@module-federation/sdk - npm Package Compare versions

Comparing version 0.0.0-next-20240911090730 to 0.0.0-next-20240911095451

dist/index.cjs.js

@@ -5,2 +5,4 @@ 'use strict';
 
+var polyfills = require('./polyfills.cjs.js');
+
 const FederationModuleManifest = 'federation-manifest.json';
@@ -252,13 +254,2 @@ const MANIFEST_EXT = '.json';
 
-function _extends() {
-    _extends = Object.assign || function assign(target) {
-        for(var i = 1; i < arguments.length; i++){
-            var source = arguments[i];
-            for(var key in source)if (Object.prototype.hasOwnProperty.call(source, key)) target[key] = source[key];
-        }
-        return target;
-    };
-    return _extends.apply(this, arguments);
-}
-
 const simpleJoinRemoteEntry = (rPath, rName)=>{
@@ -367,3 +358,3 @@ if (!rPath) {
         const prefetchInterface = manifest.metaData.prefetchInterface;
-        basicRemoteSnapshot = _extends({}, basicRemoteSnapshot, {
+        basicRemoteSnapshot = polyfills._extends({}, basicRemoteSnapshot, {
             prefetchInterface
@@ -374,3 +365,3 @@ });
         const { path, name, type } = manifest.metaData.prefetchEntry;
-        basicRemoteSnapshot = _extends({}, basicRemoteSnapshot, {
+        basicRemoteSnapshot = polyfills._extends({}, basicRemoteSnapshot, {
             prefetchEntry: simpleJoinRemoteEntry(path, name),
@@ -381,7 +372,7 @@ prefetchEntryType: type
     if ('publicPath' in manifest.metaData) {
-        remoteSnapshot = _extends({}, basicRemoteSnapshot, {
+        remoteSnapshot = polyfills._extends({}, basicRemoteSnapshot, {
             publicPath: getPublicPath()
         });
     } else {
-        remoteSnapshot = _extends({}, basicRemoteSnapshot, {
+        remoteSnapshot = polyfills._extends({}, basicRemoteSnapshot, {
             getPublicPath: getPublicPath()
@@ -579,3 +570,3 @@ });
             cb: resolve,
-            attrs: _extends({
+            attrs: polyfills._extends({
                 fetchpriority: 'high'
@@ -716,3 +707,3 @@ }, attrs),
         if (options && typeof options === 'object') {
-            return _extends({}, defaultOptions, options);
+            return polyfills._extends({}, defaultOptions, options);
         }
@@ -719,0 +710,0 @@ throw new Error(`Unexpected type for \`${key}\`, expect boolean/undefined/object, got: ${typeof options}`);

dist/index.esm.js

@@ -0,1 +1,3 @@
+import { _ as _extends } from './polyfills.esm.js';
+
 const FederationModuleManifest = 'federation-manifest.json';
@@ -247,13 +249,2 @@ const MANIFEST_EXT = '.json';
 
-function _extends() {
-    _extends = Object.assign || function assign(target) {
-        for(var i = 1; i < arguments.length; i++){
-            var source = arguments[i];
-            for(var key in source)if (Object.prototype.hasOwnProperty.call(source, key)) target[key] = source[key];
-        }
-        return target;
-    };
-    return _extends.apply(this, arguments);
-}
-
 const simpleJoinRemoteEntry = (rPath, rName)=>{
@@ -260,0 +251,0 @@ if (!rPath) {

dist/package.json

 {
   "name": "@module-federation/sdk",
-  "version": "0.6.0",
+  "version": "0.6.2",
   "license": "MIT",
@@ -5,0 +5,0 @@ "description": "A sdk for support module federation",

dist/src/types/plugins/ModuleFederationPlugin.d.ts

@@ -178,2 +178,5 @@ import type webpack from 'webpack';
     virtualRuntimeEntry?: boolean;
+    experiments?: {
+        federationRuntime?: false | 'hoisted';
+    };
 }
@@ -180,0 +183,0 @@ /**

package.json

 {
   "name": "@module-federation/sdk",
-  "version": "0.0.0-next-20240911090730",
+  "version": "0.0.0-next-20240911095451",
   "license": "MIT",
@@ -5,0 +5,0 @@ "description": "A sdk for support module federation",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 2 instances in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

101071

increased by0.3%

Number of package files

34

increased by6.25%

Lines of code

2505

increased by0.32%

Worsened metrics

Number of low supply chain risk alerts

17

increased by142.86%

Number of medium supply chain risk alerts

16

increased by100%

No dependency changes