MCPcopy Index your code
hub / github.com/nodejs/node / unreviewedScriptsMessage

Function unreviewedScriptsMessage

deps/npm/lib/utils/reify-output.js:234–269  ·  view source on GitHub ↗
(npm, unreviewedScripts)

Source from the content-addressed store, hash-verified

232}
233
234const unreviewedScriptsMessage = (npm, unreviewedScripts) => {
235 if (!unreviewedScripts.length) {
236 return
237 }
238
239 // Goes through log.warn so it respects --loglevel / --silent and lands
240 // on stderr like every other "FYI, here's something to know" message.
241 // stdout is reserved for things the user explicitly asked to see
242 // (npm ls, npm view).
243 const count = unreviewedScripts.length
244 const pkg = count === 1 ? 'package has' : 'packages have'
245 const header = `${count} ${pkg} install scripts not yet covered by allowScripts:`
246
247 const names = []
248 const lines = unreviewedScripts.map(({ node, scripts }) => {
249 const { name, version } = trustedDisplay(node)
250 /* istanbul ignore next: every test node has a name */
251 const display = name || '<unknown>'
252 names.push(display)
253 const ver = version ? `@${version}` : ''
254 const events = Object.entries(scripts)
255 .map(([event, cmd]) => `${event}: ${cmd}`)
256 .join('; ')
257 return ` ${display}${ver} (${events})`
258 })
259
260 log.warn(
261 'allow-scripts',
262 [
263 header,
264 ...lines,
265 '',
266 ...remediationLines(npm, names),
267 ].join('\n')
268 )
269}
270
271// `npm approve-scripts` writes to a project package.json, which doesn't
272// exist for global installs (it throws EGLOBAL). For those, point users at

Callers 1

reifyOutputFunction · 0.85

Calls 6

remediationLinesFunction · 0.85
warnMethod · 0.80
mapMethod · 0.65
pushMethod · 0.45
joinMethod · 0.45
entriesMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…