@jupyterlab/services
Advanced tools
@jupyterlab/services - npm Package Compare versions
+6
-6
| { | ||
| "name": "@jupyterlab/services", | ||
| "version": "7.5.2", | ||
| "version": "7.5.3", | ||
| "description": "Client APIs for the Jupyter services REST APIs", | ||
@@ -49,6 +49,6 @@ "keywords": [ | ||
| "@jupyter/ydoc": "^3.1.0", | ||
| "@jupyterlab/coreutils": "^6.5.2", | ||
| "@jupyterlab/nbformat": "^4.5.2", | ||
| "@jupyterlab/settingregistry": "^4.5.2", | ||
| "@jupyterlab/statedb": "^4.5.2", | ||
| "@jupyterlab/coreutils": "^6.5.3", | ||
| "@jupyterlab/nbformat": "^4.5.3", | ||
| "@jupyterlab/settingregistry": "^4.5.3", | ||
| "@jupyterlab/statedb": "^4.5.3", | ||
| "@lumino/coreutils": "^2.2.2", | ||
@@ -62,3 +62,3 @@ "@lumino/disposable": "^2.1.5", | ||
| "devDependencies": { | ||
| "@jupyterlab/testing": "^4.5.2", | ||
| "@jupyterlab/testing": "^4.5.3", | ||
| "@types/jest": "^29.2.0", | ||
@@ -65,0 +65,0 @@ "@types/ws": "^8.5.3", |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Worsened metrics
- Number of low supply chain risk alerts
95
3.26%- Number of medium supply chain risk alerts
49
2.08%