Comparing version 1.11.2 to 1.11.3
@@ -10,2 +10,23 @@ exports.config = function(config){ | ||
deps.push(arg[1]); | ||
}else if(arg[0] == "mapPackage") { | ||
var parts = arg[1].split(":"), | ||
name = parts[0], | ||
location=parts[1], | ||
isPrexisting = false; | ||
for (var j = 0; j < config.packages.length; j++) { | ||
var pkg = config.packages[j]; | ||
if (pkg.name === name) { | ||
pkg.location = location; | ||
isPrexisting = true; | ||
break; | ||
} | ||
} | ||
if (!isPrexisting) { | ||
config.packages.push({ | ||
name: name, | ||
location: location | ||
}); | ||
} | ||
}else{ | ||
@@ -12,0 +33,0 @@ args.push(arg); |
@@ -26,2 +26,23 @@ function rhinoDojoConfig(config, baseUrl, rhinoArgs){ | ||
deps.push(arg[1]); | ||
}else if(arg[0] == "mapPackage") { | ||
var parts = arg[1].split(":"), | ||
name = parts[0], | ||
location=parts[1], | ||
isPrexisting = false; | ||
for (var j = 0; j < config.packages.length; j++) { | ||
var pkg = config.packages[j]; | ||
if (pkg.name === name) { | ||
pkg.location = location; | ||
isPrexisting = true; | ||
break; | ||
} | ||
} | ||
if (!isPrexisting) { | ||
config.packages.push({ | ||
name: name, | ||
location: location | ||
}); | ||
} | ||
} | ||
@@ -28,0 +49,0 @@ } |
@@ -9,2 +9,3 @@ define(["./kernel", "../has", "./lang"], function(dojo, has, lang){ | ||
if(!has("csp-restrictions")){ | ||
// 'new Function()' is preferable when available since it does not create a closure | ||
xtor = new Function; | ||
@@ -785,3 +786,8 @@ }else{ | ||
// chain in new constructor | ||
ctor = new Function; | ||
if (has("csp-restrictions")) { | ||
ctor = function () {}; | ||
} | ||
else { | ||
ctor = new Function; | ||
} | ||
ctor.superclass = superclass; | ||
@@ -814,2 +820,6 @@ ctor.prototype = proto; | ||
if(superclass && superclass.prototype && superclass.prototype["-chains-"]) { | ||
chains = mix(chains || {}, superclass.prototype["-chains-"]); | ||
} | ||
// build ctor | ||
@@ -816,0 +826,0 @@ t = !chains || !chains.hasOwnProperty(cname); |
@@ -83,3 +83,3 @@ define(["../has", "./config", "require", "module"], function(has, config, require, module){ | ||
var rev = "$Rev: 91fa0cb $".match(/[0-9a-f]{7,}/); | ||
var rev = "$Rev: d49fdc4 $".match(/[0-9a-f]{7,}/); | ||
dojo.version = { | ||
@@ -97,3 +97,3 @@ // summary: | ||
major: 1, minor: 11, patch: 2, flag: "", | ||
major: 1, minor: 11, patch: 3, flag: "", | ||
revision: rev ? rev[0] : NaN, | ||
@@ -100,0 +100,0 @@ toString: function(){ |
@@ -331,2 +331,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"it": true, | ||
@@ -333,0 +334,0 @@ "ja": true, |
@@ -422,2 +422,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"it": true, | ||
@@ -424,0 +425,0 @@ "ja": true, |
@@ -451,2 +451,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"ja": true, | ||
@@ -453,0 +454,0 @@ "ko": true, |
@@ -34,2 +34,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"it": true, | ||
@@ -36,0 +37,0 @@ "ja": true, |
@@ -451,2 +451,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"ja": true, | ||
@@ -453,0 +454,0 @@ "ko": true, |
@@ -452,2 +452,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"it": true, | ||
@@ -454,0 +455,0 @@ "ja": true, |
@@ -339,2 +339,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"it": true, | ||
@@ -341,0 +342,0 @@ "ja": true, |
@@ -343,2 +343,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"it": true, | ||
@@ -345,0 +346,0 @@ "ja": true, |
