@rspack/plugin-react-refresh - npm Package Compare versions

Comparing version 1.0.0-beta.1 to 1.0.0-beta.2

dist/sockets/utils/getSocketUrlParts.js

@@ -27,3 +27,3 @@ "use strict";
         if (parsedQuery.sockProtocol) {
-            urlParts.protocol = parsedQuery.sockProtocol + ":";
+            urlParts.protocol = `${parsedQuery.sockProtocol}:`;
         }
@@ -51,3 +51,3 @@ }
             if (url.password) {
-                urlParts.auth += ":" + url.password;
+                urlParts.auth += `:${url.password}`;
             }
@@ -54,0 +54,0 @@ }

dist/sockets/utils/getUrlFromParts.js

@@ -20,10 +20,10 @@ "use strict";
     }
-    fullProtocol = fullProtocol + "//";
+    fullProtocol = `${fullProtocol}//`;
     let fullHost = urlParts.hostname;
     if (urlParts.auth) {
-        const fullAuth = urlParts.auth.split(":").map(encodeURIComponent).join(":") + "@";
+        const fullAuth = `${urlParts.auth.split(":").map(encodeURIComponent).join(":")}@`;
         fullHost = fullAuth + fullHost;
     }
     if (urlParts.port) {
-        fullHost = fullHost + ":" + urlParts.port;
+        fullHost = `${fullHost}:${urlParts.port}`;
     }
@@ -30,0 +30,0 @@ const url = new URL(urlParts.pathname, fullProtocol + fullHost);

dist/utils/getAdditionalEntries.js

@@ -9,3 +9,2 @@ "use strict";
 function getAdditionalEntries({ devServer, options }) {
-    /** @type {Record<string, string | number>} */
     const resourceQuery = {};
@@ -30,3 +29,3 @@ if (devServer) {
                 if (parsedUrl.password) {
-                    auth += ":" + parsedUrl.password;
+                    auth += `:${parsedUrl.password}`;
                 }
@@ -75,8 +74,4 @@ }
     const queryString = node_querystring_1.default.stringify(resourceQuery, undefined, undefined, {
-        /**
-         * @param {string} string
-         * @returns {string}
-         */
-        encodeURIComponent(string) {
-            return string;
+        encodeURIComponent(str) {
+            return str;
         }
@@ -90,4 +85,4 @@ });
         // Error overlay runtime
-        options.overlay &&
-            options.overlay.entry &&
+        options.overlay !== false &&
+            options.overlay?.entry &&
             `${require.resolve(options.overlay.entry)}${queryString ? `?${queryString}` : ""}`
@@ -94,0 +89,0 @@ ].filter(Boolean);

package.json

 {
   "name": "@rspack/plugin-react-refresh",
-  "version": "1.0.0-beta.1",
+  "version": "1.0.0-beta.2",
   "license": "MIT",
@@ -34,4 +34,4 @@ "description": "React refresh plugin for rspack",
     "typescript": "5.0.2",
-    "@rspack/core": "1.0.0-beta.1",
-    "@rspack/plugin-react-refresh": "1.0.0-beta.1"
+    "@rspack/core": "1.0.0-beta.2",
+    "@rspack/plugin-react-refresh": "1.0.0-beta.2"
   },
@@ -38,0 +38,0 @@ "dependencies": {

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

78951

-0.17%

Lines of code

2228

-0.22%

No dependency changes