New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@gasket/utils
Advanced tools
@gasket/utils - npm Package Compare versions
Comparing version 5.0.0-canary.3 to 5.0.0-canary.4
| const concat = require('concat-stream'); | ||
| const { spawn } = require('child_process'); | ||
| const spawn = require('cross-spawn'); | ||
@@ -4,0 +4,0 @@ /** |
| { | ||
| "name": "@gasket/utils", | ||
| "version": "5.0.0-canary.3", | ||
| "version": "5.0.0-canary.4", | ||
| "description": "Reusable utilities for Gasket internals", | ||
@@ -35,2 +35,3 @@ "main": "lib", | ||
| "dependencies": { | ||
| "cross-spawn": "^7.0.1", | ||
| "lodash.defaultsdeep": "^4.6.0" | ||
@@ -56,3 +57,3 @@ }, | ||
| ], | ||
| "gitHead": "ecb0c0bf955113f1154a0e5beb9c27925cfb92a8" | ||
| "gitHead": "3acb82b1142c2f9aa39cb765b24c5cd630db09f9" | ||
| } |
Fixed alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.32%
7176
- Number of medium supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Dependency count
- increased by100%
2
Dependency changes
+ Addedcross-spawn@^7.0.1
+ Addedcross-spawn@7.0.6(transitive)
+ Addedisexe@2.0.0(transitive)
+ Addedpath-key@3.1.1(transitive)
+ Addedshebang-command@2.0.0(transitive)
+ Addedshebang-regex@3.0.0(transitive)
+ Addedwhich@2.0.2(transitive)