@gkiely/safe-install 0.1.5 → 0.1.7

package/README.md

@@ -38,7 +38,7 @@ ignore-scripts=true
 4. Find dependencies that declare install-time scripts:
 
 ```sh
-npm run safe-install review-deps
+npm run safe-install -- review-deps
 ```
 
 5. Review the output, then add trusted packages to `package.json`. You can also
@@ -62,6 +62,18 @@ specifiers.
 npm run safe-install
 ```
 
+You can pass npm install args through:
+
+```sh
+npm run safe-install left-pad@latest
+```
+
+You can run npm update through the same command:
+
+```sh
+npm run safe-install -- update
+```
+
 ## What `safe-install` does
 
 `safe-install` runs npm install with scripts blocked, then runs install scripts only for packages listed in

package/dist/index.d.ts

@@ -13,6 +13,17 @@ type LockPackage = {
 type PackageLock = {
     packages?: Record<string, LockPackage>;
 };
+type ParsedCommand = {
+    kind: "install";
+    args: string[];
+} | {
+    kind: "update";
+    args: string[];
+} | {
+    kind: "review-deps";
+} | {
+    kind: "help";
+};
 export declare function getTrustedDependencies(pkg: PackageJson): string[];
 export declare function findInstallScriptDependencies(packageLock: PackageLock, trustedDependencies?: readonly string[]): string[];
 type SafeInstallConfig = {
@@ -21,7 +32,10 @@ type SafeInstallConfig = {
 export declare function getSafeInstallConfig(pkg: PackageJson): SafeInstallConfig;
 export declare function assertNoBlockedExoticSubdeps(config: SafeInstallConfig, packageLock: PackageLock): void;
 export declare function getInstallArgs(args?: readonly string[]): string[];
+export declare function getUpdateArgs(args?: readonly string[]): string[];
+export declare function parseCommand(args: readonly string[]): ParsedCommand;
 export declare function reviewDepsCommand(): void;
 export declare function installCommand(args?: readonly string[]): void;
+export declare function updateCommand(args?: readonly string[]): void;
 export declare function main(args?: string[]): void;
 export {};

package/dist/index.js

@@ -118,14 +118,31 @@ function run(command, args) {
 export function getInstallArgs(args = []) {
     return ["install", "--ignore-scripts", ...args];
 }
+export function getUpdateArgs(args = []) {
+    return ["update", "--ignore-scripts", ...args];
+}
+export function parseCommand(args) {
+    if (args.includes("--help") || args.includes("-h")) {
+        return { kind: "help" };
+    }
+    if (args[0] === "--" && args[1] === "review-deps") {
+        return { kind: "review-deps" };
+    }
+    if (args[0] === "--" && args[1] === "update") {
+        return { kind: "update", args: args.slice(2) };
+    }
+    return { kind: "install", args: args.filter((arg) => arg !== "--") };
+}
 function printHelp() {
     console.log(`safe-install
 
 Usage:
-  safe-install [npm install flags]
+  safe-install [npm install args]
                         Run npm install with scripts disabled, then rebuild trusted dependencies
-  safe-install review-deps
+  safe-install -- review-deps
                         List dependencies that declare install-time scripts
+  safe-install -- update [npm update args]
+                        Run npm update with scripts disabled, then rebuild trusted dependencies
 `);
 }
 export function reviewDepsCommand() {
@@ -142,10 +159,16 @@ export function reviewDepsCommand() {
     console.log("Review these packages before adding them to trustedDependencies.");
 }
 export function installCommand(args = []) {
+    runPackageManagerThenRebuild(getInstallArgs(args));
+}
+export function updateCommand(args = []) {
+    runPackageManagerThenRebuild(getUpdateArgs(args));
+}
+function runPackageManagerThenRebuild(npmArgs) {
     const pkg = readPackageJson();
     const config = getSafeInstallConfig(pkg);
     const trustedDependencies = getTrustedDependencies(pkg);
-    run("npm", getInstallArgs(args));
+    run("npm", [...npmArgs]);
     if (existsSync("package-lock.json")) {
         assertNoBlockedExoticSubdeps(config, readPackageLock());
     }
@@ -154,20 +177,20 @@ export function installCommand(args = []) {
     }
 }
 export function main(args = process.argv.slice(2)) {
-    if (args.includes("--help") || args.includes("-h")) {
+    const command = parseCommand(args);
+    if (command.kind === "help") {
         printHelp();
         return;
     }
-    const command = args.find((arg) => arg !== "--" && !arg.startsWith("-"));
-    if (command === undefined) {
-        installCommand(args.filter((arg) => arg !== "--"));
+    if (command.kind === "review-deps") {
+        reviewDepsCommand();
         return;
     }
-    if (command === "review-deps") {
-        reviewDepsCommand();
+    if (command.kind === "update") {
+        updateCommand(command.args);
         return;
     }
-    throw new Error(`Unknown command: ${command}`);
+    installCommand(command.args);
 }
 if (process.argv[1] && realpathSync(fileURLToPath(import.meta.url)) === realpathSync(process.argv[1])) {
     try {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gkiely/safe-install",
-  "version": "0.1.5",
+  "version": "0.1.7",
   "description": "Run npm installs with lifecycle scripts disabled, then rebuild explicitly trusted dependencies.",
   "author": "Grant Kiely <grant@youneedawiki.com>",
   "license": "MIT",
@@ -47,7 +47,7 @@
     "prepublishOnly": "npm run typecheck && npm test",
     "release": "npm run typecheck && npm test && npm version patch && npm publish --access public && git push --follow-tags",
     "safe-install": "node dist/index.js",
-    "test": "node --test",
+    "test": "npm run build && node --test",
     "typecheck": "tsc --noEmit"
   },
   "devDependencies": {