npm-install-checks
Advanced tools
Comparing version 6.0.0 to 6.1.0
@@ -23,2 +23,4 @@ const semver = require('semver') | ||
const isMusl = (file) => file.includes('libc.musl-') || file.includes('ld-musl-') | ||
const checkPlatform = (target, force = false) => { | ||
@@ -34,3 +36,20 @@ if (force) { | ||
if (!osOk || !cpuOk) { | ||
let libcOk = true | ||
let libcFamily = null | ||
if (target.libc) { | ||
// libc checks only work in linux, any value is a failure if we aren't | ||
if (platform !== 'linux') { | ||
libcOk = false | ||
} else { | ||
const report = process.report.getReport() | ||
if (report.header?.glibcRuntimeVersion) { | ||
libcFamily = 'glibc' | ||
} else if (Array.isArray(report.sharedObjects) && report.sharedObjects.some(isMusl)) { | ||
libcFamily = 'musl' | ||
} | ||
libcOk = libcFamily ? checkList(libcFamily, target.libc) : false | ||
} | ||
} | ||
if (!osOk || !cpuOk || !libcOk) { | ||
throw Object.assign(new Error('Unsupported platform'), { | ||
@@ -41,2 +60,3 @@ pkgid: target._id, | ||
cpu: arch, | ||
libc: libcFamily, | ||
}, | ||
@@ -46,2 +66,3 @@ required: { | ||
cpu: target.cpu, | ||
libc: target.libc, | ||
}, | ||
@@ -48,0 +69,0 @@ code: 'EBADPLATFORM', |
{ | ||
"name": "npm-install-checks", | ||
"version": "6.0.0", | ||
"version": "6.1.0", | ||
"description": "Check the engines and platform fields in package.json", | ||
@@ -10,4 +10,4 @@ "main": "lib/index.js", | ||
"devDependencies": { | ||
"@npmcli/eslint-config": "^3.0.1", | ||
"@npmcli/template-oss": "4.5.1", | ||
"@npmcli/eslint-config": "^4.0.0", | ||
"@npmcli/template-oss": "4.12.0", | ||
"tap": "^16.0.1" | ||
@@ -43,3 +43,3 @@ }, | ||
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", | ||
"version": "4.5.1" | ||
"version": "4.12.0" | ||
}, | ||
@@ -46,0 +46,0 @@ "tap": { |
@@ -14,4 +14,3 @@ # npm-install-checks | ||
Check if node/npm version is supported by the package. If it isn't | ||
supported, an error is thrown. | ||
Check if a package's `engines.node` and `engines.npm` match the running system. | ||
@@ -26,4 +25,6 @@ `force` argument will override the node version check, but not the npm | ||
Check if OS/Arch is supported by the package. | ||
Check if a package's `os`, `cpu` and `libc` match the running system. | ||
`force` argument skips all checks. | ||
Error code: 'EBADPLATFORM' |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
5809
90
29
0