ligolang - npm Package Compare versions
Comparing version 0.69.0-macos-m1.d63c34412535fadfd98859dd8dad630fe08e90c2 to 0.69.0-web.d63c34412535fadfd98859dd8dad630fe08e90c2
| { | ||
| "description": "A high-level language which compiles to Michelson", | ||
| "license": "MIT", | ||
| "name": "ligolang", | ||
| "version": "0.69.0-macos-m1.d63c34412535fadfd98859dd8dad630fe08e90c2", | ||
| "module": "./ligo.js", | ||
| "version": "0.69.0-web.d63c34412535fadfd98859dd8dad630fe08e90c2", | ||
| "scripts": { | ||
| "postinstall": "node -e \"process.env['OCAML_VERSION']='ocaml'; process.env['OCAML_PKG_NAME']='n.00.0000'; process.env['ESY_RELEASE_REWRITE_PREFIX']=true; require('./esyInstallRelease.js')\"" | ||
| "build": "cp ../_build/default/src/bin/js_main*.js . && chmod u+rw js_main.bc.* && rollup -c ./rollup.config.mjs" | ||
| }, | ||
| "bin": { | ||
| "ligo": "bin/ligo" | ||
| "files": [ | ||
| "ligo.js", | ||
| "js_main.bc.js" | ||
| ], | ||
| "dependencies": { | ||
| "@ligolang/ocaml-bls12-381": "latest", | ||
| "@ligolang/secp256k1-wasm": "latest", | ||
| "@ligolang/hacl-wasm": "latest" | ||
| }, | ||
| "devDependencies": { | ||
| "@rollup/plugin-commonjs": "^24.0.0", | ||
| "@rollup/plugin-json": "^6.0.0", | ||
| "@rollup/plugin-node-resolve": "*", | ||
| "@web/rollup-plugin-import-meta-assets": "^1.0.7", | ||
| "rollup": "*", | ||
| "rollup-plugin-polyfill-node": "^0.11.0" | ||
| }, | ||
| "override": { | ||
| "buildEnv": { | ||
| "LIGO_VERSION": "0.69.0-macos-m1.d63c34412535fadfd98859dd8dad630fe08e90c2" | ||
| "LIGO_VERSION": "0.69.0-web.d63c34412535fadfd98859dd8dad630fe08e90c2" | ||
| } | ||
| } | ||
| } |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
No License Found
License(Experimental) License information could not be found.
Found 1 instance in 1 package
Fixed alerts
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
No README
QualityPackage does not have a README. This may indicate a failed publish or a low quality package.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 2 instances in 1 package
Improved metrics
- Number of medium quality alerts
- decreased by-100%
0
- Number of lines in readme file
- increased byInfinity%
9
- Number of high supply chain risk alerts
- decreased by-100%
0
- Number of low supply chain risk alerts
- decreased by-93.33%
1
- Number of medium supply chain risk alerts
- decreased by-92.31%
1
Worsened metrics
- Total package byte prevSize
- decreased by-40.63%
105120147
- Dependency count
- increased byInfinity%
3
- Dev dependency count
- increased byInfinity%
6
- Number of package files
- decreased by-63.64%
4
- Number of low license alerts
- increased byInfinity%
1
- Lines of code
- decreased by-90.97%
1035
Dependency changes
+ Added@ligolang/hacl-wasm@latest
+ Added@ligolang/hacl-wasm@1.1.0-dev.1(transitive)
+ Added@ligolang/ocaml-bls12-381@5.0.0-dev.2(transitive)
+ Added@ligolang/secp256k1-wasm@0.4.0-dev.2(transitive)