UNPKG

@naandalist/patch-package

Version:

Fix broken node modules with no fuss

github.com/naandalist/patch-package

naandalist/patch-package

76 lines (50 loc) 2.42 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# @naandalist/patch-package This package is a forked version of the official [patch-package v8.0.0](https://www.npmjs.com/package/patch-package). Its main purpose is to fix a security vulnerability (MEDIUM, and HIGH SEVERITY). ## Security Improvements This fork fix all security vulnerabilities identified by Snyk: | No. | Issue Type | Dependency | Severity | Vulnerability ID | | --- | ---------------------------------------------------- | ------------- | --------- | -------------------------------------------------------------------------------------- | | 1 | Regular Expression Denial of Service (ReDoS) | `cross-spawn` | High | [SNYK-JS-CROSSSPAWN-8303230](https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230) | | 2 | Inefficient Regular Expression Complexity | `micromatch` | High | [SNYK-JS-MICROMATCH-6838728](https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728) | | 3 | Missing Release of Resource after Effective Lifetime | `inflight` | Medium | [SNYK-JS-INFLIGHT-6095116](https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | <!-- ![snyk-finding-inflight](/snyk-finding-inflight.png) --> ## Installation ```bash npm install @naandalist/patch-package # or yarn add @naandalist/patch-package ``` ## Usage The usage remains identical to the original patch-package, maintaining full compatibility while providing enhanced security. ### Creating Patches 1. Make your changes to package files in the `node_modules` folder 2. Run the following command: ```bash # Using yarn yarn patch-package package-name # Using npm npx patch-package package-name ``` ### Applying Patches Patches are automatically applied when you run: ```bash yarn install # or npm install ``` For detailed usage instructions and advanced features, please refer to the [original patch-package documentation](https://www.npmjs.com/package/patch-package). ## Why Use This Fork? - ✅ All original functionality preserved - 🛡️ Snyk finding security vulnerabilities fixed - 💪 Regular security maintenance ## Contributing Contributions are welcome! Please feel free to submit a Pull Request. ## License MIT - See [LICENSE](LICENSE) for details. --- For more details, please visit [GitHub repository](https://github.com/naandalist/patch-package).