Releases: browserify/static-module
Releases · browserify/static-module
v2.1.0
v2.0.0
dependency updates, most notably static-eval
to v2.0.0 which fixes a security vulnerability.
Callbacks from statically evaluated code are now passed as a proxy function that cannot be called, but that can be stringified using .toString()
. This way it is not possible to execute untrusted code directly.