bitcoinjs-lib
Advanced tools
Comparing version 1.5.5 to 1.5.6
| { | ||
| "name": "bitcoinjs-lib", | ||
| "version": "1.5.5", | ||
| "version": "1.5.6", | ||
| "description": "Client-side Bitcoin JavaScript library", | ||
@@ -5,0 +5,0 @@ "main": "./src/index.js", |
| var assert = require('assert') | ||
| var bufferutils = require('./bufferutils') | ||
| var crypto = require('crypto') | ||
| var typeForce = require('typeforce') | ||
| var networks = require('./networks') | ||
| var randomBytes = require('randombytes') | ||
@@ -15,3 +15,3 @@ var Address = require('./address') | ||
| seed = seed || crypto.randomBytes(32) | ||
| seed = seed || randomBytes(32) | ||
| network = network || networks.bitcoin | ||
@@ -41,3 +41,3 @@ | ||
| seed = seed || crypto.randomBytes(32) | ||
| seed = seed || randomBytes(32) | ||
| masterKey = HDNode.fromSeedBuffer(seed, network) | ||
@@ -44,0 +44,0 @@ |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by707.29%
746063
- Number of package files
- increased by4.35%
24
- Lines of code
- increased by814.08%
23309
Worsened metrics
- Number of low supply chain risk alerts
- increased byInfinity%
9
- Number of medium supply chain risk alerts
- increased byInfinity%
2