@datadog/native-iast-taint-tracking - npm Package Compare versions

Comparing version 1.5.0 to 2.0.0-pre

package.json

@@ -5,3 +5,3 @@ {
   "repository": "git@github.com:DataDog/dd-native-iast-taint-tracking-js.git",
-  "version": "1.5.0",
+  "version": "2.0.0-pre",
   "description": "Datadog IAST tant tracking support for NodeJS",
@@ -8,0 +8,0 @@ "main": "index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Improved metrics

Number of medium supply chain risk alerts

61

decreased by-1.61%

Worsened metrics

Total package byte prevSize

14849411

decreased by-0.04%

Number of package files

68

decreased by-1.45%

Number of medium maintenance alerts

1

increased byInfinity%

Number of low quality alerts

2

increased by100%

No dependency changes