rollup - npm Package Compare versions

Comparing version 4.55.2 to 4.55.3

dist/es/getLogFilter.js

 /*
   @license
-	Rollup.js v4.55.2
-	Mon, 19 Jan 2026 10:12:51 GMT - commit bd293ba3739e20b00a520e2a77acbb2377c76732
+	Rollup.js v4.55.3
+	Wed, 21 Jan 2026 05:27:01 GMT - commit 6764d548225c5fe11be33a1e286a01eb6e71f843
 
@@ -6,0 +6,0 @@ https://github.com/rollup/rollup

dist/es/parseAst.js

 /*
   @license
-	Rollup.js v4.55.2
-	Mon, 19 Jan 2026 10:12:51 GMT - commit bd293ba3739e20b00a520e2a77acbb2377c76732
+	Rollup.js v4.55.3
+	Wed, 21 Jan 2026 05:27:01 GMT - commit 6764d548225c5fe11be33a1e286a01eb6e71f843
 
@@ -6,0 +6,0 @@ https://github.com/rollup/rollup

dist/es/rollup.js

 /*
   @license
-	Rollup.js v4.55.2
-	Mon, 19 Jan 2026 10:12:51 GMT - commit bd293ba3739e20b00a520e2a77acbb2377c76732
+	Rollup.js v4.55.3
+	Wed, 21 Jan 2026 05:27:01 GMT - commit 6764d548225c5fe11be33a1e286a01eb6e71f843
 
@@ -6,0 +6,0 @@ https://github.com/rollup/rollup

dist/getLogFilter.js

 /*
   @license
-	Rollup.js v4.55.2
-	Mon, 19 Jan 2026 10:12:51 GMT - commit bd293ba3739e20b00a520e2a77acbb2377c76732
+	Rollup.js v4.55.3
+	Wed, 21 Jan 2026 05:27:01 GMT - commit 6764d548225c5fe11be33a1e286a01eb6e71f843
 
@@ -6,0 +6,0 @@ https://github.com/rollup/rollup

dist/loadConfigFile.js

 /*
   @license
-	Rollup.js v4.55.2
-	Mon, 19 Jan 2026 10:12:51 GMT - commit bd293ba3739e20b00a520e2a77acbb2377c76732
+	Rollup.js v4.55.3
+	Wed, 21 Jan 2026 05:27:01 GMT - commit 6764d548225c5fe11be33a1e286a01eb6e71f843
 
@@ -6,0 +6,0 @@ https://github.com/rollup/rollup

dist/parseAst.js

 /*
   @license
-	Rollup.js v4.55.2
-	Mon, 19 Jan 2026 10:12:51 GMT - commit bd293ba3739e20b00a520e2a77acbb2377c76732
+	Rollup.js v4.55.3
+	Wed, 21 Jan 2026 05:27:01 GMT - commit 6764d548225c5fe11be33a1e286a01eb6e71f843
 
@@ -6,0 +6,0 @@ https://github.com/rollup/rollup

dist/rollup.js

 /*
   @license
-	Rollup.js v4.55.2
-	Mon, 19 Jan 2026 10:12:51 GMT - commit bd293ba3739e20b00a520e2a77acbb2377c76732
+	Rollup.js v4.55.3
+	Wed, 21 Jan 2026 05:27:01 GMT - commit 6764d548225c5fe11be33a1e286a01eb6e71f843
 
@@ -6,0 +6,0 @@ https://github.com/rollup/rollup

dist/shared/fsevents-importer.js

 /*
   @license
-	Rollup.js v4.55.2
-	Mon, 19 Jan 2026 10:12:51 GMT - commit bd293ba3739e20b00a520e2a77acbb2377c76732
+	Rollup.js v4.55.3
+	Wed, 21 Jan 2026 05:27:01 GMT - commit 6764d548225c5fe11be33a1e286a01eb6e71f843
 
@@ -6,0 +6,0 @@ https://github.com/rollup/rollup

dist/shared/loadConfigFile.js

 /*
   @license
-	Rollup.js v4.55.2
-	Mon, 19 Jan 2026 10:12:51 GMT - commit bd293ba3739e20b00a520e2a77acbb2377c76732
+	Rollup.js v4.55.3
+	Wed, 21 Jan 2026 05:27:01 GMT - commit 6764d548225c5fe11be33a1e286a01eb6e71f843
 
@@ -6,0 +6,0 @@ https://github.com/rollup/rollup

dist/shared/watch-cli.js

 /*
   @license
-	Rollup.js v4.55.2
-	Mon, 19 Jan 2026 10:12:51 GMT - commit bd293ba3739e20b00a520e2a77acbb2377c76732
+	Rollup.js v4.55.3
+	Wed, 21 Jan 2026 05:27:01 GMT - commit 6764d548225c5fe11be33a1e286a01eb6e71f843
 
