sauce-connect-launcher - npm Package Compare versions

Comparing version 0.9.0 to 0.9.1

Gruntfile.js

@@ -18,3 +18,6 @@
       },
-      all: ["Gruntfile.js", "index.js", "lib/**/*.js", "test/**/*.js"]
+      all: [
+        "Gruntfile.js", "index.js", "lib/**/*.js",
+        "scripts/*.js", "test/**/*.js"
+      ]
     },
@@ -21,0 +24,0 @@ watch: {

package.json

 {
   "name": "sauce-connect-launcher",
   "description": "A library to download and launch Sauce Connect.",
-  "version": "0.9.0",
+  "version": "0.9.1",
   "homepage": "https://github.com/bermi/sauce-connect-launcher",
@@ -6,0 +6,0 @@ "author": "Bermi Ferrer <bermi@bermilabs.com>",

README.md

 # sauce-connect-launcher
 
-[![Build Status](https://api.travis-ci.org/bermi/sauce-connect-launcher.svg)](http://travis-ci.org/bermi/sauce-connect-launcher)  [![Dependency Status](https://david-dm.org/bermi/sauce-connect-launcher.svg)](https://david-dm.org/bermi/sauce-connect-launcher)
+[![Build Status](https://api.travis-ci.org/bermi/sauce-connect-launcher.svg)](http://travis-ci.org/bermi/sauce-connect-launcher)  [![Dependency Status](https://david-dm.org/bermi/sauce-connect-launcher.svg)](https://david-dm.org/bermi/sauce-connect-launcher) [![](http://img.shields.io/npm/v/sauce-connect-launcher.svg) ![](http://img.shields.io/npm/dm/sauce-connect-launcher.svg)](https://www.npmjs.org/package/sauce-connect-launcher)
 
@@ -157,2 +157,9 @@ A library to download and launch Sauce Connect.
 
+
+### v0.9.1
+- Downloading on install only when installing globally or the
+  `SAUCE_CONNECT_DOWNLOAD_ON_INSTALL=true` environment variable is set (#42)
+  Either way, a failure on `npm postinstall` will not halt the installation
+  as lazy installation can still be performed.
+
 ### v0.9.0
@@ -159,0 +166,0 @@ - Bumping default Sauce Connect version to 4.3.5

scripts/install.js

@@ -1,10 +0,52 @@
-var sauceConnectLauncher = require('..');
+// Only download on install if installing globally or the environment variable
+// SAUCE_CONNECT_DOWNLOAD_ON_INSTALL=true is defined
+if (process.env.npm_config_global === "" &&
+  !process.env.SAUCE_CONNECT_DOWNLOAD_ON_INSTALL) {
+  return;
+}
 
-sauceConnectLauncher.download({
-  logger: console.log.bind(console),
-}, function(error) {
-  if (error) {
-    console.log('Failed to download sauce connect binary:', error);
-    console.log('sauce-connect-launcher will attempt to re-download next time it is run.');
+function downloadSauceConnectLauncher(callback) {
+  try {
+    var sauceConnectLauncher = require("../");
+    sauceConnectLauncher.download({
+      logger: console.log.bind(console),
+    }, callback);
+  } catch (e) {
+    callback(e);
   }
+}
+
+// https://github.com/npm/npm/issues/6624
+// Make sure we have all the dependencies in place before attempting the
+// download
+function installNpmDependencies(callback) {
+  var npmDependencies = require("../package.json").dependencies,
+    installDependenciesCommand = "npm install " +
+      (Object.keys(npmDependencies).map(function (key) {
+        return key + "@" + npmDependencies[key];
+      })).join(" ");
+  require("child_process").exec(installDependenciesCommand, {
+    cwd: require("path").normalize(__dirname + "/../")
+  }, callback);
+}
+
+// Attempt to download sauce connect launcher. It's possible that npm
+// has already installed all the pre-requisites but there's a chance it doesn't
+// https://github.com/bermi/sauce-connect-launcher/issues/42
+// https://github.com/bermi/sauce-connect-launcher/pull/40
+downloadSauceConnectLauncher(function (err) {
+  if (err) {
+    installNpmDependencies(function (err) {
+      if (err) {
+        throw err;
+      }
+      downloadSauceConnectLauncher(function (err) {
+        if (err) {
+          console.log("Failed to download sauce connect binary:", err);
+          console.log("sauce-connect-launcher will attempt to re-download " +
+            "next time it is run.");
+        }
+      });
+    });
+  }
 });

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Total package byte prevSize

24052

increased by8.66%

Lines of code

440

increased by10.83%

Number of lines in readme file

244

increased by2.95%

Worsened metrics

Number of low supply chain risk alerts

7

increased by40%

Number of medium supply chain risk alerts

4

increased by33.33%

No dependency changes