npm-check-updates 19.3.2 → 19.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +12 -5
- package/build/index.d.ts +3 -3
- package/build/index.js +149 -142
- package/build/index.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -209,8 +209,8 @@ Options that take no arguments can be negated by prefixing them with `--no-`, e.
|
|
|
209
209
|
<td>Directory of .ncurc config file. (default: directory of <code>packageFile</code>)</td>
|
|
210
210
|
</tr>
|
|
211
211
|
<tr>
|
|
212
|
-
<td><a href="#cooldown">-c, --cooldown <
|
|
213
|
-
<td>Sets a minimum age
|
|
212
|
+
<td><a href="#cooldown">-c, --cooldown <period></a></td>
|
|
213
|
+
<td>Sets a minimum age for package versions to be considered for upgrade. Accepts a number (days) or a string with a unit: "7d" (days), "12h" (hours), "30m" (minutes). Reduces the risk of installing newly published, potentially compromised packages.</td>
|
|
214
214
|
</tr>
|
|
215
215
|
<tr>
|
|
216
216
|
<td>--cwd <path></td>
|
|
@@ -405,10 +405,17 @@ Run `ncu --help [OPTION]` to view advanced help for a specific option, or see be
|
|
|
405
405
|
|
|
406
406
|
Usage:
|
|
407
407
|
|
|
408
|
-
ncu --cooldown [
|
|
409
|
-
ncu -c [
|
|
408
|
+
ncu --cooldown [period]
|
|
409
|
+
ncu -c [period]
|
|
410
410
|
|
|
411
|
-
The cooldown option helps protect against supply chain attacks by requiring package versions to be published at least the given
|
|
411
|
+
The cooldown option helps protect against supply chain attacks by requiring package versions to be published at least the given amount of time before considering them for upgrade.
|
|
412
|
+
|
|
413
|
+
The value can be a plain number (days) or a string with a unit suffix:
|
|
414
|
+
|
|
415
|
+
--cooldown 7 7 days
|
|
416
|
+
--cooldown 7d 7 days (same as above)
|
|
417
|
+
--cooldown 12h 12 hours
|
|
418
|
+
--cooldown 30m 30 minutes
|
|
412
419
|
|
|
413
420
|
Note that previous stable versions will not be suggested. The package will be completely ignored if its latest published version is within the cooldown period. This is due to a limitation of the npm registry, which does not provide a way to query previous stable versions.
|
|
414
421
|
|
package/build/index.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { SemVer } from 'semver-utils';
|
|
2
2
|
|
|
3
3
|
/** A function that can be provided to the --cooldown option for custom cooldown predicate. */
|
|
4
|
-
declare type CooldownFunction = (packageName: string) => number | null;
|
|
4
|
+
declare type CooldownFunction = (packageName: string) => number | string | null;
|
|
5
5
|
|
|
6
6
|
/**
|
|
7
7
|
* TypeScript helper for .npmrc config file. Similar to vite and eslint's
|
|
@@ -104,8 +104,8 @@ export declare interface RunOptions {
|
|
|
104
104
|
configFileName?: string;
|
|
105
105
|
/** Directory of .ncurc config file. (default: directory of `packageFile`) */
|
|
106
106
|
configFilePath?: string;
|
|
107
|
-
/** Sets a minimum age
|
|
108
|
-
cooldown?: number | CooldownFunction;
|
|
107
|
+
/** Sets a minimum age for package versions to be considered for upgrade. Accepts a number (days) or a string with a unit: "7d" (days), "12h" (hours), "30m" (minutes). Reduces the risk of installing newly published, potentially compromised packages. Run "ncu --help --cooldown" for details. */
|
|
108
|
+
cooldown?: number | string | CooldownFunction;
|
|
109
109
|
/** Working directory in which npm will be executed. */
|
|
110
110
|
cwd?: string;
|
|
111
111
|
/** Run recursively in current working directory. Alias of (`--packageFile '**\/package.json'`). */
|