@noir-lang/noir_wasm - npm Package Compare versions

Comparing version 0.4.0 to 0.4.1-3d2233d

package.json

 {
   "name": "@noir-lang/noir_wasm",
-  "version": "0.4.0",
+  "collaborators": [
+    "The Noir Team <team@noir-lang.org>"
+  ],
+  "version": "0.4.1-3d2233d",
   "files": [
-    "noir_wasm_bg.wasm",
-    "noir_wasm.js",
-    "noir_wasm_bg.wasm.d.ts",
-    "noir_wasm.d.ts",
-    "snippets/*"
+    "nodejs",
+    "web",
+    "package.json"
   ],
-  "main": "noir_wasm.js",
-  "types": "noir_wasm.d.ts"
-}
+  "main": "./nodejs/noir_wasm.js",
+  "types": "./web/noir_wasm.d.ts",
+  "module": "./web/noir_wasm.js",
+  "sideEffects": false,
+  "peerDependencies": {
+    "@noir-lang/noir-source-resolver": "1.1.2"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/noir-lang/noir_wasm.git"
+  },
+  "compiler": {
+    "versionHash": "3d2233de810ab6d4a0f4f83007232133c88a49fe"
+  }
+}

New alerts

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 2 instances in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Fixed alerts

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

8952251

increased by233.56%

Number of package files

10

increased by66.67%

Lines of code

721

increased by119.82%

Number of medium quality alerts

1

decreased by-50%

Number of lines in readme file

4

increased byInfinity%

Number of low supply chain risk alerts

3

decreased by-40%

Worsened metrics

Dependency count

1

increased byInfinity%

Number of medium supply chain risk alerts

4

increased by100%

No dependency changes