node-gyp-build
Advanced tools
Comparing version 4.2.1 to 4.2.2
@@ -60,9 +60,11 @@ #!/usr/bin/env node | ||
| function buildFromSource () { | ||
| return hasFlag('--build-from-source') | ||
| return hasFlag('--build-from-source') || process.env.npm_config_build_from_source === 'true' | ||
| } | ||
| function verbose () { | ||
| return hasFlag('--verbose') | ||
| return hasFlag('--verbose') || process.env.npm_config_loglevel === 'verbose' | ||
| } | ||
| // TODO (next major): remove in favor of env.npm_config_* which works since npm | ||
| // 0.1.8 while npm_config_argv will stop working in npm 7. See npm/rfcs#90 | ||
| function hasFlag (flag) { | ||
@@ -69,0 +71,0 @@ if (!process.env.npm_config_argv) return false |
| { | ||
| "name": "node-gyp-build", | ||
| "version": "4.2.1", | ||
| "version": "4.2.2", | ||
| "description": "Build tool and bindings loader for node-gyp that supports prebuilds", | ||
@@ -9,3 +9,3 @@ "main": "index.js", | ||
| "standard": "^14.0.0", | ||
| "tape": "^4.10.1" | ||
| "tape": "^5.0.0" | ||
| }, | ||
@@ -12,0 +12,0 @@ "scripts": { |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.31%
11431
- Lines of code
- increased by0.92%
219
Worsened metrics
- Number of low supply chain risk alerts
- increased by13.33%
17
No dependency changes