npm-install-checks
Advanced tools
npm-install-checks - npm Package Compare versions
Comparing version 6.0.0 to 6.1.0
@@ -23,2 +23,4 @@ const semver = require('semver') | ||
| const isMusl = (file) => file.includes('libc.musl-') || file.includes('ld-musl-') | ||
| const checkPlatform = (target, force = false) => { | ||
@@ -34,3 +36,20 @@ if (force) { | ||
| if (!osOk || !cpuOk) { | ||
| let libcOk = true | ||
| let libcFamily = null | ||
| if (target.libc) { | ||
| // libc checks only work in linux, any value is a failure if we aren't | ||
| if (platform !== 'linux') { | ||
| libcOk = false | ||
| } else { | ||
| const report = process.report.getReport() | ||
| if (report.header?.glibcRuntimeVersion) { | ||
| libcFamily = 'glibc' | ||
| } else if (Array.isArray(report.sharedObjects) && report.sharedObjects.some(isMusl)) { | ||
| libcFamily = 'musl' | ||
| } | ||
| libcOk = libcFamily ? checkList(libcFamily, target.libc) : false | ||
| } | ||
| } | ||
| if (!osOk || !cpuOk || !libcOk) { | ||
| throw Object.assign(new Error('Unsupported platform'), { | ||
@@ -41,2 +60,3 @@ pkgid: target._id, | ||
| cpu: arch, | ||
| libc: libcFamily, | ||
| }, | ||
@@ -46,2 +66,3 @@ required: { | ||
| cpu: target.cpu, | ||
| libc: target.libc, | ||
| }, | ||
@@ -48,0 +69,0 @@ code: 'EBADPLATFORM', |
| { | ||
| "name": "npm-install-checks", | ||
| "version": "6.0.0", | ||
| "version": "6.1.0", | ||
| "description": "Check the engines and platform fields in package.json", | ||
@@ -10,4 +10,4 @@ "main": "lib/index.js", | ||
| "devDependencies": { | ||
| "@npmcli/eslint-config": "^3.0.1", | ||
| "@npmcli/template-oss": "4.5.1", | ||
| "@npmcli/eslint-config": "^4.0.0", | ||
| "@npmcli/template-oss": "4.12.0", | ||
| "tap": "^16.0.1" | ||
@@ -43,3 +43,3 @@ }, | ||
| "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", | ||
| "version": "4.5.1" | ||
| "version": "4.12.0" | ||
| }, | ||
@@ -46,0 +46,0 @@ "tap": { |
@@ -14,4 +14,3 @@ # npm-install-checks | ||
| Check if node/npm version is supported by the package. If it isn't | ||
| supported, an error is thrown. | ||
| Check if a package's `engines.node` and `engines.npm` match the running system. | ||
@@ -26,4 +25,6 @@ `force` argument will override the node version check, but not the npm | ||
| Check if OS/Arch is supported by the package. | ||
| Check if a package's `os`, `cpu` and `libc` match the running system. | ||
| `force` argument skips all checks. | ||
| Error code: 'EBADPLATFORM' |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by14.44%
5809
- Lines of code
- increased by26.76%
90
- Number of lines in readme file
- increased by3.57%
29
- Number of medium supply chain risk alerts
- decreased by-100%
0