@gkiely/safe-install 0.1.6 → 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -0
- package/dist/index.d.ts +5 -0
- package/dist/index.js +19 -1
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -68,6 +68,12 @@ You can pass npm install args through:
|
|
|
68
68
|
npm run safe-install left-pad@latest
|
|
69
69
|
```
|
|
70
70
|
|
|
71
|
+
You can run npm update through the same command:
|
|
72
|
+
|
|
73
|
+
```sh
|
|
74
|
+
npm run safe-install -- update
|
|
75
|
+
```
|
|
76
|
+
|
|
71
77
|
## What `safe-install` does
|
|
72
78
|
|
|
73
79
|
`safe-install` runs npm install with scripts blocked, then runs install scripts only for packages listed in
|
package/dist/index.d.ts
CHANGED
|
@@ -16,6 +16,9 @@ type PackageLock = {
|
|
|
16
16
|
type ParsedCommand = {
|
|
17
17
|
kind: "install";
|
|
18
18
|
args: string[];
|
|
19
|
+
} | {
|
|
20
|
+
kind: "update";
|
|
21
|
+
args: string[];
|
|
19
22
|
} | {
|
|
20
23
|
kind: "review-deps";
|
|
21
24
|
} | {
|
|
@@ -29,8 +32,10 @@ type SafeInstallConfig = {
|
|
|
29
32
|
export declare function getSafeInstallConfig(pkg: PackageJson): SafeInstallConfig;
|
|
30
33
|
export declare function assertNoBlockedExoticSubdeps(config: SafeInstallConfig, packageLock: PackageLock): void;
|
|
31
34
|
export declare function getInstallArgs(args?: readonly string[]): string[];
|
|
35
|
+
export declare function getUpdateArgs(args?: readonly string[]): string[];
|
|
32
36
|
export declare function parseCommand(args: readonly string[]): ParsedCommand;
|
|
33
37
|
export declare function reviewDepsCommand(): void;
|
|
34
38
|
export declare function installCommand(args?: readonly string[]): void;
|
|
39
|
+
export declare function updateCommand(args?: readonly string[]): void;
|
|
35
40
|
export declare function main(args?: string[]): void;
|
|
36
41
|
export {};
|
package/dist/index.js
CHANGED
|
@@ -118,6 +118,9 @@ function run(command, args) {
|
|
|
118
118
|
export function getInstallArgs(args = []) {
|
|
119
119
|
return ["install", "--ignore-scripts", ...args];
|
|
120
120
|
}
|
|
121
|
+
export function getUpdateArgs(args = []) {
|
|
122
|
+
return ["update", "--ignore-scripts", ...args];
|
|
123
|
+
}
|
|
121
124
|
export function parseCommand(args) {
|
|
122
125
|
if (args.includes("--help") || args.includes("-h")) {
|
|
123
126
|
return { kind: "help" };
|
|
@@ -125,6 +128,9 @@ export function parseCommand(args) {
|
|
|
125
128
|
if (args[0] === "--" && args[1] === "review-deps") {
|
|
126
129
|
return { kind: "review-deps" };
|
|
127
130
|
}
|
|
131
|
+
if (args[0] === "--" && args[1] === "update") {
|
|
132
|
+
return { kind: "update", args: args.slice(2) };
|
|
133
|
+
}
|
|
128
134
|
return { kind: "install", args: args.filter((arg) => arg !== "--") };
|
|
129
135
|
}
|
|
130
136
|
function printHelp() {
|
|
@@ -135,6 +141,8 @@ Usage:
|
|
|
135
141
|
Run npm install with scripts disabled, then rebuild trusted dependencies
|
|
136
142
|
safe-install -- review-deps
|
|
137
143
|
List dependencies that declare install-time scripts
|
|
144
|
+
safe-install -- update [npm update args]
|
|
145
|
+
Run npm update with scripts disabled, then rebuild trusted dependencies
|
|
138
146
|
`);
|
|
139
147
|
}
|
|
140
148
|
export function reviewDepsCommand() {
|
|
@@ -151,10 +159,16 @@ export function reviewDepsCommand() {
|
|
|
151
159
|
console.log("Review these packages before adding them to trustedDependencies.");
|
|
152
160
|
}
|
|
153
161
|
export function installCommand(args = []) {
|
|
162
|
+
runPackageManagerThenRebuild(getInstallArgs(args));
|
|
163
|
+
}
|
|
164
|
+
export function updateCommand(args = []) {
|
|
165
|
+
runPackageManagerThenRebuild(getUpdateArgs(args));
|
|
166
|
+
}
|
|
167
|
+
function runPackageManagerThenRebuild(npmArgs) {
|
|
154
168
|
const pkg = readPackageJson();
|
|
155
169
|
const config = getSafeInstallConfig(pkg);
|
|
156
170
|
const trustedDependencies = getTrustedDependencies(pkg);
|
|
157
|
-
run("npm",
|
|
171
|
+
run("npm", [...npmArgs]);
|
|
158
172
|
if (existsSync("package-lock.json")) {
|
|
159
173
|
assertNoBlockedExoticSubdeps(config, readPackageLock());
|
|
160
174
|
}
|
|
@@ -172,6 +186,10 @@ export function main(args = process.argv.slice(2)) {
|
|
|
172
186
|
reviewDepsCommand();
|
|
173
187
|
return;
|
|
174
188
|
}
|
|
189
|
+
if (command.kind === "update") {
|
|
190
|
+
updateCommand(command.args);
|
|
191
|
+
return;
|
|
192
|
+
}
|
|
175
193
|
installCommand(command.args);
|
|
176
194
|
}
|
|
177
195
|
if (process.argv[1] && realpathSync(fileURLToPath(import.meta.url)) === realpathSync(process.argv[1])) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@gkiely/safe-install",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.7",
|
|
4
4
|
"description": "Run npm installs with lifecycle scripts disabled, then rebuild explicitly trusted dependencies.",
|
|
5
5
|
"author": "Grant Kiely <grant@youneedawiki.com>",
|
|
6
6
|
"license": "MIT",
|
|
@@ -47,7 +47,7 @@
|
|
|
47
47
|
"prepublishOnly": "npm run typecheck && npm test",
|
|
48
48
|
"release": "npm run typecheck && npm test && npm version patch && npm publish --access public && git push --follow-tags",
|
|
49
49
|
"safe-install": "node dist/index.js",
|
|
50
|
-
"test": "node --test",
|
|
50
|
+
"test": "npm run build && node --test",
|
|
51
51
|
"typecheck": "tsc --noEmit"
|
|
52
52
|
},
|
|
53
53
|
"devDependencies": {
|