node-pre-gyp
Advanced tools
node-pre-gyp - npm Package Compare versions
Comparing version 0.5.5 to 0.5.6
| # node-pre-gyp changelog | ||
| ## 0.5.6 | ||
| - Added support for versioning on the `name` value in `package.json` (#57). | ||
| - Moved to using streams for reading tarball when publishing (#52) | ||
| ## 0.5.5 | ||
@@ -4,0 +9,0 @@ |
@@ -41,3 +41,3 @@ | ||
| var s3_obj_opts = { ACL: config.acl, | ||
| Body: fs.readFileSync(tarball), | ||
| Body: fs.createReadStream(tarball), | ||
| Bucket: config.bucket, | ||
@@ -44,0 +44,0 @@ Key: key_name |
@@ -62,2 +62,5 @@ | ||
| } | ||
| if (!package_json.name) { | ||
| missing.push('name'); | ||
| } | ||
| if (!package_json.binary) { | ||
@@ -120,3 +123,4 @@ missing.push('binary'); | ||
| var opts = { | ||
| configuration: (options.debug === true) ? 'Debug' : 'Release' | ||
| name: package_json.name | ||
| , configuration: (options.debug === true) ? 'Debug' : 'Release' | ||
| , module_name: package_json.binary.module_name | ||
@@ -123,0 +127,0 @@ , version: module_version.version |
| { | ||
| "name": "node-pre-gyp", | ||
| "description": "Node.js native addon binary install tool", | ||
| "version": "0.5.5", | ||
| "version": "0.5.6", | ||
| "keywords": [ | ||
@@ -6,0 +6,0 @@ "native", |
@@ -131,3 +131,3 @@ # node-pre-gyp | ||
| It **is recommended** that you customize this property. This is an extra path to use for publishing and finding remote tarballs. The default value for `remote_path` is `""` meaning that if you do not provide it then all packages will be published at the base of the `host`. It is recommended to provide a value like `./{module_name}/v{version}` to help organize remote packages in the case that you choose to publish multiple node addons to the same `host`. | ||
| It **is recommended** that you customize this property. This is an extra path to use for publishing and finding remote tarballs. The default value for `remote_path` is `""` meaning that if you do not provide it then all packages will be published at the base of the `host`. It is recommended to provide a value like `./{name}/v{version}` to help organize remote packages in the case that you choose to publish multiple node addons to the same `host`. | ||
@@ -134,0 +134,0 @@ Note: This property supports variables based on [Versioning](#versioning). |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Number of high supply chain risk alerts
- decreased by-100%
0
- Number of low supply chain risk alerts
- decreased by-15.62%
27
- Number of medium supply chain risk alerts
- decreased by-66.67%
3
Worsened metrics
- Total package byte prevSize
- decreased by-28%
68203
- Number of package files
- decreased by-60.61%
26
- Lines of code
- decreased by-8.85%
1400