protobufjs
Advanced tools
Comparing version 6.11.2 to 6.11.3
{ | ||
"name": "protobufjs", | ||
"version": "6.11.2", | ||
"version": "6.11.3", | ||
"versionScheme": "~", | ||
@@ -64,5 +64,5 @@ "description": "Protocol Buffers for JavaScript (& TypeScript).", | ||
"chalk": "^4.0.0", | ||
"escodegen": "^2.0.0", | ||
"eslint": "^7.0.0", | ||
"escodegen": "^1.13.0", | ||
"espree": "^7.0.0", | ||
"eslint": "^8.15.0", | ||
"estraverse": "^5.1.0", | ||
@@ -69,0 +69,0 @@ "gh-pages": "^3.0.0", |
@@ -179,2 +179,5 @@ "use strict"; | ||
var part = path.shift(); | ||
if (part === "__proto__") { | ||
return dst; | ||
} | ||
if (path.length > 0) { | ||
@@ -181,0 +184,0 @@ dst[part] = setProp(dst[part] || {}, path, value); |
Sorry, the diff of this file is too big to display
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Mixed license
License(Experimental) Package contains multiple licenses.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 2 instances in 1 package
Mixed license
License(Experimental) Package contains multiple licenses.
Found 1 instance in 1 package
16
3250480
115
39396