@evidence-dev/preprocess - npm Package Compare versions

Comparing version 6.0.5 to 6.0.7

CHANGELOG.md

 # @evidence-dev/preprocess
 
+## 6.0.7
+
+### Patch Changes
+
+- d5d698799: Update packages to resolve CVEs
+
+## 6.0.6
+
+### Patch Changes
+
+- 937971eaa: Package updates for CVEs. See https://github.com/evidence-dev/evidence/pull/3255
+
 ## 6.0.5
@@ -178,3 +190,2 @@
 - e1facffd: Add QueryStore concept
-
   - Loads data as it is requested, rather than all at page-load / build
@@ -352,3 +363,2 @@ - Uses duckdb to get data length / column data
 - e1facffd: Add QueryStore concept
-
   - Loads data as it is requested, rather than all at page-load / build
@@ -355,0 +365,0 @@ - Uses duckdb to get data length / column data

package.json

 {
   "name": "@evidence-dev/preprocess",
-  "version": "6.0.5",
+  "version": "6.0.7",
   "description": "Markdown preprocessor for evidence.dev projects",
@@ -32,3 +32,3 @@ "author": "evidence.dev",
     "mock-fs": "^5.2.0",
-    "parcel": "^2.8.3",
+    "parcel": "^2.16.4",
     "typescript": "5.4.2",
@@ -35,0 +35,0 @@ "vitest": "^2.1.9"

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

4084238

0.03%

Lines of code

98334

0.02%

Worsened metrics

Number of medium supply chain risk alerts

1

Infinity%

No dependency changes