The current used version of readable-stream (v2) mutates the exports of core-util-is.
This is likely not intentional, but the side effect of a poorly constructed polyfill
/*<replacement>*/
var util = require('core-util-is');
util.inherits = require('inherits');
/*</replacement>*/I'm building a plugin for browserify to reduce the risk of software supplychain attacks from the dependency graph. One of its protections is that is prevents the module.exports being mutated externally.
While I have seen this pattern with modules within a package, I haven't seen this pattern across packages, with the exception of this old version of readable-stream
I have verified this is resolved in v3
The current used version of
readable-stream(v2) mutates the exports ofcore-util-is.This is likely not intentional, but the side effect of a poorly constructed polyfill
I'm building a plugin for browserify to reduce the risk of software supplychain attacks from the dependency graph. One of its protections is that is prevents the
module.exportsbeing mutated externally.While I have seen this pattern with modules within a package, I haven't seen this pattern across packages, with the exception of this old version of
readable-streamI have verified this is resolved in v3