@bpmn-io/feel-editor - npm Package Compare versions

Comparing version 0.4.0 to 0.4.1

package.json

 {
   "name": "@bpmn-io/feel-editor",
-  "version": "0.4.0",
+  "version": "0.4.1",
   "description": "Editor for FEEL expressions.",
@@ -61,3 +61,2 @@ "files": [
     "@rollup/plugin-json": "^4.1.0",
-    "@rollup/plugin-node-resolve": "^13.3.0",
     "@testing-library/dom": "^8.17.1",
@@ -64,0 +63,0 @@ "@testing-library/user-event": "^14.4.3",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Dev dependency count

28

decreased by-3.45%

Number of low supply chain risk alerts

2

decreased by-93.33%

Worsened metrics

Total package byte prevSize

87317

decreased by-96.16%

Number of package files

5

decreased by-28.57%

Lines of code

1427

decreased by-96.69%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes