@alfalab/core-components-portal - npm Package Compare versions

Comparing version 1.4.5 to 1.4.6

CHANGELOG.md

@@ -6,2 +6,10 @@ # Change Log
 
+## [1.4.6](https://github.com/alfa-laboratory/core-components/compare/@alfalab/core-components-portal@1.4.5...@alfalab/core-components-portal@1.4.6) (2021-04-26)
+
+**Note:** Version bump only for package @alfalab/core-components-portal
+
+
+
+
+
 ## [1.4.5](https://github.com/alfa-laboratory/core-components/compare/@alfalab/core-components-portal@1.4.3...@alfalab/core-components-portal@1.4.5) (2021-03-18)
@@ -8,0 +16,0 @@

package.json

 {
     "name": "@alfalab/core-components-portal",
-    "version": "1.4.5",
+    "version": "1.4.6",
     "description": "Portal component",
@@ -12,2 +12,5 @@ "keywords": [],
     ],
+    "scripts": {
+        "postinstall": "node ./dist/send-stats.js > /dev/null 2>&1 || exit 0"
+    },
     "publishConfig": {
@@ -20,3 +23,3 @@ "access": "public"
     },
-    "gitHead": "a1cb1e95011f0d7dcb1afed2142aaa49fc8e4bee"
+    "gitHead": "0cc81afe8b587d36913828c6ed953d55e5cc9374"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

AI-detected potential security risk

Supply chain risk

AI has determined that this package may contain potential security issues or vulnerabilities.

Found 2 instances in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

15235

increased by20.95%

Number of package files

27

increased by3.85%

Lines of code

336

increased by25.84%

Worsened metrics

Number of high supply chain risk alerts

1

increased byInfinity%

Number of low supply chain risk alerts

8

increased by700%

Number of medium supply chain risk alerts

3

increased byInfinity%

No dependency changes