pnpm - npm Package Compare versions
Comparing version 0.0.1 to 0.16.0
| { | ||
| "name": "pnpm", | ||
| "version": "0.0.1", | ||
| "description": "pnpm ====", | ||
| "main": "./lib/index.js", | ||
| "scripts": { | ||
| "test": "echo \"Error: no test specified\" && exit 1" | ||
| "description": "A fast implementation of npm install", | ||
| "version": "0.16.0", | ||
| "author": "Rico Sta. Cruz <rico@ricostacruz.com>", | ||
| "bin": { | ||
| "pnpm": "bin/pnpm", | ||
| "pnpm-install": "bin/pnpm-install" | ||
| }, | ||
| "bugs": { | ||
| "url": "https://github.com/rstacruz/pnpm/issues" | ||
| }, | ||
| "files": [ | ||
| "lib", | ||
| "bin" | ||
| ], | ||
| "dependencies": { | ||
| "bluebird": "3.2.1", | ||
| "byline": "4.2.1", | ||
| "chalk": "1.1.1", | ||
| "commondir": "1.0.1", | ||
| "debug": "2.2.0", | ||
| "got": "5.4.1", | ||
| "gunzip-maybe": "1.3.1", | ||
| "meow": "3.7.0", | ||
| "mkdirp": "0.5.1", | ||
| "mz": "2.3.0", | ||
| "node-gyp": "3.2.1", | ||
| "node-uuid": "1.4.7", | ||
| "npm-package-arg": "4.1.0", | ||
| "object-assign": "4.0.1", | ||
| "observatory": "1.0.0", | ||
| "rc": "1.1.6", | ||
| "read-pkg-up": "1.0.1", | ||
| "registry-url": "3.0.3", | ||
| "rimraf": "2.5.1", | ||
| "semver": "5.1.0", | ||
| "supports-color": "^3.1.2", | ||
| "tar-fs": "1.9.0", | ||
| "thenify": "3.1.1", | ||
| "throat": "2.0.2" | ||
| }, | ||
| "devDependencies": { | ||
| "babel-cli": "6.4.5", | ||
| "babel-plugin-transform-es2015-arrow-functions": "6.3.13", | ||
| "babel-plugin-transform-es2015-literals": "6.3.13", | ||
| "docpress": "0.6.10", | ||
| "eslint": "1.10.3", | ||
| "eslint-config-standard": "4.4.0", | ||
| "eslint-plugin-standard": "1.3.1", | ||
| "git-update-ghpages": "1.3.0", | ||
| "in-publish": "2.0.0", | ||
| "nixt": "0.5.0", | ||
| "npm": "3.6.0", | ||
| "sepia": "2.0.1", | ||
| "tap-spec": "4.1.1", | ||
| "tape": "4.4.0", | ||
| "tape-eslint": "1.2.1" | ||
| }, | ||
| "directories": { | ||
| "test": "test" | ||
| }, | ||
| "homepage": "https://github.com/rstacruz/pnpm#readme", | ||
| "keywords": [ | ||
| "install", | ||
| "npm" | ||
| ], | ||
| "license": "MIT", | ||
| "main": "index.js", | ||
| "preferGlobal": true, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "https://github.com/classdojo/pnpm.git" | ||
| "url": "git+https://github.com/rstacruz/pnpm.git" | ||
| }, | ||
| "author": "", | ||
| "license": "BSD", | ||
| "readmeFilename": "README.md", | ||
| "gitHead": "7e9b4f5d66eecc2f0ee1940ebfe9dca6658f14ed" | ||
| "scripts": { | ||
| "build": "if [ ! -d lib~ ]; then mv lib lib~; babel --source-maps inline -D lib~ -d lib; fi", | ||
| "test": "node test | tap-spec", | ||
| "test:babel": "babel-node test | tap-spec", | ||
| "prepublish": "if in-publish; then npm run build; fi", | ||
| "postpublish": "rm -rf lib; mv lib~ lib" | ||
| }, | ||
| "babel": { | ||
| "plugins": [ | ||
| "transform-es2015-arrow-functions", | ||
| "transform-es2015-literals" | ||
| ] | ||
| } | ||
| } |
@@ -1,4 +0,93 @@ | ||
| pnpm | ||
| ==== | ||
| # pnpm | ||
| private npm repository | ||
| <!-- {.massive-header.-with-tagline} --> | ||
| > Performant npm installations | ||
| pnpm is a fast implementation of `npm install`. It is loosely based off [ied]. | ||
|  | ||
| [](https://badge.fury.io/js/pnpm) | ||
| [](https://travis-ci.org/rstacruz/pnpm "See test builds") | ||
| ---- | ||
| > #### ⚠ Name change | ||
| > The npm package was changed from `pnpm.js` (0.15 and below) to `pnpm`. The old package will no longer be updated. For old users, uninstall the old version and install the new one: | ||
| > | ||
| > npm uninstall -g pnpm.js | ||
| > npm install -g pnpm | ||
| ---- | ||
| ## Install | ||
| Install it via npm. | ||
| ``` | ||
| npm install -g pnpm | ||
| ``` | ||
| Use `pnpm` in place of `npm`. It overrides `pnpm i` and `pnpm install`—all other commands will passthru to `npm`. | ||
| ``` | ||
| pnpm install lodash | ||
| ``` | ||
| ## Custom registries | ||
| pnpm uses whatever npm's configured to use as its registry. See: [custom registries](docs/custom-registries.md). | ||
| ## Preview release | ||
| `pnpm` will stay in `<1.0.0` until it's achieved feature parity with `npm install`. See [roadmap](docs/roadmap.md) for details. | ||
| ## Benchmark | ||
| ``` | ||
| time npm i babel-preset-es2015 browserify chalk debug minimist mkdirp | ||
| 66.15 real 15.60 user 3.54 sys | ||
| ``` | ||
| ``` | ||
| time pnpm i babel-preset-es2015 browserify chalk debug minimist mkdirp | ||
| 11.04 real 6.85 user 2.85 sys | ||
| ``` | ||
| ## Design | ||
| `pnpm` maintains a flat storage of all your dependencies in `node_modules/.store`. They are then symlinked whereever they're needed. | ||
| See [store layout](docs/store-layout.md) for an explanation. | ||
| ``` | ||
| . | ||
| └─ node_modules/ | ||
| ├─ .store/ | ||
| │ ├─ chalk@1.1.1/_/ | ||
| │ │ └─ node_modules/ | ||
| │ │ ├─ ansi-styles -> ../../../ansi-styles@2.1.0/_ | ||
| │ │ └─ has-ansi -> ../../../has-ansi@2.0.0/_ | ||
| │ ├─ ansi-styles@2.1.0/_/ | ||
| │ └─ has-ansi@2.0.0/_/ | ||
| └─ chalk -> .store/chalk@1.1.1/_ | ||
| ``` | ||
| ## Prior art | ||
| * [Compared to ied](docs/vs-ied.md) | ||
| * [Compared to npm](docs/vs-npm.md) | ||
| ## Thanks | ||
| **pnpm** © 2016+, Rico Sta. Cruz. Released under the [MIT] License.<br> | ||
| Authored and maintained by Rico Sta. Cruz with help from contributors ([list][contributors]). | ||
| > [ricostacruz.com](http://ricostacruz.com) · | ||
| > GitHub [@rstacruz](https://github.com/rstacruz) · | ||
| > Twitter [@rstacruz](https://twitter.com/rstacruz) | ||
| [MIT]: http://mit-license.org/ | ||
| [contributors]: http://github.com/rstacruz/pnpm/contributors | ||
| [ied]: https://github.com/alexanderGugel/ied |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 5 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
Misc. License Issues
License(Experimental) A package's licensing information has fine-grained problems.
Found 1 instance in 1 package
No contributors or author data
MaintenancePackage does not specify a list of contributors or an author in package.json.
Found 1 instance in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
No License Found
License(Experimental) License information could not be found.
Found 1 instance in 1 package
No tests
QualityPackage does not have any tests. This is a strong signal of a poorly maintained or low quality package.
