-
Notifications
You must be signed in to change notification settings - Fork 30
[FEATURE] Recent update warning #81
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Conversation
hi, @IchiiDev ! |
I'm going to send an email directly to @th0r to suggest giving ownership/management to someone else, both on the NPM registery and GitHub. If no answers ensues I will try and send a ticket to NPM's support to request ownership due to inactivity. 😄 |
Nice! Tag me here, please, with any news! |
@IchiiDev salut! Any news ? |
@IchiiDev any chance you'd be able to reopen this and check it works with the latest version? |
I could check, I just saw that @th0r reacted in the referenced Issue, so I'll open it again if they are willing to take a look at the changes if up to date. I closed the PR due to previous inactivity. |
Aside from some ESLint errors I just fixed, nothing to report here. Waiting for review. (see #80) |
Will check this tomorrow |
publishedDatesCache[`${name}@${to}`] = getVersionPublicationDate(name, to) | ||
.then(date => new Date(date)) | ||
.catch(() => null); | ||
}); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what're you actually trying to do because this just doesn't look right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am adding every promises to the object so that they can resolve in the background and be awaited once needed in the loop.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
that's not really how promises work. nothing will resolve until they're awaited.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
that's not really how promises work. nothing will resolve until they're awaited.
What would be the best way to approach this issue then?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what're you actually trying to do?
This feature was suggested by Issue #80, I have implemented it on my fork.
What has been asked is basically to add a warning if a package was pushed recently, to prevent package hijacking and malwares.
What I have done to implement it:
This has been tested with some recently pushed packages and it works as expected. I will be available during the next few days to edit if any review requires changes.