npm-packlist
Advanced tools
Comparing version 1.4.1 to 1.4.2
14
index.js
@@ -93,2 +93,8 @@ 'use strict' | ||
onReaddir (entries) { | ||
if (!this.parent) | ||
entries = entries.filter(e => e !== '.git') | ||
return super.onReaddir(entries) | ||
} | ||
filterEntry (entry, partial) { | ||
@@ -151,2 +157,10 @@ // get the partial path from the root of the walk | ||
// also, don't ignore the package.json itself! | ||
// | ||
// Weird side-effect of this: a readme (etc) file will be included | ||
// if it exists anywhere within a folder with a package.json file. | ||
// The original intent was only to include these files in the root, | ||
// but now users in the wild are dependent on that behavior for | ||
// localized documentation and other use cases. Adding a `/` to | ||
// these rules, while tempting and arguably more "correct", is a | ||
// breaking change. | ||
const rules = [ | ||
@@ -153,0 +167,0 @@ pkg.browser ? '!' + pkg.browser : '', |
{ | ||
"name": "npm-packlist", | ||
"version": "1.4.1", | ||
"version": "1.4.2", | ||
"description": "Get a list of the files to add from a folder into an npm package", | ||
@@ -21,3 +21,3 @@ "directories": { | ||
"rimraf": "^2.6.1", | ||
"tap": "^12.0.1" | ||
"tap": "^11.1.5" | ||
}, | ||
@@ -28,3 +28,3 @@ "scripts": { | ||
"postversion": "npm publish", | ||
"postpublish": "git push origin --all; git push origin --tags" | ||
"postpublish": "git push origin --all --follow-tags" | ||
}, | ||
@@ -31,0 +31,0 @@ "repository": { |
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
12368
233
0