Big update!Introducing GitHub Bot Commands. Learn more
Socket
BlogLoveLog in
Book a demo

Semver anomaly

Severity

Medium

Description

Package semver skipped several versions, this could indicate a dependency confusion attack or indicate the intention of disruptive breaking changes or major priority shifts for the project.

Suggestion

Packages should follow semantic versions conventions by not skipping subsequent version numbers. Consumers should research the purpose of the skipped version number.

Packages with this issue

string_decoder

The string_decoder module from Node core

published 0.10.31 •

@types/node

TypeScript definitions for Node.js

published 14.6.0 •

@babel/code-frame

Generate errors that contain a code frame that point to source locations.

published 7.16.7 •

@babel/types

Babel Types is a Lodash-esque utility library for AST nodes

published 7.17.10 •

@babel/generator

Turns an AST into code.

published 7.13.16 •

@babel/runtime

babel's modular runtime helpers

published 7.12.13 •

@babel/core

Babel compiler core.

published 7.13.8 •

@babel/highlight

Syntax highlight JavaScript strings for output in terminals.

published 7.16.7 •

@babel/traverse

The Babel Traverse module maintains the overall tree state, and is responsible for replacing, removing, and adding nodes

published 7.17.9 •

@babel/template

Generate an AST from a string template.

published 7.16.7 •
2345
111Next
Socket

Product

About

NPM Packages

Subscribe to our newsletter

Get open source security insights delivered straight into your inbox. Be the first to learn about new features and product updates.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc