wkx
Advanced tools
Comparing version 0.4.3 to 0.4.4
{ | ||
"name": "wkx", | ||
"version": "0.4.3", | ||
"version": "0.4.4", | ||
"description": "A WKT/WKB/EWKT/EWKB/TWKB/GeoJSON parser and serializer", | ||
"main": "lib/wkx.js", | ||
"types": "lib/wkx.d.ts", | ||
"files": [ | ||
"dist/", | ||
"lib/" | ||
], | ||
"scripts": { | ||
"test": "jshint . && mocha", | ||
"build": "browserify -r buffer -r ./lib/wkx.js:wkx ./lib/wkx.js > ./dist/wkx.js && uglifyjs -c -m -- ./dist/wkx.js > ./dist/wkx.min.js", | ||
"build": "mkdirp ./dist && browserify -r buffer -r ./lib/wkx.js:wkx ./lib/wkx.js > ./dist/wkx.js && uglifyjs -c -m -- ./dist/wkx.js > ./dist/wkx.min.js", | ||
"coveralls": "istanbul cover node_modules/mocha/bin/_mocha -- -R spec && cat ./coverage/lcov.info | coveralls && rm -rf ./coverage" | ||
@@ -22,2 +26,3 @@ }, | ||
"json-stringify-pretty-compact": "^1.1.0", | ||
"mkdirp": "^0.5.1", | ||
"mocha": "^5.0.1", | ||
@@ -24,0 +29,0 @@ "pg": "^7.4.1", |
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
7
0
277187
11
20
5901