@compas/stdlib - npm Package Compare versions

Comparing version 0.21.1 to 0.22.0

package.json

 {
   "name": "@compas/stdlib",
-  "version": "0.21.1",
+  "version": "0.22.0",
   "description": "All kinds of utility functions",
@@ -22,3 +22,3 @@ "exports": {
     "@types/node": "25.5.0",
-    "dotenv": "17.3.1",
+    "dotenv": "17.4.0",
     "lodash.merge": "4.6.2",
@@ -25,0 +25,0 @@ "pino": "10.3.1"

src/events.d.ts

@@ -69,3 +69,3 @@ /**
 export type InsightEvent = {
-    log: import("@compas/stdlib").Logger;
+    log: import("./logger.js").Logger;
     signal?: AbortSignal | undefined;
@@ -72,0 +72,0 @@ rootEvent?: InsightEvent | undefined;

src/events.js

@@ -64,3 +64,3 @@ import { AppError } from "./error.js";
  * @typedef {object} InsightEvent
- * @property {import("@compas/stdlib").Logger} log
+ * @property {import("./logger.js").Logger} log
  * @property {AbortSignal} [signal]
@@ -67,0 +67,0 @@ * @property {InsightEvent} [rootEvent]

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 3 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 3 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

78072

-0.01%

Dependency changes

• + Added

  dotenv@17.4.0
  (transitive)

• - Removed

  dotenv@17.3.1
  (transitive)

• Updated

  dotenv@17.4.0