@convoy/dapper - npm Package Compare versions

Comparing version 2.0.97 to 2.0.104

dist/src/configure.js

@@ -6,3 +6,3 @@ "use strict";
     friendlyClassNames: process.env.NODE_ENV !== 'production',
-    useInsertRule: process.env.NODE_ENV === 'production',
+    useInsertRule: process.env.NODE_ENV !== 'development',
 });
@@ -9,0 +9,0 @@ function configure(cfg) {

dist/src/libs/renderCSSText.js

@@ -13,3 +13,14 @@ "use strict";
         cssTexts.forEach(function (cssText) {
-            sheet_1.insertRule(cssText, sheet_1.cssRules.length);
+            // Gracefully continue despite invalid CSS rules in production
+            try {
+                sheet_1.insertRule(cssText, sheet_1.cssRules.length);
+            }
+            catch (e) {
+                if (process.env.NODE_ENV === 'production') {
+                    console.error(e); // tslint:disable-line
+                }
+                else {
+                    throw e;
+                }
+            }
         });
@@ -16,0 +27,0 @@ }

package.json

 {
   "name": "@convoy/dapper",
-  "version": "2.0.97",
+  "version": "2.0.104",
   "description": "Styling library",
@@ -46,2 +46,5 @@ "license": "Apache-2.0",
     "@types/sinon-chai": "2.7.27",
+    "@types/source-map": "^0.5.0",
+    "@types/tapable": "^0.2.3",
+    "@types/uglify-js": "^2.6.29",
     "@types/webpack": "2.2.4",
@@ -48,0 +51,0 @@ "chai": "3.5.0",

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

116706

increased by0.64%

Lines of code

1656

increased by0.67%

Worsened metrics

Dev dependency count

35

increased by9.38%

Number of low supply chain risk alerts

2

increased by100%

No dependency changes