proper-lockfile - npm Package Compare versions

Comparing version 2.0.0 to 2.0.1

index.js

@@ -138,3 +138,9 @@ 'use strict';
     // on process exit
-    lock.updateTimeout.unref();
+
+    // We first check that `lock.updateTimeout.unref` exists because some users
+    // may be using this module outside of NodeJS (e.g., in an electron app), 
+    // and in those cases `setTimeout` return an integer.
+    if (lock.updateTimeout.unref) {
+        lock.updateTimeout.unref();
+    }
 }
@@ -141,0 +147,0 @@

package.json

 {
   "name": "proper-lockfile",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "description": "A inter-process and inter-machine lockfile utility that works on a local or network file system.",
@@ -5,0 +5,0 @@ "main": "index.js",

README.md

@@ -17,3 +17,3 @@ # proper-lockfile
 
-A inter-process and inter-machine lockfile utility that works on a local or network file system.
+An inter-process and inter-machine lockfile utility that works on a local or network file system.
 
@@ -86,3 +86,3 @@
 
-lockfile.lock('some/file', (err) => {
+lockfile.lock('some/file', (err, release) => {
     if (err) {
@@ -99,3 +99,3 @@ throw err;  // Lock failed
     // Though it's not mandatory since it will eventually stale
-    /*release(function (err) {
+    /*release((err) => {
         // At this point the lock was effectively released or an error
@@ -137,3 +137,3 @@ // occurred while removing it
     // or..
-    /*lockfile.unlock('some/file', function (err) {
+    /*lockfile.unlock('some/file', (err) => {
         // At this point the lock was effectively released or an error
@@ -140,0 +140,0 @@ // occurred while removing it

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

22433

decreased by-62.8%

Number of package files

5

decreased by-66.67%

Lines of code

333

decreased by-75%

No dependency changes