@@ -442,2 +442,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"ja": true, | ||
@@ -444,0 +445,0 @@ "nl": true, |
@@ -333,2 +333,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"it": true, | ||
@@ -335,0 +336,0 @@ "ja": true, |
@@ -1158,2 +1158,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"it": true, | ||
@@ -1160,0 +1161,0 @@ "ja": true, |
@@ -47,2 +47,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"it": true, | ||
@@ -49,0 +50,0 @@ "ja": true, |
@@ -322,2 +322,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"ja": true, | ||
@@ -324,0 +325,0 @@ "nl": true, |
@@ -458,2 +458,3 @@ define({ root: | ||
"hu": true, | ||
"id": true, | ||
"it": true, | ||
@@ -460,0 +461,0 @@ "ja": true, |
@@ -30,3 +30,3 @@ _Do you have a contribution? We welcome contributions, but please ensure that you read the following information | ||
We require all contributions, to be covered under the Dojo Foundation's [Contributor License Agreement][cla]. This can | ||
We require all contributions, to be covered under the JS Foundation's [Contributor License Agreement][cla]. This can | ||
be done electronically and essentially ensures that you are making it clear that your contributions are your | ||
@@ -37,7 +37,6 @@ contributions, you have the legal right to contribute and you are transferring the copyright of your works to the Dojo | ||
If you are an unfamiliar contributor to the committer assessing your pull request, it is best to make it clear how | ||
you are covered by a CLA in the notes of the pull request. The committer will [verify][claCheck] your status. | ||
you are covered by a CLA in the notes of the pull request. A bot will verify your status. | ||
If your GitHub user id you are submitting your pull request from differs from the Dojo Community ID or e-mail address | ||
which you have signed your CLA under, you should specifically note what you have your CLA filed under (and for CCLA | ||
that you are listed under your company's authorised contributors). | ||
If your GitHub user id you are submitting your pull request from differs from the e-mail address | ||
which you have signed your CLA under, you should specifically note what you have your CLA filed under. | ||
@@ -220,4 +219,3 @@ # Submitting a Pull Request | ||
[dojo-contrib]: http://mail.dojotoolkit.org/mailman/listinfo/dojo-contributors | ||
[cla]: http://dojofoundation.org/about/cla | ||
[claCheck]: http://dojofoundation.org/about/claCheck | ||
[cla]: https://js.foundation/CLA/ | ||
[Creating a Pull Request]: https://help.github.com/articles/creating-a-pull-request | ||
@@ -224,0 +222,0 @@ [Fork a Repo]: https://help.github.com/articles/fork-a-repo |
@@ -523,2 +523,3 @@ define([ | ||
var widthList = ['abbr', 'wide', 'narrow']; | ||
function _buildDateTimeRE(tokens, bundle, options, pattern){ | ||
@@ -545,3 +546,17 @@ pattern = regexp.escapeString(pattern); | ||
case 'L': | ||
s = (l>2) ? '\\S+?' : '1[0-2]|'+p2+'[1-9]'; | ||
if(l>2){ | ||
var months = bundle[ | ||
'months-' + | ||
(c == 'L' ? 'standAlone' : 'format') + | ||
'-' + widthList[l-3] | ||
].slice(0); | ||
s = months.join('|'); | ||
if(!options.strict){ | ||
s = s.replace(/\./g, ''); | ||
//Tolerate abbreviating period in month part | ||
s = '(?:' + s + ')\\.?'; | ||
} | ||
}else{ | ||
s = '1[0-2]|'+p2+'[1-9]'; | ||
} | ||
break; | ||
@@ -548,0 +563,0 @@ case 'D': |
