keyv - npm Package Compare versions

Comparing version 4.0.1 to 4.0.2

package.json

 {
   "name": "keyv",
-  "version": "4.0.1",
+  "version": "4.0.2",
   "description": "Simple key-value storage with support for multiple backends",
@@ -5,0 +5,0 @@ "main": "src/index.js",

src/index.js

@@ -8,13 +8,13 @@ 'use strict';
 	const adapters = {
-		redis: '@keyv/redis',
-		mongodb: '@keyv/mongo',
-		mongo: '@keyv/mongo',
-		sqlite: '@keyv/sqlite',
-		postgresql: '@keyv/postgres',
-		postgres: '@keyv/postgres',
-		mysql: '@keyv/mysql'
+		redis: () => require('@keyv/redis'),
+		mongodb: () => require('@keyv/mongo'),
+		mongo: () => require('@keyv/mongo'),
+		sqlite: () => require('@keyv/sqlite'),
+		postgresql: () => require('@keyv/postgres'),
+		postgres: () => require('@keyv/postgres'),
+		mysql: () => require('@keyv/mysql')
 	};
 	if (opts.adapter || opts.uri) {
 		const adapter = opts.adapter || /^[^:]*/.exec(opts.uri)[0];
-		return new (require(adapters[adapter]))(opts);
+		return new (adapters[adapter]())(opts);
 	}
@@ -21,0 +21,0 @@

Fixed alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

15561

increased by0.63%

Number of low supply chain risk alerts

0

decreased by-100%

No dependency changes