npm-packlist
Advanced tools
Comparing version 2.1.4 to 2.1.5
@@ -185,2 +185,9 @@ 'use strict' | ||
try { | ||
// XXX this could be changed to use read-package-json-fast | ||
// which handles the normalizing of bins for us, and simplifies | ||
// the test for bundleDependencies and bundledDependencies later. | ||
// HOWEVER if we do this, we need to be sure that we're careful | ||
// about what we write back out since rpj-fast removes some fields | ||
// that the user likely wants to keep. it also would add a second | ||
// file read that we would want to optimize away. | ||
pkg = normalizePackageBin(JSON.parse(pkg.toString())) | ||
@@ -206,3 +213,3 @@ } catch (er) { | ||
// include it here. | ||
if (pkg.bundleDependencies && entries.includes('node_modules')) | ||
if ((pkg.bundleDependencies || pkg.bundledDependencies) && entries.includes('node_modules')) | ||
pkg.files.push('node_modules') | ||
@@ -209,0 +216,0 @@ |
{ | ||
"name": "npm-packlist", | ||
"version": "2.1.4", | ||
"version": "2.1.5", | ||
"description": "Get a list of the files to add from a folder into an npm package", | ||
@@ -23,3 +23,3 @@ "directories": { | ||
"require-inject": "^1.4.4", | ||
"tap": "^14.10.7" | ||
"tap": "^14.10.8" | ||
}, | ||
@@ -26,0 +26,0 @@ "scripts": { |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
23618
423
1