@neoskop/nestjs - npm Package Compare versions

Comparing version 0.3.0-rc.3 to 0.3.0-rc.4

angular/angular.controller.js

@@ -132,3 +132,3 @@ "use strict";
     const filePath = path_1.default.resolve(src);
-    const bundle = require(filePath);
+    const bundle = eval('require')(filePath);
     if ('ModuleFactory' in bundle) {
@@ -135,0 +135,0 @@ return {

package.json

 {
   "name": "@neoskop/nestjs",
-  "version": "0.3.0-rc.3",
+  "version": "0.3.0-rc.4",
   "description": "Collection of useful NestJS Modules",
@@ -5,0 +5,0 @@ "main": "index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

78900

increased by0.01%

Number of low supply chain risk alerts

2

decreased by-33.33%

Worsened metrics

Number of medium supply chain risk alerts

5

increased by25%

No dependency changes