@iobroker/js-controller-common - npm Package Compare versions

Comparing version 4.1.0-alpha.3-20220302-91ae5b6c to 4.1.0-alpha.30-20220509-915ac1ff

package.json

 {
   "name": "@iobroker/js-controller-common",
-  "version": "4.1.0-alpha.3-20220302-91ae5b6c",
+  "version": "4.1.0-alpha.30-20220509-915ac1ff",
   "engines": {
@@ -9,2 +9,3 @@ "node": ">=12.0.0"
     "@datalust/winston-seq": "^1.0.0",
+    "diskusage": "^1.1.3",
     "winston-syslog": "^2.5.0"
@@ -14,15 +15,15 @@ },
     "@alcalzone/pak": "^0.7.0",
+    "axios": "^0.27.2",
     "ci-info": "^3.3.0",
     "deep-clone": "^3.0.3",
     "event-stream": "^4.0.1",
-    "fs-extra": "^10.0.0",
+    "fs-extra": "^10.1.0",
     "jsonwebtoken": "^8.5.1",
-    "node-forge": "^1.0.0",
+    "node-forge": "^1.3.0",
     "node.extend": "^2.0.2",
     "promisify-child-process": "^4.1.1",
     "readline": "^1.3.0",
-    "request": "^2.88.2",
     "semver": "^7.3.5",
-    "winston": "^3.3.3",
-    "winston-daily-rotate-file": "^4.6.0"
+    "winston": "^3.7.2",
+    "winston-daily-rotate-file": "^4.6.1"
   },
@@ -42,4 +43,14 @@ "keywords": [
   },
-  "scripts": {},
-  "main": "index.js",
+  "scripts": {
+    "build": "tsc -b tsconfig.build.json"
+  },
+  "main": "build/index.js",
+  "types": "build/index.d.ts",
+  "typesVersions": {
+    "*": {
+      "tools": [
+        "build/lib/common/tools"
+      ]
+    }
+  },
   "license": "MIT",
@@ -49,7 +60,13 @@ "publishConfig": {
   },
+  "exports": {
+    ".": "./build/index.js",
+    "./package.json": "./package.json",
+    "./tools": "./build/lib/common/tools.js"
+  },
   "files": [
-    "lib/",
-    "index.js"
+    "build/lib/",
+    "build/index.js",
+    "build/index.d.ts"
   ],
-  "gitHead": "17a916537b11b9df499fe4f11bca8e7fa366c914"
+  "gitHead": "b46ffc00e12aa5e0fe6067c8226761620e63d225"
 }

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Fixed alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Improved metrics

Total package byte prevSize

326045

increased by99.12%

Number of package files

25

increased by212.5%

Lines of code

4836

increased by17.78%

Number of medium supply chain risk alerts

5

decreased by-16.67%

Worsened metrics

Dependency count

17

increased by6.25%

Dependency changes

• + Addedaxios@^0.27.2

• + Addedaxios@0.27.2(transitive)

• + Addeddiskusage@1.2.0(transitive)

• + Addedes6-promise@4.2.8(transitive)

• + Addedform-data@4.0.1(transitive)

• - Removedrequest@^2.88.2

• - Removedajv@6.12.6(transitive)

• - Removedasn1@0.2.6(transitive)

• - Removedassert-plus@1.0.0(transitive)

• - Removedaws-sign2@0.7.0(transitive)

• - Removedaws4@1.13.2(transitive)

• - Removedbcrypt-pbkdf@1.0.2(transitive)

• - Removedcaseless@0.12.0(transitive)

• - Removedcore-util-is@1.0.2(transitive)

• - Removeddashdash@1.14.1(transitive)

• - Removedecc-jsbn@0.1.2(transitive)

• - Removedextend@3.0.2(transitive)

• - Removedextsprintf@1.3.0(transitive)

• - Removedfast-deep-equal@3.1.3(transitive)

• - Removedfast-json-stable-stringify@2.1.0(transitive)

• - Removedforever-agent@0.6.1(transitive)

• - Removedform-data@2.3.3(transitive)

• - Removedgetpass@0.1.7(transitive)

• - Removedhar-schema@2.0.0(transitive)

• - Removedhar-validator@5.1.5(transitive)

• - Removedhttp-signature@1.2.0(transitive)

• - Removedis-typedarray@1.0.0(transitive)

• - Removedisstream@0.1.2(transitive)

• - Removedjsbn@0.1.1(transitive)

• - Removedjson-schema@0.4.0(transitive)

• - Removedjson-schema-traverse@0.4.1(transitive)

• - Removedjson-stringify-safe@5.0.1(transitive)

• - Removedjsprim@1.4.2(transitive)

• - Removedoauth-sign@0.9.0(transitive)

• - Removedperformance-now@2.1.0(transitive)

• - Removedpsl@1.15.0(transitive)

• - Removedpunycode@2.3.1(transitive)

• - Removedqs@6.5.3(transitive)

• - Removedrequest@2.88.2(transitive)

• - Removedsafer-buffer@2.1.2(transitive)

• - Removedsshpk@1.18.0(transitive)

• - Removedtough-cookie@2.5.0(transitive)

• - Removedtunnel-agent@0.6.0(transitive)

• - Removedtweetnacl@0.14.5(transitive)

• - Removeduri-js@4.4.1(transitive)

• - Removeduuid@3.4.0(transitive)

• - Removedverror@1.10.0(transitive)

• Updatedfs-extra@^10.1.0

• Updatednode-forge@^1.3.0

• Updatedwinston@^3.7.2

• Updatedwinston-daily-rotate-file@^4.6.1