e2b - npm Package Compare versions

Comparing version 2.24.1-connections.1189.0 to 2.25.0

package.json

 {
   "name": "e2b",
-  "version": "2.24.1-connections.1189.0",
+  "version": "2.25.0",
   "description": "E2B SDK that give agents cloud environments",
@@ -25,24 +25,2 @@ "homepage": "https://e2b.dev",
   "types": "dist/index.d.ts",
-  "scripts": {
-    "prepublishOnly": "pnpm build",
-    "build": "tsc --noEmit && tsup",
-    "dev": "tsup --watch",
-    "example": "tsx example.mts",
-    "test": "vitest run",
-    "generate": "npm-run-all generate:* && pnpm run format",
-    "generate:api": "python ./../../spec/remove_extra_tags.py sandboxes snapshots templates tags auth volumes && openapi-typescript ../../spec/openapi_generated.yml -x api_key --array-length --alphabetize --default-non-nullable false --output src/api/schema.gen.ts",
-    "generate:envd": "cd ../../spec/envd && buf generate --template buf-js.gen.yaml\n",
-    "generate:envd-api": "openapi-typescript ../../spec/envd/envd.yaml -x api_key --array-length --alphabetize --output src/envd/schema.gen.ts",
-    "generate:volume-api": "openapi-typescript ../../spec/openapi-volumecontent.yml -x api_key --array-length --alphabetize --output src/volume/schema.gen.ts",
-    "generate:mcp": "json2ts -i ./../../spec/mcp-server.json -o src/sandbox/mcp.d.ts --unreachableDefinitions --style.singleQuote --no-style.semi",
-    "check-deps": "knip",
-    "pretest": "npx playwright install --with-deps chromium",
-    "postPublish": "./scripts/post-publish.sh || true",
-    "test:bun": "bun test tests/runtimes/bun --env-file=.env",
-    "test:deno": "deno test tests/runtimes/deno/ --allow-net --allow-read --allow-env --unstable-sloppy-imports --trace-leaks",
-    "test:integration": "E2B_INTEGRATION_TEST=1 vitest run tests/integration/**",
-    "typecheck": "tsc --noEmit",
-    "lint": "eslint src/ tests/",
-    "format": "prettier --write src/ tests/ example.mts"
-  },
   "devDependencies": {
@@ -108,3 +86,24 @@ "@testing-library/react": "^16.2.0",
     "defaults"
-  ]
-}
+  ],
+  "scripts": {
+    "build": "tsc --noEmit && tsup",
+    "dev": "tsup --watch",
+    "example": "tsx example.mts",
+    "test": "vitest run",
+    "generate": "npm-run-all generate:* && pnpm run format",
+    "generate:api": "python ./../../spec/remove_extra_tags.py sandboxes snapshots templates tags auth volumes && openapi-typescript ../../spec/openapi_generated.yml -x api_key --array-length --alphabetize --default-non-nullable false --output src/api/schema.gen.ts",
+    "generate:envd": "cd ../../spec/envd && buf generate --template buf-js.gen.yaml\n",
+    "generate:envd-api": "openapi-typescript ../../spec/envd/envd.yaml -x api_key --array-length --alphabetize --output src/envd/schema.gen.ts",
+    "generate:volume-api": "openapi-typescript ../../spec/openapi-volumecontent.yml -x api_key --array-length --alphabetize --output src/volume/schema.gen.ts",
+    "generate:mcp": "json2ts -i ./../../spec/mcp-server.json -o src/sandbox/mcp.d.ts --unreachableDefinitions --style.singleQuote --no-style.semi",
+    "check-deps": "knip",
+    "pretest": "npx playwright install --with-deps chromium",
+    "postPublish": "./scripts/post-publish.sh || true",
+    "test:bun": "bun test tests/runtimes/bun --env-file=.env",
+    "test:deno": "deno test tests/runtimes/deno/ --allow-net --allow-read --allow-env --unstable-sloppy-imports --trace-leaks",
+    "test:integration": "E2B_INTEGRATION_TEST=1 vitest run tests/integration/**",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint src/ tests/",
+    "format": "prettier --write src/ tests/ example.mts"
+  }
+}

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1953958

3.34%

Lines of code

22499

2.65%

Number of low quality alerts

0

-100%

Worsened metrics

Number of low supply chain risk alerts

78

5.41%

No dependency changes