@liquality/node-provider - npm Package Compare versions

Comparing version 1.0.0-beta.1 to 1.0.0-beta.2

package.json

 {
   "name": "@liquality/node-provider",
-  "version": "1.0.0-beta.1",
+  "version": "1.0.0-beta.2",
   "description": "",
@@ -23,4 +23,4 @@ "module": "dist/index.js",
     "@babel/runtime": "^7.12.1",
-    "@liquality/errors": "^1.0.0-beta.1",
-    "@liquality/provider": "^1.0.0-beta.1",
+    "@liquality/errors": "^1.0.0-beta.2",
+    "@liquality/provider": "^1.0.0-beta.2",
     "@types/axios": "^0.14.0",
@@ -43,3 +43,3 @@ "@types/lodash": "^4.14.168",
   "sideEffects": false,
-  "gitHead": "b07f5230045ce027c75028dc3cfd3b26838a6fa2"
+  "gitHead": "5a26ec8d2a33f1f678958384cbcfcfbbabd62f2a"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 6 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Unidentified License

License

(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license.

Found 1 instance in 1 package

Improved metrics

Number of low license alerts

0

decreased by-100%

License quality

100

increased by25%

Number of low supply chain risk alerts

0

decreased by-100%

Number of medium supply chain risk alerts

1

decreased by-66.67%

Worsened metrics

Total package byte prevSize

12849

decreased by-98.67%

Number of package files

9

decreased by-10%

Lines of code

59

decreased by-87.61%

Dependency changes

• Updated@liquality/errors@^1.0.0-beta.2

• Updated@liquality/provider@^1.0.0-beta.2