@eggjs/tegg-metadata - npm Package Compare versions

Comparing version 3.79.0 to 3.79.1

package.json

 {
   "name": "@eggjs/tegg-metadata",
-  "version": "3.79.0",
+  "version": "3.79.1",
   "description": "tegg metadata",
@@ -38,6 +38,6 @@ "keywords": [
   "dependencies": {
-    "@eggjs/core-decorator": "^3.79.0",
-    "@eggjs/tegg-common-util": "^3.79.0",
-    "@eggjs/tegg-lifecycle": "^3.79.0",
-    "@eggjs/tegg-types": "^3.79.0",
+    "@eggjs/core-decorator": "^3.79.1",
+    "@eggjs/tegg-common-util": "^3.79.1",
+    "@eggjs/tegg-lifecycle": "^3.79.1",
+    "@eggjs/tegg-types": "^3.79.1",
     "egg-errors": "^2.2.3"
@@ -58,3 +58,3 @@ },
   },
-  "gitHead": "382b933294c0efb3b2005fab1b3ac6e0fd08b3ad"
+  "gitHead": "06cec120fca073419e547917e4f59f1cd6019f26"
 }

New alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

No metric changes

Dependency changes

• Updated

  @eggjs/core-decorator@^3.79.1

• Updated

  @eggjs/tegg-common-util@^3.79.1

• Updated

  @eggjs/tegg-lifecycle@^3.79.1

• Updated

  @eggjs/tegg-types@^3.79.1