npm-install-security-check
Advanced tools
Comparing version 1.0.2 to 1.0.3
#! /usr/bin/env node | ||
var warn = require('cli-color').yellow | ||
var msg = 'Warning: You are running "npm install" with scripts enabled which is a potential security risk.\n' + | ||
@@ -10,2 +8,2 @@ 'You should run npm install with the --ignore-scripts flag or update your npm config via:\n\n' + | ||
console.log(warn(msg)) | ||
console.log(msg) |
{ | ||
"name": "npm-install-security-check", | ||
"version": "1.0.2", | ||
"version": "1.0.3", | ||
"description": "Warn users when they are running npm install with scripts enabled", | ||
@@ -9,6 +9,3 @@ "scripts": { | ||
"author": "Matthew Dahl (https://github.com/sandersky)", | ||
"license": "MIT", | ||
"dependencies": { | ||
"cli-color": "^1.1.0" | ||
} | ||
"license": "MIT" | ||
} |
Trivial Package
Supply chain riskPackages less than 10 lines of code are easily copied into your own project and may not warrant the additional supply chain risk of an external dependency.
Found 1 instance in 1 package
Trivial Package
Supply chain riskPackages less than 10 lines of code are easily copied into your own project and may not warrant the additional supply chain risk of an external dependency.
Found 1 instance in 1 package
0
1319
6
- Removedcli-color@^1.1.0
- Removedansi-regex@2.1.1(transitive)
- Removedcli-color@1.4.0(transitive)
- Removedd@1.0.2(transitive)
- Removedes5-ext@0.10.64(transitive)
- Removedes6-iterator@2.0.3(transitive)
- Removedes6-symbol@3.1.4(transitive)
- Removedes6-weak-map@2.0.3(transitive)
- Removedesniff@2.0.1(transitive)
- Removedevent-emitter@0.3.5(transitive)
- Removedext@1.7.0(transitive)
- Removedis-promise@2.2.2(transitive)
- Removedlru-queue@0.1.0(transitive)
- Removedmemoizee@0.4.17(transitive)
- Removednext-tick@1.1.0(transitive)
- Removedtimers-ext@0.1.8(transitive)
- Removedtype@2.7.3(transitive)