pacote
Advanced tools
Comparing version 13.0.6 to 13.1.0
@@ -108,2 +108,5 @@ // This is the base class that the other fetcher types in lib | ||
// config values: npmjs (default), never | ||
this.replaceRegistryHost = opts.replaceRegistryHost === 'never' ? 'never' : 'npmjs' | ||
this.defaultTag = opts.defaultTag || 'latest' | ||
@@ -110,0 +113,0 @@ this.registry = removeTrailingSlashes(opts.registry || 'https://registry.npmjs.org') |
@@ -16,3 +16,5 @@ const Fetcher = require('./fetcher.js') | ||
this.resolved = this.spec.fetchSpec | ||
if (magic.test(this.resolved) && !magic.test(this.registry + '/')) { | ||
if (this.replaceRegistryHost === 'npmjs' | ||
&& magic.test(this.resolved) | ||
&& !magic.test(this.registry + '/')) { | ||
this.resolved = this.resolved.replace(magic, this.registry + '/') | ||
@@ -19,0 +21,0 @@ } |
{ | ||
"name": "pacote", | ||
"version": "13.0.6", | ||
"version": "13.1.0", | ||
"description": "JavaScript package downloader", | ||
@@ -32,2 +32,3 @@ "author": "GitHub Inc.", | ||
"mutate-fs": "^2.1.1", | ||
"nock": "^13.2.4", | ||
"npm-registry-mock": "^1.3.1", | ||
@@ -34,0 +35,0 @@ "tap": "^16.0.1" |
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
67237
1422
7
4