esprima - npm Package Compare versions
Comparing version 2.3.0 to 2.4.0
@@ -10,8 +10,6 @@ { | ||
| }, | ||
| "version": "2.3.0", | ||
| "version": "2.4.0", | ||
| "files": [ | ||
| "bin", | ||
| "test/run.js", | ||
| "test/runner.js", | ||
| "test/test.js", | ||
| "unit-tests.js", | ||
| "esprima.js" | ||
@@ -42,3 +40,3 @@ ], | ||
| "jscs": "~1.13.1", | ||
| "istanbul": "~0.3.15", | ||
| "istanbul": "~0.3.16", | ||
| "escomplex-js": "1.2.0", | ||
@@ -49,3 +47,4 @@ "complexity-report": "~1.4.0", | ||
| "json-diff": "~0.3.1", | ||
| "optimist": "~0.6.0" | ||
| "optimist": "~0.6.0", | ||
| "coveralls": "~2.11.2" | ||
| }, | ||
@@ -62,3 +61,3 @@ "keywords": [ | ||
| "test": "node test/run.js && npm run lint && npm run coverage", | ||
| "test": "node unit-tests.js && npm run lint && npm run coverage", | ||
@@ -69,3 +68,3 @@ "lint": "npm run check-version && npm run eslint && npm run jscs && npm run complexity", | ||
| "eslint": "node node_modules/eslint/bin/eslint.js esprima.js", | ||
| "complexity": "node tools/list-complexity.js && cr -s -l -w --maxcyc 17 esprima.js", | ||
| "complexity": "node tools/list-complexity.js && cr -s -l -w --maxcyc 19 esprima.js", | ||
@@ -77,4 +76,6 @@ "coverage": "npm run analyze-coverage && npm run check-coverage", | ||
| "benchmark": "node test/benchmarks.js", | ||
| "benchmark-quick": "node test/benchmarks.js quick" | ||
| "benchmark-quick": "node test/benchmarks.js quick", | ||
| "travis": "npm test && coveralls < ./coverage/lcov.info" | ||
| } | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-33.33%
4
- Number of medium supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-6.97%
200354
- Dev dependency count
- increased by11.11%
10
- Number of package files
- decreased by-11.11%
8
- Lines of code
- decreased by-7.58%
4941