@different-ai/opencode-browser - npm Package Compare versions

Comparing version 1.0.3 to 1.0.4

bin/cli.js

@@ -256,4 +256,16 @@ #!/usr/bin/env node
   } else {
-    log(`No opencode.json found in current directory.`);
-    log(`Add the config above to your project's opencode.json manually.`);
+    const shouldCreate = await confirm(`No opencode.json found. Create one with browser config?`);
+    
+    if (shouldCreate) {
+      try {
+        const config = { "$schema": "https://opencode.ai/config.json", mcp: mcpConfig };
+        writeFileSync(opencodeJsonPath, JSON.stringify(config, null, 2) + "\n");
+        success("Created opencode.json with browser MCP config");
+        shouldUpdateConfig = true;
+      } catch (e) {
+        error(`Failed to create opencode.json: ${e.message}`);
+      }
+    } else {
+      log(`Add the config above to your project's opencode.json manually.`);
+    }
   }
@@ -285,2 +297,5 @@
 ${color("bright", "Logs:")} ~/.opencode-browser/logs/
+
+${color("bright", "Test it out:")}
+  Open OpenCode and try: ${color("cyan", '"Navigate to google.com and take a snapshot"')}
 `);
@@ -287,0 +302,0 @@ }

package.json

 {
   "name": "@different-ai/opencode-browser",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "description": "Browser automation for OpenCode via Chrome extension + Native Messaging. Inspired by Claude in Chrome.",
@@ -5,0 +5,0 @@ "type": "module",

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

51046

1.17%

Lines of code

1354

0.97%

Worsened metrics

Number of low supply chain risk alerts

6

20%

No dependency changes