@microsoft/loader-raw-script - npm Package Compare versions

Comparing version 1.2.200 to 1.3.0

CHANGELOG.md

 # Change Log - @microsoft/loader-raw-script
 
-This log was last generated on Fri, 17 Jan 2020 01:08:23 GMT and should not be manually modified.
+This log was last generated on Sun, 19 Jan 2020 02:26:52 GMT and should not be manually modified.
 
+## 1.3.0
+Sun, 19 Jan 2020 02:26:52 GMT
+
+### Minor changes
+
+- Upgrade Node typings to Node 10
+
 ## 1.2.200
@@ -6,0 +13,0 @@ Fri, 17 Jan 2020 01:08:23 GMT

package.json

 {
   "name": "@microsoft/loader-raw-script",
-  "version": "1.2.200",
+  "version": "1.3.0",
   "description": "",
@@ -19,11 +19,11 @@ "main": "lib/index.js",
   "devDependencies": {
-    "@microsoft/rush-stack-compiler-3.5": "0.3.15",
-    "@rushstack/eslint-config": "0.5.2",
+    "@microsoft/rush-stack-compiler-3.5": "0.4.0",
+    "@rushstack/eslint-config": "0.5.3",
     "@types/mocha": "5.2.5",
-    "@types/node": "8.10.54",
+    "@types/node": "10.17.13",
     "chai": "~3.5.0",
     "gulp": "~4.0.2",
     "mocha": "^5.2.0",
-    "@microsoft/node-library-build": "6.3.16"
+    "@microsoft/node-library-build": "6.4.0"
   }
 }

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Fixed alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

117814

0.7%

Lines of code

3160

0.73%

No dependency changes