@genezio/auth - npm Package Compare versions

Comparing version 2.0.8 to 2.0.9-dev

package.json

 {
   "name": "@genezio/auth",
-  "version": "2.0.8",
+  "version": "2.0.9-dev",
   "description": "SDK for accessing genezio authentication system.",
@@ -5,0 +5,0 @@ "main": "./dist/cjs/index.js",

New alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 3 instances in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Number of low supply chain risk alerts

1

decreased by-85.71%

Number of medium supply chain risk alerts

3

decreased by-25%

Worsened metrics

Total package byte prevSize

9639

decreased by-85.52%

Number of package files

2

decreased by-88.89%

Lines of code

0

decreased by-100%

Number of low quality alerts

2

increased by100%

No dependency changes