@volar/typescript - npm Package Compare versions

Comparing version 2.4.27 to 2.4.28

lib/node/proxyCreateProgram.js

@@ -141,2 +141,4 @@ "use strict";
                             parsedSourceFile.version = originalSourceFile.version;
+                            // @ts-expect-error
+                            originalSourceFile.scriptKind = serviceScript.scriptKind;
                             parsedSourceFiles.set(originalSourceFile, parsedSourceFile);
@@ -143,0 +145,0 @@ }

package.json

 {
 	"name": "@volar/typescript",
-	"version": "2.4.27",
+	"version": "2.4.28",
 	"license": "MIT",
@@ -15,3 +15,3 @@ "files": [
 	"dependencies": {
-		"@volar/language-core": "2.4.27",
+		"@volar/language-core": "2.4.28",
 		"path-browserify": "^1.0.1",
@@ -22,4 +22,5 @@ "vscode-uri": "^3.0.8"
 		"@types/path-browserify": "latest",
-		"@volar/language-service": "2.4.27"
-	}
+		"@volar/language-service": "2.4.28"
+	},
+	"gitHead": "882cd56d46a13d272f34e451f495d3d62251969a"
 }

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

216491

0.09%

Lines of code

4628

0.04%

Dependency changes

• + Added

  @volar/language-core@2.4.28
  (transitive)

• + Added

  @volar/source-map@2.4.28
  (transitive)

• - Removed

  @volar/language-core@2.4.27
  (transitive)

• - Removed

  @volar/source-map@2.4.27
  (transitive)

• Updated

  @volar/language-core@2.4.28