@coffeekraken/scripts-stack - npm Package Compare versions

Comparing version 0.0.15 to 0.0.16

package.json

 {
   "name": "@coffeekraken/scripts-stack",
-  "version": "0.0.15",
+  "version": "0.0.16",
   "description": "Nice terminal interface to handle npm/yarn scripts execution as well as watch and run automatically the wanted ones",
@@ -5,0 +5,0 @@ "homepage": "https://coffeekraken.io",

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

40129

increased by140.52%

Number of package files

7

increased by16.67%

Lines of code

813

increased byInfinity%

Worsened metrics

Number of low supply chain risk alerts

7

increased by600%

Number of medium supply chain risk alerts

2

increased by100%

No dependency changes