Found 1 instance in 1 package
No website
QualityPackage does not have a website.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by28369.4%
146048
- Number of package files
- increased by1066.67%
35
- Number of low license alerts
- decreased by-100%
0
- Number of medium license alerts
- decreased by-100%
0
- Lines of code
- increased byInfinity%
1103
- Number of low maintenance alerts
- decreased by-100%
0
- Number of low quality alerts
- decreased by-66.67%
1
- Number of lines in readme file
- increased by2250%
94
Worsened metrics
- Dependency count
- increased byInfinity%
24
- Dev dependency count
- increased byInfinity%
15
- Number of low supply chain risk alerts
- increased byInfinity%
7
- Number of medium supply chain risk alerts
- increased by300%
4
Dependency changes
+ Addedbluebird@3.2.1
+ Addedbyline@4.2.1
+ Addedchalk@1.1.1
+ Addedcommondir@1.0.1
+ Addeddebug@2.2.0
+ Addedgot@5.4.1
+ Addedgunzip-maybe@1.3.1
+ Addedmeow@3.7.0
+ Addedmkdirp@0.5.1
+ Addedmz@2.3.0
+ Addednode-gyp@3.2.1
+ Addednode-uuid@1.4.7
+ Addednpm-package-arg@4.1.0
+ Addedobject-assign@4.0.1
+ Addedobservatory@1.0.0
+ Addedrc@1.1.6
+ Addedread-pkg-up@1.0.1
+ Addedregistry-url@3.0.3
+ Addedrimraf@2.5.1
+ Addedsemver@5.1.0
+ Addedsupports-color@^3.1.2
+ Addedtar-fs@1.9.0
+ Addedthenify@3.1.1
+ Addedthroat@2.0.2
+ Addedabbrev@1.1.1(transitive)
+ Addedajv@6.12.6(transitive)
+ Addedansi@0.3.1(transitive)
+ Addedansi-escapes@1.4.0(transitive)
+ Addedansi-regex@2.1.1(transitive)
+ Addedansi-styles@2.2.1(transitive)
+ Addedany-promise@0.2.0(transitive)
+ Addedare-we-there-yet@1.0.6(transitive)
+ Addedarray-find-index@1.0.2(transitive)
+ Addedarray-index@1.0.0(transitive)
+ Addedasn1@0.2.6(transitive)
+ Addedassert-plus@1.0.0(transitive)
+ Addedasynckit@0.4.0(transitive)
+ Addedaws-sign2@0.7.0(transitive)
+ Addedaws4@1.13.2(transitive)
+ Addedbalanced-match@1.0.2(transitive)
+ Addedbcrypt-pbkdf@1.0.2(transitive)
+ Addedbl@1.2.3(transitive)
+ Addedblock-stream@0.0.9(transitive)
+ Addedbluebird@3.2.1(transitive)
+ Addedbrace-expansion@1.1.11(transitive)
+ Addedbrowserify-zlib@0.1.4(transitive)
+ Addedbuffer-alloc@1.2.0(transitive)
+ Addedbuffer-alloc-unsafe@1.1.0(transitive)
+ Addedbuffer-fill@1.0.0(transitive)
+ Addedbuffer-from@1.1.2(transitive)
+ Addedbyline@4.2.1(transitive)
+ Addedcamelcase@2.1.1(transitive)
+ Addedcamelcase-keys@2.1.0(transitive)
+ Addedcapture-stack-trace@1.0.2(transitive)
+ Addedcaseless@0.12.0(transitive)
+ Addedchalk@1.1.1(transitive)
+ Addedcombined-stream@1.0.8(transitive)
+ Addedcommondir@1.0.1(transitive)
+ Addedconcat-map@0.0.1(transitive)
+ Addedcore-util-is@1.0.21.0.3(transitive)
+ Addedcreate-error-class@2.0.1(transitive)
+ Addedcurrently-unhandled@0.4.1(transitive)
+ Addedd@1.0.2(transitive)
+ Addeddashdash@1.14.1(transitive)
+ Addeddebug@2.2.0(transitive)
+ Addeddecamelize@1.2.0(transitive)
+ Addeddeep-extend@0.4.2(transitive)
+ Addeddelayed-stream@1.0.0(transitive)
+ Addeddelegates@1.0.0(transitive)
+ Addedduplexer2@0.1.4(transitive)
