why-is-node-running - npm Package Compare versions

Comparing version 1.2.2 to 1.2.3

cli.js

 #!/usr/bin/env node
 
-var why = require('./')
+var spawn = require('child_process').spawn
 var path = require('path')
+
 var prog = path.resolve(process.argv[2])
@@ -10,4 +11,8 @@
 
-require(prog)
-
-process.on('SIGUSR1', why)
+var nodeArgs = [
+  '--expose-internals',
+  '-r',
+  path.join(__dirname, 'include.js')
+]
+var nodeOpts = { stdio: 'inherit' }
+spawn('node', nodeArgs.concat(prog), nodeOpts)

index.js

@@ -22,3 +22,2 @@ var core = require('./core')
         var stacks = require('stackback')(e)
-        var path = require('path')
 
@@ -53,5 +52,6 @@ handle.__WHY_IS_NODE_RUNNING__ = {stacks: [], wrapped: loaded[prop]}
 
-module.exports = function () {
+module.exports = function (logger) {
+  logger = logger || console
   var handles = process._getActiveHandles()
-  var unknown = 0
+  var unknown = []
   var known = []
@@ -63,10 +63,9 @@
       known.push(stacks)
-      return
+    } else {
+      unknown.push(handle)
     }
-
-    unknown++
   })
 
-  console.error('There are %d known handle(s) keeping the process running and %d unknown', known.length, unknown)
-  console.error('Known handles:\n')
+  logger.error('There are %d known handle(s) keeping the process running and %d unknown', known.length, unknown.length)
+  logger.error('Known handles:\n')
   known.forEach(function (obj, i) {
@@ -79,6 +78,6 @@ var stacks = obj.stacks
 
-    console.error('# %s', obj.wrapped.name)
+    logger.error('# %s', obj.wrapped.name)
 
     if (!stacks[0]) {
-      console.error('(unknown stack trace)')
+      logger.error('(unknown stack trace)')
     } else {
@@ -94,9 +93,15 @@ var padding = ''
           var src = require('fs').readFileSync(s.getFileName(), 'utf-8').split(/\n|\r\n/)
-          console.error(prefix + padding.slice(prefix.length) + ' - ' + src[s.getLineNumber() - 1].trim())
+          logger.error(prefix + padding.slice(prefix.length) + ' - ' + src[s.getLineNumber() - 1].trim())
         } catch (e) {
-          console.error(prefix + padding.slice(prefix.length))
+          logger.error(prefix + padding.slice(prefix.length))
         }
       })
     }
-    console.error()
+
+    logger.error('\nUnknown handles:\n')
+
+    unknown.forEach(function (stack) {
+      logger.error(stack)
+      logger.error()
+    })
   })
@@ -103,0 +108,0 @@ }

package.json

 {
   "name": "why-is-node-running",
-  "version": "1.2.2",
+  "version": "1.2.3",
   "description": "Node is running but you don't know why? why-is-node-running is here to help you.",
@@ -5,0 +5,0 @@ "main": "index.js",

README.md

@@ -29,3 +29,3 @@ # why-is-node-running
 
-Running the above will print
+Run the above script like this: `node --expose-internals example.js`. It will print the following:
 
@@ -32,0 +32,0 @@ ```

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

10308

increased by4.05%

Number of package files

9

increased by12.5%

Lines of code

211

increased by5.5%

Number of low supply chain risk alerts

1

decreased by-50%

Worsened metrics

Number of medium supply chain risk alerts

3

increased by200%

No dependency changes