@types/node - npm Package Compare versions

Comparing version 22.15.23 to 22.15.24

node/dom-events.d.ts

@@ -1,76 +0,49 @@
-export {}; // Don't export anything!
+// Make this a module
+export {};
 
-//// DOM-like Events
-// NB: The Event / EventTarget / EventListener implementations below were copied
-// from lib.dom.d.ts, then edited to reflect Node's documentation at
-// https://nodejs.org/api/events.html#class-eventtarget.
-// Please read that link to understand important implementation differences.
+// Conditional type aliases, which are later merged into the global scope.
+// Will either be empty if the relevant web library is already present, or the @types/node definition otherwise.
 
-// This conditional type will be the existing global Event in a browser, or
-// the copy below in a Node environment.
-type __Event = typeof globalThis extends { onmessage: any; Event: any } ? {}
-    : {
-        /** This is not used in Node.js and is provided purely for completeness. */
-        readonly bubbles: boolean;
-        /** Alias for event.stopPropagation(). This is not used in Node.js and is provided purely for completeness. */
-        cancelBubble: () => void;
-        /** True if the event was created with the cancelable option */
-        readonly cancelable: boolean;
-        /** This is not used in Node.js and is provided purely for completeness. */
-        readonly composed: boolean;
-        /** Returns an array containing the current EventTarget as the only entry or empty if the event is not being dispatched. This is not used in Node.js and is provided purely for completeness. */
-        composedPath(): [EventTarget?];
-        /** Alias for event.target. */
-        readonly currentTarget: EventTarget | null;
-        /** Is true if cancelable is true and event.preventDefault() has been called. */
-        readonly defaultPrevented: boolean;
-        /** This is not used in Node.js and is provided purely for completeness. */
-        readonly eventPhase: 0 | 2;
-        /** The `AbortSignal` "abort" event is emitted with `isTrusted` set to `true`. The value is `false` in all other cases. */
-        readonly isTrusted: boolean;
-        /** Sets the `defaultPrevented` property to `true` if `cancelable` is `true`. */
-        preventDefault(): void;
-        /** This is not used in Node.js and is provided purely for completeness. */
-        returnValue: boolean;
-        /** Alias for event.target. */
-        readonly srcElement: EventTarget | null;
-        /** Stops the invocation of event listeners after the current one completes. */
-        stopImmediatePropagation(): void;
-        /** This is not used in Node.js and is provided purely for completeness. */
-        stopPropagation(): void;
-        /** The `EventTarget` dispatching the event */
-        readonly target: EventTarget | null;
-        /** The millisecond timestamp when the Event object was created. */
-        readonly timeStamp: number;
-        /** Returns the type of event, e.g. "click", "hashchange", or "submit". */
-        readonly type: string;
-    };
+type __Event = typeof globalThis extends { onmessage: any } ? {} : Event;
+interface Event {
+    readonly bubbles: boolean;
+    cancelBubble: boolean;
+    readonly cancelable: boolean;
+    readonly composed: boolean;
+    composedPath(): [EventTarget?];
+    readonly currentTarget: EventTarget | null;
+    readonly defaultPrevented: boolean;
+    readonly eventPhase: 0 | 2;
+    initEvent(type: string, bubbles?: boolean, cancelable?: boolean): void;
+    readonly isTrusted: boolean;
+    preventDefault(): void;
+    readonly returnValue: boolean;
+    readonly srcElement: EventTarget | null;
+    stopImmediatePropagation(): void;
+    stopPropagation(): void;
+    readonly target: EventTarget | null;
+    readonly timeStamp: number;
+    readonly type: string;
+}
 
-// See comment above explaining conditional type
-type __EventTarget = typeof globalThis extends { onmessage: any; EventTarget: any } ? {}
-    : {
-        /**
-         * Adds a new handler for the `type` event. Any given `listener` is added only once per `type` and per `capture` option value.
-         *
-         * If the `once` option is true, the `listener` is removed after the next time a `type` event is dispatched.
-         *
-         * The `capture` option is not used by Node.js in any functional way other than tracking registered event listeners per the `EventTarget` specification.
-         * Specifically, the `capture` option is used as part of the key when registering a `listener`.
-         * Any individual `listener` may be added once with `capture = false`, and once with `capture = true`.
-         */
-        addEventListener(
-            type: string,
-            listener: EventListener | EventListenerObject,
-            options?: AddEventListenerOptions | boolean,
-        ): void;
-        /** Dispatches a synthetic event event to target and returns true if either event's cancelable attribute value is false or its preventDefault() method was not invoked, and false otherwise. */
-        dispatchEvent(event: Event): boolean;
-        /** Removes the event listener in target's event listener list with the same type, callback, and options. */
-        removeEventListener(
-            type: string,
-            listener: EventListener | EventListenerObject,
-            options?: EventListenerOptions | boolean,
-        ): void;
-    };
+type __CustomEvent<T = any> = typeof globalThis extends { onmessage: any } ? {} : CustomEvent<T>;
+interface CustomEvent<T = any> extends Event {
+    readonly detail: T;
+}
 
