@volar/typescript - npm Package Compare versions

Comparing version 2.4.24 to 2.4.25

lib/node/utils.js

@@ -34,10 +34,15 @@ "use strict";
     // https://github.com/microsoft/TypeScript/blob/669c25c091ad4d32298d0f33b0e4e681d46de3ea/src/compiler/program.ts#L1354
-    const validExts = [ts.Extension.Dts, ts.Extension.Ts, ts.Extension.Tsx, ts.Extension.Js, ts.Extension.Jsx];
+    const validExts = ['.d.ts', '.ts', '.tsx', '.js', '.jsx'];
     if (validExts.some(ext => sourceFile.fileName.endsWith(ext))) {
         return;
     }
-    const asTs = sourceFile.fileName + ts.Extension.Ts;
-    sourceFile.impliedNodeFormat = ts.getImpliedNodeFormatForFile?.(asTs, packageJsonInfoCache, host, options);
+    const asTs = sourceFile.fileName + '.ts';
+    // Use getImpliedNodeFormatForFileWroker instead of getImpliedNodeFormatForFile for runTsc() compatibility
+    const impliedNodeFormat = ts.getImpliedNodeFormatForFileWroker?.(asTs, packageJsonInfoCache, host, options)?.impliedNodeFormat;
+    if (impliedNodeFormat === undefined) {
+        return;
+    }
+    sourceFile.impliedNodeFormat = impliedNodeFormat;
     return () => sourceFile.impliedNodeFormat = undefined;
 }
 //# sourceMappingURL=utils.js.map

package.json

 {
 	"name": "@volar/typescript",
-	"version": "2.4.24",
+	"version": "2.4.25",
 	"license": "MIT",
@@ -15,3 +15,3 @@ "files": [
 	"dependencies": {
-		"@volar/language-core": "2.4.24",
+		"@volar/language-core": "2.4.25",
 		"path-browserify": "^1.0.1",
@@ -21,7 +21,6 @@ "vscode-uri": "^3.0.8"
 	"devDependencies": {
-		"@types/node": "latest",
 		"@types/path-browserify": "latest",
-		"@volar/language-service": "2.4.24"
+		"@volar/language-service": "2.4.25"
 	},
-	"gitHead": "a5c7cf5d1afa5c3780a48866d17680c223891e42"
+	"gitHead": "cff5cbf8cfe438e27b2ccbc15248937308ff21a7"
 }

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

216613

0.08%

Dev dependency count

2

-33.33%

Lines of code

4629

0.11%

Dependency changes

• + Added

  @volar/language-core@2.4.25
  (transitive)

• + Added

  @volar/source-map@2.4.25
  (transitive)

• - Removed

  @volar/language-core@2.4.24
  (transitive)

• - Removed

  @volar/source-map@2.4.24
  (transitive)

• Updated

  @volar/language-core@2.4.25