New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
ptrr - npm Package Compare versions
Comparing version 0.2.2-1 to 0.2.2-2
| { | ||
| "name": "ptrr", | ||
| "version": "0.2.2-1", | ||
| "version": "0.2.2-2", | ||
| "description": "Some test package", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
| #!/usr/bin/env node | ||
| var shell = require('shelljs'); | ||
| var cv = require('compare-version'); | ||
| var pjson = require('./package.json'); | ||
| shell.exec("git show HEAD^:package.json > /tmp/pkg.json") | ||
| var oldPjson = require('/tmp/pkg.json'); | ||
| 'use strict' | ||
| const shell = require('shelljs'); | ||
| const cv = require('compare-version'); | ||
| const fs = require('fs'); | ||
| if (process.env.TRAVIS_BRANCH == "develop"){ | ||
| const FLAGFILE = "/tmp/deploy"; | ||
| var lastPublishedVersion = shell.exec("npm show ptrr version").output.trim(); | ||
| const pjson = require('./package.json'); | ||
| const oldPjson = JSON.parse(shell.exec("git show HEAD~1:package.json").output); | ||
| console.log("--- Latest published version: ", lastPublishedVersion); | ||
| console.log("--- Previous package.json version: ", oldPjson.version); | ||
| console.log("--- Current package.json version: ", pjson.version); | ||
| const lastPublishedVersion = shell.exec("npm show "+pjson.name+" version").output.trim(); | ||
| var versionBump = (cv(oldPjson.version, pjson.version) != 0); | ||
| console.log("===== Bumped version:", versionBump); | ||
| if (process.env.TRAVIS_BRANCH != "develop"){ | ||
| console.log("--- Not publishing."); | ||
| return; | ||
| }; | ||
| if (!versionBump){ | ||
| console.log("--- Publishing..."); | ||
| shell.exec("npm version", lastPublishedVersion); | ||
| shell.exec("npm version --no-git-tag-version prerelease"); | ||
| shell.exec("git add package.json"); | ||
| shell.exec("git config --global user.name travis"); | ||
| shell.exec("git config --global user.email travis@example.com"); | ||
| shell.exec("git commit --amend -C $(git rev-parse --verify HEAD)"); | ||
| } | ||
| else{ | ||
| console.log("--- Not publishing."); | ||
| } | ||
| } | ||
| fs.writeFile(FLAGFILE); | ||
| console.log("--- Latest published version: ", lastPublishedVersion); | ||
| console.log("--- Previous package.json version: ", oldPjson.version); | ||
| console.log("--- Current package.json version: ", pjson.version); | ||
| let versionBump = (cv(oldPjson.version, pjson.version) != 0); | ||
| console.log("===== Bumped version:", versionBump); | ||
| if (!versionBump){ | ||
| console.log("--- Publishing..."); | ||
| shell.exec("npm version " + lastPublishedVersion); | ||
| shell.exec("npm version --no-git-tag-version prerelease"); | ||
| shell.exec("git add package.json"); | ||
| shell.exec("git config --global user.name travis"); | ||
| shell.exec("git config --global user.email travis@example.com"); | ||
| shell.exec("git commit --amend -C $(git rev-parse --verify HEAD)"); | ||
| }; |
Sorry, the diff of this file is not supported yet
New alerts
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.17%
38135
- Lines of code
- increased by7.69%
28
Worsened metrics
- Number of low supply chain risk alerts
- increased by100%
2
No dependency changes