Socket
Socket
Sign inDemoInstall

normalize-package-data

Package Overview
Dependencies
12
Maintainers
6
Versions
58
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 3.0.3 to 4.0.0

21

lib/fixer.js

@@ -11,2 +11,4 @@ var isValidSemver = require('semver/functions/valid')

var isEmail = str => str.includes('@') && (str.indexOf('@') < str.lastIndexOf('.'))
module.exports = {

@@ -131,3 +133,3 @@ // default warning function

}
if (Object.prototype.hasOwnProperty.call(data.dependencies, bd)) {
if (!Object.prototype.hasOwnProperty.call(data.dependencies, bd)) {
this.warn('nonDependencyBundleDependency', bd)

@@ -218,3 +220,3 @@ data.dependencies[bd] = '*'

if (typeof options === 'boolean') {
options = {strict: options}
options = { strict: options }
} else if (typeof options === 'undefined') {

@@ -267,12 +269,11 @@ options = {}

if (hosted && hosted.bugs()) {
data.bugs = {url: hosted.bugs()}
data.bugs = { url: hosted.bugs() }
}
} else if (data.bugs) {
var emailRe = /^.+@.*\..+$/
if (typeof data.bugs === 'string') {
if (emailRe.test(data.bugs)) {
data.bugs = {email: data.bugs}
if (isEmail(data.bugs)) {
data.bugs = { email: data.bugs }
/* eslint-disable-next-line node/no-deprecated-api */
} else if (url.parse(data.bugs).protocol) {
data.bugs = {url: data.bugs}
data.bugs = { url: data.bugs }
} else {

@@ -294,3 +295,3 @@ this.warn('nonEmailUrlBugsString')

if (oldBugs.email) {
if (typeof (oldBugs.email) === 'string' && emailRe.test(oldBugs.email)) {
if (typeof (oldBugs.email) === 'string' && isEmail(oldBugs.email)) {
data.bugs.email = oldBugs.email

@@ -407,4 +408,4 @@ } else {

var name = person.match(/^([^(<]+)/)
var url = person.match(/\(([^)]+)\)/)
var email = person.match(/<([^>]+)>/)
var url = person.match(/\(([^()]+)\)/)
var email = person.match(/<([^<>]+)>/)
var obj = {}

@@ -411,0 +412,0 @@ if (name && name[0].trim()) {

41

package.json
{
"name": "normalize-package-data",
"version": "3.0.3",
"author": "Meryn Stol <merynstol@gmail.com>",
"version": "4.0.0",
"author": "GitHub Inc.",
"description": "Normalizes data that can be found in package.json files.",

@@ -16,27 +16,38 @@ "license": "BSD-2-Clause",

"preversion": "npm test",
"test": "tap test/*.js --branches 85 --functions 90 --lines 85 --statements 85",
"test": "tap",
"npmclilint": "npmcli-lint",
"lint": "npm run npmclilint -- \"lib/**/*.*js\" \"test/**/*.*js\"",
"lint": "eslint '**/*.js'",
"lintfix": "npm run lint -- --fix",
"posttest": "npm run lint --",
"postsnap": "npm run lintfix --"
"posttest": "npm run lint",
"postsnap": "npm run lintfix --",
"postlint": "npm-template-check",
"template-copy": "npm-template-copy --force",
"snap": "tap"
},
"dependencies": {
"hosted-git-info": "^4.0.1",
"is-core-module": "^2.5.0",
"semver": "^7.3.4",
"validate-npm-package-license": "^3.0.1"
"hosted-git-info": "^5.0.0",
"is-core-module": "^2.8.1",
"semver": "^7.3.5",
"validate-npm-package-license": "^3.0.4"
},
"devDependencies": {
"@npmcli/lint": "^1.0.2",
"@npmcli/template-oss": "^2.9.2",
"tap": "^15.0.9"
},
"files": [
"lib/*.js",
"lib/*.json",
"AUTHORS"
"bin",
"lib"
],
"engines": {
"node": ">=10"
"node": "^12.13.0 || ^14.15.0 || >=16"
},
"templateOSS": {
"version": "2.9.2"
},
"tap": {
"branches": 86,
"functions": 92,
"lines": 86,
"statements": 86
}
}

6

README.md

@@ -57,3 +57,3 @@ # normalize-package-data

If the supplied data has an invalid name or version vield, `normalizeData` will throw an error. Depending on where you call `normalizeData`, you may want to catch these errors so can pass them to a callback.
If the supplied data has an invalid name or version field, `normalizeData` will throw an error. Depending on where you call `normalizeData`, you may want to catch these errors so can pass them to a callback.

@@ -74,3 +74,3 @@ ## What normalization (currently) entails

* As of v2: Dependencies that point at known hosted git providers (currently: github, bitbucket, gitlab) will have their URLs canonicalized, but protocols will be preserved.
* As of v2: Dependencies that use shortcuts for hosted git providers (`org/proj`, `github:org/proj`, `bitbucket:org/proj`, `gitlab:org/proj`, `gist:docid`) will have the shortcut left in place. (In the case of github, the `org/proj` form will be expanded to `github:org/proj`.) THIS MARKS A BREAKING CHANGE FROM V1, where the shorcut was previously expanded to a URL.
* As of v2: Dependencies that use shortcuts for hosted git providers (`org/proj`, `github:org/proj`, `bitbucket:org/proj`, `gitlab:org/proj`, `gist:docid`) will have the shortcut left in place. (In the case of github, the `org/proj` form will be expanded to `github:org/proj`.) THIS MARKS A BREAKING CHANGE FROM V1, where the shortcut was previously expanded to a URL.
* If `description` field does not exist, but `readme` field does, then (more or less) the first paragraph of text that's found in the readme is taken as value for `description`.

@@ -105,3 +105,3 @@ * If `repository` field is a string, it will become an object with `url` set to the original string value, and `type` set to `"git"`.

This package contains code based on read-package-json written by Isaac Z. Schlueter. Used with permisson.
This package contains code based on read-package-json written by Isaac Z. Schlueter. Used with permission.

@@ -108,0 +108,0 @@ ## License

AUTHORS
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc