node-gyp - npm Package Compare versions

Comparing version 3.0.3 to 3.1.0

CHANGELOG.md

@@ -0,1 +1,11 @@
+v3.1.0 2015-11-14
+
+* [[`9049241f91`](https://github.com/nodejs/node-gyp/commit/9049241f91)] - **gyp**: don't use links at all, just copy the files instead (Nathan Zadoks)
+* [[`8ef90348d1`](https://github.com/nodejs/node-gyp/commit/8ef90348d1)] - **gyp**: apply https://codereview.chromium.org/11361103/ (Nathan Rajlich)
+* [[`a2ed0df84e`](https://github.com/nodejs/node-gyp/commit/a2ed0df84e)] - **gyp**: always install into $PRODUCT_DIR (Nathan Rajlich)
+* [[`cc8b2fa83e`](https://github.com/nodejs/node-gyp/commit/cc8b2fa83e)] - Update gyp to b3cef02. (Imran Iqbal) [#781](https://github.com/nodejs/node-gyp/pull/781)
+* [[`f5d86eb84e`](https://github.com/nodejs/node-gyp/commit/f5d86eb84e)] - Update to tar@2.0.0. (Edgar Muentes) [#797](https://github.com/nodejs/node-gyp/pull/797)
+* [[`2ac7de02c4`](https://github.com/nodejs/node-gyp/commit/2ac7de02c4)] - Fix infinite loop with zero-length options. (Ben Noordhuis) [#745](https://github.com/nodejs/node-gyp/pull/745)
+* [[`101bed639b`](https://github.com/nodejs/node-gyp/commit/101bed639b)] - This platform value came from debian package, and now the value (Jérémy Lal) [#738](https://github.com/nodejs/node-gyp/pull/738)
+
 v3.0.3 2015-09-14
@@ -2,0 +12,0 @@

gyp/buildbot/commit_queue/cq_config.json

@@ -6,3 +6,2 @@ {
                 "gyp-presubmit": ["defaulttests"],
-                "gyp-android": ["defaulttests"],
                 "gyp-linux": ["defaulttests"],
@@ -9,0 +8,0 @@ "gyp-mac": ["defaulttests"],

lib/build.js

@@ -24,3 +24,3 @@
     , makeCommand = gyp.opts.make || process.env.MAKE
-      || (process.platform.indexOf('bsd') != -1 && process.platform.indexOf('kfreebsd') == -1 ? 'gmake' : 'make')
+      || (process.platform.indexOf('bsd') != -1 ? 'gmake' : 'make')
     , command = win ? 'msbuild' : makeCommand
@@ -27,0 +27,0 @@ , buildDir = path.resolve('build')

lib/node-gyp.js

@@ -167,3 +167,5 @@
       name = name.substring(npm_config_prefix.length)
-      this.opts[name] = val
+      // gyp@741b7f1 enters an infinite loop when it encounters
+      // zero-length options so ensure those don't get through.
+      if (name) this.opts[name] = val
     }
@@ -170,0 +172,0 @@ }, this)

package.json

@@ -14,3 +14,3 @@ {
   ],
-  "version": "3.0.3",
+  "version": "3.1.0",
   "installVersion": 9,
@@ -38,3 +38,3 @@ "author": "Nathan Rajlich <nathan@tootallnate.net> (http://tootallnate.net)",
     "semver": "2.x || 3.x || 4 || 5",
-    "tar": "^1.0.0",
+    "tar": "^2.0.0",
     "which": "1"
@@ -41,0 +41,0 @@ },

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 3 instances in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1585825

increased by0.58%

Number of package files

101

increased by1%

Lines of code

1872

increased by0.86%

Worsened metrics

Number of low supply chain risk alerts

26

increased by13.04%

Dependency changes

• + Addedtar@2.2.2(transitive)

• - Removedtar@1.0.3(transitive)

• Updatedtar@^2.0.0