jwcrypto - npm Package Compare versions
Comparing version 0.2.2 to 0.2.3
| { | ||
| "name": "jwcrypto" | ||
| , "version": "0.2.2" | ||
| , "version": "0.2.3" | ||
| , "dependencies": { | ||
@@ -5,0 +5,0 @@ "browserify": "1.8.1", |
@@ -35,2 +35,9 @@ JavaScript implementation of JSON Web Signatures and JSON Web Tokens, especially as needed by BrowserID. | ||
| Usage | ||
| ===== | ||
| 1. ensure that `libgmp` is installed on your system, it's required by [bigint](https://github.com/substack/node-bigint), upon which jwcrypto depends | ||
| 2. npm install jwcrypto | ||
| 3. in javascript: `require('jwcrypto')` | ||
| Basic API | ||
@@ -37,0 +44,0 @@ ========= |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Fixed alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by15.97%
336864
- Number of package files
- increased by19.3%
68
- Lines of code
- increased by0.63%
5760
- Number of lines in readme file
- increased by4.19%
174
Worsened metrics
- Number of low supply chain risk alerts
- increased by85.71%
13
- Number of medium supply chain risk alerts
- increased by100%
2