@antmove/template-plugin - npm Package Compare versions

Comparing version 1.2.1 to 1.2.2

package.json

 {
     "name": "@antmove/template-plugin",
-    "version": "1.2.1",
+    "version": "1.2.2",
     "description": "transform wechat miniprogram to tt miniprogram tool.",
@@ -26,3 +26,3 @@ "main": "index.js",
     },
-    "gitHead": "d3eab5657b5b44b09cc23402feee06c67e9beef2"
+    "gitHead": "186b42de89d6cb1a525d5e07d8f641210d2ea529"
 }

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

No metric changes

No dependency changes