@dazn/chaos-squirrel-attack-disk-space - npm Package Compare versions

Comparing version 0.9.7 to 0.9.8

CHANGELOG.md

@@ -6,2 +6,10 @@ # Change Log
 
+## 0.9.8 (2021-01-22)
+
+**Note:** Version bump only for package @dazn/chaos-squirrel-attack-disk-space
+
+
+
+
+
 ## 0.9.7 (2021-01-22)
@@ -8,0 +16,0 @@

package.json

 {
   "name": "@dazn/chaos-squirrel-attack-disk-space",
-  "version": "0.9.7",
+  "version": "0.9.8",
   "description": "Chaos Squirrel attack to consume/fill disk space",
@@ -28,3 +28,3 @@ "main": "dist/index.js",
   },
-  "gitHead": "0c213effff4119ab8e7075ce1ccb11ec67c8c313"
+  "gitHead": "a2c83d79f483a8539b52b9fd0453b1ebce5d928e"
 }

New alerts

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

AI-detected potential code anomaly

Supply chain risk

AI has identified unusual behaviors that may pose a security risk.

Found 1 instance in 1 package

Fixed alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

7338

increased by46.5%

Number of package files

6

increased by50%

Lines of code

70

increased byInfinity%

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Number of low supply chain risk alerts

2

increased byInfinity%

No dependency changes