@guardian/src-grid
Advanced tools
+6
-6
| { | ||
| "name": "@guardian/src-grid", | ||
| "version": "2.5.0", | ||
| "version": "2.6.0-rc.0", | ||
| "license": "Apache-2.0", | ||
@@ -24,3 +24,3 @@ "main": "dist/grid.js", | ||
| "devDependencies": { | ||
| "@babel/core": "^7.10.0", | ||
| "@babel/core": "^7.12.3", | ||
| "@babel/preset-env": "^7.10.0", | ||
@@ -30,3 +30,3 @@ "@babel/preset-react": "^7.10.0", | ||
| "@emotion/babel-preset-css-prop": "^10.0.14", | ||
| "@guardian/src-foundations": "^2.5.0", | ||
| "@guardian/src-foundations": "^2.6.0-rc.0", | ||
| "rollup": "^1.17.0", | ||
@@ -36,3 +36,3 @@ "rollup-plugin-babel": "^4.3.3", | ||
| "rollup-plugin-node-resolve": "^5.2.0", | ||
| "typescript": "^4.0.3" | ||
| "typescript": "^4.0.5" | ||
| }, | ||
@@ -48,8 +48,8 @@ "files": [ | ||
| "@emotion/core": "^10.0.14", | ||
| "@guardian/src-foundations": "^2.5.0", | ||
| "@guardian/src-foundations": "^2.6.0-rc.0", | ||
| "react": "^16.8.6" | ||
| }, | ||
| "dependencies": { | ||
| "@guardian/src-helpers": "^2.5.0" | ||
| "@guardian/src-helpers": "^2.6.0-rc.0" | ||
| } | ||
| } |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
103325
0.02%0
-100%2
100%