@brasilindoc/integration-products
Advanced tools
@brasilindoc/integration-products - npm Package Compare versions
Comparing version 3.4.0 to 3.4.1
| { | ||
| "name": "@brasilindoc/integration-products", | ||
| "version": "3.4.0", | ||
| "version": "3.4.1", | ||
| "engines": { | ||
@@ -5,0 +5,0 @@ "node": "^18.14.0" |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 3 instances in 1 package
Fixed alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by11523%
3878829
- Number of package files
- increased by30.3%
43
- Lines of code
- increased by12458.58%
113404
Worsened metrics
- Number of low supply chain risk alerts
- increased by6500%
66
- Number of medium supply chain risk alerts
- increased by650%
15