@lambda-lambda-lambda/router - npm Package Compare versions

Comparing version 0.8.4 to 0.8.5

CHANGELOG.md

@@ -67,1 +67,6 @@ # Changelog
 - Upgraded outdated NPM packages
+
+## [0.8.5] - 2024-12-01
+
+- NPM security update (CVE-2024-21538)
+- Upgraded outdated NPM packages

package.json

 {
   "name": "@lambda-lambda-lambda/router",
   "description": "AWS CloudFront Lambda@Edge serverless application router.",
-  "version": "0.8.4",
+  "version": "0.8.5",
   "main": "src/Router.js",
@@ -32,3 +32,3 @@ "scripts": {
   "devDependencies": {
-    "@types/aws-lambda": "^8.10.145",
+    "@types/aws-lambda": "^8.10.146",
     "chai": "^4.5.0",
@@ -38,5 +38,5 @@ "chai-as-promised": "^7.1.2",
     "clone": "^2.1.2",
-    "eslint": "^8.57.0",
-    "jsdoc": "^4.0.3",
-    "mocha": "^10.7.3",
+    "eslint": "^8.57.1",
+    "jsdoc": "^4.0.4",
+    "mocha": "^10.8.2",
     "nyc": "^15.1.0",
@@ -43,0 +43,0 @@ "require-reload": "^0.2.2",

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

36696

0.27%

No dependency changes