@essential-projects/security_service_contracts - npm Package Compare versions

Comparing version 1.0.0 to 2.0.0-2ca3f6a9-b16

package.json

 {
   "name": "@essential-projects/security_service_contracts",
-  "version": "1.0.0",
+  "version": "2.0.0-2ca3f6a9-b16",
   "description": "Interfaces for the security_service",
@@ -5,0 +5,0 @@ "main": "dist/commonjs/index.js",

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 2 instances in 1 package

Minified code

Quality

This package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

712954

increased by880.59%

Number of package files

110

increased by35.8%

Lines of code

3634

increased by50.41%

Number of medium maintenance alerts

0

decreased by-100%

Worsened metrics

Number of low quality alerts

3

increased by200%

Number of medium supply chain risk alerts

3

increased byInfinity%

No dependency changes