New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
smartfacecloud-updater
Advanced tools
smartfacecloud-updater - npm Package Compare versions
Comparing version 0.0.54 to 0.0.55
@@ -165,2 +165,5 @@ { | ||
| "description": "Updated smfc-c9 for qr v2.0" | ||
| }, | ||
| "0.0.55": { | ||
| "description": "Updated cli" | ||
| } | ||
@@ -167,0 +170,0 @@ } |
90
index.js
@@ -17,22 +17,24 @@ const execFile = require('child_process').execFile; | ||
| module.exports = facade; | ||
| module.exports = handleMigrations; | ||
| function facade(args) { | ||
| loadDataFile(function(err, packageSnapshots) { | ||
| if(err) { | ||
| return console.log('err', err); | ||
| } else { | ||
| if (err) { | ||
| return console.error('err', err); | ||
| } | ||
| else { | ||
| execNpmGlobalDependenciesList(function(err, globallyInstalledPackages) { | ||
| if (err) { | ||
| return console.log('err', err); | ||
| return console.error('err', err); | ||
| } | ||
| if (globallyInstalledPackages === '') { | ||
| return console.log('no globallyInstalledPackages', globallyInstalledPackages); | ||
| return console.error('no globallyInstalledPackages', globallyInstalledPackages); | ||
| } | ||
| const packagesThatCanBeInstalled = filterPackageSnapshotsThatCanBeUpdated(packageSnapshots); | ||
| if (!(packagesThatCanBeInstalled instanceof Array)) { | ||
| return console.log('packagesThatCanBeInstalled is not an Array'); | ||
| } else if (packagesThatCanBeInstalled.length === 0) { | ||
| return console.log('packagesThatCanBeInstalled has length zero'); | ||
| return console.error('packagesThatCanBeInstalled is not an Array'); | ||
| } | ||
| else if (packagesThatCanBeInstalled.length === 0) { | ||
| return console.error('packagesThatCanBeInstalled has length zero'); | ||
| } | ||
| //In the future the below logic can be more complex | ||
@@ -46,17 +48,25 @@ //There will be ways to update workspace via migrations | ||
| }); | ||
| handleMigrations(); | ||
| } | ||
| function handleMigrations() { | ||
| if (PACKAGE_VERSION === '0.0.33') { | ||
| require('./migrations/0.x/0.0.33/run')(); | ||
| } else if (PACKAGE_VERSION === '0.0.35') { | ||
| require('./migrations/0.x/0.0.35/run')(); | ||
| } else if (PACKAGE_VERSION === '0.0.36') { | ||
| require('./migrations/0.x/0.0.36/run')(); | ||
| } | ||
| function handleMigrations(args) { | ||
| var migratorRunPath = path.join(__dirname, "migrations/" + PACKAGE_VERSION[0] + ".x/" + PACKAGE_VERSION + "/run.js"); | ||
| fs.exists(migratorRunPath, function(exists) { | ||
| if (exists) { | ||
| require(migratorRunPath)(function(err) { | ||
| if (!err) { | ||
| facade(args); | ||
| } | ||
| else { | ||
| return console.error((err)); | ||
| } | ||
| }); | ||
| } | ||
| else | ||
| facade(args); | ||
| }); | ||
| } | ||
| function buildListOfPackagesWithTagsToInstall(packagesToInstall) { | ||
| return packagesToInstall.map(function(item){ | ||
| return packagesToInstall.map(function(item) { | ||
| return item.name + '@' + item.version; | ||
@@ -71,8 +81,8 @@ }); | ||
| } | ||
| packagesToInstall.forEach(function(elem){ | ||
| packagesToInstall.forEach(function(elem) { | ||
| elem.installed = false; | ||
| if (globallyInstalledPackages.dependencies && | ||
| globallyInstalledPackages.dependencies[elem.name] && | ||
| globallyInstalledPackages.dependencies[elem.name].version && | ||
| globallyInstalledPackages.dependencies[elem.name].version === elem.version) { | ||
| globallyInstalledPackages.dependencies[elem.name] && | ||
| globallyInstalledPackages.dependencies[elem.name].version && | ||
| globallyInstalledPackages.dependencies[elem.name].version === elem.version) { | ||
| elem.installed = true; | ||
@@ -106,3 +116,4 @@ } | ||
| } | ||
| } else if (stderr) { | ||
| } | ||
| else if (stderr) { | ||
| if (stderr.indexOf('npm ERR! max depth reached') === -1) { | ||
@@ -123,3 +134,4 @@ return callback(stderr); | ||
| json = JSON.parse(stdout); | ||
| } catch(e) { | ||
| } | ||
| catch (e) { | ||
| callback("JSON parsing error"); | ||
@@ -163,3 +175,4 @@ } | ||
| json = JSON.parse(data.toString()); | ||
| } catch (e) { | ||
| } | ||
| catch (e) { | ||
| console.log('installSnapshot no json file', e); | ||
@@ -174,3 +187,3 @@ return; | ||
| function filterUninstalledSnapshotPackages(globallyInstalledPackages, snapshotPackages) { | ||
| return Object.keys(snapshotPackages).filter(function(key){ | ||
| return Object.keys(snapshotPackages).filter(function(key) { | ||
| if (!globallyInstalledPackages[key]) { | ||
@@ -186,3 +199,3 @@ return true; | ||
| return false; | ||
| }).map(function(key){ | ||
| }).map(function(key) { | ||
| return { | ||
@@ -198,13 +211,14 @@ name: key, | ||
| fs.readFile(dataFilePath, function(err, data) { | ||
| if (err) { | ||
| return callback(err); | ||
| } | ||
| var json; | ||
| try { | ||
| json = JSON.parse(data.toString()); | ||
| } catch(e) { | ||
| return callback(e); | ||
| } | ||
| callback(null, json); | ||
| if (err) { | ||
| return callback(err); | ||
| } | ||
| var json; | ||
| try { | ||
| json = JSON.parse(data.toString()); | ||
| } | ||
| catch (e) { | ||
| return callback(e); | ||
| } | ||
| callback(null, json); | ||
| }); | ||
| } |
| { | ||
| "name": "smartfacecloud-updater", | ||
| "version": "0.0.54", | ||
| "version": "0.0.55", | ||
| "description": "Auto updater for Smartface", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
New alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3.5%
37567
- Number of package files
- increased by4.84%
65
- Lines of code
- increased by7.72%
656
Worsened metrics
- Number of low supply chain risk alerts
- increased by40%
7
- Number of medium supply chain risk alerts
- increased by100%
2
No dependency changes