onezip - npm Package Compare versions

Comparing version 4.2.3 to 5.0.0

lib/onezip.js

 'use strict';
 
-const fs = require('fs');
+const {
+    createReadStream,
+    createWriteStream,
+} = require('fs');
+const {
+    mkdir,
+    stat,
+    unlink,
+} = require('fs/promises');
 const path = require('path');
-const {stat, unlink} = fs.promises;
 const {EventEmitter} = require('events');
 const {inherits, promisify} = require('util');
 const assert = require('assert');
+
 const pipe = require('pipe-io');
 const tryToCatch = require('try-to-catch');
-
-const mkdirp = require('mkdirp');
 const yazl = require('yazl');
@@ -18,2 +24,4 @@ const yauzl = require('yauzl');
 
+const {dirname} = path;
+
 inherits(OneZip, EventEmitter);
@@ -158,3 +166,3 @@
     const streamFile = typeof _to === 'object' ?
-        _to : fs.createWriteStream(_to);
+        _to : createWriteStream(_to);
     
@@ -176,3 +184,3 @@ const [errorPipe] = await tryToCatch(pipe, [
 OneZip.prototype._createReadStream = function(filename, end) {
-    return fs.createReadStream(filename)
+    return createReadStream(filename)
         .on('error', (error) => {
@@ -248,3 +256,6 @@ this.emit('error', error);
             if (/\/$/.test(fileName)) {
-                const [e] = await tryToCatch(mkdirp, name);
+                const [e] = await tryToCatch(mkdir, name, {
+                    recursive: true,
+                });
+                
                 return fn(e);
@@ -254,3 +265,15 @@ }
             zipfile.openReadStream(entry, this._onOpenReadStream(async (readStream) => {
-                const [e] = await tryToCatch(this._writeFile, name, readStream);
+                let e;
+                [e] = await tryToCatch(mkdir, dirname(name), {
+                    recursive: true,
+                });
+                
+                if (e)
+                    return fn(e);
+                
+                [e] = await tryToCatch(pipe, [
+                    readStream,
+                    createWriteStream(name),
+                ]);
+                
                 fn(e);
@@ -266,10 +289,2 @@ }));
 
-OneZip.prototype._writeFile = async (fileName, readStream) => {
-    const writeStream = fs.createWriteStream(fileName);
-    await pipe([
-        readStream,
-        writeStream,
-    ]);
-};
-
 OneZip.prototype._progress = function() {
@@ -276,0 +291,0 @@ ++this._i;

package.json

 {
   "name": "onezip",
-  "version": "4.2.3",
+  "version": "5.0.0",
   "description": "pack and extract .zip archives with emitter",
@@ -13,2 +13,4 @@ "type": "commonjs",
     "lint": "madrun lint",
+    "fresh:lint": "madrun fresh:lint",
+    "lint:fresh": "madrun lint:fresh",
     "fix:lint": "madrun fix:lint",
@@ -26,3 +28,2 @@ "test": "madrun test",
     "glob": "^7.0.0",
-    "mkdirp": "^1.0.3",
     "pipe-io": "^4.0.0",
@@ -45,3 +46,3 @@ "try-to-catch": "^3.0.0",
     "nyc": "^15.0.0",
-    "putout": "^12.9.4",
+    "putout": "^13.1.2",
     "rimraf": "^3.0.0",
@@ -52,3 +53,3 @@ "supertape": "^4.1.0",
   "engines": {
-    "node": ">=10"
+    "node": ">=14"
   },
@@ -55,0 +56,0 @@ "repository": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

20829

increased by2.54%

Dependency count

8

decreased by-11.11%

Lines of code

371

increased by3.06%

Worsened metrics

Number of low supply chain risk alerts

2

increased by100%

Dependency changes

• - Removedmkdirp@^1.0.3

• - Removedmkdirp@1.0.4(transitive)