v3.1.1 Security release
- Fix security vulnerability by migrating from typescript to javascript with TSDoc comments. See #48
- Use tabs instead of spaces
Due to how typescript compilation works I had to use eval()
to have a dynamic import in project compiled to commonjs in v3.1.0. Eval call introduced a security vulnerability as it was pointed out to me by kind people from Secfault Security. As there is currently no way to make typescript output dynamic import with a commonjs target I migrated the source code to be in javascript. This means that the code in this repository is the code that gets published to npm. The package still includes first party typescript types in index.d.ts
file that gets published as well. The runtime code now uses TSDoc annotations to maintain type safety.