@dotenvx/dotenvx
Advanced tools
@dotenvx/dotenvx - npm Package Compare versions
+7
-1
@@ -5,4 +5,10 @@ # Changelog | ||
| [Unreleased](https://github.com/dotenvx/dotenvx/compare/v1.59.0...main) | ||
| [Unreleased](https://github.com/dotenvx/dotenvx/compare/v1.59.1...main) | ||
| ## [1.59.1](https://github.com/dotenvx/dotenvx/compare/v1.59.0...v1.59.1) (2026-03-28) | ||
| ### Added | ||
| * add `HELLO` key to the kit sample to match most of our examples in the README | ||
| ## [1.59.0](https://github.com/dotenvx/dotenvx/compare/v1.58.0...v1.59.0) (2026-03-28) | ||
@@ -9,0 +15,0 @@ |
+1
-1
| { | ||
| "version": "1.59.0", | ||
| "version": "1.59.1", | ||
| "name": "@dotenvx/dotenvx", | ||
@@ -4,0 +4,0 @@ "description": "a secure dotenvβfrom the creator of `dotenv`", |
| const SAMPLE_ENV_KIT = ` | ||
| HELLO="Dotenvx" | ||
| # ββ Database βββββββββββββββββββββββββββββββββββββ | ||
@@ -3,0 +5,0 @@ DATABASE_URL="postgresql://postgres:pass@db.ref.supabase.co:5432/postgres" |
Sorry, the diff of this file is too big to display
New alerts
Potential vulnerability
Supply chain riskInitial human review suggests the presence of a vulnerability in this package. It is pending further analysis and confirmation.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 10 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Potential vulnerability
Supply chain riskInitial human review suggests the presence of a vulnerability in this package. It is pending further analysis and confirmation.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 10 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Lines of code
4551
0.02%Worsened metrics
- Total package byte prevSize
295156
-0.23%- Number of lines in readme file
2784
-0.61%