@electron/osx-sign
Advanced tools
Comparing version 1.0.2 to 1.0.4
{ | ||
"name": "@electron/osx-sign", | ||
"version": "1.0.2", | ||
"version": "1.0.4", | ||
"description": "Codesign Electron macOS apps", | ||
@@ -8,4 +8,4 @@ "main": "dist/cjs/index.js", | ||
"files": [ | ||
"dist/*", | ||
"entitlements/*", | ||
"dist", | ||
"entitlements", | ||
"README.md", | ||
@@ -12,0 +12,0 @@ "LICENSE", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
174883
61
2296
10
3