wkx
Advanced tools
Comparing version 0.4.3 to 0.4.4
| { | ||
| "name": "wkx", | ||
| "version": "0.4.3", | ||
| "version": "0.4.4", | ||
| "description": "A WKT/WKB/EWKT/EWKB/TWKB/GeoJSON parser and serializer", | ||
| "main": "lib/wkx.js", | ||
| "types": "lib/wkx.d.ts", | ||
| "files": [ | ||
| "dist/", | ||
| "lib/" | ||
| ], | ||
| "scripts": { | ||
| "test": "jshint . && mocha", | ||
| "build": "browserify -r buffer -r ./lib/wkx.js:wkx ./lib/wkx.js > ./dist/wkx.js && uglifyjs -c -m -- ./dist/wkx.js > ./dist/wkx.min.js", | ||
| "build": "mkdirp ./dist && browserify -r buffer -r ./lib/wkx.js:wkx ./lib/wkx.js > ./dist/wkx.js && uglifyjs -c -m -- ./dist/wkx.js > ./dist/wkx.min.js", | ||
| "coveralls": "istanbul cover node_modules/mocha/bin/_mocha -- -R spec && cat ./coverage/lcov.info | coveralls && rm -rf ./coverage" | ||
@@ -22,2 +26,3 @@ }, | ||
| "json-stringify-pretty-compact": "^1.1.0", | ||
| "mkdirp": "^0.5.1", | ||
| "mocha": "^5.0.1", | ||
@@ -24,0 +29,0 @@ "pg": "^7.4.1", |
Fixed alerts
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-12.5%
7
- Number of medium supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-38.85%
277187
- Dev dependency count
- increased by10%
11
- Number of package files
- decreased by-45.95%
20
- Lines of code
- decreased by-25.55%
5901
No dependency changes