xlsx-parse-stream
Advanced tools
Comparing version 1.0.2 to 1.0.3
@@ -12,3 +12,3 @@ /* eslint-disable no-loops/no-loops */ | ||
if (isEnded && err.message === 'FILE_ENDED') return | ||
if (err.message && err.message.indexOf('invalid signature') !== -1) { | ||
if (err.message && err.message.includes('invalid signature')) { | ||
err = new Error('Legacy XLS files are not supported, use an XLSX file instead!') | ||
@@ -15,0 +15,0 @@ } |
{ | ||
"name": "xlsx-parse-stream", | ||
"version": "1.0.2", | ||
"version": "1.0.3", | ||
"description": "Streaming XLSX parser for node ", | ||
@@ -22,3 +22,4 @@ "main": "index.js", | ||
"duplexify": "^4.0.0", | ||
"exceljs": "github:contra/exceljs#fix-streams" | ||
"exceljs": "github:yocontra/exceljs#fix-streams", | ||
"unzipper": "github:kinolaev/node-unzipper#patch-1" | ||
}, | ||
@@ -25,0 +26,0 @@ "devDependencies": { |
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 2 instances in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
4831210
3
2
1