update

.pnpm-store/v10/files/5a/4b34741755cbbb6f48039b2dd7d82bb714f9ecf7d102124b55927fee451de9046c31f4d00c7bfaf313d3417dec941cead5fc5184b6d675e2931408ba5c3c21

@@ -0,0 +1,82 @@
+import hasNewVersion from './hasNewVersion';
+import { getLastUpdate } from './cache';
+import getDistVersion from './getDistVersion';
+
+jest.mock('./getDistVersion', () => jest.fn().mockReturnValue('1.0.0'));
+jest.mock('./cache', () => ({
+  getLastUpdate: jest.fn().mockReturnValue(undefined),
+  createConfigDir: jest.fn(),
+  saveLastUpdate: jest.fn(),
+}));
+
+const pkg = { name: 'test', version: '1.0.0' };
+
+afterEach(() => jest.clearAllMocks());
+
+const defaultArgs = {
+  pkg,
+  shouldNotifyInNpmScript: true,
+  alwaysRun: true,
+};
+
+test('it should not trigger update for same version', async () => {
+  const newVersion = await hasNewVersion(defaultArgs);
+
+  expect(newVersion).toBe(false);
+});
+
+test('it should trigger update for patch version bump', async () => {
+  (getDistVersion as jest.Mock).mockReturnValue('1.0.1');
+
+  const newVersion = await hasNewVersion(defaultArgs);
+
+  expect(newVersion).toBe('1.0.1');
+});
+
+test('it should trigger update for minor version bump', async () => {
+  (getDistVersion as jest.Mock).mockReturnValue('1.1.0');
+
+  const newVersion = await hasNewVersion(defaultArgs);
+
+  expect(newVersion).toBe('1.1.0');
+});
+
+test('it should trigger update for major version bump', async () => {
+  (getDistVersion as jest.Mock).mockReturnValue('2.0.0');
+
+  const newVersion = await hasNewVersion(defaultArgs);
+
+  expect(newVersion).toBe('2.0.0');
+});
+
+test('it should not trigger update if version is lower', async () => {
+  (getDistVersion as jest.Mock).mockReturnValue('0.0.9');
+
+  const newVersion = await hasNewVersion(defaultArgs);
+
+  expect(newVersion).toBe(false);
+});
+
+it('should trigger update check if last update older than config', async () => {
+  const TWO_WEEKS = new Date().getTime() - 1000 * 60 * 60 * 24 * 14;
+  (getLastUpdate as jest.Mock).mockReturnValue(TWO_WEEKS);
+  const newVersion = await hasNewVersion({
+    pkg,
+    shouldNotifyInNpmScript: true,
+  });
+
+  expect(newVersion).toBe(false);
+  expect(getDistVersion).toHaveBeenCalled();
+});
+
+it('should not trigger update check if last update is too recent', async () => {
+  const TWELVE_HOURS = new Date().getTime() - 1000 * 60 * 60 * 12;
+  (getLastUpdate as jest.Mock).mockReturnValue(TWELVE_HOURS);
+  const newVersion = await hasNewVersion({
+    pkg,
+    shouldNotifyInNpmScript: true,
+  });
+
+  expect(newVersion).toBe(false);
+  expect(getDistVersion).not.toHaveBeenCalled();
+});

.pnpm-store/v10/files/5a/a058b78ceabd8b0c9b9453023706c916e7277c482ecd3621ce3da3623702fbf540114d2e904301ff30bf36c38c5af5d29940021f3c0ad9bc267d4d2861681c

@@ -0,0 +1,25 @@
+# Security Policies and Procedures
+
+## Reporting a Bug
+
+The `cookie` team and community take all security bugs seriously. Thank
+you for improving the security of the project. We appreciate your efforts and
+responsible disclosure and will make every effort to acknowledge your
+contributions.
+
+Report security bugs by emailing the current owner(s) of `cookie`. This
+information can be found in the npm registry using the command
+`npm owner ls cookie`.
+If unsure or unable to get the information from the above, open an issue
+in the [project issue tracker](https://github.com/jshttp/cookie/issues)
+asking for the current contact information.
+
+To ensure the timely response to your report, please ensure that the entirety
+of the report is contained within the email body and not solely behind a web
+link or an attachment.
+
+At least one owner will acknowledge your email within 48 hours, and will send a
+more detailed response within 48 hours indicating the next steps in handling
+your report. After the initial reply to your report, the owners will
+endeavor to keep you informed of the progress towards a fix and full
+announcement, and may ask for additional information or guidance.