@rspack/binding - npm Package Compare versions

Comparing version 2.0.1 to 2.0.2

package.json

 {
   "name": "@rspack/binding",
-  "version": "2.0.1",
+  "version": "2.0.2",
   "license": "MIT",
@@ -57,12 +57,12 @@ "description": "Node binding for rspack",
   "optionalDependencies": {
-    "@rspack/binding-win32-arm64-msvc": "2.0.1",
-    "@rspack/binding-linux-arm64-gnu": "2.0.1",
-    "@rspack/binding-wasm32-wasi": "2.0.1",
-    "@rspack/binding-darwin-arm64": "2.0.1",
-    "@rspack/binding-win32-ia32-msvc": "2.0.1",
-    "@rspack/binding-darwin-x64": "2.0.1",
-    "@rspack/binding-win32-x64-msvc": "2.0.1",
-    "@rspack/binding-linux-x64-gnu": "2.0.1",
-    "@rspack/binding-linux-arm64-musl": "2.0.1",
-    "@rspack/binding-linux-x64-musl": "2.0.1"
+    "@rspack/binding-darwin-arm64": "2.0.2",
+    "@rspack/binding-win32-arm64-msvc": "2.0.2",
+    "@rspack/binding-linux-arm64-gnu": "2.0.2",
+    "@rspack/binding-linux-arm64-musl": "2.0.2",
+    "@rspack/binding-win32-ia32-msvc": "2.0.2",
+    "@rspack/binding-wasm32-wasi": "2.0.2",
+    "@rspack/binding-win32-x64-msvc": "2.0.2",
+    "@rspack/binding-linux-x64-gnu": "2.0.2",
+    "@rspack/binding-linux-x64-musl": "2.0.2",
+    "@rspack/binding-darwin-x64": "2.0.2"
   },
@@ -69,0 +69,0 @@ "scripts": {

New alerts

Potential vulnerability

Supply chain risk

Initial human review suggests the presence of a vulnerability in this package. It is pending further analysis and confirmation.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Potential vulnerability

Supply chain risk

Initial human review suggests the presence of a vulnerability in this package. It is pending further analysis and confirmation.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

116947

0.36%

Lines of code

3371

0.21%

No dependency changes