New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@heroku-cli/command
Advanced tools
@heroku-cli/command - npm Package Compare versions
Comparing version 7.0.10 to 7.0.11
@@ -37,3 +37,3 @@ "use strict"; | ||
| this.options = options; | ||
| let apiUrl = url.URL ? new URL(vars_1.vars.apiUrl) : url.parse(vars_1.vars.apiUrl); | ||
| let apiUrl = url.URL ? new url.URL(vars_1.vars.apiUrl) : url.parse(vars_1.vars.apiUrl); | ||
| let envHeaders = JSON.parse(process.env.HEROKU_HEADERS || '{}'); | ||
@@ -40,0 +40,0 @@ this.preauthPromises = {}; |
| { | ||
| "name": "@heroku-cli/command", | ||
| "description": "heroku specific functionality for the cli-engine", | ||
| "version": "7.0.10", | ||
| "version": "7.0.11", | ||
| "author": "Jeff Dickey @jdxcode", | ||
| "bugs": "https://github.com/heroku/cli-engine-heroku/issues", | ||
| "dependencies": { | ||
| "@cli-engine/command": "^12.0.1", | ||
| "@cli-engine/command": "^12.0.3", | ||
| "@cli-engine/config": "^5.0.10", | ||
| "cli-ux": "^2.0.16", | ||
| "cli-ux": "^2.0.21", | ||
| "heroku-client": "3.0.5", | ||
@@ -16,7 +16,7 @@ "http-call": "^4.0.6", | ||
| "devDependencies": { | ||
| "@cli-engine/util": "^1.0.7", | ||
| "@cli-engine/util": "^1.0.9", | ||
| "@heroku-cli/tslint": "^1.0.3", | ||
| "@types/ansi-styles": "^2.0.30", | ||
| "@types/chalk": "^2.2.0", | ||
| "@types/jest": "21.1.9", | ||
| "@types/jest": "22.0.0", | ||
| "@types/nock": "9.1.0", | ||
@@ -23,0 +23,0 @@ "@types/node": "8.5.2", |
@@ -1,4 +0,5 @@ | ||
| # cli-engine-heroku | ||
| # @cli-engine/heroku | ||
| [](https://circleci.com/gh/heroku/cli-engine-heroku) | ||
| [](https://ci.appveyor.com/project/Heroku/cli-engine-heroku/branch/master) | ||
| [](https://codecov.io/gh/heroku/cli-engine-heroku) |
Fixed alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Number of lines in readme file
- increased by20%
6
- Number of low supply chain risk alerts
- decreased by-62.07%
11
- Number of medium supply chain risk alerts
- decreased by-21.43%
11
Worsened metrics
- Total package byte prevSize
- decreased by-47.03%
30314
- Number of package files
- decreased by-40.74%
32
- Lines of code
- decreased by-45.97%
838
Dependency changes
Updated@cli-engine/command@^12.0.3
Updatedcli-ux@^2.0.21