@npmcli/arborist 9.0.0-pre.0 → 9.0.0-pre.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/audit-report.js +2 -2
- package/lib/query-selector-all.js +2 -2
- package/package.json +4 -4
package/lib/audit-report.js
CHANGED
|
@@ -15,7 +15,7 @@ const _init = Symbol('init')
|
|
|
15
15
|
const _omit = Symbol('omit')
|
|
16
16
|
const { log, time } = require('proc-log')
|
|
17
17
|
|
|
18
|
-
const
|
|
18
|
+
const npmFetch = require('npm-registry-fetch')
|
|
19
19
|
|
|
20
20
|
class AuditReport extends Map {
|
|
21
21
|
static load (tree, opts) {
|
|
@@ -291,7 +291,7 @@ class AuditReport extends Map {
|
|
|
291
291
|
return null
|
|
292
292
|
}
|
|
293
293
|
|
|
294
|
-
const res = await
|
|
294
|
+
const res = await npmFetch('/-/npm/v1/security/advisories/bulk', {
|
|
295
295
|
...this.options,
|
|
296
296
|
registry: this.options.auditRegistry || this.options.registry,
|
|
297
297
|
method: 'POST',
|
|
@@ -8,7 +8,7 @@ const { minimatch } = require('minimatch')
|
|
|
8
8
|
const npa = require('npm-package-arg')
|
|
9
9
|
const pacote = require('pacote')
|
|
10
10
|
const semver = require('semver')
|
|
11
|
-
const
|
|
11
|
+
const npmFetch = require('npm-registry-fetch')
|
|
12
12
|
|
|
13
13
|
// handle results for parsed query asts, results are stored in a map that has a
|
|
14
14
|
// key that points to each ast selector node and stores the resulting array of
|
|
@@ -461,7 +461,7 @@ class Results {
|
|
|
461
461
|
packages[node.name].push(node.version)
|
|
462
462
|
}
|
|
463
463
|
})
|
|
464
|
-
const res = await
|
|
464
|
+
const res = await npmFetch('/-/npm/v1/security/advisories/bulk', {
|
|
465
465
|
...this.flatOptions,
|
|
466
466
|
registry: this.flatOptions.auditRegistry || this.flatOptions.registry,
|
|
467
467
|
method: 'POST',
|
package/package.json
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@npmcli/arborist",
|
|
3
|
-
"version": "9.0.0-pre.
|
|
3
|
+
"version": "9.0.0-pre.1",
|
|
4
4
|
"description": "Manage node_modules trees",
|
|
5
5
|
"dependencies": {
|
|
6
6
|
"@isaacs/string-locale-compare": "^1.1.0",
|
|
7
7
|
"@npmcli/fs": "^4.0.0",
|
|
8
8
|
"@npmcli/installed-package-contents": "^3.0.0",
|
|
9
9
|
"@npmcli/map-workspaces": "^4.0.1",
|
|
10
|
-
"@npmcli/metavuln-calculator": "^
|
|
10
|
+
"@npmcli/metavuln-calculator": "^9.0.0",
|
|
11
11
|
"@npmcli/name-from-folder": "^3.0.0",
|
|
12
12
|
"@npmcli/node-gyp": "^4.0.0",
|
|
13
13
|
"@npmcli/package-json": "^6.0.1",
|
|
@@ -26,7 +26,7 @@
|
|
|
26
26
|
"npm-package-arg": "^12.0.0",
|
|
27
27
|
"npm-pick-manifest": "^10.0.0",
|
|
28
28
|
"npm-registry-fetch": "^18.0.1",
|
|
29
|
-
"pacote": "^
|
|
29
|
+
"pacote": "^21.0.0",
|
|
30
30
|
"parse-conflict-json": "^4.0.0",
|
|
31
31
|
"proc-log": "^5.0.0",
|
|
32
32
|
"proggy": "^3.0.0",
|
|
@@ -36,7 +36,7 @@
|
|
|
36
36
|
"semver": "^7.3.7",
|
|
37
37
|
"ssri": "^12.0.0",
|
|
38
38
|
"treeverse": "^3.0.0",
|
|
39
|
-
"walk-up-path": "^
|
|
39
|
+
"walk-up-path": "^4.0.0"
|
|
40
40
|
},
|
|
41
41
|
"devDependencies": {
|
|
42
42
|
"@npmcli/eslint-config": "^5.0.1",
|