New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@contrast/config
Advanced tools
@contrast/config - npm Package Compare versions
Comparing version 1.40.1 to 1.40.2
@@ -44,2 +44,4 @@ /* | ||
| const isValid = (opt) => opt !== undefined && opt !== null && opt !== ''; | ||
| module.exports = class Config { | ||
@@ -92,3 +94,3 @@ constructor(core) { | ||
| const remoteValue = mapper(msg); | ||
| if (remoteValue != null) { | ||
| if (isValid(remoteValue)) { | ||
| this._effectiveMap.set(name, { | ||
@@ -207,6 +209,6 @@ canonical_name: name, | ||
| if (envValue != null) { | ||
| if (isValid(envValue)) { | ||
| source = ENVIRONMENT_VARIABLE; | ||
| value = envValue; | ||
| } else if (fileValue != null) { | ||
| } else if (isValid(fileValue)) { | ||
| source = USER_CONFIGURATION_FILE; | ||
@@ -213,0 +215,0 @@ value = fileValue; |
@@ -46,3 +46,3 @@ /* | ||
| abbrev?: string; | ||
| env?: string; | ||
| env: string; | ||
| arg: string; | ||
@@ -49,0 +49,0 @@ enum?: T[]; |
| { | ||
| "name": "@contrast/config", | ||
| "version": "1.40.1", | ||
| "version": "1.40.2", | ||
| "description": "An API for discovering Contrast agent configuration data", | ||
@@ -8,3 +8,6 @@ "license": "SEE LICENSE IN LICENSE", | ||
| "files": [ | ||
| "lib/" | ||
| "lib/", | ||
| "!*.test.*", | ||
| "!tsconfig.*", | ||
| "!*.map" | ||
| ], | ||
@@ -11,0 +14,0 @@ "main": "lib/index.js", |
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-20%
4
Worsened metrics
- Total package byte prevSize
- decreased by-36.12%
52330
- Number of package files
- decreased by-25%
9
- Lines of code
- decreased by-36.56%
1404
No dependency changes