@highlight-ui/utils-hooks - npm Package Compare versions

Comparing version 3.2.30 to 3.2.31

package.json

 {
   "name": "@highlight-ui/utils-hooks",
-  "version": "3.2.30",
+  "version": "3.2.31",
   "author": "Personio GmbH & Co. KG",
@@ -24,5 +24,5 @@ "main": "dist/cjs/index.js",
   "devDependencies": {
-    "@highlight-ui/configs-base-jest": "^3.1.3",
-    "@highlight-ui/configs-base-tsconfig": "^3.2.2",
-    "@highlight-ui/configs-scripts": "^3.2.4",
+    "@highlight-ui/configs-base-jest": "^3.1.4",
+    "@highlight-ui/configs-base-tsconfig": "^3.2.3",
+    "@highlight-ui/configs-scripts": "^3.2.5",
     "@popperjs/core": "~2.9.2",
@@ -44,3 +44,3 @@ "@testing-library/dom": "8.19.0",
     "@floating-ui/react-dom-interactions": "0.11.0",
-    "@highlight-ui/utils-commons": "^2.4.5",
+    "@highlight-ui/utils-commons": "^2.4.6",
     "@popperjs/core": "~2.9.2",
@@ -52,3 +52,3 @@ "@use-it/event-listener": "~0.1.6",
   },
-  "gitHead": "817734c966be0e307fcb75ee463c0a3551bea6fc"
+  "gitHead": "9822c2a9f7a4e942523dc88c31c3632cec6209ce"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1098635

increased by13794.46%

Number of package files

23

increased by666.67%

Lines of code

8903

increased byInfinity%

Worsened metrics

Number of low supply chain risk alerts

5

increased by400%

Number of medium supply chain risk alerts

5

increased by150%

Dependency changes

• Updated@highlight-ui/utils-commons@^2.4.6