flow-parser - npm Package Compare versions

Comparing version 0.293.0 to 0.294.0

package.json

 {
   "name": "flow-parser",
-  "version": "0.293.0",
+  "version": "0.294.0",
   "description": "JavaScript parser written in OCaml. Produces ESTree AST",
@@ -5,0 +5,0 @@ "homepage": "https://flow.org",

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

761119

-0.1%

Lines of code

12854

-0.26%

Number of medium supply chain risk alerts

1

Infinity%

No dependency changes