@types/node - npm Package Compare versions

Comparing version 20.17.40 to 20.17.41

node v20.17/package.json

 {
     "name": "@types/node",
-    "version": "20.17.40",
+    "version": "20.17.41",
     "description": "TypeScript definitions for node",
@@ -218,4 +218,4 @@ "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node",
     "peerDependencies": {},
-    "typesPublisherContentHash": "c446d225ba395160537169319ad5d5dc21e62fe91a3075ffbe9971c6c4a7e325",
+    "typesPublisherContentHash": "24279a289e020b8b96026edda2c1646e549388e0c1ab01ec9d6fff3817312aa9",
     "typeScriptVersion": "5.1"
 }

node v20.17/README.md

@@ -11,3 +11,3 @@ # Installation
 ### Additional Details
- * Last updated: Tue, 06 May 2025 02:14:23 GMT
+ * Last updated: Tue, 06 May 2025 06:03:40 GMT
  * Dependencies: [undici-types](https://npmjs.com/package/undici-types)
@@ -14,0 +14,0 @@

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 9 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 11 instances in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 6 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 9 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 11 instances in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 6 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2235520

0

Lines of code

49555

0

No dependency changes