grunt-jscrambler - npm Package Compare versions

Comparing version 1.0.2 to 1.0.3

package.json

 {
   "name": "grunt-jscrambler",
   "description": "Obfuscate your source files using the JScrambler API.",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "homepage": "https://github.com/jscrambler/grunt-jscrambler",
@@ -6,0 +6,0 @@ "scripts": {

tasks/jscrambler.js

@@ -9,3 +9,3 @@ /**
 var _ = require('lodash');
-var jScrambler = require('jscrambler').default;
+var jscrambler = require('jscrambler').default;
 var path = require('path');
@@ -22,15 +22,3 @@ var util = require('util');
 
-    jScrambler
-      .protectAndDownload({
-        host: options.host,
-        port: options.port,
-        keys: options.keys,
-        applicationId: options.applicationId,
-        filesSrc: this.filesSrc,
-        params: options.params
-      }, writeFile)
-      .then(done)
-      .catch(function (err) {
-        grunt.fail.fatal(util.inspect(err));
-      });
+    options.filesSrc = this.filesSrc;
 
@@ -50,2 +38,4 @@ function writeFile(buffer, file) {
             grunt.file.write(destPath, buffer);
+          } else if (elem.dest) {
+            grunt.file.write(path.join(elem.dest, file), buffer);
           }
@@ -55,3 +45,11 @@ });
     }
+
+    jscrambler
+      .protectAndDownload(options, writeFile)
+      .then(done)
+      .catch(function (err) {
+        grunt.fail.fatal(util.inspect(err));
+      });
   });
 };
+

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

1

decreased by-83.33%

Worsened metrics

Total package byte prevSize

77827

decreased by-26.31%

Number of package files

19

decreased by-5%

Lines of code

415

decreased by-73.17%

Number of medium supply chain risk alerts

2

increased byInfinity%

No dependency changes