Comparing version 2.3.1 to 2.3.2
@@ -78,7 +78,7 @@ var attrToProp = require('hyperscript-attribute-to-property') | ||
if (!cur[1][key]) cur[1][key] = strfn(parts[i][1]) | ||
else cur[1][key] = concat(cur[1][key], parts[i][1]) | ||
else parts[i][1]==="" || (cur[1][key] = concat(cur[1][key], parts[i][1])); | ||
} else if (parts[i][0] === VAR | ||
&& (parts[i][1] === ATTR_VALUE || parts[i][1] === ATTR_KEY)) { | ||
if (!cur[1][key]) cur[1][key] = strfn(parts[i][2]) | ||
else cur[1][key] = concat(cur[1][key], parts[i][2]) | ||
else parts[i][2]==="" || (cur[1][key] = concat(cur[1][key], parts[i][2])); | ||
} else { | ||
@@ -85,0 +85,0 @@ if (key.length && !cur[1][key] && i === j |
{ | ||
"name": "hyperx", | ||
"version": "2.3.1", | ||
"version": "2.3.2", | ||
"description": "tagged template string virtual dom builder", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
0
20747
19
402