@expo/config - npm Package Compare versions

Comparing version 55.0.2 to 55.0.3

package.json

 {
   "name": "@expo/config",
-  "version": "55.0.2",
+  "version": "55.0.3",
   "description": "A library for interacting with the app.json",
@@ -37,5 +37,5 @@ "main": "build/index.js",
     "@babel/code-frame": "~7.10.4",
-    "@expo/config-plugins": "~55.0.2",
-    "@expo/config-types": "^55.0.2",
-    "@expo/json-file": "^10.0.10",
+    "@expo/config-plugins": "~55.0.3",
+    "@expo/config-types": "^55.0.3",
+    "@expo/json-file": "^10.0.11",
     "deepmerge": "^4.3.1",
@@ -58,3 +58,3 @@ "getenv": "^2.0.0",
   },
-  "gitHead": "326a6b473b3d2a90f3f96e9eea8f995bb2677f30"
+  "gitHead": "7d7f6762fc6907c27a329953c682134a84410dea"
 }

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

No metric changes

Dependency changes

• Updated

  @expo/config-plugins@~55.0.3

• Updated

  @expo/config-types@^55.0.3

• Updated

  @expo/json-file@^10.0.11