@gkalpak/ng-pr-merge
Advanced tools
@gkalpak/ng-pr-merge - npm Package Compare versions
Comparing version 0.0.35 to 0.0.36
| { | ||
| "name": "@gkalpak/ng-pr-merge", | ||
| "version": "0.0.35", | ||
| "version": "0.0.36", | ||
| "description": "A utility for rebase-merging (AngularJS-related) GitHub PRs.", | ||
@@ -34,12 +34,12 @@ "keywords": [ | ||
| "dependencies": { | ||
| "@gkalpak/ng-cla-check": "^0.2.2", | ||
| "@gkalpak/ng-maintain-utils": "^0.1.2", | ||
| "chalk": "^4.1.0" | ||
| "@gkalpak/ng-cla-check": "^0.2.4", | ||
| "@gkalpak/ng-maintain-utils": "^0.1.3", | ||
| "chalk": "^4.1.1" | ||
| }, | ||
| "devDependencies": { | ||
| "@gkalpak/cli-utils": "^0.1.9", | ||
| "eslint": "^7.4.0", | ||
| "eslint-plugin-jasmine": "^4.1.1", | ||
| "jasmine": "^3.5.0" | ||
| "@gkalpak/cli-utils": "^0.1.10", | ||
| "eslint": "^7.31.0", | ||
| "eslint-plugin-jasmine": "^4.1.2", | ||
| "jasmine": "^3.8.0" | ||
| } | ||
| } |
@@ -77,3 +77,3 @@ # ng-pr-merge [![Build Status][build-status-image]][build-status] | ||
| [build-status]: https://travis-ci.org/gkalpak/ng-pr-merge | ||
| [build-status-image]: https://travis-ci.org/gkalpak/ng-pr-merge.svg?branch=master | ||
| [build-status]: https://github.com/gkalpak/ng-pr-merge/actions/workflows/ci.yml | ||
| [build-status-image]: https://github.com/gkalpak/ng-pr-merge/actions/workflows/ci.yml/badge.svg?branch=master&event=push |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-100%
0
- Number of medium supply chain risk alerts
- decreased by-50%
1
Worsened metrics
- Total package byte prevSize
- decreased by-71.67%
20500
- Number of package files
- decreased by-55.56%
8
- Lines of code
- decreased by-80.89%
315
Dependency changes
Updated@gkalpak/ng-cla-check@^0.2.4
Updatedchalk@^4.1.1