can-stache-key - npm Package Compare versions

Comparing version 1.3.2 to 1.4.0

build.js

@@ -0,1 +1,2 @@
+"use strict";
 var stealTools = require("steal-tools");
@@ -2,0 +3,0 @@

can-stache-key.js

@@ -0,1 +1,2 @@
+"use strict";
 var ObservationRecorder = require('can-observation-recorder');
@@ -16,9 +17,11 @@ var dev = require('can-log/dev/dev');
 //!steal-remove-start
-bindName = function(source){
-	var fn = Function.prototype.bind.call(this, source);
-	Object.defineProperty(fn, "name", {
-		value: canReflect.getName(source) + "."+canReflect.getName(this)
-	});
-	return fn;
-};
+if (process.env.NODE_ENV !== 'production') {
+	bindName = function(source){
+		var fn = Function.prototype.bind.call(this, source);
+		Object.defineProperty(fn, "name", {
+			value: canReflect.getName(source) + "."+canReflect.getName(this)
+		});
+		return fn;
+	};
+}
 //!steal-remove-end
@@ -242,6 +245,8 @@
 						//!steal-remove-start
-						if( prop.at && specialRead[prop.key] && ( ("@"+prop.key) in value)) {
-							options.foundAt = true;
-							dev.warn("Use %"+prop.key+" in place of @"+prop.key+".");
-							return undefined;
+						if (process.env.NODE_ENV !== 'production') {
+							if( prop.at && specialRead[prop.key] && ( ("@"+prop.key) in value)) {
+								options.foundAt = true;
+								dev.warn("Use %"+prop.key+" in place of @"+prop.key+".");
+								return undefined;
+							}
 						}
@@ -248,0 +253,0 @@ //!steal-remove-end

package.json

 {
   "name": "can-stache-key",
-  "version": "1.3.2",
+  "version": "1.4.0",
   "description": "Read and write keys on a value",
@@ -65,5 +65,5 @@ "homepage": "https://canjs.com",
     "steal-tools": "^1.2.0",
-    "testee": "^0.7.0"
+    "testee": "^0.8.0"
   },
   "license": "MIT"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

28064

increased by0.52%

Lines of code

614

increased by0.99%

Worsened metrics

Number of low supply chain risk alerts

2

increased byInfinity%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes