bson
Advanced tools
Comparing version 0.1.7 to 0.1.8
| /** | ||
| * Module dependencies. | ||
| */ | ||
| var Buffer = require('buffer').Buffer; // TODO just use global Buffer | ||
| if(typeof window === 'undefined') { | ||
| var Buffer = require('buffer').Buffer; // TODO just use global Buffer | ||
| } | ||
@@ -6,0 +8,0 @@ // Binary default subtype |
| { "name" : "bson" | ||
| , "description" : "A bson parser for node.js and the browser" | ||
| , "keywords" : ["mongodb", "bson", "parser"] | ||
| , "version" : "0.1.7" | ||
| , "version" : "0.1.8" | ||
| , "author" : "Christian Amor Kvalheim <christkv@gmail.com>" | ||
@@ -15,2 +15,3 @@ , "contributors" : [] | ||
| , "gleak": "0.2.3" | ||
| , "one": "latest" | ||
| } | ||
@@ -20,6 +21,9 @@ , "config": { "native" : false } | ||
| , "directories" : { "lib" : "./lib/bson" } | ||
| , "engines" : { "node" : ">=0.6.0" } | ||
| , "scripts": { "install" : "node install.js || (exit 0)", "test" : "nodeunit ./test/node && TEST_NATIVE=TRUE nodeunit ./test/node" } | ||
| , "engines" : { "node" : ">=0.6.19" } | ||
| , "scripts": { | ||
| "install" : "(node-gyp rebuild 2> builderror.log) || (exit 0)", | ||
| "test" : "nodeunit ./test/node && TEST_NATIVE=TRUE nodeunit ./test/node" | ||
| } | ||
| , "licenses" : [ { "type" : "Apache License, Version 2.0" | ||
| , "url" : "http://www.apache.org/licenses/LICENSE-2.0" } ] | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Fixed alerts
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Improved metrics
- Total package byte prevSize
- increased by13.91%
1268048
- Number of package files
- increased by5.26%
60
- Lines of code
- increased by36.52%
15948
- Number of high supply chain risk alerts
- decreased by-100%
0
- Number of low supply chain risk alerts
- decreased by-22.73%
17
Worsened metrics
- Dev dependency count
- increased by50%
3