@@ -86,6 +86,5 @@ define(["../_base/lang", "../sniff", "../_base/window", "../dom-geometry", "../dom-style", "../window"], | ||
var s = domStyle.getComputedStyle(n), | ||
overflow = (s.overflow.toLowerCase() in exports._validOverflow), | ||
overflowX = (s.overflowX.toLowerCase() in exports._validOverflow), | ||
overflowY = (s.overflowY.toLowerCase() in exports._validOverflow); | ||
if(overflow || overflowX || overflowY){ | ||
if(overflowX || overflowY){ | ||
b = domGeom.getContentBox(n, s); | ||
@@ -95,3 +94,3 @@ t = domGeom.position(n, true); | ||
// overflow-x | ||
if(overflow || overflowX){ | ||
if(overflowX){ | ||
w = Math.min(exports.H_TRIGGER_AUTOSCROLL, b.w / 2); | ||
@@ -117,3 +116,3 @@ rx = e.pageX - t.x; | ||
// overflow-y | ||
if(overflow || overflowY){ | ||
if(overflowY){ | ||
//console.log(b.l, b.t, t.x, t.y, n.scrollLeft, n.scrollTop); | ||
@@ -120,0 +119,0 @@ h = Math.min(exports.V_TRIGGER_AUTOSCROLL, b.h / 2); |
@@ -25,4 +25,4 @@ define([ | ||
// avatar's offset from the mouse | ||
OFFSET_X: has("touch") ? 0 : 16, | ||
OFFSET_Y: has("touch") ? -64 : 16, | ||
OFFSET_X: has("touch") ? 4 : 16, | ||
OFFSET_Y: has("touch") ? 4 : 16, | ||
@@ -29,0 +29,0 @@ // methods |
@@ -1,2 +0,2 @@ | ||
define(["./sniff", "./dom"], function(has, dom){ | ||
define(["./sniff", "./dom", "./_base/window"], function(has, dom, win){ | ||
// module: | ||
@@ -48,4 +48,6 @@ // dojo/dom-style | ||
getComputedStyle = function(node){ | ||
var dv = node.ownerDocument.defaultView, | ||
w = dv.opener ? dv : win.global.window.parent; | ||
return node.nodeType == 1 /* ELEMENT_NODE*/ ? | ||
node.ownerDocument.defaultView.getComputedStyle(node, null) : {}; | ||
w.getComputedStyle(node, null) : {}; | ||
}; | ||
@@ -52,0 +54,0 @@ } |
@@ -12,3 +12,3 @@ define(["./create"], function(create){ | ||
return create("CancelError", null, null, { dojoType: "cancel" }); | ||
return create("CancelError", null, null, { dojoType: "cancel", log: false }); | ||
}); |
123
i18n.js
@@ -245,5 +245,20 @@ define(["./_base/kernel", "require", "./has", "./_base/array", "./_base/config", "./_base/lang", "./has!host-browser?./_base/xhr", "./json", "module"], | ||
var match = nlsRe.exec(id), | ||
bundlePath = match[1] + "/", | ||
bundleName = match[5] || match[4], | ||
bundlePathAndName = bundlePath + bundleName, | ||
localeSpecified = (match[5] && match[4]), | ||
targetLocale = localeSpecified || dojo.locale || "", | ||
loadTarget = bundlePathAndName + "/" + targetLocale, | ||
loadList = localeSpecified ? [targetLocale] : getLocalesToLoad(targetLocale), | ||
remaining = loadList.length, | ||
finish = function(){ | ||
if(!--remaining){ | ||
load(lang.delegate(cache[loadTarget])); | ||
} | ||
}, | ||
split = id.split("*"), | ||
preloadDemand = split[1] == "preload"; | ||
if(has("dojo-preload-i18n-Api")){ | ||
var split = id.split("*"), | ||
preloadDemand = split[1] == "preload"; | ||
if(preloadDemand){ | ||
@@ -259,21 +274,19 @@ if(!cache[id]){ | ||
} | ||
if(preloadDemand || waitForPreloads(id, require, load)){ | ||
if(preloadDemand || (waitForPreloads(id, require, load) && !cache[loadTarget])){ | ||
return; | ||
} | ||
} | ||
else if (preloadDemand) { | ||
// If a build is created with nls resources and 'dojo-preload-i18n-Api' has not been set to false, | ||
// the built file will include a preload in the cache (which looks about like so:) | ||
