npm-package-arg
Advanced tools
Comparing version 9.1.0 to 9.1.1
@@ -244,4 +244,6 @@ 'use strict' | ||
// turn file:/../foo into file:../foo | ||
if (/^\/\.\.?(\/|$)/.test(rawNoPrefix)) { | ||
const rawSpec = res.rawSpec.replace(/^file:\//, 'file:') | ||
// for 1, 2 or 3 leading slashes since we attempted | ||
// in the previous step to make it a file protocol url with a leading slash | ||
if (/^\/{1,3}\.\.?(\/|$)/.test(rawNoPrefix)) { | ||
const rawSpec = res.rawSpec.replace(/^file:\/{1,3}/, 'file:') | ||
resolvedUrl = new url.URL(rawSpec, `file://${path.resolve(where)}/`) | ||
@@ -248,0 +250,0 @@ specUrl = new url.URL(rawSpec) |
{ | ||
"name": "npm-package-arg", | ||
"version": "9.1.0", | ||
"version": "9.1.1", | ||
"description": "Parse the things that can be arguments to `npm install`", | ||
@@ -21,9 +21,6 @@ "main": "./lib/npa.js", | ||
"@npmcli/eslint-config": "^3.0.1", | ||
"@npmcli/template-oss": "3.5.0", | ||
"@npmcli/template-oss": "4.3.2", | ||
"tap": "^16.0.1" | ||
}, | ||
"scripts": { | ||
"preversion": "npm test", | ||
"postversion": "npm publish", | ||
"prepublishOnly": "git push origin --follow-tags", | ||
"test": "tap", | ||
@@ -50,11 +47,18 @@ "snap": "tap", | ||
"engines": { | ||
"node": "^12.13.0 || ^14.15.0 || >=16.0.0" | ||
"node": "^14.17.0 || ^16.13.0 || >=18.0.0" | ||
}, | ||
"tap": { | ||
"branches": 97 | ||
"branches": 97, | ||
"nyc-arg": [ | ||
"--exclude", | ||
"tap-snapshots/**" | ||
] | ||
}, | ||
"templateOSS": { | ||
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", | ||
"version": "3.5.0" | ||
"version": "4.3.2", | ||
"releaseBranches": [ | ||
"v9" | ||
] | ||
} | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
18630
367
1