pacote - npm Package Compare versions
Comparing version 6.0.1 to 6.0.2
@@ -5,2 +5,17 @@ # Change Log | ||
| <a name="6.0.2"></a> | ||
| ## [6.0.2](https://github.com/zkat/pacote/compare/v6.0.1...v6.0.2) (2017-09-06) | ||
| ### Bug Fixes | ||
| * **extract:** preserve executable perms on extracted files ([19b3dfd](https://github.com/zkat/pacote/commit/19b3dfd)) | ||
| ### Performance Improvements | ||
| * replace some calls to .match() with .starts/endsWith() (#115) ([192a02f](https://github.com/zkat/pacote/commit/192a02f)) | ||
| <a name="6.0.1"></a> | ||
@@ -7,0 +22,0 @@ ## [6.0.1](https://github.com/zkat/pacote/compare/v6.0.0...v6.0.1) (2017-08-22) |
@@ -7,2 +7,8 @@ 'use strict' | ||
| module.exports = extractStream | ||
| module.exports._computeMode = computeMode | ||
| function computeMode (fileMode, optMode, umask) { | ||
| return (fileMode | optMode) & ~(umask || 0) | ||
| } | ||
| function extractStream (dest, opts) { | ||
@@ -20,5 +26,7 @@ opts = opts || {} | ||
| if (entry.type.toLowerCase() === 'file') { | ||
| entry.mode = opts.fmode & ~(opts.umask || 0) | ||
| entry.mode = computeMode(entry.mode, opts.fmode, opts.umask) | ||
| } else if (entry.type.toLowerCase() === 'directory') { | ||
| entry.mode = opts.dmode & ~(opts.umask || 0) | ||
| entry.mode = computeMode(entry.mode, opts.dmode, opts.umask) | ||
| } else { | ||
| entry.mode = computeMode(entry.mode, 0, opts.umask) | ||
| } | ||
@@ -25,0 +33,0 @@ |
@@ -28,2 +28,3 @@ 'use strict' | ||
| const GIT_ = 'GIT_' | ||
| let GITENV | ||
@@ -39,3 +40,3 @@ function gitEnv () { | ||
| Object.keys(process.env).forEach(k => { | ||
| if (GOOD_ENV_VARS.has(k) || !k.match(/^GIT_/)) { | ||
| if (GOOD_ENV_VARS.has(k) || !k.startsWith(GIT_)) { | ||
| GITENV[k] = process.env[k] | ||
@@ -98,2 +99,3 @@ } | ||
| const CARET_BRACES = '^{}' | ||
| const REVS = new LRU({ | ||
@@ -128,3 +130,3 @@ max: 100, | ||
| if (!ref) { return revs } // ??? | ||
| if (ref.match(/\^\{\}$/)) { return revs } // refs/tags/x^{} crap | ||
| if (ref.endsWith(CARET_BRACES)) { return revs } // refs/tags/x^{} crap | ||
| const type = refType(line) | ||
@@ -209,10 +211,13 @@ const doc = {sha, ref, type} | ||
| const REFS_TAGS = '/refs/tags/' | ||
| const REFS_HEADS = '/refs/heads/' | ||
| const HEAD = 'HEAD' | ||
| function refType (ref) { | ||
| return ref.match(/refs\/tags\/.*$/) | ||
| return ref.indexOf(REFS_TAGS) !== -1 | ||
| ? 'tag' | ||
| : ref.match(/refs\/heads\/.*$/) | ||
| : ref.indexOf(REFS_HEADS) !== -1 | ||
| ? 'branch' | ||
| : ref.match(/HEAD$/) | ||
| : ref.endsWith(HEAD) | ||
| ? 'head' | ||
| : 'other' | ||
| } |
| { | ||
| "name": "pacote", | ||
| "version": "6.0.1", | ||
| "version": "6.0.2", | ||
| "description": "JavaScript package downloader", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.91%
86808
- Lines of code
- increased by0.71%
1560
Worsened metrics
- Number of medium supply chain risk alerts
- increased by12.5%
9