@liyanjin-cli-dev/exec - npm Package Compare versions

Comparing version 1.1.5 to 1.1.6

lib/index.js

@@ -129,4 +129,3 @@ 'use strict';
         args[args.length - 1] = o;
-
-
+        const code = `require('${rootFile}').call(null, ${JSON.stringify(args)})`;
         const child = spawn('node', ['-e', code], {
@@ -133,0 +132,0 @@ cwd: process.cwd(),

package.json

 {
   "name": "@liyanjin-cli-dev/exec",
-  "version": "1.1.5",
+  "version": "1.1.6",
   "description": "liyanjin-cli-dev execute package  ",
@@ -29,5 +29,5 @@ "author": "liyanjin <570516311@qq.com>",
     "@liyanjin-cli-dev/package": "^1.1.1",
-    "@liyanjin-cli-dev/utils": "^1.1.3"
+    "@liyanjin-cli-dev/utils": "^1.1.4"
   },
-  "gitHead": "666ea5fd1d9a7911577908a8916b9305493843b1"
+  "gitHead": "045fc297044343657b654c9678fa6498c770daa8"
 }

New alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 3 instances in 1 package

Fixed alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 3 instances in 1 package

Improved metrics

Total package byte prevSize

5989

1.37%

Lines of code

149

0.68%

Dependency changes

• Updated

  @liyanjin-cli-dev/utils@^1.1.4