search

cnpm / binary-mirror-config

Binary mirror config for prebuild and node-pre-gyp
https://npmmirror.com/mirrors/
Other
162 stars 18 forks source link

📦 NEW: Support cypress mirror env #41

Closed fengmk2 closed 2 years ago

fengmk2 commented 2 years ago

deps https://github.com/cnpm/cnpmcore/pull/351

codecov[bot] commented 2 years ago

Codecov Report

Merging #41 (0211d0e) into master (4e9bdf7) will increase coverage by 0.12%. The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           master      #41      +/-   ##
==========================================
+ Coverage   75.66%   75.78%   +0.12%     
==========================================
  Files           2        2              
  Lines         189      190       +1     
  Branches       34       34              
==========================================
+ Hits          143      144       +1     
  Misses         46       46
Impacted Files Coverage Δ
lib/mirror_config.js 75.53% <100.00%> (+0.13%) :arrow_up:

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

socket-security[bot] commented 2 years ago

Socket Security Pull Request Report

Dependency issues detected. If you merge this pull request, you will not be alerted to the instances of these issues again.

📜 Install scripts

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Package Script field Location
es5-ext@0.10.62 (upgraded) postinstall package.json via egg-bin@5.3.1, espower-source@2.3.0, espower@2.1.2, escope@3.6.0, es6-map@0.1.5
Pull request report summary
Issue Status
Install scripts ⚠️ 1 issue
Native code ✅ 0 issues
Bin script confusion ✅ 0 issues
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Non-existent author ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues
Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

  • @SocketSecurity ignore es5-ext@0.10.62

Powered by socket.dev

fengmk2 commented 2 years ago

@SocketSecurity ignore es5-ext@0.10.62

fengmk2 commented 2 years ago

2.9.0

fengmk2 commented 2 years ago

Fixes https://github.com/cypress-io/cypress/issues/22864