// '*now':function(r){r(['dojo/i18n!*preload*dojo/nls/dojo*["ar","ca","cs","da","de","el","en-gb","en-us","es-es","fi-fi","fr-fr","he-il","hu","it-it","ja-jp","ko-kr","nl-nl","nb","pl","pt-br","pt-pt","ru","sk","sl","sv","th","tr","zh-tw","zh-cn","ROOT"]']);} | ||
// If the consumer of the build sets 'dojo-preload-i18n-Api' to false in the Dojo config, the cached | ||
// preload will not be parsed and will result in an attempt to call 'require' passing it the unparsed | ||
// preload, which is not a valid module id. | ||
// In this case we should skip this request. | ||
load(1); | ||
var match = nlsRe.exec(id), | ||
bundlePath = match[1] + "/", | ||
bundleName = match[5] || match[4], | ||
bundlePathAndName = bundlePath + bundleName, | ||
localeSpecified = (match[5] && match[4]), | ||
targetLocale = localeSpecified || dojo.locale || "", | ||
loadTarget = bundlePathAndName + "/" + targetLocale, | ||
loadList = localeSpecified ? [targetLocale] : getLocalesToLoad(targetLocale), | ||
remaining = loadList.length, | ||
finish = function(){ | ||
if(!--remaining){ | ||
load(lang.delegate(cache[loadTarget])); | ||
} | ||
}; | ||
return; | ||
} | ||
array.forEach(loadList, function(locale){ | ||
@@ -469,47 +482,49 @@ var target = bundlePathAndName + "/" + locale; | ||
var amdValue = {}, | ||
evalBundle = | ||
// use the function ctor to keep the minifiers away (also come close to global scope, but this is secondary) | ||
new Function( | ||
"__bundle", // the bundle to evalutate | ||
"__checkForLegacyModules", // a function that checks if __bundle defined __mid in the global space | ||
"__mid", // the mid that __bundle is intended to define | ||
"__amdValue", | ||
evalBundle, | ||
// returns one of: | ||
// 1 => the bundle was an AMD bundle | ||
// a legacy bundle object that is the value of __mid | ||
// instance of Error => could not figure out how to evaluate bundle | ||
syncRequire = function(deps, callback, require){ | ||
var results = []; | ||
array.forEach(deps, function(mid){ | ||
var url = require.toUrl(mid + ".js"); | ||
// used to detect when __bundle calls define | ||
"var define = function(mid, factory){define.called = 1; __amdValue.result = factory || mid;}," | ||
+ " require = function(){define.called = 1;};" | ||
function load(text){ | ||
if (!evalBundle) { | ||
// use the function ctor to keep the minifiers away (also come close to global scope, but this is secondary) | ||
evalBundle = new Function( | ||
"__bundle", // the bundle to evalutate | ||
"__checkForLegacyModules", // a function that checks if __bundle defined __mid in the global space | ||
"__mid", // the mid that __bundle is intended to define | ||
"__amdValue", | ||
+ "try{" | ||
+ "define.called = 0;" | ||
+ "eval(__bundle);" | ||
+ "if(define.called==1)" | ||
// bundle called define; therefore signal it's an AMD bundle | ||
+ "return __amdValue;" | ||
// returns one of: | ||
// 1 => the bundle was an AMD bundle | ||
// a legacy bundle object that is the value of __mid | ||
// instance of Error => could not figure out how to evaluate bundle | ||
+ "if((__checkForLegacyModules = __checkForLegacyModules(__mid)))" | ||
// bundle was probably a v1.6- built NLS flattened NLS bundle that defined __mid in the global space | ||
+ "return __checkForLegacyModules;" | ||
// used to detect when __bundle calls define | ||
"var define = function(mid, factory){define.called = 1; __amdValue.result = factory || mid;}," | ||
