lexical-scope - npm Package Compare versions

Comparing version 0.0.15 to 0.1.0

index.js

@@ -8,3 +8,9 @@ var astw = require('astw');
     
-    src = String(src).replace(/^#![^\n]*\n/, '');
+    if (typeof src === 'string') {
+        src = String(src).replace(/^#![^\n]*\n/, '');
+    }
+    if (src && typeof src === 'object'
+    && typeof src.copy === 'function' && typeof src.toString === 'function') {
+        src = src.toString('utf8');
+    }
     var walk = astw(src);
@@ -11,0 +17,0 @@

package.json

 {
-    "name": "lexical-scope",
-    "version": "0.0.15",
-    "description": "detect global and local lexical identifiers from javascript source code",
-    "main": "index.js",
-    "dependencies": {
-        "astw": "~0.0.0"
-    },
-    "devDependencies": {
-        "tap": "~0.4.0",
-        "tape": "~0.3.3",
-        "brfs": "~0.0.3"
-    },
-    "scripts": {
-        "test": "tap test/*.js"
-    },
-    "testling" : {
-        "preprocess" : "./test/testling.sh",
-        "html" : "test/temp/test.html",
-        "browsers" : [
-            "ie/6", "ie/7", "ie/8", "ie/9", "ie/10",
-            "chrome/20", "chrome/latest",
-            "firefox/10", "firefox/15", "firefox/latest",
-            "safari/latest",
-            "opera/11.0", "opera/latest"
-        ]
-    },
-    "repository": {
-        "type": "git",
-        "url": "git://github.com/substack/lexical-scope.git"
-    },
-    "homepage": "https://github.com/substack/lexical-scope",
-    "keywords": [
-        "ast",
-        "variable",
-        "name",
-        "lexical",
-        "local",
-        "global",
-        "implicit",
-        "exported"
-    ],
-    "author": {
-        "name": "James Halliday",
-        "email": "mail@substack.net",
-        "url": "http://substack.net"
-    },
-    "license": "MIT"
+  "name": "lexical-scope",
+  "version": "0.1.0",
+  "description": "detect global and local lexical identifiers from javascript source code",
+  "main": "index.js",
+  "dependencies": {
+    "astw": "~0.1.0"
+  },
+  "devDependencies": {
+    "tape": "~2.4.1",
+    "brfs": "~0.0.3"
+  },
+  "scripts": {
+    "test": "tape test/*.js"
+  },
+  "testling": {
+    "files": "test/*.js",
+    "browsers": [
+      "ie/6",
+      "ie/7",
+      "ie/8",
+      "ie/9",
+      "ie/10",
+      "chrome/20",
+      "chrome/latest",
+      "firefox/10",
+      "firefox/15",
+      "firefox/latest",
+      "safari/latest",
+      "opera/11.0",
+      "opera/latest"
+    ]
+  },
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/substack/lexical-scope.git"
+  },
+  "homepage": "https://github.com/substack/lexical-scope",
+  "keywords": [
+    "ast",
+    "variable",
+    "name",
+    "lexical",
+    "local",
+    "global",
+    "implicit",
+    "exported"
+  ],
+  "author": {
+    "name": "James Halliday",
+    "email": "mail@substack.net",
+    "url": "http://substack.net"
+  },
+  "license": "MIT"
 }
-

test/package.json

 {
-  "name": "lexical-scope-test",
-  "version": "0.0.0",
   "browserify": { "transform": "brfs" }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

High entropy strings

Supply chain risk

Contains high entropy strings. This could be a sign of encrypted data, leaked secrets or obfuscated code.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Dev dependency count

2

decreased by-33.33%

Number of low supply chain risk alerts

13

decreased by-55.17%

Worsened metrics

Total package byte prevSize

110286

decreased by-63.78%

Number of package files

32

decreased by-11.11%

Lines of code

656

decreased by-89.19%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedastw@0.1.0(transitive)

• - Removedastw@0.0.0(transitive)

• - Removedesprima@1.0.2(transitive)

• Updatedastw@~0.1.0