jwcrypto - npm Package Compare versions
Comparing version 0.3.1 to 0.3.2
@@ -29,5 +29,5 @@ /* This Source Code Form is subject to the terms of the Mozilla Public | ||
| // go through callbacks | ||
| POST_SEED_CALLBACKS.forEach(function(one_cb) { | ||
| one_cb(); | ||
| }); | ||
| for (var i = 0; i < POST_SEED_CALLBACKS.length; i++) { | ||
| POST_SEED_CALLBACKS[i](); | ||
| } | ||
@@ -34,0 +34,0 @@ // clean up as null so that weird egregious errors will |
| { | ||
| "name": "jwcrypto" | ||
| , "version": "0.3.1" | ||
| , "version": "0.3.2" | ||
| , "dependencies": { | ||
@@ -5,0 +5,0 @@ "browserify": "1.8.1", |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
New alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Fixed alerts
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by34.49%
474473
- Lines of code
- increased by74.53%
10374
- Number of medium supply chain risk alerts
- decreased by-33.33%
2
Worsened metrics
- Number of package files
- decreased by-17.33%
62
- Number of low supply chain risk alerts
- increased by87.5%
15