impress
Advanced tools
Comparing version 3.0.2 to 3.0.3
@@ -20,2 +20,3 @@ 'use strict'; | ||
| port2.on('message', ({ error, data }) => { | ||
| port2.close(); | ||
| if (error) reject(error); | ||
@@ -22,0 +23,0 @@ else resolve(data); |
@@ -47,2 +47,18 @@ 'use strict'; | ||
| const validSubmodules = (key) => | ||
| key !== '' && !key.includes('*') && !key.includes('.'); | ||
| const loadModule = (name) => { | ||
| const lib = appRequire(name); | ||
| const pkg = require(`${CWD}/node_modules/${name}/package.json`); | ||
| if (!pkg.exports) return lib; | ||
| const subKeys = Object.keys(pkg.exports).map((key) => key.substring(2)); | ||
| const subNames = subKeys.filter(validSubmodules); | ||
| for (const subName of subNames) { | ||
| const sub = appRequire(name + '/' + subName); | ||
| lib[subName] = sub; | ||
| } | ||
| return lib; | ||
| }; | ||
| for (const name of dependencies) { | ||
@@ -52,3 +68,7 @@ if (name === 'impress') continue; | ||
| try { | ||
| lib = internals.includes(name) ? require(`node:${name}`) : appRequire(name); | ||
| if (internals.includes(name)) { | ||
| lib = require(`node:${name}`); | ||
| } else { | ||
| lib = loadModule(name); | ||
| } | ||
| } catch { | ||
@@ -55,0 +75,0 @@ if (npmpkg.includes(name) || !optional.includes(name)) { |
@@ -191,2 +191,3 @@ 'use strict'; | ||
| port2.on('message', ({ error, data }) => { | ||
| port2.close(); | ||
| if (error) reject(error); | ||
@@ -193,0 +194,0 @@ else resolve(data); |
@@ -9,2 +9,3 @@ 'use strict'; | ||
| port2.on('message', ({ id }) => { | ||
| port2.close(); | ||
| resolve(id); | ||
@@ -11,0 +12,0 @@ }); |
| { | ||
| "name": "impress", | ||
| "version": "3.0.2", | ||
| "version": "3.0.3", | ||
| "author": "Timur Shemsedinov <timur.shemsedinov@gmail.com>", | ||
@@ -65,3 +65,3 @@ "description": "Enterprise application server for Node.js", | ||
| "dependencies": { | ||
| "metacom": "^3.0.1", | ||
| "metacom": "^3.0.2", | ||
| "metaconfiguration": "^2.1.11", | ||
@@ -75,13 +75,13 @@ "metalog": "^3.1.12", | ||
| "devDependencies": { | ||
| "@types/node": "^20.4.5", | ||
| "@types/node": "^20.5.0", | ||
| "@types/ws": "^8.5.5", | ||
| "eslint": "^8.46.0", | ||
| "eslint": "^8.47.0", | ||
| "eslint-config-metarhia": "^8.2.1", | ||
| "eslint-config-prettier": "^8.9.0", | ||
| "eslint-config-prettier": "^9.0.0", | ||
| "eslint-plugin-import": "^2.28.0", | ||
| "eslint-plugin-prettier": "^5.0.0", | ||
| "metatests": "^0.8.2", | ||
| "prettier": "^3.0.0", | ||
| "prettier": "^3.0.1", | ||
| "typescript": "^5.1.6" | ||
| } | ||
| } |
New alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.97%
64357
- Lines of code
- increased by1.26%
1688
Worsened metrics
- Number of low supply chain risk alerts
- increased by25%
5
Dependency changes
Updatedmetacom@^3.0.2