New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
@flagdeck/react
Advanced tools
@flagdeck/react - npm Package Compare versions
+3
-3
| { | ||
| "name": "@flagdeck/react", | ||
| "version": "0.0.6", | ||
| "version": "0.0.7", | ||
| "description": "React components and hooks for Flagdeck feature flags", | ||
@@ -44,3 +44,3 @@ "main": "dist/cjs/index.js", | ||
| "peerDependencies": { | ||
| "@flagdeck/js": "~0.0.33", | ||
| "@flagdeck/js": "~0.0.34", | ||
| "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0", | ||
@@ -50,3 +50,3 @@ "react-dom": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0" | ||
| "devDependencies": { | ||
| "@flagdeck/js": "0.0.33", | ||
| "@flagdeck/js": "0.0.34", | ||
| "@testing-library/jest-dom": "^6.1.5", | ||
@@ -53,0 +53,0 @@ "@testing-library/react": "^14.1.2", |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
No metric changes
No dependency changes