semantic-release - npm Package Compare versions

Comparing version 3.3.2 to 3.4.0

lib/npm-info.js

 'use strict'
 
+var async = require('async')
+var npmconf = require('npmconf')
 var request = require('request')
 
-var efh = require('./error').efh
-
 module.exports = function (pkgName, cb) {
-  var encodedPkgName = pkgName.replace(/\//g, '%2F')
-  request(process.env.npm_config_registry + encodedPkgName, efh(cb)(function (response, body) {
-    var res = {
-      version: null,
-      gitHead: null,
-      pkg: null
-    }
+  var registry = process.env.npm_config_registry
+  async.waterfall([
+    npmconf.load,
+    function (conf, callback) {
+      var cred = conf.getCredentialsByURI(registry)
+      var reqopts = {
+        url: registry + pkgName.replace(/\//g, '%2F'),
+        headers: {}
+      }
+      if (cred.token) {
+        reqopts.headers.Authorization = 'Bearer ' + cred.token
+      } else if (cred.auth) {
+        reqopts.headers.Authorization = 'Basic ' + cred.auth
+      }
+      callback(null, reqopts)
+    },
+    request,
+    function (response, body, callback) {
+      var res = {
+        version: null,
+        gitHead: null,
+        pkg: null
+      }
 
-    if (response.statusCode === 404 || !body) return cb(null, res)
+      if (response.statusCode === 404 || !body) return callback(null, res)
 
-    var pkg = JSON.parse(body)
+      var pkg = JSON.parse(body)
 
-    if (pkg.error) return cb(pkg.error)
+      if (pkg.error) return callback(pkg.error)
 
-    res.version = pkg['dist-tags'].latest
-    res.gitHead = pkg.versions[res.version].gitHead
-    res.pkg = pkg
+      res.version = pkg['dist-tags'].latest
+      res.gitHead = pkg.versions[res.version].gitHead
+      res.pkg = pkg
 
-    cb(null, res)
-  }))
+      callback(null, res)
+    }
+  ], cb)
 }

package.json

 {
   "name": "semantic-release",
   "description": "automated semver compliant package publishing",
-  "version": "3.3.2",
+  "version": "3.4.0",
   "author": "Stephan Bönnemann <stephan@boennemann.me>",
@@ -12,2 +12,3 @@ "bin": "./bin/semantic-release.js",
     "abbrev": "^1.0.5",
+    "async": "^1.0.0",
     "conventional-changelog": "0.0.17",
@@ -20,2 +21,3 @@ "error-first-handler": "^1.0.1",
     "minimist": "^1.1.0",
+    "npmconf": "^2.1.2",
     "parse-github-repo-url": "^1.0.0",
@@ -31,4 +33,5 @@ "request": "^2.53.0",
     "nixt": "^0.4.1",
+    "nock": "^2.2.0",
     "sinopia": "^1.0.0",
-    "standard": "^3.2.1",
+    "standard": "^3.11.1",
     "tap-spec": "^3.0.0",
@@ -35,0 +38,0 @@ "tape": "^4.0.0"

tests/index.js

@@ -7,2 +7,3 @@ 'use strict'
 
+require('./tap/npm-info')(test)
 require('./scenarios/custom-analyzer')(test, createModule)
@@ -9,0 +10,0 @@ require('./scenarios/custom-verification')(test, createModule)

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

40994

increased by4.51%

Number of package files

34

increased by3.03%

Lines of code

842

increased by8.23%

Worsened metrics

Dependency count

13

increased by18.18%

Dev dependency count

10

increased by11.11%

Number of low supply chain risk alerts

22

increased by4.76%

Dependency changes

• + Addedasync@^1.0.0

• + Addednpmconf@^2.1.2

• + Addedasync@1.5.2(transitive)

• + Addedconfig-chain@1.1.13(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedmkdirp@0.5.6(transitive)

• + Addednopt@3.0.6(transitive)

• + Addednpmconf@2.1.3(transitive)

• + Addedonce@1.3.3(transitive)

• + Addedos-homedir@1.0.2(transitive)

• + Addedos-tmpdir@1.0.2(transitive)

• + Addedosenv@0.1.5(transitive)

• + Addedproto-list@1.2.4(transitive)

• + Addeduid-number@0.0.5(transitive)

• + Addedwrappy@1.0.2(transitive)