antlr4 - npm Package Compare versions

Comparing version 4.12.0-beta.9 to 4.12.0-beta.10

package.json

 {
   "name": "antlr4",
-  "version": "4.12.0-beta.9",
+  "version": "4.12.0-beta.10",
   "type": "module",
   "description": "JavaScript runtime for ANTLR4",
-  "main": "dist/antlr4.js",
+  "browser": "dist/antlr4.web.js",
+  "main": "dist/antlr4.node.js",
   "types": "src/antlr4/index.d.ts",
@@ -46,6 +47,3 @@ "repository": "antlr/antlr4.git",
     "node": ">=16"
-  },
-  "browser": {
-    "fs": false
   }
 }

src/antlr4/FileStream.js

@@ -12,4 +12,3 @@ /* Copyright (c) 2012-2022 The ANTLR Project. All rights reserved.
 	process.versions.node != null;
-// use eval to fool webpack and mocha
-const fs = isNode ? await eval("import('fs')") : null;
+import fs from 'fs';
 
@@ -16,0 +15,0 @@ /**

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Unidentified License

License

(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Unidentified License

License

(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2342386

increased by64.21%

Number of package files

219

increased by1.86%

Lines of code

14403

increased by9.06%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Number of low supply chain risk alerts

3

increased by200%

No dependency changes