@endo/module-source - npm Package Compare versions

Comparing version 1.3.0 to 1.3.1

package.json

 {
   "name": "@endo/module-source",
-  "version": "1.3.0",
+  "version": "1.3.1",
   "description": "Ponyfill for the SES ModuleSource and module-to-program transformer",
@@ -49,3 +49,3 @@ "keywords": [
     "@babel/types": "~7.26.0",
-    "ses": "^1.12.0"
+    "ses": "^1.13.0"
   },
@@ -57,9 +57,9 @@ "devDependencies": {
     "c8": "^7.14.0",
-    "eslint": "^8.57.0",
+    "eslint": "^8.57.1",
     "eslint-config-airbnb-base": "^15.0.0",
     "eslint-config-prettier": "^9.1.0",
     "eslint-plugin-eslint-comments": "^3.2.0",
-    "eslint-plugin-import": "^2.29.1",
-    "prettier": "^3.3.3",
-    "typescript": "~5.6.3"
+    "eslint-plugin-import": "^2.31.0",
+    "prettier": "^3.5.3",
+    "typescript": "~5.8.3"
   },
@@ -94,3 +94,3 @@ "files": [
   },
-  "gitHead": "9b6784831d37db948cdd61f6da1f3489e8f97906"
+  "gitHead": "571b7803cf10df7cb4fa9d70e4d53a0b53767fa8"
 }

SECURITY.md

@@ -11,5 +11,5 @@ # Security Policy
 
-SES stands for fearless cooperation, and strong security requires strong collaboration with security researchers. If you believe that you have found a security sensitive bug that should not be disclosed until a fix has been made available, we encourage you to report it. To report a bug in HardenedJS, you have several options that include: 
+SES stands for fearless cooperation, and strong security requires strong collaboration with security researchers. If you believe that you have found a security sensitive bug that should not be disclosed until a fix has been made available, we encourage you to report it. To report a bug in HardenedJS, you have several options that include:
 
-* Reporting the issue to the [Agoric HackerOne vulnerability rewards program](https://hackerone.com/agoric). 
+* Reporting the issue to the [Agoric HackerOne vulnerability rewards program](https://hackerone.com/agoric).
 
@@ -16,0 +16,0 @@ * Sending an email to security at (@) agoric.com., encrypted or unencrypted. To encrypt, please use  @Warner’s personal GPG key  [A476E2E6 11880C98 5B3C3A39 0386E81B 11CAA07A](http://www.lothar.com/warner-gpg.html)  .

src/babel-plugin.js

@@ -34,2 +34,4 @@ /* eslint max-lines: 0 */
       });
+    case 'AssignmentPattern':
+      return collectPatternIdentifiers(path, pattern.left);
     default:
@@ -36,0 +38,0 @@ throw path.buildCodeFrameError(

src/hidden.d.ts

@@ -1,3 +0,3 @@
-export const HIDDEN_PREFIX: "$h͏_";
-export const HIDDEN_CONST_VAR_PREFIX: "$c͏_";
+export const HIDDEN_PREFIX: "$h\u034F_";
+export const HIDDEN_CONST_VAR_PREFIX: "$c\u034F_";
 export const HIDDEN_A: "$h͏_a";
@@ -4,0 +4,0 @@ export const HIDDEN_IMPORT: "$h͏_import";

src/module-source.d.ts

@@ -28,3 +28,3 @@ /**
  */
-export function ModuleSource(source: string, opts?: string | Options | undefined): void;
+export function ModuleSource(source: string, opts?: string | Options): void;
 export class ModuleSource {
@@ -58,3 +58,3 @@ /**
      */
-    constructor(source: string, opts?: string | Options | undefined);
+    constructor(source: string, opts?: string | Options);
     imports: string[];
@@ -61,0 +61,0 @@ exports: any[];

Fixed alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

63783

0.19%

Lines of code

1144

0.18%

Number of medium supply chain risk alerts

0

-100%

Dependency changes

• Updated

  ses@^1.13.0