memtrace 0.3.33 → 0.3.34
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/memtrace.js +19 -7
- package/install.js +13 -2
- package/package.json +4 -4
package/bin/memtrace.js
CHANGED
|
@@ -6,6 +6,7 @@ const path = require("path");
|
|
|
6
6
|
const fs = require("fs");
|
|
7
7
|
const { spawnSync, spawn } = require("child_process");
|
|
8
8
|
const { getBinaryPath } = require("../install.js");
|
|
9
|
+
const { platformBinary, spawnOptionsForPlatform } = require("../lib/spawn-helper");
|
|
9
10
|
|
|
10
11
|
// ── Handle `memtrace uninstall` before delegating to the Rust binary ────────
|
|
11
12
|
// npm v7+ does NOT fire preuninstall hooks for global packages (npm/cli#3042).
|
|
@@ -27,14 +28,20 @@ const args = process.argv.slice(2);
|
|
|
27
28
|
// which now resolves to the freshly-installed shim, not this old one.
|
|
28
29
|
|
|
29
30
|
if (args[0] === "install" || args[0] === "update" || args[0] === "upgrade") {
|
|
30
|
-
|
|
31
|
-
|
|
31
|
+
// `npm.cmd` on win32 needs `shell: true` since the CVE-2024-27980
|
|
32
|
+
// mitigation in Node 18.20+ / 20.12+ / 21.7+. The helpers in
|
|
33
|
+
// `lib/spawn-helper.js` are unit + property tested.
|
|
34
|
+
const npmCmd = platformBinary("npm", process.platform);
|
|
35
|
+
const memtraceCmd = platformBinary("memtrace", process.platform);
|
|
32
36
|
|
|
33
37
|
process.stdout.write("memtrace: fetching latest from npm registry…\n");
|
|
34
38
|
const installResult = spawnSync(
|
|
35
39
|
npmCmd,
|
|
36
40
|
["install", "-g", "memtrace@latest"],
|
|
37
|
-
|
|
41
|
+
spawnOptionsForPlatform(process.platform, {
|
|
42
|
+
stdio: "inherit",
|
|
43
|
+
env: process.env,
|
|
44
|
+
})
|
|
38
45
|
);
|
|
39
46
|
|
|
40
47
|
if (installResult.error) {
|
|
@@ -60,10 +67,15 @@ if (args[0] === "install" || args[0] === "update" || args[0] === "upgrade") {
|
|
|
60
67
|
process.stdout.write(
|
|
61
68
|
`memtrace: upgrade complete — running 'memtrace ${rest.join(" ")}'\n`
|
|
62
69
|
);
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
70
|
+
// memtrace.cmd on Windows needs the same shell:true handling.
|
|
71
|
+
const runResult = spawnSync(
|
|
72
|
+
memtraceCmd,
|
|
73
|
+
rest,
|
|
74
|
+
spawnOptionsForPlatform(process.platform, {
|
|
75
|
+
stdio: "inherit",
|
|
76
|
+
env: process.env,
|
|
77
|
+
})
|
|
78
|
+
);
|
|
67
79
|
if (runResult.error) {
|
|
68
80
|
console.error(`memtrace: failed to chain command — ${runResult.error.message}`);
|
|
69
81
|
process.exit(1);
|
package/install.js
CHANGED
|
@@ -5,6 +5,7 @@ const os = require("os");
|
|
|
5
5
|
const path = require("path");
|
|
6
6
|
const fs = require("fs");
|
|
7
7
|
const { spawnSync } = require("child_process");
|
|
8
|
+
const { platformBinary, spawnOptionsForPlatform } = require("./lib/spawn-helper");
|
|
8
9
|
|
|
9
10
|
// ── Platform binary resolution (preserved from legacy) ───────────────────────
|
|
10
11
|
|
|
@@ -68,10 +69,20 @@ function selfHealPlatformPackage() {
|
|
|
68
69
|
`memtrace: optional platform dep ${pkg} was not installed; ` +
|
|
69
70
|
`running 'npm install ${versioned}' to fetch it…`
|
|
70
71
|
);
|
|
72
|
+
// On Windows, Node.js 18.20+ / 20.12+ / 21.7+ refuse to spawn `.cmd`
|
|
73
|
+
// and `.bat` files without `shell: true` as part of the
|
|
74
|
+
// CVE-2024-27980 mitigation. The platform-aware helpers in
|
|
75
|
+
// `lib/spawn-helper.js` are unit + property tested so the shell
|
|
76
|
+
// flag is set IFF process.platform === "win32" — see
|
|
77
|
+
// `test/spawn-helper.test.js` for the full regression coverage.
|
|
71
78
|
const result = spawnSync(
|
|
72
|
-
|
|
79
|
+
platformBinary("npm", process.platform),
|
|
73
80
|
["install", "--no-save", versioned],
|
|
74
|
-
|
|
81
|
+
spawnOptionsForPlatform(process.platform, {
|
|
82
|
+
cwd: __dirname,
|
|
83
|
+
stdio: "inherit",
|
|
84
|
+
env: process.env,
|
|
85
|
+
})
|
|
75
86
|
);
|
|
76
87
|
if (result.status !== 0) {
|
|
77
88
|
console.warn(
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "memtrace",
|
|
3
|
-
"version": "0.3.
|
|
3
|
+
"version": "0.3.34",
|
|
4
4
|
"description": "Code intelligence graph — MCP server + AI agent skills + visualization UI",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"mcp",
|
|
@@ -37,9 +37,9 @@
|
|
|
37
37
|
"fs-extra": "^11.0.0"
|
|
38
38
|
},
|
|
39
39
|
"optionalDependencies": {
|
|
40
|
-
"@memtrace/darwin-arm64": "0.3.
|
|
41
|
-
"@memtrace/linux-x64": "0.3.
|
|
42
|
-
"@memtrace/win32-x64": "0.3.
|
|
40
|
+
"@memtrace/darwin-arm64": "0.3.34",
|
|
41
|
+
"@memtrace/linux-x64": "0.3.34",
|
|
42
|
+
"@memtrace/win32-x64": "0.3.34"
|
|
43
43
|
},
|
|
44
44
|
"engines": {
|
|
45
45
|
"node": ">=18"
|