@yarnpkg/libzip - npm Package Compare versions

Comparing version 3.0.0 to 3.0.1

lib/ZipFS.js

@@ -219,4 +219,6 @@ "use strict";
                     throw new Error(`Overread`);
-                const memory = this.libzip.HEAPU8.subarray(buffer, buffer + size);
-                return Buffer.from(memory);
+                let result = Buffer.from(this.libzip.HEAPU8.subarray(buffer, buffer + size));
+                if (process.env.YARN_IS_TEST_ENV && process.env.YARN_ZIP_DATA_EPILOGUE)
+                    result = Buffer.concat([result, Buffer.from(process.env.YARN_ZIP_DATA_EPILOGUE)]);
+                return result;
             }
@@ -223,0 +225,0 @@ finally {

package.json

 {
   "name": "@yarnpkg/libzip",
-  "version": "3.0.0",
+  "version": "3.0.1",
   "license": "BSD-2-Clause",
@@ -45,7 +45,7 @@ "main": "./lib/sync.js",
     "@types/emscripten": "^1.39.6",
-    "@yarnpkg/fslib": "^3.0.0",
+    "@yarnpkg/fslib": "^3.0.2",
     "tslib": "^2.4.0"
   },
   "peerDependencies": {
-    "@yarnpkg/fslib": "^3.0.0"
+    "@yarnpkg/fslib": "^3.0.2"
   },
@@ -52,0 +52,0 @@ "engines": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

513614

increased by0.04%

Lines of code

5660

increased by0.04%

Worsened metrics

Number of low supply chain risk alerts

10

increased by42.86%

Dependency changes

• Updated@yarnpkg/fslib@^3.0.2