New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
webdetta - npm Package Compare versions
Comparing version 0.0.127 to 0.0.128
| { | ||
| "name": "webdetta", | ||
| "version": "0.0.127", | ||
| "version": "0.0.128", | ||
| "author": "Fedot Kriutchenko <fodyadev@gmail.com>", | ||
@@ -5,0 +5,0 @@ "description": "", |
@@ -58,6 +58,5 @@ import { parseFn } from './common.js'; | ||
| get: new Function(vars + init + `return V[H];`), | ||
| set: new Function('value', ( | ||
| (vars + `V[H] = value;`) + | ||
| (!allowWrite ? '' : `this["#internals"].rpc.cast(H, value);`) | ||
| )), | ||
| set: !allowWrite ? null : new Function('value', ( | ||
| vars + `this["#internals"].rpc.cast(H, V[H] = value);` | ||
| )) | ||
| } | ||
@@ -64,0 +63,0 @@ }; |
New alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Fixed alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Worsened metrics
- Total package byte prevSize
- decreased by-0.02%
106751
- Lines of code
- decreased by-0.03%
3133
No dependency changes