@live-change/db - npm Package Compare versions

Comparing version 0.9.199 to 0.9.200

package.json

 {
   "name": "@live-change/db",
-  "version": "0.9.199",
+  "version": "0.9.200",
   "description": "Database with observable data for live queries",
@@ -25,4 +25,4 @@ "main": "index.js",
   "devDependencies": {
-    "@live-change/db-store-level": "^0.9.199",
-    "@live-change/db-store-lmdb": "^0.9.199",
+    "@live-change/db-store-level": "^0.9.200",
+    "@live-change/db-store-lmdb": "^0.9.200",
     "minimist": ">=1.2.3",
@@ -36,8 +36,8 @@ "next-tick": "^1.1.0",
   "dependencies": {
-    "@live-change/dao": "^0.9.199",
-    "@live-change/serialization": "^0.9.199",
+    "@live-change/dao": "^0.9.200",
+    "@live-change/serialization": "^0.9.200",
     "get-random-values": "^1.2.2",
     "node-interval-tree": "^1.3.3"
   },
-  "gitHead": "1900043a10cf9ad49b9cc33a539fb973706de962"
+  "gitHead": "a509834e600a546297faa7d1534b6f52e66d2e66"
 }

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No metric changes

Dependency changes

• Updated

  @live-change/dao@^0.9.200

• Updated

  @live-change/serialization@^0.9.200