@invisionag/iris-tools - npm Package Compare versions

Comparing version 3.0.10 to 3.0.11

package.json

 {
   "name": "@invisionag/iris-tools",
-  "version": "3.0.10",
+  "version": "3.0.11",
   "main": "dist/index.js",
@@ -17,8 +17,8 @@ "license": "MIT",
     "@invisionag/iris-colors": "^3.0.3",
-    "@invisionag/iris-settings": "^4.2.0",
+    "@invisionag/iris-settings": "^4.2.1",
     "polished": "^1.9.2"
   },
   "devDependencies": {
-    "webpack": "^3.11.0"
+    "webpack": "^4.8.3"
   }
 }

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

28436

increased by38.11%

Lines of code

372

increased by5.98%

Worsened metrics

Number of low supply chain risk alerts

4

increased by300%

Number of medium supply chain risk alerts

12

increased byInfinity%

Dependency changes

• Updated@invisionag/iris-settings@^4.2.1