dappql - npm Package Compare versions

Comparing version 2.0.18 to 2.0.19

lib/utils/extractAbis.js

 import path from 'path';
+import { readFileSync } from 'fs';
 async function getAbiFromEtherscan(contractName, contract, etherscanApiKey, etherscanApi = 'https://api.ehterscan.io') {
@@ -19,8 +20,10 @@ if (contract.address && etherscanApiKey) {
         if (config.abiSourcePath) {
-            const pathName = path.join(config.abiSourcePath, `${contractName}.json`);
+            const pathName = path.join(process.cwd(), config.abiSourcePath, `${contractName}.json`);
             try {
-                const abi = require(pathName);
+                const abi = JSON.parse(readFileSync(pathName, 'utf8'));
                 return { ...contract, contractName, abi };
             }
-            catch { }
+            catch (error) {
+                console.error('Error loading ABI from file:', error);
+            }
         }
@@ -27,0 +30,0 @@ return getAbiFromEtherscan(contractName, contract, config.etherscanApiKey, config.etherscanApi);

package.json

 {
   "name": "dappql",
-  "version": "2.0.18",
+  "version": "2.0.19",
   "description": "wagmi extension to easily query smart-contracts",
@@ -5,0 +5,0 @@ "main": "./lib/index.js",

New alerts

AI-detected possible typosquat

Supply chain risk

AI has identified this package as a potential typosquat of a more popular package. This suggests that the package may be intentionally mimicking another package's name, description, or other metadata.

Found 1 instance in 1 package

Fixed alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

14697

increased by1.14%

Lines of code

358

increased by0.85%

Worsened metrics

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes