@elastic.io/component-commons-library - npm Package Compare versions

Comparing version 3.1.4 to 3.1.5-dev.1

package.json

 {
   "name": "@elastic.io/component-commons-library",
-  "version": "3.1.4",
+  "version": "3.1.5-dev.1",
   "description": "Library for most common component development cases",
@@ -22,2 +22,3 @@ "author": {
   "scripts": {
+    "audit": "better-npm-audit audit --level high --production",
     "lint": "eslint --ext .ts --quiet --fix",
@@ -32,3 +33,3 @@ "pretest": "rm -rf dist && eslint --ext .ts --quiet --fix && find src spec spec-integration -name \"*.js\" -type f -delete",
     "@elastic.io/jsonata-moment": "1.1.5",
-    "@elastic.io/maester-client": "4.0.3",
+    "@elastic.io/maester-client": "5.0.1",
     "@elastic.io/ntlm-client": "1.0.0",
@@ -35,0 +36,0 @@ "async": "3.2.3",

src/attachment/AttachmentProcessor.ts

@@ -83,4 +83,3 @@ /* eslint-disable class-methods-use-this */
     const maesterAttachmentId = this.getMaesterAttachmentIdByUrl(url);
-    const response = await objectStorage.getOne(maesterAttachmentId, { responseType });
-    return { data: response };
+    return objectStorage.getOne(maesterAttachmentId, { responseType });
   }
@@ -87,0 +86,0 @@

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 18 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

1

decreased by-97.96%

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Total package byte prevSize

83630

decreased by-68.23%

Number of package files

19

decreased by-80%

Lines of code

1465

decreased by-74.59%

Number of low quality alerts

2

increased by100%

Dependency changes

• + Added@elastic.io/maester-client@5.0.1(transitive)

• + Addedjsonwebtoken@9.0.0(transitive)

• + Addedlodash@4.17.21(transitive)

• + Addedsemver@7.7.1(transitive)

• - Removed@elastic.io/maester-client@4.0.3(transitive)

• Updated@elastic.io/maester-client@5.0.1