@livechat/developer-ui-react - npm Package Compare versions

Comparing version 0.0.45 to 0.0.46

package.json

 {
   "name": "@livechat/developer-ui-react",
-  "version": "0.0.45",
+  "version": "0.0.46",
   "description": "Typescript library with react components for Text Platform Developer App.",
@@ -33,4 +33,4 @@ "author": "Wojciech Dudek",
     "eslint-config-custom": "0.0.7",
-    "tsconfig": "0.0.1",
-    "@livechat/developer-sdk": "2.0.41"
+    "@livechat/developer-sdk": "2.0.42",
+    "tsconfig": "0.0.1"
   },
@@ -41,3 +41,3 @@ "dependencies": {},
     "react-dom": "^18.2.0",
-    "@livechat/developer-sdk": "2.0.41"
+    "@livechat/developer-sdk": "2.0.42"
   },
@@ -44,0 +44,0 @@ "scripts": {

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

No metric changes

No dependency changes