pacote
Advanced tools
Comparing version 13.0.6 to 13.1.0
@@ -108,2 +108,5 @@ // This is the base class that the other fetcher types in lib | ||
| // config values: npmjs (default), never | ||
| this.replaceRegistryHost = opts.replaceRegistryHost === 'never' ? 'never' : 'npmjs' | ||
| this.defaultTag = opts.defaultTag || 'latest' | ||
@@ -110,0 +113,0 @@ this.registry = removeTrailingSlashes(opts.registry || 'https://registry.npmjs.org') |
@@ -16,3 +16,5 @@ const Fetcher = require('./fetcher.js') | ||
| this.resolved = this.spec.fetchSpec | ||
| if (magic.test(this.resolved) && !magic.test(this.registry + '/')) { | ||
| if (this.replaceRegistryHost === 'npmjs' | ||
| && magic.test(this.resolved) | ||
| && !magic.test(this.registry + '/')) { | ||
| this.resolved = this.resolved.replace(magic, this.registry + '/') | ||
@@ -19,0 +21,0 @@ } |
| { | ||
| "name": "pacote", | ||
| "version": "13.0.6", | ||
| "version": "13.1.0", | ||
| "description": "JavaScript package downloader", | ||
@@ -32,2 +32,3 @@ "author": "GitHub Inc.", | ||
| "mutate-fs": "^2.1.1", | ||
| "nock": "^13.2.4", | ||
| "npm-registry-mock": "^1.3.1", | ||
@@ -34,0 +35,0 @@ "tap": "^16.0.1" |
New alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.31%
67237
- Lines of code
- increased by0.28%
1422
Worsened metrics
- Dev dependency count
- increased by16.67%
7
- Number of medium supply chain risk alerts
- increased by33.33%
4
No dependency changes