veplayer-mp-douyin - npm Package Compare versions

Comparing version 0.1.16 to 0.1.17

package.json

 {
   "name": "veplayer-mp-douyin",
-  "version": "0.1.16",
+  "version": "0.1.17",
   "license": "MIT",
@@ -31,3 +31,6 @@ "miniprogramType": "tt-npm",
     "xgplayer-service-miniprogram": "^0.4.0"
+  },
+  "devDependencies": {
+    "fs-extra": "^11.1.1"
   }
 }

postinstall.js

 const path = require('path');
-const fs = require('fs');
+const fs = require('fs-extra');
 
@@ -23,3 +23,3 @@ async function main() {
     targetPath = path.join(__dirname, `../../${isExitSrc ? 'src/' : '' }ttcomponents/veplayer-mp-douyin`);
-    fs.cpSync(sourcePath, targetPath, { recursive: true });
+    fs.copySync(sourcePath, targetPath, { overwrite: true });
   }
@@ -26,0 +26,0 @@ }

New alerts

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

130126

increased by0.05%

Worsened metrics

Dev dependency count

1

increased byInfinity%

No dependency changes