Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

npm-only-allow

Package Overview
Dependencies
Maintainers
1
Versions
22
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

npm-only-allow

Specification package manager

  • 1.2.3
  • unpublished
  • npm
  • Socket score

Version published
Weekly downloads
11K
decreased by-34.16%
Maintainers
1
Weekly downloads
 
Created
Source

npm-only-allow

The hook about preinstall of npm behaves inconsistently across package managers.

The existing solution (only-allow) is not working well.

The npm-only-allow goal is to fix them.

Usage

Add a preinstall script to your project's package.json.

If you want to force npm|cnpm|pnpm|yarn, add:
(If you want to smooth out the difference, you also need to add it in the startup script)

{
  "scripts": {
    "preinstall": "npx npm-only-allow@latest --PM yarn",
    "start": "npx npm-only-allow@latest && vite"
  }
}

Params

  • PM

    Set the package manager

  • lang (en or zh)

    Set the language category for error messages to be output , Default to English

Sample environment

node v14.19.0
npm v8.11.0
yarn v1.22.19
pnpm v7.2.7
cnpm v9.0.1

Tips

If you are using 'cnpm' as your package manager, try pressing the space bar if loading is going on

Testing process

This is the testing process after the development is complete

You just have to choose one or the other

Let's take yarn for example

{
  "scripts": {
    "preinstall": "npx npm-only-allow@latest --PM yarn",
    "start": "npx npm-only-allow@latest && vite"
  }
}
  • step 1
  /**
   *  pnpm i | cnpm i | npm i 
   *  => [npm-only-allow]:当前运行的(pnpm)包管理器与设置的(yarn)不一致
   */
  • step 2
  /**
   *  yarn
   *  => success
   */
  • step 3
  /**
   *  cnpm i lodash | pnpm i lodash | cnpm i lodash
   *  => success
   */
  • step 4
  /**
   *  yarn start
   *  => [npm-only-allow]:检测到您可能使用了不匹配的包管理器安装了依赖(lodash),请卸载或使用正确的管理器安装后重试
   */
  • step 5
  /**
   *  yarn add lodash
   *  => success
   */
  • step 6
  /**
   *  cnpm start
   *  => success
   */
  • step 7
  /**
   *  yarn add moment
   *  => success
   */
  • step 8
  /**
   *  cnpm i jquery | pnpm i jquery | npm i jquery
   *  => 关闭正在运行的线程
   *  => [npm-only-allow]:检测到您可能使用了不匹配的包管理器安装了依赖(jquery),请卸载或使用正确的管理器安装后重试
   */

License

MIT

Keywords

FAQs

Package last updated on 20 Feb 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc