@bocoup/windows-sapi-tts-engine-for-automation - npm Package Compare versions

Comparing version 0.0.2 to 0.0.3

package.json

 {
   "name": "@bocoup/windows-sapi-tts-engine-for-automation",
-  "version": "0.0.2",
+  "version": "0.0.3",
   "description": "Sample Text-to-Speech Engine and MakeVoice",
@@ -15,6 +15,6 @@ "main": "index.js",
   "files": [
-    "./lib/**/*",
-    "./Release/AutomationTtsEngine.dll",
-    "./Release/Vocalizer.exe",
-    "./scripts/*"
+    "lib",
+    "Release/AutomationTtsEngine.dll",
+    "Release/Vocalizer.exe",
+    "scripts"
   ],
@@ -21,0 +21,0 @@ "author": "",

New alerts

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Fixed alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

175261

increased by2373.34%

Number of package files

13

increased by225%

Lines of code

356

increased byInfinity%

Worsened metrics

Number of low supply chain risk alerts

3

increased by200%

Number of medium supply chain risk alerts

4

increased by300%

No dependency changes