+ Addedduplexify@3.7.1(transitive)
+ Addedecc-jsbn@0.1.2(transitive)
+ Addedend-of-stream@1.4.4(transitive)
+ Addederror-ex@1.3.2(transitive)
+ Addedes5-ext@0.10.64(transitive)
+ Addedes6-iterator@2.0.3(transitive)
+ Addedes6-symbol@3.1.4(transitive)
+ Addedescape-string-regexp@1.0.5(transitive)
+ Addedesniff@2.0.1(transitive)
+ Addedevent-emitter@0.3.5(transitive)
+ Addedext@1.7.0(transitive)
+ Addedextend@3.0.2(transitive)
+ Addedextsprintf@1.3.0(transitive)
+ Addedfast-deep-equal@3.1.3(transitive)
+ Addedfast-json-stable-stringify@2.1.0(transitive)
+ Addedfind-up@1.1.2(transitive)
+ Addedforever-agent@0.6.1(transitive)
+ Addedform-data@2.3.3(transitive)
+ Addedfs-constants@1.0.0(transitive)
+ Addedfstream@1.0.12(transitive)
+ Addedfunction-bind@1.1.2(transitive)
+ Addedgauge@1.2.7(transitive)
+ Addedget-stdin@4.0.1(transitive)
+ Addedgetpass@0.1.7(transitive)
+ Addedglob@4.5.36.0.4(transitive)
+ Addedgot@5.4.1(transitive)
+ Addedgraceful-fs@4.2.11(transitive)
+ Addedgunzip-maybe@1.3.1(transitive)
+ Addedhar-schema@2.0.0(transitive)
+ Addedhar-validator@5.1.5(transitive)
+ Addedhas-ansi@2.0.0(transitive)
+ Addedhas-flag@1.0.0(transitive)
+ Addedhas-unicode@2.0.1(transitive)
+ Addedhasown@2.0.2(transitive)
+ Addedhosted-git-info@2.8.9(transitive)
+ Addedhttp-signature@1.2.0(transitive)
+ Addedindent-string@2.1.0(transitive)
+ Addedinflight@1.0.6(transitive)
+ Addedinherits@2.0.4(transitive)
+ Addedini@1.3.8(transitive)
+ Addedis-arrayish@0.2.1(transitive)
+ Addedis-core-module@2.15.1(transitive)
+ Addedis-deflate@1.0.0(transitive)
+ Addedis-finite@1.1.0(transitive)
+ Addedis-gzip@1.0.0(transitive)
+ Addedis-plain-obj@1.1.0(transitive)
+ Addedis-redirect@1.0.0(transitive)
+ Addedis-retry-allowed@1.2.0(transitive)
+ Addedis-stream@1.1.0(transitive)
+ Addedis-typedarray@1.0.0(transitive)
+ Addedis-utf8@0.2.1(transitive)
+ Addedisarray@0.0.11.0.0(transitive)
+ Addedisexe@2.0.0(transitive)
+ Addedisstream@0.1.2(transitive)
+ Addedjsbn@0.1.1(transitive)
+ Addedjson-schema@0.4.0(transitive)
+ Addedjson-schema-traverse@0.4.1(transitive)
+ Addedjson-stringify-safe@5.0.1(transitive)
+ Addedjsprim@1.4.2(transitive)
+ Addedload-json-file@1.1.0(transitive)
+ Addedlodash@3.10.1(transitive)
+ Addedlodash.pad@4.5.1(transitive)
+ Addedlodash.padend@4.6.1(transitive)
+ Addedlodash.padstart@4.6.1(transitive)
+ Addedloud-rejection@1.6.0(transitive)
+ Addedlowercase-keys@1.0.1(transitive)
+ Addedlru-cache@2.7.3(transitive)
+ Addedmap-obj@1.0.1(transitive)
+ Addedmeow@3.7.0(transitive)
+ Addedmime-db@1.52.0(transitive)
+ Addedmime-types@2.1.35(transitive)
+ Addedminimatch@1.0.02.0.103.1.2(transitive)
+ Addedminimist@0.0.81.2.8(transitive)
+ Addedmkdirp@0.5.1(transitive)
+ Addedms@0.7.1(transitive)
+ Addedmz@2.3.0(transitive)
+ Addednative-or-bluebird@1.2.0(transitive)
+ Addednext-tick@1.1.0(transitive)
+ Addednode-gyp@3.2.1(transitive)
+ Addednode-status-codes@1.0.0(transitive)
+ Addednode-uuid@1.4.7(transitive)
+ Addednopt@3.0.6(transitive)
+ Addednormalize-package-data@2.5.0(transitive)
