hydra-synth
Advanced tools
hydra-synth - npm Package Compare versions
Comparing version 1.3.25 to 1.3.26
| # Changelog | ||
| ## [1.3.26] - 2023-04-26 | ||
| ### Fixed | ||
| - reverted changes from [1.3.25], see [here](https://github.com/hydra-synth/hydra-synth/pull/136#issuecomment-1523606639) | ||
| ## [1.3.25] - 2023-04-19 | ||
@@ -3,0 +7,0 @@ ### Changed |
| { | ||
| "name": "hydra-synth", | ||
| "version": "1.3.25", | ||
| "version": "1.3.26", | ||
| "description": "base synth for hydra-editor", | ||
@@ -5,0 +5,0 @@ "type": "module", |
@@ -23,8 +23,7 @@ // attempt custom evaluation sandbox for hydra functions | ||
| function createSandbox(initial) { | ||
| Function(initial)(); | ||
| function createSandbox (initial) { | ||
| eval(initial) | ||
| // optional params | ||
| var localEval = function (code) { | ||
| Function(code)(); | ||
| var localEval = function (code) { | ||
| eval(code) | ||
| } | ||
@@ -31,0 +30,0 @@ |
Sorry, the diff of this file is too big to display
New alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Fixed alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.01%
1784009