+ " require = function(){define.called = 1;};" | ||
+ "}catch(e){}" | ||
// evaulating the bundle was *neither* an AMD *nor* a legacy flattened bundle | ||
// either way, re-eval *after* surrounding with parentheses | ||
+ "try{" | ||
+ "define.called = 0;" | ||
+ "eval(__bundle);" | ||
+ "if(define.called==1)" | ||
// bundle called define; therefore signal it's an AMD bundle | ||
+ "return __amdValue;" | ||
+ "try{" | ||
+ "return eval('('+__bundle+')');" | ||
+ "}catch(e){" | ||
+ "return e;" | ||
+ "}" | ||
), | ||
+ "if((__checkForLegacyModules = __checkForLegacyModules(__mid)))" | ||
// bundle was probably a v1.6- built NLS flattened NLS bundle that defined __mid in the global space | ||
+ "return __checkForLegacyModules;" | ||
syncRequire = function(deps, callback, require){ | ||
var results = []; | ||
array.forEach(deps, function(mid){ | ||
var url = require.toUrl(mid + ".js"); | ||
+ "}catch(e){}" | ||
// evaulating the bundle was *neither* an AMD *nor* a legacy flattened bundle | ||
// either way, re-eval *after* surrounding with parentheses | ||
function load(text){ | ||
+ "try{" | ||
+ "return eval('('+__bundle+')');" | ||
+ "}catch(e){" | ||
+ "return e;" | ||
+ "}" | ||
); | ||
} | ||
var result = evalBundle(text, checkForLegacyModules, mid, amdValue); | ||
@@ -516,0 +531,0 @@ if(result===amdValue){ |
@@ -251,3 +251,3 @@ define([/*===== "./_base/declare", =====*/ "./_base/lang", "./i18n", "./i18n!./cldr/nls/number", "./string", "./regexp"], | ||
groupSize = groupSize2; | ||
delete groupSize2; | ||
groupSize2 = undefined; | ||
} | ||
@@ -254,0 +254,0 @@ } |
{ | ||
"name": "dojo", | ||
"version": "1.11.2", | ||
"version": "1.11.3", | ||
"directories": { | ||
@@ -14,3 +14,3 @@ "lib": "." | ||
"sinon": "1.12.2", | ||
"dojo": "1.11.2" | ||
"dojo": "1.11.3" | ||
}, | ||
@@ -17,0 +17,0 @@ "main": "main", |
@@ -10,2 +10,5 @@ define([ | ||
function logError(error, rejection, deferred){ | ||
if(error && error.log === false){ | ||
return; | ||
} | ||
var stack = ""; | ||
@@ -12,0 +15,0 @@ if(error && error.stack){ |
@@ -23,3 +23,3 @@ # dojo | ||
The Dojo Toolkit (including this package) is dual licensed under BSD 3-Clause and AFL. For more information on the | ||
license please see the [License Information][]. The Dojo Toolkit is Copyright (c) 2005-2016, The Dojo Foundation. All | ||
license please see the [License Information][]. The Dojo Toolkit is Copyright (c) 2005-2016, The JS Foundation. All | ||
rights reserved. | ||
@@ -26,0 +26,0 @@ |
@@ -218,3 +218,4 @@ define([ | ||
var data = options.data, | ||
// IE11 treats data: undefined different than other browsers | ||
var data = typeof(options.data) === 'undefined' ? null : options.data, | ||
async = !options.sync, | ||
@@ -221,0 +222,0 @@ method = options.method; |
@@ -143,3 +143,3 @@ # Dojo Tests | ||
suite in all of the browsers defined in `tests/dojo.intern.js`. SauceLabs | ||
requires an account (SL offers free accounts). The Dojo Foundation has an | ||
requires an account (SL offers free accounts). The JS Foundation has an | ||
account, but please use your own when running your own tests. | ||
@@ -146,0 +146,0 @@ |
@@ -6,3 +6,3 @@ define([ | ||
'dojo/when', | ||
'dojo/_base/Deferred' | ||
'testing/_base/Deferred' | ||
], function ( | ||
@@ -152,2 +152,42 @@ registerSuite, | ||
'.cancel() doesn\'t write to console': function () { | ||
var testDef = new Deferred(); | ||
