@aspecto/core - npm Package Compare versions

Comparing version 1.0.21 to 1.0.22

dist/index.js

@@ -15,10 +15,10 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-const ws_1 = __importDefault(require("./src/communication/ws"));
-const collector_1 = __importDefault(require("./src/collection/collector"));
-const OsCollector_1 = __importDefault(require("./src/collection/OsCollector"));
-const NpmCollector_1 = __importDefault(require("./src/collection/NpmCollector"));
-const GitCollector_1 = __importDefault(require("./src/collection/GitCollector"));
-const HttpReporter_1 = __importDefault(require("./src/reporters/HttpReporter"));
-const aspectoConfig_1 = __importDefault(require("./src/config/aspectoConfig"));
-const ErrorReporter_1 = __importDefault(require("./src/reporters/ErrorReporter"));
+const ws_1 = __importDefault(require("./communication/ws"));
+const collector_1 = __importDefault(require("./collection/collector"));
+const OsCollector_1 = __importDefault(require("./collection/OsCollector"));
+const NpmCollector_1 = __importDefault(require("./collection/NpmCollector"));
+const GitCollector_1 = __importDefault(require("./collection/GitCollector"));
+const HttpReporter_1 = __importDefault(require("./reporters/HttpReporter"));
+const aspectoConfig_1 = __importDefault(require("./config/aspectoConfig"));
+const ErrorReporter_1 = __importDefault(require("./reporters/ErrorReporter"));
 function init(options) {
@@ -25,0 +25,0 @@ return __awaiter(this, void 0, void 0, function* () {

package.json

 {
   "name": "@aspecto/core",
-  "version": "1.0.21",
+  "version": "1.0.22",
   "description": "Aspecto metric collector",
@@ -5,0 +5,0 @@ "main": "dist/index.js",

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 3 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

48796

increased by593.81%

Number of package files

38

increased by850%

Lines of code

720

increased by1080.33%

Worsened metrics

Number of low supply chain risk alerts

15

increased by1400%

Number of medium supply chain risk alerts

2

increased byInfinity%

No dependency changes