >= v0.5
+		require = function (path) {
+			return module.require(path);
+		};
+		defineProperty(require, 'paths', { get: function () {
+			throw new Error('require.paths is removed. Use ' +
+				'node_modules folders, or the NODE_PATH '+
+				'environment variable instead.');
+		}});
+	} else {
+		// <= v0.4
+		require = function (path) {
+			return Module._load(path, module);
+		};
+		require.paths = Module._paths;
+	}
+	require.extensions = Module._extensions;
+	require.registerExtension = function() {
+		throw new Error('require.registerExtension() removed. Use ' +
+			'require.extensions instead.');
+	};
+	require.main = process.mainModule;
+	require.cache = nodeCache;
+	require.resolve = function(request) {
+		return Module._resolveFilename(request, module)[1];
+	}
+
+	return require;
+};
+
 module.exports = function (filename) {
-	var dirname, stats, path;
+	var dirname, stats, path, id, fmodule;
 	filename = ptrim(filename);
-	if (!cache[filename]) {
-		stats = stat(filename);
-		dirname = stats.isDirectory() ? filename : getDirname(filename);
-		if (!cache[dirname]) {
-			copy(tplPath, path = dirname + '/__get-require.next.js');
-			cache[dirname] = require(path);
-			unlink(path);
-		}
-		cache[filename] = cache[dirname];
+	if (cache[filename]) {
+		return cache[filename];
 	}
-	return cache[filename];
+	if ((fmodule = nodeCache[filename])) {
+		return cache[filename] = getFromNodeCache(fmodule);
+	}
+
+	stats = stat(filename);
+	dirname = stats.isDirectory() ? filename : getDirname(filename);
+	id = dirname + '/__get-require.next.js';
+	fmodule = new Module(id, module);
+	fmodule.filename = id;
+	fmodule.paths = Module._nodeModulePaths(dirname);
+	fmodule.loaded = true;
+	return cache[filename] = getFromNodeCache(fmodule);
 };

package.json

 {
 	"name": "next",
-	"version": "0.2.4",
+	"version": "0.2.5",
 	"description": "Node.js extensions",
@@ -5,0 +5,0 @@ "keywords": ["node", "nodejs", "node.js", "extensions", "addons", "extras"],

New alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Fixed alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

21399

6.09%

Lines of code

655

5.65%

Number of medium supply chain risk alerts

2

-33.33%

Worsened metrics

Number of low supply chain risk alerts

25

4.17%

No dependency changes