Comparing version 7.0.1 to 7.1.0
@@ -13,3 +13,2 @@ #!/usr/bin/env node | ||
.option('-p, --port <n>', 'Port to start the server on', process.env.PORT || 3000) | ||
.option('-t, --tunnel <subdomain>', 'Deprecated: localtunnel support has been removed', process.env.SUBDOMAIN) | ||
.option('-W, --webhook-proxy <url>', 'URL of the webhook proxy service.`', process.env.WEBHOOK_PROXY_URL) | ||
@@ -42,7 +41,2 @@ .option('-w, --webhook-path <path>', 'URL path which receives webhooks. Ex: `/webhook`', process.env.WEBHOOK_PATH) | ||
if (!program.webhookProxy && program.tunnel) { | ||
// TOOD: Remove for the 6.0.0 release | ||
console.warn('[DEPRECATED] localtunnel support has been removed. See https://github.com/probot/probot/issues/391') | ||
} | ||
pkgConf('probot').then(pkg => { | ||
@@ -49,0 +43,0 @@ probot.setup(program.args.concat(pkg.apps || pkg.plugins || [])) |
@@ -35,2 +35,2 @@ #!/usr/bin/env node | ||
probot.logger.debug('Simulating event', eventName) | ||
probot.receive({event: eventName, payload}) | ||
probot.receive({name: eventName, payload}) |
@@ -0,1 +1,2 @@ | ||
import { WebhookEvent } from '@octokit/webhooks'; | ||
import express from 'express'; | ||
@@ -8,3 +9,3 @@ import { EventEmitter } from 'promise-events'; | ||
/** | ||
* The `app` parameter available to apps | ||
* The `app` parameter available to `ApplicationFunction`s | ||
* | ||
@@ -18,10 +19,10 @@ * @property {logger} log - A logger | ||
router: express.Router; | ||
catchErrors?: boolean; | ||
catchErrors: boolean; | ||
log: LoggerWithTarget; | ||
constructor(options?: Options); | ||
/** | ||
* Loads a Probot plugin | ||
* @param plugin - Probot plugin to load | ||
* Loads an ApplicationFunction into the current Application | ||
* @param appFn - Probot application function to load | ||
*/ | ||
load(app: ApplicationFunction | ApplicationFunction[]): Application; | ||
load(appFn: ApplicationFunction | ApplicationFunction[]): Application; | ||
receive(event: WebhookEvent): Promise<[void, void, void]>; | ||
@@ -107,10 +108,2 @@ /** | ||
} | ||
export interface WebhookEvent { | ||
event: string; | ||
id: string; | ||
payload: any; | ||
protocol: 'http' | 'https'; | ||
host: string; | ||
url: string; | ||
} | ||
export interface Cache { | ||
@@ -126,3 +119,3 @@ wrap<T>(key: string, wrapper: (callback: (error: any, result: T) => void) => any, options: CacheConfig): Promise<any>; | ||
router?: express.Router; | ||
catchErrors: boolean; | ||
catchErrors?: boolean; | ||
} |
"use strict"; | ||
var __assign = (this && this.__assign) || Object.assign || function(t) { | ||
for (var s, i = 1, n = arguments.length; i < n; i++) { | ||
s = arguments[i]; | ||
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) | ||
t[p] = s[p]; | ||
} | ||
return t; | ||
}; | ||
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
@@ -17,4 +25,4 @@ return new (P || (P = Promise))(function (resolve, reject) { | ||
while (_) try { | ||
if (f = 1, y && (t = y[op[0] & 2 ? "return" : op[0] ? "throw" : "next"]) && !(t = t.call(y, op[1])).done) return t; | ||
if (y = 0, t) op = [0, t.value]; | ||
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; | ||
if (y = 0, t) op = [op[0] & 2, t.value]; | ||
switch (op[0]) { | ||
@@ -49,8 +57,8 @@ case 0: case 1: t = op; break; | ||
// Some events can't get an authenticated client (#382): | ||
function isUnauthenticatedEvent(context) { | ||
return !context.payload.installation || | ||
(context.event === 'installation' && context.payload.action === 'deleted'); | ||
function isUnauthenticatedEvent(event) { | ||
return !event.payload.installation || | ||
(event.name === 'installation' && event.payload.action === 'deleted'); | ||
} | ||
/** | ||
* The `app` parameter available to apps | ||
* The `app` parameter available to `ApplicationFunction`s | ||
* | ||
@@ -66,16 +74,16 @@ * @property {logger} log - A logger | ||
this.cache = opts.cache; | ||
this.catchErrors = opts.catchErrors; | ||
this.catchErrors = opts.catchErrors || false; | ||
this.router = opts.router || express_1.default.Router(); // you can do this? | ||
} | ||
/** | ||
* Loads a Probot plugin | ||
* @param plugin - Probot plugin to load | ||
* Loads an ApplicationFunction into the current Application | ||
* @param appFn - Probot application function to load | ||
*/ | ||
Application.prototype.load = function (app) { | ||
Application.prototype.load = function (appFn) { | ||
var _this = this; | ||
if (Array.isArray(app)) { | ||
app.forEach(function (a) { return _this.load(a); }); | ||
if (Array.isArray(appFn)) { | ||
appFn.forEach(function (a) { return _this.load(a); }); | ||
} | ||
else { | ||
app(this); | ||
appFn(this); | ||
} | ||
@@ -87,6 +95,11 @@ return this; | ||
return __generator(this, function (_a) { | ||
if (event.event) { | ||
// tslint:disable-next-line:no-console | ||
console.warn(new Error('Propery `event` is deprecated, use `name`')); | ||
event = __assign({ name: event.event }, event); | ||
} | ||
return [2 /*return*/, Promise.all([ | ||
this.events.emit('*', event), | ||
this.events.emit(event.event, event), | ||
this.events.emit(event.event + "." + event.payload.action, event) | ||
this.events.emit(event.name, event), | ||
this.events.emit(event.name + "." + event.payload.action, event) | ||
])]; | ||
@@ -229,3 +242,3 @@ }); | ||
return __awaiter(this, void 0, void 0, function () { | ||
var github, res; | ||
var github, installationTokenTTL, res; | ||
var _this = this; | ||
@@ -243,2 +256,3 @@ return __generator(this, function (_a) { | ||
}); | ||
installationTokenTTL = parseInt(process.env.INSTALLATION_TOKEN_TTL || '3540', 10); | ||
if (!id) return [3 /*break*/, 2]; | ||
@@ -249,6 +263,5 @@ return [4 /*yield*/, this.cache.wrap("app:" + id + ":token", function () { | ||
return github.apps.createInstallationToken({ installation_id: String(id) }); | ||
}, { ttl: 60 * 59 })]; // Cache for 1 minute less than GitHub expiry | ||
}, { ttl: installationTokenTTL })]; | ||
case 1: | ||
res = _a.sent() // Cache for 1 minute less than GitHub expiry | ||
; | ||
res = _a.sent(); | ||
github.authenticate({ type: 'token', token: res.data.token }); | ||
@@ -255,0 +268,0 @@ return [3 /*break*/, 3]; |
@@ -0,1 +1,2 @@ | ||
import { WebhookEvent, WebhookPayloadWithRepository } from '@octokit/webhooks'; | ||
import { GitHubAPI } from './github'; | ||
@@ -19,9 +20,13 @@ import { LoggerWithTarget } from './wrap-logger'; | ||
*/ | ||
export declare class Context { | ||
id: number; | ||
export declare class Context implements WebhookEvent { | ||
name: string; | ||
id: string; | ||
payload: WebhookPayloadWithRepository; | ||
protocol?: 'http' | 'https'; | ||
host?: string; | ||
url?: string; | ||
github: GitHubAPI; | ||
log: LoggerWithTarget; | ||
payload: WebhookPayloadWithRepository; | ||
event: any; | ||
constructor(event: any, github: GitHubAPI, log: LoggerWithTarget); | ||