require(['dojo/has', 'testing/Deferred', 'testing/promise/instrumentation'], | ||
function(has, | ||
NewDeferred, | ||
instrumentation) { | ||
var origUseDeferredInstrumentation = has('config-useDeferredInstrumentation'); | ||
has.add('config-useDeferredInstrumentation', "report-unhandled-rejections", null, true); | ||
instrumentation(NewDeferred); | ||
require(['testing/promise/instrumentation'], function () { | ||
var def = new Deferred(), | ||
errOrig = console.error, | ||
errorThrown = false; | ||
console.error = function (s) { | ||
if(s == "CancelError"){ | ||
console.error = errOrig; | ||
testDef.reject(s); | ||
} | ||
errOrig.apply(null, arguments); | ||
} | ||
setTimeout(function() { | ||
if (!testDef.isCanceled() && !testDef.isFulfilled()) { | ||
testDef.resolve(); | ||
} | ||
has.add('config-useDeferredInstrumentation', origUseDeferredInstrumentation, null, true); | ||
instrumentation(NewDeferred); | ||
}, 2500); | ||
def.cancel(); | ||
} | ||
); | ||
}); | ||
return testDef.promise; | ||
}, | ||
'.error() result': function () { | ||
@@ -154,0 +194,0 @@ var def = new Deferred(); |
@@ -606,5 +606,6 @@ define([ | ||
var fragment; | ||
var container; | ||
function clearTarget() { | ||
document.body.innerHTML = ""; | ||
domConstruct.empty(container); | ||
child = domConstruct.toDom(HTMLString); | ||
@@ -618,9 +619,9 @@ nodes.last = domConstruct.toDom(lastHtml); | ||
nodes.pos = domConstruct.toDom(posHtml); | ||
document.body.appendChild(nodes.last); | ||
document.body.appendChild(nodes.first); | ||
document.body.appendChild(nodes.before); | ||
document.body.appendChild(nodes.after); | ||
document.body.appendChild(nodes.replace); | ||
document.body.appendChild(nodes.only); | ||
document.body.appendChild(nodes.pos); | ||
container.appendChild(nodes.last); | ||
container.appendChild(nodes.first); | ||
container.appendChild(nodes.before); | ||
container.appendChild(nodes.after); | ||
container.appendChild(nodes.replace); | ||
container.appendChild(nodes.only); | ||
container.appendChild(nodes.pos); | ||
fragment = document.createDocumentFragment(); | ||
@@ -639,2 +640,10 @@ fragment.appendChild(document.createElement("div")); | ||
return { | ||
setup: function () { | ||
document.body.innerHTML = ""; | ||
container = document.createElement("div"); | ||
document.body.appendChild(container); | ||
}, | ||
teardown: function () { | ||
document.body.removeChild(container); | ||
}, | ||
beforeEach: clearTarget, | ||
@@ -751,3 +760,2 @@ "last - place html string with node reference": function () { | ||
}, | ||
setUp: clearTarget, | ||
"only - place html string with fragment reference": function () { | ||
@@ -754,0 +762,0 @@ domConstruct.place(HTMLString, fragment, "only"); |
@@ -53,2 +53,20 @@ define([ | ||
} | ||
}, | ||
"does not throw on frame elements": function () { | ||
var node = document.createElement("div"), | ||
frame = document.createElement("iframe"), | ||
frameDoc; | ||
node.appendChild(frame); | ||
container.appendChild(node); | ||
domStyle.set(frame, "display", "none"); | ||
frameDoc = frame.contentWindow.document | ||
frameDoc.open(); | ||
frameDoc.write("<!doctype html><html><body><div>Test</div></body></html>"); | ||
frameDoc.close(); | ||
assert.isNotNull(domStyle.getComputedStyle(frameDoc.body)); | ||
} | ||
@@ -55,0 +73,0 @@ }, |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
4621817
1263
137428
8
201