Join our webinar on Wednesday, June 26, at 1pm EDTHow Chia Mitigates Risk in the Crypto Industry.Register →
npm-run-path
Advanced tools
Comparing version 1.0.0 to 2.0.0
34
index.js
| 'use strict'; | ||
| var path = require('path'); | ||
| var pathKey = require('path-key'); | ||
| const path = require('path'); | ||
| const pathKey = require('path-key'); | ||
| module.exports = function (opts) { | ||
| opts = opts || {}; | ||
| module.exports = opts => { | ||
| opts = Object.assign({ | ||
| cwd: process.cwd(), | ||
| path: process.env[pathKey()] | ||
| }, opts); | ||
| var prev; | ||
| var pth = path.resolve(opts.cwd || '.'); | ||
| let prev; | ||
| let pth = path.resolve(opts.cwd); | ||
| const ret = []; | ||
| var ret = []; | ||
| while (prev !== pth) { | ||
@@ -22,3 +24,17 @@ ret.push(path.join(pth, 'node_modules/.bin')); | ||
| return ret.concat(opts.path || process.env[pathKey()]).join(path.delimiter); | ||
| return ret.concat(opts.path).join(path.delimiter); | ||
| }; | ||
| module.exports.env = opts => { | ||
| opts = Object.assign({ | ||
| env: Object.assign({}, process.env) | ||
| }, opts); | ||
| const path = pathKey(); | ||
| const env = opts.env; | ||
| opts.path = env[path]; | ||
| env[path] = module.exports(opts); | ||
| return env; | ||
| }; |
| { | ||
| "name": "npm-run-path", | ||
| "version": "1.0.0", | ||
| "version": "2.0.0", | ||
| "description": "Get your PATH prepended with locally installed binaries", | ||
@@ -13,3 +13,3 @@ "license": "MIT", | ||
| "engines": { | ||
| "node": ">=0.10.0" | ||
| "node": ">=4" | ||
| }, | ||
@@ -37,3 +37,3 @@ "scripts": { | ||
| "dependencies": { | ||
| "path-key": "^1.0.0" | ||
| "path-key": "^2.0.0" | ||
| }, | ||
@@ -43,3 +43,6 @@ "devDependencies": { | ||
| "xo": "*" | ||
| }, | ||
| "xo": { | ||
| "esnext": true | ||
| } | ||
| } |
@@ -29,5 +29,3 @@ # npm-run-path [](https://travis-ci.org/sindresorhus/npm-run-path) | ||
| childProcess.execFileSync('foo', { | ||
| env: { | ||
| PATH: npmRunPath() | ||
| } | ||
| env: npmRunPath.env() | ||
| }); | ||
@@ -45,3 +43,3 @@ ``` | ||
| Type: `string` | ||
| Type: `string`<br> | ||
| Default: `process.cwd()` | ||
@@ -53,3 +51,3 @@ | ||
| Type: `string` | ||
| Type: `string`<br> | ||
| Default: [`PATH`](https://github.com/sindresorhus/path-key) | ||
@@ -60,3 +58,20 @@ | ||
| ### npmRunPath.env([options]) | ||
| #### options | ||
| ##### cwd | ||
| Type: `string`<br> | ||
| Default: `process.cwd()` | ||
| Working directory. | ||
| ##### env | ||
| Type: `Object` | ||
| Accepts an object of environment variables, like `process.env`, and modifies the PATH using the correct [PATH key](https://github.com/sindresorhus/path-key). Use this if you're modifying the PATH for use in the `child_process` options. | ||
| ## Related | ||
@@ -70,2 +85,2 @@ | ||
| MIT © [Sindre Sorhus](http://sindresorhus.com) | ||
| MIT © [Sindre Sorhus](https://sindresorhus.com) |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by17.48%
4524
- Lines of code
- increased by76.47%
30
- Number of lines in readme file
- increased by22.39%
82
Worsened metrics
- Number of low supply chain risk alerts
- increased by50%
3
Dependency changes
+ Addedpath-key@2.0.1(transitive)
- Removedpath-key@1.0.0(transitive)
Updatedpath-key@^2.0.0