constructor(event: WebhookEvent, github: GitHubAPI, log: LoggerWithTarget); | ||
readonly event: string; | ||
/** | ||
@@ -56,3 +61,3 @@ * Return the `owner` and `repo` params for making API requests against a | ||
issue<T>(object?: T): { | ||
number: number; | ||
number: any; | ||
} & { | ||
@@ -106,39 +111,3 @@ owner: string; | ||
*/ | ||
config<T>(fileName: string, defaultConfig?: T): Promise<T | null>; | ||
config<T>(fileName: string, defaultConfig?: T): Promise<any>; | ||
} | ||
export interface PayloadRepository { | ||
[key: string]: any; | ||
full_name: string; | ||
name: string; | ||
owner: { | ||
[key: string]: any; | ||
login: string; | ||
name: string; | ||
}; | ||
html_url: string; | ||
} | ||
export interface WebhookPayloadWithRepository { | ||
[key: string]: any; | ||
repository: PayloadRepository; | ||
issue: { | ||
[key: string]: any; | ||
number: number; | ||
html_url: string; | ||
body: string; | ||
}; | ||
pull_request: { | ||
[key: string]: any; | ||
number: number; | ||
html_url: string; | ||
body: string; | ||
}; | ||
sender: { | ||
[key: string]: any; | ||
type: string; | ||
}; | ||
action: string; | ||
installation: { | ||
id: number; | ||
[key: string]: any; | ||
}; | ||
} |
@@ -17,4 +17,4 @@ "use strict"; | ||
while (_) try { | ||
if (f = 1, y && (t = y[op[0] & 2 ? "return" : op[0] ? "throw" : "next"]) && !(t = t.call(y, op[1])).done) return t; | ||
if (y = 0, t) op = [0, t.value]; | ||
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; | ||
if (y = 0, t) op = [op[0] & 2, t.value]; | ||
switch (op[0]) { | ||
@@ -62,7 +62,19 @@ case 0: case 1: t = op; break; | ||
function Context(event, github, log) { | ||
Object.assign(this, event); | ||
this.name = event.name; | ||
this.id = event.id; | ||
this.payload = event.payload; | ||
this.protocol = event.protocol; | ||
this.host = event.host; | ||
this.url = event.url; | ||
this.github = github; | ||
this.log = log; | ||
} | ||
Object.defineProperty(Context.prototype, "event", { | ||
// Maintain backward compatability | ||
get: function () { | ||
return this.name; | ||
}, | ||
enumerable: true, | ||
configurable: true | ||
}); | ||
/** | ||
@@ -69,0 +81,0 @@ * Return the `owner` and `repo` params for making API requests against a |
@@ -35,4 +35,4 @@ "use strict"; | ||
while (_) try { | ||
if (f = 1, y && (t = y[op[0] & 2 ? "return" : op[0] ? "throw" : "next"]) && !(t = t.call(y, op[1])).done) return t; | ||
if (y = 0, t) op = [0, t.value]; | ||
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; | ||
if (y = 0, t) op = [op[0] & 2, t.value]; | ||
switch (op[0]) { | ||
@@ -39,0 +39,0 @@ case 0: case 1: t = op; break; |
@@ -13,3 +13,3 @@ /// <reference types="bunyan" /> | ||
export interface Options extends Octokit.Options { | ||
debug: boolean; | ||
debug?: boolean; | ||
logger: Logger; | ||
@@ -16,0 +16,0 @@ limiter?: any; |
@@ -17,4 +17,4 @@ "use strict"; | ||
while (_) try { | ||
if (f = 1, y && (t = y[op[0] & 2 ? "return" : op[0] ? "throw" : "next"]) && !(t = t.call(y, op[1])).done) return t; | ||
if (y = 0, t) op = [0, t.value]; | ||
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; | ||
if (y = 0, t) op = [op[0] & 2, t.value]; | ||
switch (op[0]) { | ||
@@ -21,0 +21,0 @@ case 0: case 1: t = op; break; |
@@ -0,8 +1,9 @@ | ||
import Webhooks, { WebhookEvent } from '@octokit/webhooks'; | ||
import Logger from 'bunyan'; | ||
import express from 'express'; | ||
