insert-module-globals - npm Package Compare versions

Comparing version 7.0.1 to 7.0.2

index.js

@@ -12,6 +12,6 @@ var parseScope = require('lexical-scope');
   var relpath = path.relative(path.dirname(fromPath), fullPath);
-  // If fullPath is in the same directory as fromPath, relpath will
-  // result in something like "index.js". require() needs "./" prepended
-  // to these paths.
-  if (path.dirname(relpath) === '.') {
+  // If fullPath is in the same directory or a subdirectory of fromPath,
+  // relpath will result in something like "index.js", "src/abc.js".
+  // require() needs "./" prepended to these paths.
+  if (!/^\./.test(relpath)) {
     relpath = "./" + relpath;
@@ -18,0 +18,0 @@ }

package.json

 {
   "name": "insert-module-globals",
-  "version": "7.0.1",
+  "version": "7.0.2",
   "description": "insert implicit module globals into a module-deps stream",
@@ -5,0 +5,0 @@ "main": "index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

27137

increased by7.15%

Number of package files

37

increased by8.82%

Lines of code

603

increased by9.84%

Worsened metrics

Number of low supply chain risk alerts

18

increased by20%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes