prebuild-install
Advanced tools
Comparing version 7.1.0 to 7.1.1
# Changelog | ||
## [7.1.1] - 2022-06-07 | ||
### Changed | ||
- Replace use of npmlog dependency with console.error ([#182](https://github.com/prebuild/prebuild-install/issues/182)) ([`4e2284c`](https://github.com/prebuild/prebuild-install/commit/4e2284c)) (Lovell Fuller). | ||
- Ensure script output can be captured by tests ([#181](https://github.com/prebuild/prebuild-install/issues/181)) ([`d1853cb`](https://github.com/prebuild/prebuild-install/commit/d1853cb)) (Lovell Fuller). | ||
## [7.1.0] - 2022-04-20 | ||
@@ -86,2 +94,4 @@ | ||
[7.1.1]: https://github.com/prebuild/prebuild-install/releases/tag/v7.1.1 | ||
[7.1.0]: https://github.com/prebuild/prebuild-install/releases/tag/v7.1.0 | ||
@@ -88,0 +98,0 @@ |
44
log.js
@@ -1,25 +0,33 @@ | ||
const log = require('npmlog') | ||
const fs = require('fs') | ||
const path = require('path') | ||
const levels = { | ||
silent: 0, | ||
error: 1, | ||
warn: 2, | ||
notice: 3, | ||
http: 4, | ||
timing: 5, | ||
info: 6, | ||
verbose: 7, | ||
silly: 8 | ||
} | ||
module.exports = function (rc, env) { | ||
log.heading = 'prebuild-install' | ||
const level = rc.verbose | ||
? 'verbose' | ||
: env.npm_config_loglevel || 'notice' | ||
if (rc.verbose) { | ||
log.level = 'verbose' | ||
} else { | ||
log.level = env.npm_config_loglevel || 'notice' | ||
const logAtLevel = function (messageLevel) { | ||
return function (...args) { | ||
if (levels[messageLevel] <= levels[level]) { | ||
console.error(`prebuild-install ${messageLevel} ${args.join(' ')}`) | ||
} | ||
} | ||
} | ||
// Temporary workaround for npm 7 which swallows our output | ||
if (process.env.npm_config_prebuild_install_logfile) { | ||
const fp = path.resolve(process.env.npm_config_prebuild_install_logfile) | ||
log.on('log', function (msg) { | ||
// Only for tests, don't care about performance | ||
fs.appendFileSync(fp, [log.heading, msg.level, msg.prefix, msg.message].join(' ') + '\n') | ||
}) | ||
return { | ||
error: logAtLevel('error'), | ||
warn: logAtLevel('warn'), | ||
http: logAtLevel('http'), | ||
info: logAtLevel('info'), | ||
level | ||
} | ||
return log | ||
} |
{ | ||
"name": "prebuild-install", | ||
"version": "7.1.0", | ||
"version": "7.1.1", | ||
"description": "A command line tool to easily install prebuilt binaries for multiple version of node/iojs on a specific platform", | ||
@@ -29,3 +29,2 @@ "scripts": { | ||
"node-abi": "^3.3.0", | ||
"npmlog": "^4.0.1", | ||
"pump": "^3.0.0", | ||
@@ -32,0 +31,0 @@ "rc": "^1.2.7", |
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
33564
12
470
12
0
+ Addedsafe-buffer@5.2.1(transitive)
+ Addedstring_decoder@1.3.0(transitive)
- Removednpmlog@^4.0.1
- Removedansi-regex@2.1.1(transitive)
- Removedaproba@1.2.0(transitive)
- Removedare-we-there-yet@1.1.7(transitive)
- Removedcode-point-at@1.1.0(transitive)
- Removedconsole-control-strings@1.1.0(transitive)
- Removedcore-util-is@1.0.3(transitive)
- Removeddelegates@1.0.0(transitive)
- Removedgauge@2.7.4(transitive)
- Removedhas-unicode@2.0.1(transitive)
- Removedis-fullwidth-code-point@1.0.0(transitive)
- Removedisarray@1.0.0(transitive)
- Removednpmlog@4.1.2(transitive)
- Removednumber-is-nan@1.0.1(transitive)
- Removedobject-assign@4.1.1(transitive)
- Removedprocess-nextick-args@2.0.1(transitive)
- Removedreadable-stream@2.3.8(transitive)
- Removedsafe-buffer@5.1.2(transitive)
- Removedset-blocking@2.0.0(transitive)
- Removedsignal-exit@3.0.7(transitive)
- Removedstring-width@1.0.2(transitive)
- Removedstring_decoder@1.1.1(transitive)
- Removedstrip-ansi@3.0.1(transitive)
- Removedwide-align@1.1.5(transitive)