		@@ -629,3 +629,3 @@ /**
		*
		* This is the same as the ``path.dirname()` of the `import.meta.filename`.
		* This is the same as the `path.dirname()` of the `import.meta.filename`.
		*
		@@ -632,0 +632,0 @@ * > Caveat: only present on `file:` modules.

+2

-2

node/package.json

		{
		"name": "@types/node",
		"version": "24.0.4",
		"version": "24.0.5",
		"description": "TypeScript definitions for node",
		@@ -233,4 +233,4 @@ "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node",
		"peerDependencies": {},
		"typesPublisherContentHash": "f9e3c8097c627227b80629b4332d37093a1127e7391935d57c7005db57159523",
		"typesPublisherContentHash": "13d00a14d575ec58e1cead39dad6b06c290b88bcc374d21b72445ac99d4c8eb8",
		"typeScriptVersion": "5.1"
		}

+1

-1

node/README.md

		@@ -11,3 +11,3 @@ # Installation
		### Additional Details
		* Last updated: Tue, 24 Jun 2025 16:39:29 GMT
		* Last updated: Fri, 27 Jun 2025 17:35:34 GMT
		* Dependencies: [undici-types](https://npmjs.com/package/undici-types)
		@@ -14,0 +14,0 @@

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 9 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 11 instances in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 7 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 9 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 11 instances in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 7 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

@types/node - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics