Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Guard against publishing files that depend on local files #40

Open
kwangure opened this issue May 9, 2023 · 1 comment
Open

Guard against publishing files that depend on local files #40

kwangure opened this issue May 9, 2023 · 1 comment
Labels
enhancement New feature or request

Comments

@kwangure
Copy link

kwangure commented May 9, 2023

I usually use npm pack to test files locally . That has resulted in the tarball install path ending up in a published package before. It would be nice if Publint had a check guarding against packages installed from local files:

"dependencies": {
	"package": "file:../package-0.1.0.tgz"
}
@bluwy
Copy link
Owner

bluwy commented May 12, 2023

I probably need some time to think about this, as right now publint focuses on JS file syntax and exports. Expanding to dependencies checking could be nice as a "publish linter". I think it'll be clearer whether this make sense after implementing #13

@bluwy bluwy added the enhancement New feature or request label May 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bluwy @kwangure