@angular-devkit/core - npm Package Compare versions

Comparing version 0.8.0-beta.0 to 0.8.0-beta.1

package.json

 {
   "name": "@angular-devkit/core",
-  "version": "0.8.0-beta.0",
+  "version": "0.8.0-beta.1",
   "description": "Angular DevKit - Core Utility Library",
@@ -5,0 +5,0 @@ "main": "src/index.js",

src/json/parser.d.ts

@@ -40,4 +40,10 @@ /**
     TrailingCommasAllowed = 8,
+    HexadecimalNumberAllowed = 16,
+    MultiLineStringAllowed = 32,
+    LaxNumberParsingAllowed = 64,
+    NumberConstantsAllowed = 128,
     Default = 0,
-    Loose = 15,
+    Loose = 255,
+    Json = 0,
+    Json5 = 255,
 }
@@ -44,0 +50,0 @@ /**

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 3 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 3 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

721197

1.88%

Lines of code

6937

1.55%

Worsened metrics

Number of low supply chain risk alerts

23

4.55%

No dependency changes