New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
to-regex - npm Package Compare versions
+5
-4
| 'use strict'; | ||
| var define = require('define-property'); | ||
| var extend = require('extend-shallow'); | ||
@@ -114,6 +115,6 @@ var not = require('regex-not'); | ||
| function cacheRegex(regex, key, pattern, options) { | ||
| regex.cached = true; | ||
| regex.pattern = pattern; | ||
| regex.options = options; | ||
| regex.key = key; | ||
| define(regex, 'cached', true); | ||
| define(regex, 'pattern', pattern); | ||
| define(regex, 'options', options); | ||
| define(regex, 'key', key); | ||
| cache[key] = regex; | ||
@@ -120,0 +121,0 @@ } |
+2
-1
| { | ||
| "name": "to-regex", | ||
| "description": "Generate a regex from a string or array of strings.", | ||
| "version": "2.0.0", | ||
| "version": "2.1.0", | ||
| "homepage": "https://github.com/jonschlinkert/to-regex", | ||
@@ -23,2 +23,3 @@ "author": "Jon Schlinkert (https://github.com/jonschlinkert)", | ||
| "dependencies": { | ||
| "define-property": "^0.2.5", | ||
| "extend-shallow": "^2.0.1", | ||
@@ -25,0 +26,0 @@ "regex-not": "^0.1.1" |
Fixed alerts
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
11697
0.98%- Lines of code
120
0.84%- Number of low supply chain risk alerts
1
-50%Worsened metrics
- Dependency count
3
50%Dependency changes
+ Added
define-property@^0.2.5+ Added
define-property@0.2.5(transitive)+ Added
function-bind@1.1.2(transitive)+ Added
hasown@2.0.3(transitive)+ Added
is-accessor-descriptor@1.0.1(transitive)+ Added
is-data-descriptor@1.0.1(transitive)+ Added
is-descriptor@0.1.7(transitive)