+type __EventTarget = typeof globalThis extends { onmessage: any } ? {} : EventTarget;
+interface EventTarget {
+    addEventListener(
+        type: string,
+        listener: EventListener | EventListenerObject,
+        options?: AddEventListenerOptions | boolean,
+    ): void;
+    dispatchEvent(event: Event): boolean;
+    removeEventListener(
+        type: string,
+        listener: EventListener | EventListenerObject,
+        options?: EventListenerOptions | boolean,
+    ): void;
+}
+
 interface EventInit {
@@ -82,4 +55,7 @@ bubbles?: boolean;
 
+interface CustomEventInit<T = any> extends EventInit {
+    detail?: T;
+}
+
 interface EventListenerOptions {
-    /** Not directly used by Node.js. Added for API completeness. Default: `false`. */
     capture?: boolean;
@@ -89,7 +65,4 @@ }
 interface AddEventListenerOptions extends EventListenerOptions {
-    /** When `true`, the listener is automatically removed when it is first invoked. Default: `false`. */
     once?: boolean;
-    /** When `true`, serves as a hint that the listener will not call the `Event` object's `preventDefault()` method. Default: false. */
     passive?: boolean;
-    /** The listener will be removed when the given AbortSignal object's `abort()` method is called. */
     signal?: AbortSignal;
@@ -106,22 +79,24 @@ }
 
-import {} from "events"; // Make this an ambient declaration
+// Merge conditional interfaces into global scope, and conditionally declare global constructors.
 declare global {
-    /** An event which takes place in the DOM. */
     interface Event extends __Event {}
     var Event: typeof globalThis extends { onmessage: any; Event: infer T } ? T
         : {
-            prototype: __Event;
-            new(type: string, eventInitDict?: EventInit): __Event;
+            prototype: Event;
+            new(type: string, eventInitDict?: EventInit): Event;
         };
 
-    /**
-     * EventTarget is a DOM interface implemented by objects that can
-     * receive events and may have listeners for them.
-     */
+    interface CustomEvent<T = any> extends __CustomEvent<T> {}
+    var CustomEvent: typeof globalThis extends { onmessage: any; CustomEvent: infer T } ? T
+        : {
+            prototype: CustomEvent;
+            new<T>(type: string, eventInitDict?: CustomEventInit<T>): CustomEvent<T>;
+        };
+
     interface EventTarget extends __EventTarget {}
     var EventTarget: typeof globalThis extends { onmessage: any; EventTarget: infer T } ? T
         : {
-            prototype: __EventTarget;
-            new(): __EventTarget;
+            prototype: EventTarget;
+            new(): EventTarget;
         };
 }

node/package.json

 {
     "name": "@types/node",
-    "version": "22.15.23",
+    "version": "22.15.24",
     "description": "TypeScript definitions for node",
@@ -223,4 +223,4 @@ "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node",
     "peerDependencies": {},
-    "typesPublisherContentHash": "3844c0b84003a1c9382712245a57b4124212f8132db577606add964efd038ea4",
+    "typesPublisherContentHash": "6f7f89960f322a2c8f03b6e218fbe161037b484003d22ccf2cec6c358735b527",
     "typeScriptVersion": "5.1"
 }

node/README.md

@@ -11,3 +11,3 @@ # Installation
 ### Additional Details
- * Last updated: Tue, 27 May 2025 18:40:40 GMT
+ * Last updated: Wed, 28 May 2025 17:35:19 GMT
  * Dependencies: [undici-types](https://npmjs.com/package/undici-types)
@@ -14,0 +14,0 @@

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 9 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 11 instances in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 7 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 9 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 11 instances in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 7 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

2352584

-0.12%

Lines of code

52148

-0.05%

No dependency changes