regenerator - npm Package Compare versions

Comparing version 0.5.0 to 0.5.1

package.json

@@ -19,3 +19,3 @@ {
   ],
-  "version": "0.5.0",
+  "version": "0.5.1",
   "homepage": "http://github.com/facebook/regenerator",
@@ -22,0 +22,0 @@ "repository": {

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

High entropy strings

Supply chain risk

Contains high entropy strings. This could be a sign of encrypted data, leaked secrets or obfuscated code.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

972114

increased by1066.89%

Number of package files

18

increased by5.88%

Lines of code

26768

increased by1169.83%

Worsened metrics

Number of low supply chain risk alerts

14

increased by600%

Number of medium supply chain risk alerts

2

increased byInfinity%

No dependency changes