@casualbot/jest-sonar-reporter
Advanced tools
@casualbot/jest-sonar-reporter - npm Package Compare versions
Comparing version 2.2.6 to 2.2.7
| { | ||
| "name": "@casualbot/jest-sonar-reporter", | ||
| "version": "2.2.6", | ||
| "version": "2.2.7", | ||
| "description": "A Sonar test reporter for Jest.", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by5.39%
37705
- Lines of code
- increased by7.62%
664
- Number of medium maintenance alerts
- decreased by-100%
0
Worsened metrics
- Number of package files
- decreased by-10.34%
26
- Number of low supply chain risk alerts
- increased byInfinity%
7
- Number of medium supply chain risk alerts
- increased byInfinity%
1