@lerna-lite/publish
Advanced tools
@lerna-lite/publish - npm Package Compare versions
+11
-11
| { | ||
| "name": "@lerna-lite/publish", | ||
| "version": "4.11.2", | ||
| "version": "4.11.3", | ||
| "description": "Publish packages in the current workspace", | ||
@@ -29,8 +29,8 @@ "homepage": "https://github.com/lerna-lite/lerna-lite", | ||
| "dependencies": { | ||
| "@lerna-lite/cli": "4.11.2", | ||
| "@lerna-lite/core": "4.11.2", | ||
| "@lerna-lite/npmlog": "4.11.0", | ||
| "@lerna-lite/version": "4.11.2", | ||
| "@npmcli/arborist": "^9.2.0", | ||
| "@npmcli/package-json": "^7.0.4", | ||
| "@lerna-lite/cli": "4.11.3", | ||
| "@lerna-lite/core": "4.11.3", | ||
| "@lerna-lite/npmlog": "4.11.3", | ||
| "@lerna-lite/version": "4.11.3", | ||
| "@npmcli/arborist": "^9.3.0", | ||
| "@npmcli/package-json": "^7.0.5", | ||
| "byte-size": "^9.0.1", | ||
@@ -49,6 +49,6 @@ "ci-info": "^4.4.0", | ||
| "p-pipe": "^4.0.0", | ||
| "pacote": "^21.2.0", | ||
| "pacote": "^21.3.1", | ||
| "semver": "^7.7.4", | ||
| "ssri": "^13.0.0", | ||
| "tar": "^7.5.7", | ||
| "ssri": "^13.0.1", | ||
| "tar": "^7.5.9", | ||
| "tinyglobby": "^0.2.15", | ||
@@ -60,3 +60,3 @@ "tinyrainbow": "^3.0.3" | ||
| }, | ||
| "gitHead": "3b63fabbaecec450e25768e90e5d5162046a8541" | ||
| "gitHead": "4b9011db8a110f1e0e519b904f968b90b30df17d" | ||
| } |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 6 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 6 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Dependency changes
+ Added
@lerna-lite/cli@4.11.3(transitive)+ Added
@lerna-lite/core@4.11.3(transitive)+ Added
@lerna-lite/init@4.11.3(transitive)+ Added
@lerna-lite/npmlog@4.11.3(transitive)+ Added
@lerna-lite/version@4.11.3(transitive)- Removed
@lerna-lite/cli@4.11.2(transitive)- Removed
@lerna-lite/core@4.11.2(transitive)- Removed
@lerna-lite/init@4.11.2(transitive)- Removed
@lerna-lite/npmlog@4.11.0(transitive)- Removed
@lerna-lite/version@4.11.2(transitive)Updated
@lerna-lite/cli@4.11.3Updated
@lerna-lite/core@4.11.3Updated
@lerna-lite/npmlog@4.11.3Updated
@lerna-lite/version@4.11.3Updated
@npmcli/arborist@^9.3.0Updated
@npmcli/package-json@^7.0.5Updated
pacote@^21.3.1Updated
ssri@^13.0.1Updated
tar@^7.5.9