which - npm Package Compare versions

Comparing version 1.2.4 to 1.2.5

package.json

@@ -5,3 +5,3 @@ {
   "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.",
-  "version": "1.2.4",
+  "version": "1.2.5",
   "repository": {
@@ -24,4 +24,10 @@ "type": "git",
   "scripts": {
-    "test": "tap test/*.js --cov"
-  }
+    "test": "tap test/*.js --cov",
+    "changelog": "bash changelog.sh",
+    "postversion": "npm run changelog && git add CHANGELOG.md && git commit -m 'update changelog - '${npm_package_version}"
+  },
+  "files": [
+    "which.js",
+    "bin/which"
+  ]
 }

which.js

@@ -14,3 +14,10 @@ module.exports = which
 
-function getPathInfo(cmd, opt) {
+function getNotFoundError (cmd) {
+  var er = new Error('not found: ' + cmd)
+  er.code = 'ENOENT'
+
+  return er
+}
+
+function getPathInfo (cmd, opt) {
   var colon = opt.colon || COLON
@@ -35,5 +42,5 @@ var pathEnv = opt.path || process.env.Path || process.env.PATH || ''
 
-  // If it's absolute, then we don't bother searching the pathenv.
+  // If it has a slash, then we don't bother searching the pathenv.
   // just check the file itself, and that's it.
-  if (isAbsolute(cmd))
+  if (cmd.match(/\//) || isWindows && cmd.match(/\\/))
     pathEnv = ['']
@@ -65,3 +72,3 @@
       else
-        return cb(new Error('not found: '+cmd))
+        return cb(getNotFoundError(cmd))
     }
@@ -73,3 +80,6 @@
 
-    var p = path.resolve(pathPart, cmd)
+    var p = path.join(pathPart, cmd)
+    if (!pathPart && (/^\./).test(cmd)) {
+      p = cmd.slice(0, 2) + p
+    }
     ;(function E (ii, ll) {
@@ -106,2 +116,5 @@ if (ii === ll) return F(i + 1, l)
     var p = path.join(pathPart, cmd)
+    if (!pathPart && (/^\./).test(cmd)) {
+      p = cmd.slice(0, 2) + p
+    }
     for (var j = 0, ll = pathExt.length; j < ll; j ++) {
@@ -125,3 +138,3 @@ var cur = p + pathExt[j]
 
-  throw new Error('not found: '+cmd)
+  throw getNotFoundError(cmd)
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Number of low supply chain risk alerts

6

decreased by-76%

Worsened metrics

Total package byte prevSize

8695

decreased by-29.86%

Number of package files

7

decreased by-30%

Lines of code

112

decreased by-64.78%

No dependency changes