kevva / bin-build Goto Github PK
View Code? Open in Web Editor NEWEasily build binaries
License: MIT License
Easily build binaries
License: MIT License
I think a version bump is needed, specifically for this change: 9e92af2
Current version of bin-build
is 2.2.0
which now has this dependency download@^4.4.3
(if you install it from npm now). It should be download@^5.0.2
.
Cheers.
Please update dependencies decompress
and download
to latest version because they require gulp-util
which is depreciated.
Thanks!
I've noticed that the README, tests and index.js
file in this repo are outdated and do not match the latest code in the NPM package. Oddly enough, the NPM package.json
is outdated (despite having the correct version number) and the GitHub repo has the correct deps/devDeps...
Like discussed in imagemin/imagemin#32, we should improve error messages to include instructions on what dependencies are needed for builds to succeed.
I've been thinking about introducing a .dependency(dep, os)
method which collects the dependencies and if the build fails it writes a error message and lists the dependencies needed.
@sindresorhus, wdyt?
gutil.File => https://www.npmjs.com/package/vinyl
gutil.replaceExtension => The .extname property on Vinyl objects or https://www.npmjs.com/package/replace-ext
gutil.colors => https://www.npmjs.com/package/ansi-colors
gutil.date => https://www.npmjs.com/package/date-format
gutil.log => https://www.npmjs.com/package/fancy-log
gutil.template => https://www.npmjs.com/package/lodash.template
gutil.env => https://www.npmjs.com/package/minimist
gutil.beep => https://www.npmjs.com/package/beeper
gutil.noop => https://www.npmjs.com/package/through2
gutil.isStream => Use the .isStream() method on Vinyl objects
gutil.isBuffer => Use the .isBuffer() method on Vinyl objects
gutil.isNull => Use the .isNull() method on Vinyl objects
gutil.linefeed => Use the string '\n' in your code
gutil.combine => https://www.npmjs.com/package/multipipe
gutil.buffer => https://www.npmjs.com/package/list-stream
gutil.PluginError => https://www.npmjs.com/package/plugin-error
In execSeries
, they return stdout
and stderr
to the exec, but those arguments are ignored here:
Line 122 in ab490e9
In order to debug a failing build and see the actual output, I had to console.log those outputs. Somehow passing those up to the callback would allow projects which depend on this package provide better error messages.
bin-build
fails silently when the source archive file is invalid.
imagemin/optipng-bin#84 (comment)
imagemin/imagemin-optipng#18 (comment)
I'm not sure of the actual issue, just wanted to flag up this to see if it's something you can help with. Thanks!
Hi, there are multiple vulnerabilities with some widely-used versions of your package.
Can they be addressed and back-ported?
npx: installed 115 in 9.19s
(+) 1 vulnerability found
┌────────────┬────────────────────────────────────────────────────────────────────┐
│ │ Memory Exposure │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Name │ tunnel-agent │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ CVSS │ 5 (Medium) │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Installed │ 0.4.3 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Vulnerable │ <0.6.0 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Patched │ >=0.6.0 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Path │ [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > [email protected] │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ More Info │ https://nodesecurity.io/advisories/598 │
└────────────┴────────────────────────────────────────────────────────────────────┘
┌────────────┬────────────────────────────────────────────────────────────────────┐
│ │ Prototype Pollution │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Name │ deep-extend │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ CVSS │ 2 (Low) │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Installed │ 0.5.1 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Vulnerable │ <6.5.2 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Patched │ >=6.5.2 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Path │ [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > [email protected] │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ More Info │ https://nodesecurity.io/advisories/594 │
└────────────┴────────────────────────────────────────────────────────────────────┘
┌────────────┬────────────────────────────────────────────────────────────────────┐
│ │ Prototype Pollution │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Name │ deep-extend │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ CVSS │ 2 (Low) │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Installed │ 0.5.1 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Vulnerable │ All │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Patched │ None ���
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Path │ [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > [email protected] │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ More Info │ https://nodesecurity.io/advisories/612 │
└────────────┴────────────────────────────────────────────────────────────────────┘
┌────────────┬────────────────────────────────────────────────────────────────────┐
│ │ Prototype Pollution │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Name │ deep-extend │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ CVSS │ 2 (Low) │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Installed │ 0.5.1 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Vulnerable │ <1.0.1 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Patched │ >=1.0.1 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Path │ [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > [email protected] │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ More Info │ https://nodesecurity.io/advisories/611 │
└────────────┴─���──────────────────────────────────────────────────────────────────┘
┌────────────┬────────────────────────────────────────────────────────────────────┐
│ │ Memory Exposure │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Name │ tunnel-agent │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ CVSS │ 5 (Medium) │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Installed │ 0.4.3 │
├─────���──────┼────────────────────────────────────────────────────────────────────┤
│ Vulnerable │ <0.6.0 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Patched │ >=0.6.0 │
├────────────┼────────────────────────────────────────────────────────────────────┤
│ Path │ [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > [email protected] > [email protected] > │
│ │ [email protected] │
├────────────┼───────────────────────────���────────────────────────────────────────┤
│ More Info │ https://nodesecurity.io/advisories/598 │
└────────────┴────────────────────────────────────────────────────────────────────┘
Related: wemake-services/nuxt-imagemin#2
Related: Klathmon/imagemin-webpack-plugin#60
Related: imagemin/optipng-bin#98
Would it be possible, in case of binBuild.url
and binBuild.file
to remove temp dir after all operations are done?
I'm trying to package a AWS Lambda function, which uses cwebp-bin
library, and the difference between removing or not this temp directory is ~15MB final ZIP size. And in this case, the smaller the ZIP is, the better.
Thanks!
I'm using your plugin in a personal project. But it have some warnings with gulp-util. Can you follow this recomendations to remove that?
gutil.File => https://www.npmjs.com/package/vinyl
gutil.replaceExtension => The .extname property on Vinyl objects or https://www.npmjs.com/package/replace-ext
gutil.colors => https://www.npmjs.com/package/ansi-colors
gutil.date => https://www.npmjs.com/package/date-format
gutil.log => https://www.npmjs.com/package/fancy-log
gutil.template => https://www.npmjs.com/package/lodash.template
gutil.env => https://www.npmjs.com/package/minimist
gutil.beep => https://www.npmjs.com/package/beeper
gutil.noop => https://www.npmjs.com/package/through2
gutil.isStream => Use the .isStream() method on Vinyl objects
gutil.isBuffer => Use the .isBuffer() method on Vinyl objects
gutil.isNull => Use the .isNull() method on Vinyl objects
gutil.linefeed => Use the string '\n' in your code
gutil.combine => https://www.npmjs.com/package/multipipe
gutil.buffer => https://www.npmjs.com/package/list-stream
gutil.PluginError => https://www.npmjs.com/package/plugin-error
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.