+ Addednpm-package-arg@4.1.0(transitive)
+ Addednpmlog@1.2.1(transitive)
+ Addedoauth-sign@0.9.0(transitive)
+ Addedobject-assign@4.0.1(transitive)
+ Addedobject-keys@0.4.0(transitive)
+ Addedobservatory@1.0.0(transitive)
+ Addedonce@1.4.0(transitive)
+ Addedos-homedir@1.0.2(transitive)
+ Addedos-tmpdir@1.0.2(transitive)
+ Addedosenv@0.1.5(transitive)
+ Addedpako@0.2.9(transitive)
+ Addedparse-json@2.2.0(transitive)
+ Addedpath-array@1.0.1(transitive)
+ Addedpath-exists@2.1.0(transitive)
+ Addedpath-is-absolute@1.0.1(transitive)
+ Addedpath-parse@1.0.7(transitive)
+ Addedpath-type@1.1.0(transitive)
+ Addedpeek-stream@1.1.3(transitive)
+ Addedperformance-now@2.1.0(transitive)
+ Addedpify@2.3.0(transitive)
+ Addedpinkie@2.0.4(transitive)
+ Addedpinkie-promise@2.0.1(transitive)
+ Addedprepend-http@1.0.4(transitive)
+ Addedprocess-nextick-args@2.0.1(transitive)
+ Addedpsl@1.9.0(transitive)
+ Addedpump@1.0.32.0.1(transitive)
+ Addedpumpify@1.5.1(transitive)
+ Addedpunycode@2.3.1(transitive)
+ Addedqs@6.5.3(transitive)
+ Addedrc@1.1.6(transitive)
+ Addedread-all-stream@3.1.0(transitive)
+ Addedread-pkg@1.1.0(transitive)
+ Addedread-pkg-up@1.0.1(transitive)
+ Addedreadable-stream@1.0.342.3.8(transitive)
+ Addedredent@1.0.0(transitive)
+ Addedregistry-url@3.0.3(transitive)
+ Addedrepeating@2.0.1(transitive)
+ Addedrequest@2.88.2(transitive)
+ Addedresolve@1.22.8(transitive)
+ Addedrimraf@2.5.1(transitive)
+ Addedsafe-buffer@5.1.2(transitive)
+ Addedsafer-buffer@2.1.2(transitive)
+ Addedsemver@5.1.0(transitive)
+ Addedsigmund@1.0.1(transitive)
+ Addedsignal-exit@3.0.7(transitive)
+ Addedspdx-correct@3.2.0(transitive)
+ Addedspdx-exceptions@2.5.0(transitive)
+ Addedspdx-expression-parse@3.0.1(transitive)
+ Addedspdx-license-ids@3.0.20(transitive)
+ Addedsshpk@1.18.0(transitive)
+ Addedstream-shift@1.0.3(transitive)
+ Addedstring_decoder@0.10.311.1.1(transitive)
+ Addedstrip-ansi@3.0.1(transitive)
+ Addedstrip-bom@2.0.0(transitive)
+ Addedstrip-indent@1.0.1(transitive)
+ Addedstrip-json-comments@1.0.4(transitive)
+ Addedsupports-color@2.0.03.2.3(transitive)
+ Addedsupports-preserve-symlinks-flag@1.0.0(transitive)
+ Addedtar@2.2.2(transitive)
+ Addedtar-fs@1.9.0(transitive)
+ Addedtar-stream@1.6.2(transitive)
+ Addedthenify@3.1.1(transitive)
+ Addedthenify-all@1.6.0(transitive)
+ Addedthroat@2.0.2(transitive)
+ Addedthrough2@0.4.22.0.5(transitive)
+ Addedtimed-out@2.0.0(transitive)
+ Addedto-buffer@1.1.1(transitive)
+ Addedtough-cookie@2.5.0(transitive)
+ Addedtrim-newlines@1.0.0(transitive)
+ Addedtunnel-agent@0.6.0(transitive)
+ Addedtweetnacl@0.14.5(transitive)
+ Addedtype@2.7.3(transitive)
+ Addedunzip-response@1.0.2(transitive)
+ Addeduri-js@4.4.1(transitive)
+ Addedurl-parse-lax@1.0.0(transitive)
+ Addedutil-deprecate@1.0.2(transitive)
+ Addeduuid@3.4.0(transitive)
+ Addedvalidate-npm-package-license@3.0.4(transitive)
+ Addedverror@1.10.0(transitive)
+ Addedwhich@1.3.1(transitive)
+ Addedwrappy@1.0.2(transitive)
+ Addedxtend@2.1.24.0.2(transitive)