requirejs
Advanced tools
Comparing version 2.1.22 to 2.2.0
{ | ||
"name": "requirejs", | ||
"description": "Node adapter for RequireJS, for loading AMD modules. Includes RequireJS optimizer", | ||
"version": "2.1.22", | ||
"version": "2.2.0", | ||
"homepage": "http://github.com/jrburke/r.js", | ||
"author": "James Burke <jrburke@gmail.com> (http://github.com/jrburke)", | ||
"licenses": [ | ||
{ | ||
"type": "BSD", | ||
"url": "https://github.com/jrburke/r.js/blob/master/LICENSE" | ||
}, | ||
{ | ||
"type": "MIT", | ||
"url": "https://github.com/jrburke/r.js/blob/master/LICENSE" | ||
} | ||
], | ||
"license": "MIT", | ||
"repository": { | ||
@@ -23,3 +14,4 @@ "type": "git", | ||
"bin": { | ||
"r.js": "./bin/r.js" | ||
"r.js": "./bin/r.js", | ||
"r_js": "./bin/r.js" | ||
}, | ||
@@ -26,0 +18,0 @@ "engines": { |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
1099169
25896
28
16