@gkiely/safe-install 0.1.13 → 0.1.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -12
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -25,7 +25,7 @@ behind a reviewed allowlist in `package.json`.
|
|
|
25
25
|
ignore-scripts=true
|
|
26
26
|
```
|
|
27
27
|
|
|
28
|
-
Optionally enable (requires 11.14.0+):
|
|
28
|
+
Optionally enable (requires npm 11.14.0+):
|
|
29
29
|
|
|
30
30
|
```txt
|
|
31
31
|
allow-git=root
|
|
@@ -37,7 +37,7 @@ allow-remote=root
|
|
|
37
37
|
```json
|
|
38
38
|
{
|
|
39
39
|
"scripts": {
|
|
40
|
-
"safe-install": "npx -y @gkiely/safe-
|
|
40
|
+
"safe-install": "npx -y @gkiely/safe-install0.1.15"
|
|
41
41
|
}
|
|
42
42
|
}
|
|
43
43
|
```
|
|
@@ -100,16 +100,6 @@ npm rebuild --ignore-scripts=false esbuild sharp
|
|
|
100
100
|
|
|
101
101
|
## Notes
|
|
102
102
|
|
|
103
|
-
Supports npm install flags:
|
|
104
|
-
|
|
105
|
-
```json
|
|
106
|
-
{
|
|
107
|
-
"scripts": {
|
|
108
|
-
"safe-install": "npx -y @gkiely/safe-install --no-audit --no-fund"
|
|
109
|
-
}
|
|
110
|
-
}
|
|
111
|
-
```
|
|
112
|
-
|
|
113
103
|
Only add a package to `trustedDependencies` after reviewing why it needs an
|
|
114
104
|
install script. This does not make dependency scripts safe; it makes the trust
|
|
115
105
|
decision explicit and version-controlled.
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@gkiely/safe-install",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.15",
|
|
4
4
|
"description": "Run npm installs with lifecycle scripts disabled, then rebuild explicitly trusted dependencies.",
|
|
5
5
|
"author": "Grant Kiely <grant@youneedawiki.com>",
|
|
6
6
|
"license": "MIT",
|
|
@@ -45,7 +45,7 @@
|
|
|
45
45
|
"build": "tsc -p tsconfig.build.json",
|
|
46
46
|
"prepack": "npm run build",
|
|
47
47
|
"prepublishOnly": "npm run typecheck && npm test",
|
|
48
|
-
"release": "npm run typecheck && npm test && npm version patch && npm publish --access public && git push --follow-tags",
|
|
48
|
+
"release": "node scripts/bump-readme-version.ts && npm run typecheck && npm test && npm version patch && npm publish --access public && git push --follow-tags",
|
|
49
49
|
"safe-install": "node dist/index.js",
|
|
50
50
|
"test": "npm run build && node --test",
|
|
51
51
|
"typecheck": "tsc --noEmit"
|