import { Application, WebhookEvent } from './application'; | ||
import { Application } from './application'; | ||
import { Context } from './context'; | ||
export declare class Probot { | ||
server: express.Application; | ||
webhook: any; | ||
webhook: Webhooks; | ||
logger: Logger; | ||
@@ -15,4 +16,4 @@ private options; | ||
receive(event: WebhookEvent): Promise<[void, void, void][]>; | ||
load(appFunction: string | ApplicationFunction): Application; | ||
setup(apps: Array<string | ApplicationFunction>): void; | ||
load(appFn: string | ApplicationFunction): Application; | ||
setup(appFns: Array<string | ApplicationFunction>): void; | ||
start(): void; | ||
@@ -19,0 +20,0 @@ } |
"use strict"; | ||
var __assign = (this && this.__assign) || Object.assign || function(t) { | ||
for (var s, i = 1, n = arguments.length; i < n; i++) { | ||
s = arguments[i]; | ||
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) | ||
t[p] = s[p]; | ||
} | ||
return t; | ||
}; | ||
var __importDefault = (this && this.__importDefault) || function (mod) { | ||
@@ -14,2 +6,3 @@ return (mod && mod.__esModule) ? mod : { "default": mod }; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
var webhooks_1 = __importDefault(require("@octokit/webhooks")); | ||
var bunyan_1 = __importDefault(require("bunyan")); | ||
@@ -29,3 +22,2 @@ exports.Logger = bunyan_1.default; | ||
// These needs types | ||
var Webhooks = require('@octokit/webhooks'); | ||
var logRequestErrors = require('./middleware/log-request-errors'); | ||
@@ -36,6 +28,6 @@ var cache = cache_manager_1.default.caching({ | ||
}); | ||
var defaultApps = [ | ||
require('./plugins/default'), | ||
require('./plugins/sentry'), | ||
require('./plugins/stats') | ||
var defaultAppFns = [ | ||
require('./apps/default'), | ||
require('./apps/sentry'), | ||
require('./apps/stats') | ||
]; | ||
@@ -51,3 +43,3 @@ // tslint:enable:no-var-requires | ||
this.apps = []; | ||
this.webhook = new Webhooks({ path: options.webhookPath, secret: options.secret }); | ||
this.webhook = new webhooks_1.default({ path: options.webhookPath, secret: options.secret }); | ||
this.app = github_app_1.createApp({ id: options.id, cert: options.cert }); | ||
@@ -57,5 +49,3 @@ this.server = server_1.createServer({ webhook: this.webhook.middleware, logger: logger_1.logger }); | ||
this.webhook.on('*', function (event) { | ||
var webhookEvent = __assign({}, event, { event: event.name }); | ||
delete webhookEvent.name; | ||
return _this.receive(webhookEvent); | ||
return _this.receive(event); | ||
}); | ||
@@ -66,15 +56,12 @@ // Log all webhook errors | ||
Probot.prototype.errorHandler = function (err) { | ||
switch (err.message) { | ||
case 'X-Hub-Signature does not match blob signature': | ||
case 'No X-Hub-Signature found on request': | ||
case 'webhooks:receiver ignored: POST / due to missing headers: x-hub-signature': | ||
logger_1.logger.error('Go to https://github.com/settings/apps/YOUR_APP and verify that the Webhook secret matches the value of the WEBHOOK_SECRET environment variable.'); | ||
break; | ||
case 'error:0906D06C:PEM routines:PEM_read_bio:no start line': | ||
case '{"message":"A JSON web token could not be decoded","documentation_url":"https://developer.github.com/v3"}': | ||
logger_1.logger.error('Your private key (usually a .pem file) is not correct. Go to https://github.com/settings/apps/YOUR_APP and generate a new PEM file. If you\'re deploying to Now, visit https://probot.github.io/docs/deployment/#now.'); | ||
