rollup-plugin-worker-factory
Advanced tools
rollup-plugin-worker-factory - npm Package Compare versions
Comparing version 0.4.0 to 0.4.1
@@ -0,1 +1,8 @@ | ||
| <a name="0.4.1"></a> | ||
| ## [0.4.1](https://github.com/brandonocasey/rollup-plugin-worker-factory/compare/v0.4.0...v0.4.1) (2021-01-25) | ||
| ### Bug Fixes | ||
| * do not eval mock workers, prevents break point issues ([63fe865](https://github.com/brandonocasey/rollup-plugin-worker-factory/commit/63fe865)) | ||
| <a name="0.4.0"></a> | ||
@@ -2,0 +9,0 @@ # [0.4.0](https://github.com/brandonocasey/rollup-plugin-worker-factory/compare/v0.3.0...v0.4.0) (2021-01-25) |
| { | ||
| "name": "rollup-plugin-worker-factory", | ||
| "version": "0.4.0", | ||
| "version": "0.4.1", | ||
| "description": "Bundle web workers that work in nodejs and the browser, without a separate build target.", | ||
@@ -5,0 +5,0 @@ "main": "src/index.js", |
@@ -69,5 +69,7 @@ const rollup = require('rollup'); | ||
| // we make self the first argument even though it will almost always | ||
| // be a global so that mockFactory doesn't have to "eval" code | ||
| return Promise.resolve(`import workerFactory from "${factoryPath}";\n` + | ||
| `/* rollup-plugin-worker-factory start for ${id} */\n` + | ||
| 'const workerFunction = function() {\n' + | ||
| 'const workerFunction = function(self) {\n' + | ||
| code + | ||
@@ -74,0 +76,0 @@ '}\n' + |
@@ -1,3 +0,1 @@ | ||
| import getWorkerString from './get-worker-string.js'; | ||
| class FakeWorker { | ||
@@ -52,5 +50,2 @@ constructor() { | ||
| const workerFactory = function(workerFunction) { | ||
| // eslint-disable-next-line | ||
| const fn = new Function('self', getWorkerString(workerFunction)); | ||
| return () => { | ||
@@ -63,3 +58,3 @@ const client = new FakeWorker(); | ||
| fn(worker); | ||
| workerFunction(worker); | ||
@@ -66,0 +61,0 @@ return client; |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.35%
22938
- Number of medium supply chain risk alerts
- decreased by-50%
1
Worsened metrics
- Lines of code
- decreased by-0.48%
209