realm-web - npm Package Compare versions

Comparing version 1.5.0 to 1.5.1

dist/bundle.d.ts

@@ -1070,3 +1070,3 @@ /// <reference path="../types/realm/app.d.ts" />
      */
-    private readonly window;
+    private readonly global;
     /**
@@ -1073,0 +1073,0 @@ * Constructs a LocalStorage using the global window.

package.json

 {
   "name": "realm-web",
-  "version": "1.5.0",
+  "version": "1.5.1",
   "description": "Authenticate and communicate with the MongoDB Realm platform, from your web-browser",
@@ -49,5 +49,5 @@ "main": "./dist/bundle.cjs.js",
     "@realm.io/common": "^0.1.1",
-    "bson": "^4.2.0",
-    "detect-browser": "^5.1.1",
-    "js-base64": "^2.6.3"
+    "bson": "^4.5.4",
+    "detect-browser": "^5.2.1",
+    "js-base64": "^3.7.2"
   },
@@ -65,3 +65,3 @@ "optionalDependencies": {
     "@types/fs-extra": "^8.1.0",
-    "@types/js-base64": "^2.3.2",
+    "@types/js-base64": "^3.3.1",
     "@types/mocha": "^7.0.1",
@@ -68,0 +68,0 @@ "@types/node": "^13.7.6",

README.md

@@ -22,3 +22,3 @@ # Realm Web
 ```html
-<script src="https://unpkg.com/realm-web@1.5.0/dist/bundle.iife.js"></script>
+<script src="https://unpkg.com/realm-web@1.5.1/dist/bundle.iife.js"></script>
 ```
@@ -25,0 +25,0 @@

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1069145

increased by0.06%

Lines of code

27194

increased by0.66%

Worsened metrics

Number of medium supply chain risk alerts

5

increased by150%

Dependency changes

• + Addedjs-base64@3.7.7(transitive)

• - Removedjs-base64@2.6.4(transitive)

• Updatedbson@^4.5.4

• Updateddetect-browser@^5.2.1

• Updatedjs-base64@^3.7.2