@dotcom-tool-kit/vault
Advanced tools
Comparing version 2.0.16 to 3.0.0
| { | ||
| "name": "@dotcom-tool-kit/vault", | ||
| "version": "2.0.16", | ||
| "version": "3.0.0", | ||
| "description": "", | ||
@@ -10,5 +10,5 @@ "main": "lib", | ||
| "dependencies": { | ||
| "@dotcom-tool-kit/error": "^2.0.1", | ||
| "@dotcom-tool-kit/options": "^2.0.16", | ||
| "@dotcom-tool-kit/types": "^2.10.0", | ||
| "@dotcom-tool-kit/error": "^3.0.0", | ||
| "@dotcom-tool-kit/options": "^3.0.0", | ||
| "@dotcom-tool-kit/types": "^3.0.0", | ||
| "@financial-times/n-fetch": "^1.0.0-beta.12", | ||
@@ -40,5 +40,4 @@ "fs": "0.0.1-security", | ||
| "@types/jest": "^27.0.2", | ||
| "node-fetch": "^1.7.3", | ||
| "winston": "^3.5.1" | ||
| } | ||
| } |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Dev dependency count
- decreased by-33.33%
2
- Number of low supply chain risk alerts
- decreased by-44.44%
5
Worsened metrics
- Total package byte prevSize
- decreased by-0.34%
9119
Dependency changes
+ Added@dotcom-tool-kit/error@3.2.0(transitive)
+ Added@dotcom-tool-kit/logger@3.4.0(transitive)
+ Added@dotcom-tool-kit/options@3.2.0(transitive)
+ Added@dotcom-tool-kit/types@3.6.0(transitive)
- Removed@dotcom-tool-kit/error@2.0.1(transitive)
- Removed@dotcom-tool-kit/logger@2.2.1(transitive)
- Removed@dotcom-tool-kit/options@2.0.16(transitive)
- Removed@dotcom-tool-kit/types@2.10.0(transitive)