node-hooks
Advanced tools
node-hooks - npm Package Compare versions
+1
-1
@@ -24,3 +24,3 @@ var fs = require("fs"); | ||
| console.log(">> "+"Has hooks been merged into this branch?".blue); | ||
| process.exit(1); | ||
| process.exit(0); | ||
| } | ||
@@ -27,0 +27,0 @@ else{ |
+11
-4
@@ -36,6 +36,13 @@ #!/usr/bin/env node | ||
| else{ | ||
| var pack = require(process.cwd()+"/package.json"); | ||
| if(pack.name=="node-hooks" && fs.existsSync(process.cwd()+"/bin/hooks.js")){ | ||
| //console.log("local"); | ||
| spawn("node "+process.cwd()+"/bin/hooks.js"); | ||
| var packPath = process.cwd()+"/package.json"; | ||
| if(fs.existsSync(packPath)){ | ||
| var pack = require(packPath); | ||
| if(pack.name=="node-hooks" && fs.existsSync(process.cwd()+"/bin/hooks.js")){ | ||
| //console.log("local"); | ||
| spawn("node "+process.cwd()+"/bin/hooks.js"); | ||
| } | ||
| else{ | ||
| //console.log("global"); | ||
| spawn("hooks"); | ||
| } | ||
| } | ||
@@ -42,0 +49,0 @@ else{ |
+1
-1
| { | ||
| "name": "node-hooks", | ||
| "version": "0.0.6", | ||
| "version": "0.0.7", | ||
| "preferGlobal": true, | ||
@@ -5,0 +5,0 @@ "description": "An NPM for git hooks.", |
+5
-0
@@ -129,1 +129,6 @@ # Hooks | ||
| * Started move towards using spawn rather than exec from child_process. | ||
| ### 0.0.7 | ||
| * Update to shell script to avoid failure if package.json is not found. | ||
| * Update to run, not exiting if hooks.json can't be found. |
New alerts
AI-detected potential malware
Supply chain riskAI has identified this package as malware. This is a strong signal that the package may be malicious.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 3 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 3 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
48554
0.55%- Number of lines in readme file
134
3.88%- Number of low supply chain risk alerts
25
-3.85%Worsened metrics
- Number of high supply chain risk alerts
2
100%