veryfront - npm Package Compare versions

Comparing version 0.1.61 to 0.1.62

esm/deno.js

 export default {
     "name": "veryfront",
-    "version": "0.1.61",
+    "version": "0.1.62",
     "license": "Apache-2.0",
@@ -5,0 +5,0 @@ "nodeModulesDir": "auto",

esm/src/embedding/embedding.d.ts.map

@@ -1,1 +0,1 @@
-{"version":3,"file":"embedding.d.ts","sourceRoot":"","sources":["../../../src/src/embedding/embedding.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAM7D;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,SAAS,CAAC,MAAM,EAAE,eAAe,GAAG,SAAS,CAoC5D"}
+{"version":3,"file":"embedding.d.ts","sourceRoot":"","sources":["../../../src/src/embedding/embedding.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAM7D;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,SAAS,CAAC,MAAM,EAAE,eAAe,GAAG,SAAS,CAwC5D"}

esm/src/embedding/embedding.js

@@ -33,3 +33,7 @@ import { embed, embedMany } from "ai";
         async embed(text) {
-            const result = await embed({ model, value: queryPrefix + text });
+            const value = queryPrefix + text;
+            if (!value.trim()) {
+                throw new Error("Cannot embed an empty string");
+            }
+            const result = await embed({ model, value });
             return result.embedding;
@@ -36,0 +40,0 @@ },

esm/src/embedding/rag-store.js

@@ -259,2 +259,4 @@ import * as dntShim from "../../_dnt.shims.js";
         async search(query, options) {
+            if (!query.trim())
+                return [];
             return withLock(async () => {
@@ -261,0 +263,0 @@ const data = await load();

esm/src/embedding/vector-store.d.ts.map

@@ -1,1 +0,1 @@
-{"version":3,"file":"vector-store.d.ts","sourceRoot":"","sources":["../../../src/src/embedding/vector-store.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAIV,WAAW,EACX,iBAAiB,EAClB,MAAM,YAAY,CAAC;AAQpB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE,iBAAiB,GAAG,WAAW,CA6DlE"}
+{"version":3,"file":"vector-store.d.ts","sourceRoot":"","sources":["../../../src/src/embedding/vector-store.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAIV,WAAW,EACX,iBAAiB,EAClB,MAAM,YAAY,CAAC;AAQpB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE,iBAAiB,GAAG,WAAW,CA8DlE"}

esm/src/embedding/vector-store.js

@@ -47,2 +47,4 @@ import { cosineSimilarity } from "ai";
         async search(query, options) {
+            if (!query.trim())
+                return [];
             if (entries.length === 0)
@@ -49,0 +51,0 @@ return [];

esm/src/embedding/veryfront-cloud/rag-store.d.ts.map

@@ -1,1 +0,1 @@
-{"version":3,"file":"rag-store.d.ts","sourceRoot":"","sources":["../../../../src/src/embedding/veryfront-cloud/rag-store.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAIV,QAAQ,EACR,cAAc,EACf,MAAM,aAAa,CAAC;AAyErB,KAAK,2BAA2B,GAAG,cAAc,GAAG;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAiYtE,wBAAgB,4BAA4B,CAAC,MAAM,EAAE,2BAA2B,GAAG,QAAQ,CA0H1F"}
+{"version":3,"file":"rag-store.d.ts","sourceRoot":"","sources":["../../../../src/src/embedding/veryfront-cloud/rag-store.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAIV,QAAQ,EACR,cAAc,EACf,MAAM,aAAa,CAAC;AAyErB,KAAK,2BAA2B,GAAG,cAAc,GAAG;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAiYtE,wBAAgB,4BAA4B,CAAC,MAAM,EAAE,2BAA2B,GAAG,QAAQ,CA2H1F"}

esm/src/embedding/veryfront-cloud/rag-store.js

@@ -276,2 +276,4 @@ import * as dntShim from "../../../_dnt.shims.js";
         async search(query, options) {
+            if (!query.trim())
+                return [];
             const context = getCloudStoreContext(config);
@@ -278,0 +280,0 @@ const queryEmbedder = createEmbedder(config);

package.json

 {
   "name": "veryfront",
-  "version": "0.1.61",
+  "version": "0.1.62",
   "description": "The simplest way to build AI-powered apps",
@@ -5,0 +5,0 @@ "keywords": [

src/deno.js

 export default {
   "name": "veryfront",
-  "version": "0.1.61",
+  "version": "0.1.62",
   "license": "Apache-2.0",
@@ -5,0 +5,0 @@ "nodeModulesDir": "auto",

src/src/embedding/embedding.ts

@@ -38,3 +38,7 @@ import { embed, embedMany } from "ai";
     async embed(text: string): Promise<number[]> {
-      const result = await embed({ model, value: queryPrefix + text });
+      const value = queryPrefix + text;
+      if (!value.trim()) {
+        throw new Error("Cannot embed an empty string");
+      }
+      const result = await embed({ model, value });
       return result.embedding;
@@ -41,0 +45,0 @@ },

src/src/embedding/rag-store.ts

@@ -324,2 +324,3 @@ import * as dntShim from "../../_dnt.shims.js";
     ): Promise<RagSearchResult[]> {
+      if (!query.trim()) return [];
       return withLock(async () => {
@@ -326,0 +327,0 @@ const data = await load();

src/src/embedding/vector-store.ts

@@ -63,2 +63,3 @@ import { cosineSimilarity } from "ai";
     async search(query: string, options?: SearchOptions): Promise<SearchResult[]> {
+      if (!query.trim()) return [];
       if (entries.length === 0) return [];
@@ -65,0 +66,0 @@

src/src/embedding/veryfront-cloud/rag-store.ts

@@ -495,2 +495,3 @@ import * as dntShim from "../../../_dnt.shims.js";
     ): Promise<RagSearchResult[]> {
+      if (!query.trim()) return [];
       const context = getCloudStoreContext(config);
@@ -497,0 +498,0 @@ const queryEmbedder = createEmbedder(config);

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 2 instances in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 5 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 2 instances in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 5 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

16722595

0

Lines of code

349354

0

No dependency changes