@travetto/compiler - npm Package Compare versions

Comparing version 0.3.0 to 0.3.2

index.ts

@@ -1,1 +0,3 @@
-export * from './src';
+export * from './src/transform-util';
+export * from './src/proxy';
+export * from './src/compiler';

package.json

@@ -9,4 +9,7 @@ {
   },
+  "bin": {
+    "travetto-cli-compile": "bin/travetto-cli-compile.js"
+  },
   "dependencies": {
-    "@travetto/base": "^0.3.0",
+    "@travetto/base": "^0.3.2",
     "@types/source-map-support": "^0.4.1",
@@ -34,4 +37,4 @@ "source-map-support": "^0.5.6",
   },
-  "version": "0.3.0",
-  "gitHead": "fb6bd5439f7491a7b8446bd3717c3ba35d8dbd4a"
+  "version": "0.3.2",
+  "gitHead": "54e9adaef1897a7f971f399c8f7dd86cbab90665"
 }

New alerts

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

37776

increased by6.05%

Lines of code

913

increased by6.04%

Worsened metrics

Number of low supply chain risk alerts

7

increased by600%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• Updated@travetto/base@^0.3.2