node-pre-gyp
Advanced tools
Comparing version 0.5.5 to 0.5.6
# node-pre-gyp changelog | ||
## 0.5.6 | ||
- Added support for versioning on the `name` value in `package.json` (#57). | ||
- Moved to using streams for reading tarball when publishing (#52) | ||
## 0.5.5 | ||
@@ -4,0 +9,0 @@ |
@@ -41,3 +41,3 @@ | ||
var s3_obj_opts = { ACL: config.acl, | ||
Body: fs.readFileSync(tarball), | ||
Body: fs.createReadStream(tarball), | ||
Bucket: config.bucket, | ||
@@ -44,0 +44,0 @@ Key: key_name |
@@ -62,2 +62,5 @@ | ||
} | ||
if (!package_json.name) { | ||
missing.push('name'); | ||
} | ||
if (!package_json.binary) { | ||
@@ -120,3 +123,4 @@ missing.push('binary'); | ||
var opts = { | ||
configuration: (options.debug === true) ? 'Debug' : 'Release' | ||
name: package_json.name | ||
, configuration: (options.debug === true) ? 'Debug' : 'Release' | ||
, module_name: package_json.binary.module_name | ||
@@ -123,0 +127,0 @@ , version: module_version.version |
{ | ||
"name": "node-pre-gyp", | ||
"description": "Node.js native addon binary install tool", | ||
"version": "0.5.5", | ||
"version": "0.5.6", | ||
"keywords": [ | ||
@@ -6,0 +6,0 @@ "native", |
@@ -131,3 +131,3 @@ # node-pre-gyp | ||
It **is recommended** that you customize this property. This is an extra path to use for publishing and finding remote tarballs. The default value for `remote_path` is `""` meaning that if you do not provide it then all packages will be published at the base of the `host`. It is recommended to provide a value like `./{module_name}/v{version}` to help organize remote packages in the case that you choose to publish multiple node addons to the same `host`. | ||
It **is recommended** that you customize this property. This is an extra path to use for publishing and finding remote tarballs. The default value for `remote_path` is `""` meaning that if you do not provide it then all packages will be published at the base of the `host`. It is recommended to provide a value like `./{name}/v{version}` to help organize remote packages in the case that you choose to publish multiple node addons to the same `host`. | ||
@@ -134,0 +134,0 @@ Note: This property supports variables based on [Versioning](#versioning). |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
0
27
3
68203
26
1400