@keep-network/sortition-pools
Advanced tools
@keep-network/sortition-pools - npm Package Compare versions
Comparing version 1.2.0-dev.14 to 1.2.0-dev.15
| { | ||
| "name": "@keep-network/sortition-pools", | ||
| "version": "1.2.0-dev.14+main.354ac1dbbffca34e99620a0565145f728f09afcf", | ||
| "version": "1.2.0-dev.15+main.4d5602d30a494ec9d7afd7ff01b0ef192eacd566", | ||
| "description": "", | ||
@@ -38,3 +38,4 @@ "main": "truffle-config.js", | ||
| "dependencies": { | ||
| "@openzeppelin/contracts": "^4.3.2" | ||
| "@openzeppelin/contracts": "^4.3.2", | ||
| "@thesis/solidity-contracts": "github:thesis/solidity-contracts#4985bcf" | ||
| }, | ||
@@ -41,0 +42,0 @@ "devDependencies": { |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Fixed alerts
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Improved metrics
- Number of package files
- increased by16.67%
21
Worsened metrics
- Total package byte prevSize
- decreased by-6.76%
56561
- Dependency count
- increased by100%
2
- Number of high supply chain risk alerts
- increased byInfinity%
1