npm-packlist
Advanced tools
Comparing version 1.2.0 to 1.3.0
28
index.js
@@ -41,3 +41,9 @@ 'use strict' | ||
'package-lock.json', | ||
'yarn.lock', | ||
'archived-packages/**', | ||
'core', | ||
'*.core', | ||
'*.vgcore', | ||
'vgcore.*', | ||
'core.+([0-9])', | ||
] | ||
@@ -140,10 +146,18 @@ | ||
// if there's a browser or main, make sure we don't ignore it | ||
// if there's a bin, browser or main, make sure we don't ignore it | ||
const rules = [ | ||
pkg.browser ? '!' + pkg.browser : '', | ||
pkg.main ? '!' + pkg.main : '', | ||
'!@(readme|copying|license|licence|notice|changes|changelog|history){,.*}' | ||
].filter(f => f).join('\n') + '\n' | ||
super.onReadIgnoreFile(packageNecessaryRules, rules, _=>_) | ||
'!@(readme|copying|license|licence|notice|changes|changelog|history){,.*[^~$]}' | ||
] | ||
if (pkg.bin) | ||
if (typeof pkg.bin === "object") | ||
for (const key in pkg.bin) | ||
rules.push('!' + pkg.bin[key]) | ||
else | ||
rules.push('!' + pkg.bin) | ||
const data = rules.filter(f => f).join('\n') + '\n' | ||
super.onReadIgnoreFile(packageNecessaryRules, data, _=>_) | ||
if (Array.isArray(pkg.files)) | ||
@@ -168,3 +182,4 @@ super.onReadIgnoreFile('package.json', '*\n' + pkg.files.map( | ||
try { | ||
this.onPackageJson(file, JSON.parse(data), then) | ||
const ig = path.resolve(this.path, file) | ||
this.onPackageJson(ig, JSON.parse(data), then) | ||
} catch (er) { | ||
@@ -199,3 +214,3 @@ // ignore package.json files that are not json | ||
const p = new Promise((resolve, reject) => { | ||
const bw = new BundleWalker(options).start() | ||
const bw = new BundleWalker(options) | ||
bw.on('done', bundled => { | ||
@@ -206,2 +221,3 @@ options.bundled = bundled | ||
}) | ||
bw.start() | ||
}) | ||
@@ -208,0 +224,0 @@ return callback ? p.then(res => callback(null, res), callback) : p |
{ | ||
"name": "npm-packlist", | ||
"version": "1.2.0", | ||
"version": "1.3.0", | ||
"description": "Get a list of the files to add from a folder into an npm package", | ||
@@ -5,0 +5,0 @@ "directories": { |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
11666
215
1