xlsx-parse-stream
Advanced tools
Comparing version 1.0.2 to 1.0.3
@@ -12,3 +12,3 @@ /* eslint-disable no-loops/no-loops */ | ||
| if (isEnded && err.message === 'FILE_ENDED') return | ||
| if (err.message && err.message.indexOf('invalid signature') !== -1) { | ||
| if (err.message && err.message.includes('invalid signature')) { | ||
| err = new Error('Legacy XLS files are not supported, use an XLSX file instead!') | ||
@@ -15,0 +15,0 @@ } |
| { | ||
| "name": "xlsx-parse-stream", | ||
| "version": "1.0.2", | ||
| "version": "1.0.3", | ||
| "description": "Streaming XLSX parser for node ", | ||
@@ -22,3 +22,4 @@ "main": "index.js", | ||
| "duplexify": "^4.0.0", | ||
| "exceljs": "github:contra/exceljs#fix-streams" | ||
| "exceljs": "github:yocontra/exceljs#fix-streams", | ||
| "unzipper": "github:kinolaev/node-unzipper#patch-1" | ||
| }, | ||
@@ -25,0 +26,0 @@ "devDependencies": { |
New alerts
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 2 instances in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
4831210
Worsened metrics
- Dependency count
- increased by50%
3
- Number of high supply chain risk alerts
- increased by100%
2
- Number of medium supply chain risk alerts
- increased byInfinity%
1