@@ -6,0 +6,0 @@ https://github.com/rollup/rollup

dist/shared/watch.js

 /*
   @license
-	Rollup.js v4.55.2
-	Mon, 19 Jan 2026 10:12:51 GMT - commit bd293ba3739e20b00a520e2a77acbb2377c76732
+	Rollup.js v4.55.3
+	Wed, 21 Jan 2026 05:27:01 GMT - commit 6764d548225c5fe11be33a1e286a01eb6e71f843
 
@@ -6,0 +6,0 @@ https://github.com/rollup/rollup

package.json

 {
   "name": "rollup",
-  "version": "4.55.2",
+  "version": "4.55.3",
   "description": "Next-generation ES module bundler",
@@ -117,27 +117,27 @@ "main": "dist/rollup.js",
     "fsevents": "~2.3.2",
-    "@rollup/rollup-darwin-arm64": "4.55.2",
-    "@rollup/rollup-android-arm64": "4.55.2",
-    "@rollup/rollup-win32-arm64-msvc": "4.55.2",
-    "@rollup/rollup-freebsd-arm64": "4.55.2",
-    "@rollup/rollup-linux-arm64-gnu": "4.55.2",
-    "@rollup/rollup-linux-arm64-musl": "4.55.2",
-    "@rollup/rollup-android-arm-eabi": "4.55.2",
-    "@rollup/rollup-linux-arm-gnueabihf": "4.55.2",
-    "@rollup/rollup-linux-arm-musleabihf": "4.55.2",
-    "@rollup/rollup-win32-ia32-msvc": "4.55.2",
-    "@rollup/rollup-linux-loong64-gnu": "4.55.2",
-    "@rollup/rollup-linux-loong64-musl": "4.55.2",
-    "@rollup/rollup-linux-riscv64-gnu": "4.55.2",
-    "@rollup/rollup-linux-riscv64-musl": "4.55.2",
-    "@rollup/rollup-linux-ppc64-gnu": "4.55.2",
-    "@rollup/rollup-linux-ppc64-musl": "4.55.2",
-    "@rollup/rollup-linux-s390x-gnu": "4.55.2",
-    "@rollup/rollup-darwin-x64": "4.55.2",
-    "@rollup/rollup-win32-x64-gnu": "4.55.2",
-    "@rollup/rollup-win32-x64-msvc": "4.55.2",
-    "@rollup/rollup-freebsd-x64": "4.55.2",
-    "@rollup/rollup-linux-x64-gnu": "4.55.2",
-    "@rollup/rollup-linux-x64-musl": "4.55.2",
-    "@rollup/rollup-openbsd-x64": "4.55.2",
-    "@rollup/rollup-openharmony-arm64": "4.55.2"
+    "@rollup/rollup-darwin-arm64": "4.55.3",
+    "@rollup/rollup-android-arm64": "4.55.3",
+    "@rollup/rollup-win32-arm64-msvc": "4.55.3",
+    "@rollup/rollup-freebsd-arm64": "4.55.3",
+    "@rollup/rollup-linux-arm64-gnu": "4.55.3",
+    "@rollup/rollup-linux-arm64-musl": "4.55.3",
+    "@rollup/rollup-android-arm-eabi": "4.55.3",
+    "@rollup/rollup-linux-arm-gnueabihf": "4.55.3",
+    "@rollup/rollup-linux-arm-musleabihf": "4.55.3",
+    "@rollup/rollup-win32-ia32-msvc": "4.55.3",
+    "@rollup/rollup-linux-loong64-gnu": "4.55.3",
+    "@rollup/rollup-linux-loong64-musl": "4.55.3",
+    "@rollup/rollup-linux-riscv64-gnu": "4.55.3",
+    "@rollup/rollup-linux-riscv64-musl": "4.55.3",
+    "@rollup/rollup-linux-ppc64-gnu": "4.55.3",
+    "@rollup/rollup-linux-ppc64-musl": "4.55.3",
+    "@rollup/rollup-linux-s390x-gnu": "4.55.3",
+    "@rollup/rollup-darwin-x64": "4.55.3",
+    "@rollup/rollup-win32-x64-gnu": "4.55.3",
+    "@rollup/rollup-win32-x64-msvc": "4.55.3",
+    "@rollup/rollup-freebsd-x64": "4.55.3",
+    "@rollup/rollup-linux-x64-gnu": "4.55.3",
+    "@rollup/rollup-linux-x64-musl": "4.55.3",
+    "@rollup/rollup-openbsd-x64": "4.55.3",
+    "@rollup/rollup-openharmony-arm64": "4.55.3"
   },
@@ -144,0 +144,0 @@ "dependencies": {

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2777028

0.02%

Lines of code

68937

0.01%

No dependency changes