break; | ||
default: | ||
logger_1.logger.error(err); | ||
var errMessage = err.message.toLowerCase(); | ||
if (errMessage.includes('x-hub-signature')) { | ||
logger_1.logger.error({ err: err }, 'Go to https://github.com/settings/apps/YOUR_APP and verify that the Webhook secret matches the value of the WEBHOOK_SECRET environment variable.'); | ||
} | ||
else if (errMessage.includes('pem') || errMessage.includes('json web token')) { | ||
logger_1.logger.error({ err: err }, 'Your private key (usually a .pem file) is not correct. Go to https://github.com/settings/apps/YOUR_APP and generate a new PEM file. If you\'re deploying to Now, visit https://probot.github.io/docs/deployment/#now.'); | ||
} | ||
else { | ||
logger_1.logger.error(err); | ||
} | ||
}; | ||
@@ -85,5 +72,5 @@ Probot.prototype.receive = function (event) { | ||
}; | ||
Probot.prototype.load = function (appFunction) { | ||
if (typeof appFunction === 'string') { | ||
appFunction = resolver_1.resolve(appFunction); | ||
Probot.prototype.load = function (appFn) { | ||
if (typeof appFn === 'string') { | ||
appFn = resolver_1.resolve(appFn); | ||
} | ||
@@ -93,13 +80,13 @@ var app = new application_1.Application({ app: this.app, cache: cache, catchErrors: true }); | ||
this.server.use(app.router); | ||
// Initialize the plugin | ||
app.load(appFunction); | ||
// Initialize the ApplicationFunction | ||
app.load(appFn); | ||
this.apps.push(app); | ||
return app; | ||
}; | ||
Probot.prototype.setup = function (apps) { | ||
Probot.prototype.setup = function (appFns) { | ||
var _this = this; | ||
// Log all unhandled rejections | ||
process.on('unhandledRejection', this.errorHandler); | ||
// Load the given apps along with the default apps | ||
apps.concat(defaultApps).forEach(function (app) { return _this.load(app); }); | ||
// Load the given appFns along with the default ones | ||
appFns.concat(defaultAppFns).forEach(function (appFn) { return _this.load(appFn); }); | ||
// Register error handler as the last middleware | ||
@@ -106,0 +93,0 @@ this.server.use(logRequestErrors); |
@@ -7,2 +7,4 @@ "use strict"; | ||
var fs_1 = __importDefault(require("fs")); | ||
// tslint:disable-next-line:no-var-requires | ||
var isBase64 = require('is-base64'); | ||
var hint = "please use:\n * `--private-key=/path/to/private-key` flag, or\n * `PRIVATE_KEY` environment variable, or\n * `PRIVATE_KEY_PATH` environment variable\n"; | ||
@@ -25,3 +27,14 @@ /** | ||
if (process.env.PRIVATE_KEY) { | ||
return process.env.PRIVATE_KEY.replace(/\\n/g, '\n'); | ||
var cert = process.env.PRIVATE_KEY; | ||
if (isBase64(cert)) { | ||
// Decode base64-encoded certificate | ||
cert = Buffer.from(cert, 'base64').toString(); | ||
} | ||
var begin = '-----BEGIN RSA PRIVATE KEY-----'; | ||
var end = '-----END RSA PRIVATE KEY-----'; | ||
if (cert.includes(begin) && cert.includes(end)) { | ||
// Full key with new lines | ||
return cert.replace(/\\n/g, '\n'); | ||
} | ||
throw new Error('The contents of \`PRIVATE_KEY\` could not be validated. Please check to ensure you have copied the contents of the .pem file correctly.'); | ||
} | ||
@@ -28,0 +41,0 @@ if (process.env.PRIVATE_KEY_PATH) { |
@@ -1,7 +0,8 @@ | ||
export declare const resolve: (app: string, opts?: ResolveOptions | undefined) => any; | ||
export declare const resolve: (appFnId: string, opts?: ResolveOptions | undefined) => any; | ||
