rocambole - npm Package Compare versions
+1
-1
| { | ||
| "name": "rocambole", | ||
| "version": "0.3.2", | ||
| "version": "0.3.3", | ||
| "description": "Recursively walk and transform EcmaScript AST", | ||
@@ -5,0 +5,0 @@ "main": "rocambole.js", |
+4
-0
@@ -230,2 +230,6 @@ # Rocambole [](https://travis-ci.org/millermedeiros/rocambole) | ||
| ### v0.3.3 (2014/04/26) | ||
| - add `toString` to empty programs AST (#16) | ||
| ### v0.3.2 (2014/01/17) | ||
@@ -232,0 +236,0 @@ |
+2
-0
@@ -58,2 +58,3 @@ /*jshint node:true */ | ||
| ast.startToken = ast.endToken = null; | ||
| ast.toString = _nodeProto.toString; | ||
| return ast; | ||
@@ -106,2 +107,3 @@ } | ||
| var token = this.startToken; | ||
| if (!token) return str; | ||
| do { | ||
@@ -108,0 +110,0 @@ str += ('raw' in token)? token.raw : token.value; |
@@ -322,2 +322,4 @@ /*global describe:false, it:false, beforeEach:false */ | ||
| tokens: [], | ||
| // we check toString behavior later | ||
| toString: ast.toString, | ||
| startToken: null, | ||
@@ -328,2 +330,6 @@ endToken: null, | ||
| }); | ||
| it('toString should return proper value', function() { | ||
| var ast = rocambole.parse(''); | ||
| expect(ast.toString()).to.be(''); | ||
| }); | ||
| }); | ||
@@ -330,0 +336,0 @@ |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
414077
0.1%- Lines of code
9310
0.09%- Number of lines in readme file
281
1.44%