tfk-dsf-unwrap-contact - npm Package Compare versions

Comparing version 1.0.2 to 1.0.3

index.js

 'use strict'
 
-var repackContact = require('./lib/repack-contact')
+const repackContact = require('./lib/repack-contact')
 
@@ -9,4 +9,7 @@ function unwrapContact (contact) {
   }
+
+  const templatePath = contact.templatePath || ''
+
   if (contact.RESULT && contact.RESULT.HOV) {
-    return repackContact(contact.RESULT.HOV)
+    return repackContact(contact.RESULT.HOV, templatePath)
   } else {
@@ -13,0 +16,0 @@ throw new Error('Malformed contact object')

lib/repack-contact.js

 'use strict'
+var fs = require('fs')
+var path = require('path')
 
-function repackContact (data) {
+function repackContact (data, filePath) {
   if (!data) {
     throw new Error('Missing required input: data object')
   }
-  var template = require('./data/template.json')
+  const templatePath = path.resolve(filePath || 'lib/data/template.json')
+  if (fs.existsSync(templatePath)) {
+    var template = require(templatePath)
+  } else {
+    throw new Error('File does not exist: ' + templatePath)
+  }
 
@@ -9,0 +16,0 @@ Object.keys(template).forEach(function (key) {

package.json

 {
   "name": "tfk-dsf-unwrap-contact",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "Unwraps contact information from dsf result",
@@ -5,0 +5,0 @@ "license": "MIT",

README.md

@@ -105,2 +105,3 @@ [![Build Status](https://travis-ci.org/telemark/tfk-dsf-unwrap-contact.svg?branch=master)](https://travis-ci.org/telemark/tfk-dsf-unwrap-contact)
 
+data.templatePath = 'lib/data/skoleskyss.json' // To use another template
 
@@ -132,2 +133,2 @@ console.log(unwrapContact(data))
 ## License
-[MIT](LICENSE)
+[MIT](LICENSE)

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

13523

increased by20.62%

Number of package files

17

increased by13.33%

Lines of code

341

increased by40.91%

Number of lines in readme file

133

increased by1.53%

Worsened metrics

Number of low supply chain risk alerts

2

increased byInfinity%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes