		{
		"name": "@types/node",
		"version": "20.17.55",
		"version": "20.17.56",
		"description": "TypeScript definitions for node",
		@@ -218,4 +218,4 @@ "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node",
		"peerDependencies": {},
		"typesPublisherContentHash": "8377a6ccbf5fad0efaa72f70c7f393873f3c595e12fc670a3e6044febf2c3660",
		"typesPublisherContentHash": "ddf7418b1f0caba5f31ee191d962a78ad585fe35743479485c976575872c2305",
		"typeScriptVersion": "5.1"
		}

+1

-1

node v20.17/README.md

		@@ -11,3 +11,3 @@ # Installation
		### Additional Details
		* Last updated: Fri, 30 May 2025 05:02:50 GMT
		* Last updated: Fri, 30 May 2025 15:02:22 GMT
		* Dependencies: [undici-types](https://npmjs.com/package/undici-types)
		@@ -14,0 +14,0 @@

+48

-10

node v20.17/vm.d.ts

		@@ -59,2 +59,7 @@ /**
		}
		type DynamicModuleLoader<T> = (
		specifier: string,
		referrer: T,
		importAttributes: ImportAttributes,
		) => Module \| Promise<Module>;
		interface ScriptOptions extends BaseOptions {
		@@ -73,3 +78,3 @@ /**
		importModuleDynamically?:
		\| ((specifier: string, script: Script, importAttributes: ImportAttributes) => Module \| Promise<Module>)
		\| DynamicModuleLoader<Script>
		\| typeof constants.USE_MAIN_CONTEXT_DEFAULT_LOADER
		@@ -119,3 +124,11 @@ \| undefined;
		cachedData?: ScriptOptions["cachedData"] \| undefined;
		importModuleDynamically?: ScriptOptions["importModuleDynamically"];
		/**
		* Used to specify how the modules should be loaded during the evaluation of this script when `import()` is called. This option is
		* part of the experimental modules API. We do not recommend using it in a production environment. For detailed information, see
		* [Support of dynamic `import()` in compilation APIs](https://nodejs.org/docs/latest-v22.x/api/vm.html#support-of-dynamic-import-in-compilation-apis).
		*/
		importModuleDynamically?:
		\| DynamicModuleLoader<Script>
		\| typeof constants.USE_MAIN_CONTEXT_DEFAULT_LOADER
		\| undefined;
		}
		@@ -127,3 +140,11 @@ interface RunningCodeInNewContextOptions extends RunningScriptInNewContextOptions {
		cachedData?: ScriptOptions["cachedData"] \| undefined;
		importModuleDynamically?: ScriptOptions["importModuleDynamically"];
		/**
		* Used to specify how the modules should be loaded during the evaluation of this script when `import()` is called. This option is
		* part of the experimental modules API. We do not recommend using it in a production environment. For detailed information, see
		* [Support of dynamic `import()` in compilation APIs](https://nodejs.org/docs/latest-v22.x/api/vm.html#support-of-dynamic-import-in-compilation-apis).
		*/
		importModuleDynamically?:
		\| DynamicModuleLoader<Script>
		\| typeof constants.USE_MAIN_CONTEXT_DEFAULT_LOADER
		\| undefined;
		}
		@@ -148,2 +169,11 @@ interface CompileFunctionOptions extends BaseOptions {
		contextExtensions?: Object[] \| undefined;
		/**
		* Used to specify how the modules should be loaded during the evaluation of this script when `import()` is called. This option is
		* part of the experimental modules API. We do not recommend using it in a production environment. For detailed information, see
		* [Support of dynamic `import()` in compilation APIs](https://nodejs.org/docs/latest-v22.x/api/vm.html#support-of-dynamic-import-in-compilation-apis).
		*/
		importModuleDynamically?:
		\| DynamicModuleLoader<ReturnType<typeof compileFunction>>
		\| typeof constants.USE_MAIN_CONTEXT_DEFAULT_LOADER
		\| undefined;
		}
		@@ -183,2 +213,11 @@ interface CreateContextOptions {
		microtaskMode?: "afterEvaluate" \| undefined;
		/**
		* Used to specify how the modules should be loaded during the evaluation of this script when `import()` is called. This option is
		* part of the experimental modules API. We do not recommend using it in a production environment. For detailed information, see
		* [Support of dynamic `import()` in compilation APIs](https://nodejs.org/docs/latest-v22.x/api/vm.html#support-of-dynamic-import-in-compilation-apis).
		*/
		importModuleDynamically?:
		\| DynamicModuleLoader<Context>
		\| typeof constants.USE_MAIN_CONTEXT_DEFAULT_LOADER
		\| undefined;
		}
		@@ -833,9 +872,8 @@ type MeasureMemoryMode = "summary" \| "detailed";
		initializeImportMeta?: ((meta: ImportMeta, module: SourceTextModule) => void) \| undefined;
		importModuleDynamically?:
		\| ((
		specifier: string,
		referrer: SourceTextModule,
		importAttributes: ImportAttributes,
		) => Module \| Promise<Module>)
		\| undefined;
		/**
		* Used to specify how the modules should be loaded during the evaluation of this script when `import()` is called. This option is
		* part of the experimental modules API. We do not recommend using it in a production environment. For detailed information, see
		* [Support of dynamic `import()` in compilation APIs](https://nodejs.org/docs/latest-v22.x/api/vm.html#support-of-dynamic-import-in-compilation-apis).
		*/
		importModuleDynamically?: DynamicModuleLoader<SourceTextModule> \| undefined;
		}
		@@ -842,0 +880,0 @@ /**

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 9 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 11 instances in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 6 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 9 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 11 instances in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 6 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

@types/node - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics