sucrase - npm Package Compare versions
+2
-2
| "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }/* eslint-disable no-console */ | ||
| var _commander = require('commander'); var _commander2 = _interopRequireDefault(_commander); | ||
| var _glob = require('glob'); | ||
| var _tinyglobby = require('tinyglobby'); | ||
| var _fs = require('mz/fs'); | ||
@@ -216,3 +216,3 @@ var _path = require('path'); | ||
| for (const pattern of include) { | ||
| const globFiles = await _glob.glob.call(void 0, _path.join.call(void 0, absProject, pattern)); | ||
| const globFiles = await _tinyglobby.glob.call(void 0, _path.join.call(void 0, absProject, pattern), {expandDirectories: false}); | ||
| for (const file of globFiles) { | ||
@@ -219,0 +219,0 @@ if (!file.endsWith(".ts") && !file.endsWith(".js")) { |
+2
-2
| /* eslint-disable no-console */ | ||
| import commander from "commander"; | ||
| import {glob} from "glob"; | ||
| import {glob} from "tinyglobby"; | ||
| import {exists, mkdir, readdir, readFile, stat, writeFile} from "mz/fs"; | ||
@@ -216,3 +216,3 @@ import {dirname, join, relative} from "path"; | ||
| for (const pattern of include) { | ||
| const globFiles = await glob(join(absProject, pattern)); | ||
| const globFiles = await glob(join(absProject, pattern), {expandDirectories: false}); | ||
| for (const file of globFiles) { | ||
@@ -219,0 +219,0 @@ if (!file.endsWith(".ts") && !file.endsWith(".js")) { |
@@ -32,3 +32,3 @@ import CJSImportProcessor from "./CJSImportProcessor"; | ||
| /* istanbul ignore next */ | ||
| return "3.35.0"; | ||
| return "3.35.1"; | ||
| } | ||
@@ -35,0 +35,0 @@ |
+1
-1
@@ -32,3 +32,3 @@ "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }var _CJSImportProcessor = require('./CJSImportProcessor'); var _CJSImportProcessor2 = _interopRequireDefault(_CJSImportProcessor); | ||
| /* istanbul ignore next */ | ||
| return "3.35.0"; | ||
| return "3.35.1"; | ||
| } exports.getVersion = getVersion; | ||
@@ -35,0 +35,0 @@ |
+3
-3
| { | ||
| "name": "sucrase", | ||
| "version": "3.35.0", | ||
| "version": "3.35.1", | ||
| "description": "Super-fast alternative to Babel for when you can target modern JS runtimes", | ||
@@ -68,3 +68,3 @@ "author": "Alan Pierce <alangpierce@gmail.com>", | ||
| "prettier": "^2.8.8", | ||
| "sucrase": "^3.34.0", | ||
| "sucrase": "^3.35.0", | ||
| "test262-harness": "^10.0.0", | ||
@@ -77,6 +77,6 @@ "ts-interface-builder": "^0.3.3", | ||
| "commander": "^4.0.0", | ||
| "glob": "^10.3.10", | ||
| "lines-and-columns": "^1.1.6", | ||
| "mz": "^2.7.0", | ||
| "pirates": "^4.0.1", | ||
| "tinyglobby": "^0.2.11", | ||
| "ts-interface-checker": "^0.1.9" | ||
@@ -83,0 +83,0 @@ }, |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
1137073
0.01%Dependency changes
+ Added
tinyglobby@^0.2.11+ Added
fdir@6.5.0(transitive)+ Added
picomatch@4.0.3(transitive)+ Added
tinyglobby@0.2.15(transitive)- Removed
glob@^10.3.10- Removed
@isaacs/cliui@8.0.2(transitive)- Removed
@pkgjs/parseargs@0.11.0(transitive)- Removed
ansi-regex@5.0.16.2.2(transitive)- Removed
ansi-styles@4.3.06.2.3(transitive)- Removed
balanced-match@1.0.2(transitive)- Removed
brace-expansion@2.0.2(transitive)- Removed
color-convert@2.0.1(transitive)- Removed
color-name@1.1.4(transitive)- Removed
cross-spawn@7.0.6(transitive)- Removed
eastasianwidth@0.2.0(transitive)- Removed
emoji-regex@8.0.09.2.2(transitive)- Removed
foreground-child@3.3.1(transitive)- Removed
glob@10.5.0(transitive)- Removed
is-fullwidth-code-point@3.0.0(transitive)- Removed
isexe@2.0.0(transitive)- Removed
jackspeak@3.4.3(transitive)- Removed
lru-cache@10.4.3(transitive)- Removed
minimatch@9.0.9(transitive)- Removed
minipass@7.1.3(transitive)- Removed
package-json-from-dist@1.0.1(transitive)- Removed
path-key@3.1.1(transitive)- Removed
path-scurry@1.11.1(transitive)- Removed
shebang-command@2.0.0(transitive)- Removed
shebang-regex@3.0.0(transitive)- Removed
signal-exit@4.1.0(transitive)- Removed
string-width@4.2.35.1.2(transitive)- Removed
strip-ansi@6.0.17.2.0(transitive)- Removed
which@2.0.2(transitive)- Removed
wrap-ansi@7.0.08.1.0(transitive)