export declare type Resolver = (appFnId: string, opts: { | ||
basedir: string; | ||
}) => string; | ||
export interface ResolveOptions { | ||
basedir?: string; | ||
resolver?: (app: string, opts: { | ||
basedir: string; | ||
}) => string; | ||
resolver?: Resolver; | ||
} |
"use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
var resolve_1 = require("resolve"); | ||
var defaultOptions = {}; | ||
exports.resolve = function (app, opts) { | ||
exports.resolve = function (appFnId, opts) { | ||
opts = opts || defaultOptions; | ||
// These are mostly to ease testing | ||
var basedir = opts.basedir || process.cwd(); | ||
var resolver = opts.resolver || require('resolve').sync; | ||
return require(resolver(app, { basedir: basedir })); | ||
var resolver = opts.resolver || resolve_1.sync; | ||
return require(resolver(appFnId, { basedir: basedir })); | ||
}; | ||
//# sourceMappingURL=resolver.js.map |
@@ -13,3 +13,3 @@ "use strict"; | ||
else { | ||
var name = event.event; | ||
var name = event.name; | ||
if (event.payload && event.payload.action) { | ||
@@ -16,0 +16,0 @@ name = name + "." + event.payload.action; |
{ | ||
"name": "probot", | ||
"version": "7.0.1", | ||
"version": "7.1.0", | ||
"description": "🤖 A framework for building GitHub Apps to automate and improve your workflow", | ||
@@ -14,4 +14,4 @@ "repository": "https://github.com/probot/probot", | ||
"start": "node ./bin/probot run", | ||
"lint": "tslint --project .", | ||
"test": "tsc --noEmit -p . && jest --coverage && npm run lint && npm run doc-lint", | ||
"lint": "tslint --project test", | ||
"test": "tsc --noEmit -p test && jest --coverage && npm run lint && npm run doc-lint", | ||
"doc-lint": "standard-markdown docs/", | ||
@@ -51,10 +51,10 @@ "doc": "typedoc --options .typedoc.json", | ||
"<rootDir>/test/fixtures/", | ||
"<rootDir>/test/plugins/helper.js" | ||
"<rootDir>/test/apps/helper.js" | ||
], | ||
"globals": { | ||
"ts-jest": { | ||
"skipBabel": true, | ||
"enableTsDiagnostics": true | ||
"skipBabel": true | ||
} | ||
} | ||
}, | ||
"testURL": "http://localhost/" | ||
}, | ||
@@ -75,4 +75,4 @@ "keywords": [ | ||
"@octokit/rest": "^15.9.4", | ||
"@octokit/webhooks": "^3.1.1", | ||
"bottleneck": "^2.4.0", | ||
"@octokit/webhooks": "5.0.0", | ||
"bottleneck": "^2.8.0", | ||
"bunyan": "^1.8.12", | ||
@@ -87,2 +87,3 @@ "bunyan-format": "^0.2.1", | ||
"hbs": "^4.0.1", | ||
"is-base64": "0.0.5", | ||
"js-yaml": "^3.9.1", | ||
@@ -107,3 +108,3 @@ "jsonwebtoken": "^8.1.0", | ||
"@types/nock": "^9.1.0", | ||
"@types/node": "^10.3.0", | ||
"@types/node": "^10.7.0", | ||
"@types/raven": "^2.1.5", | ||
@@ -117,3 +118,3 @@ "@types/resolve": "^0.0.4", | ||
"eslint-plugin-markdown": "^1.0.0-beta.8", | ||
"jest": "^22.0.3", | ||
"jest": "^23.4.1", | ||
"minami": "^1.1.1", | ||
@@ -126,7 +127,7 @@ "nock": "^9.2.0", | ||
"supertest": "^3.0.0", | ||
"ts-jest": "^21.2.4", | ||
"ts-jest": "^23.1.4", | ||
"tslint": "^5.9.1", | ||
"tslint-config-prettier": "^1.10.0", | ||
"tslint-config-standard": "^7.1.0", | ||
"typedoc": "^0.11.1", | ||
"typedoc": "^0.12.0", | ||
"typescript": "^2.7.2" | ||
@@ -133,0 +134,0 @@ }, |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
305941
0
21
2270
+ Addedis-base64@0.0.5
+ Added@octokit/webhooks@5.0.0(transitive)
+ Addedis-base64@0.0.5(transitive)
- Removed@octokit/webhooks@3.1.1(transitive)
Updated@octokit/webhooks@5.0.0
Updatedbottleneck@^2.8.0