@jozwiaczek-test-org/npm-publishing - npm Package Compare versions

Comparing version 2.27.0 to 2.28.0

build.js

@@ -0,3 +1,6 @@
+const fs = require('fs');
 console.log('Node build script');
 console.log(process.argv);
 console.log(process.env.TMP);
+const changelog = fs.readFileSync(`./CHANGELOG.md`, 'utf8');
+console.log(changelog);

CHANGELOG.md

@@ -0,1 +1,8 @@
+# [2.28.0](https://github.com/Jozwiaczek/npm-publishing-demo/compare/v2.27.0...v2.28.0) (2021-04-27)
+
+
+### Features
+
+* test workflowsgit ([0688cff](https://github.com/Jozwiaczek/npm-publishing-demo/commit/0688cff03833f678941ed0c213bf64ada8e5fa12))
+
 # [2.27.0](https://github.com/Jozwiaczek/npm-publishing-demo/compare/v2.26.0...v2.27.0) (2021-04-27)
@@ -2,0 +9,0 @@

package.json

@@ -5,3 +5,3 @@ {
   "private": false,
-  "version": "2.27.0",
+  "version": "2.28.0",
   "main": "dist/index.js",
@@ -8,0 +8,0 @@ "types": "dist/index.d.ts",

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2287935

increased by0.02%

Lines of code

88

increased by3.53%

Worsened metrics

Number of low supply chain risk alerts

2

increased byInfinity%

No dependency changes